windows verkenner loopt vaak vast

[folkert100]

ik weet niet of je hier meerdere problemen mag benoemen, en dit is mijn eerste keer dat ik zo iets neerzet op internet. ik heb 3 problemen met mijn laptop (asus x53e)windows 7 ultimate 32 bits.

mijn eerste probleem is windows verkenner loopt vaak vast terwijl ik alleen maar mijn document wil open of als ik naar deze computer ga waarom en hoe het is gekomen is mij de vraag want ik heb de laptop nu 2a3 maanden pas.

mijn tweede probleem zijn de speciale fn toetsen ze doen het wel behalfe mijn geluids regelaars die deden het wel toen ik de laptop kocht maar nu krijg ik geen reactie als ik fn+f10,f11,f12 indruk.

en het derde probleem is mijn touch muis waar je met je vingers de muis kan bewegen het bewegen van de muis doet het maar als ik iets wil aanklikken geeft hij geen enkele reactie ik heb hiervoor al naar asus gebeld en die zei dat ik bepaalde besturings moest downloaden maar dat liep helemaal mis ik ben niet zo een computer expert dus ik kon die gene niet bijhouden met wat ik moest doen( 15 min gebeld en bijna niks verder alleen dat ik de recovery cd moest gebruiken maar dan ben ik alles kwijt op mijn laptop en is dat ook echt nodig?)

ik hoop dat iemand mij hier verder mee kan helpen
alvast bedankt.

[Emphyrio]

Hoi folkert100 en welkom,

Probleem 1 kan malware gerelateerd zijn.
Probleem 2 & 3 zal hoogstwaarschijnlijk een Windows probleem zijn.

Maar laten we goed beginnen en eerst eens nakijken of er malware aanwezig is
Daarna kan ik je nog steeds doorsturen naar de van toepassing zijnde sectie.



Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:

• Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
• Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
• Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
• Volg aandachtig de instructies die door mij worden gegeven.
• De instructies die worden gegeven, zijn enkel geldig voor jouw PC.
• Als je iets niet weet of verstaat, vraag het dan even aub.
• Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
• Log enkel in als beheerder met alle rechten.
• Zet je emoticons (Smileys) uit als je logs plaatst aub .
• De logs niet als bijlage, noch tussen codetags zetten aub.
• Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons.
• Volg enkel het door mij gegeven advies op.

Opmerking: alle tools steeds uitvoeren als admin.



Stap 1:

Malware scannen en verwijderen....


Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links:

• http://download.bleepingcomputer.com....51.1.1800.exe
• http://www.malwarebytes.org/mbam/program/mbam-setup.exe
• http://www.malwarebytes.org/mbam-download-exe.php
• http://data-cdn.mbamupdates.com/v0/p....51.1.1800.exe

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
• Start MalwareBytes' Anti-Malware
• Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Er zal een pupup vensterje komen met de vraag of je MBAM wil evalueren.



Klik hier op "Weigeren".


Zodra het programma gestart is, ga je naar het tabblad "Instellingen".

• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
• Ga naar het tabblad "Updates" en Update MBAM.
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
• Druk vervolgens op "Scannen" om de scan te starten.
• Het scannen kan een tijdje duren, dus wees geduldig.
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Indien MBAM vraagt om een herstart, doe dit dan ook.
Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
In dat geval post je dus de twee logs.

De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


Bij problemen!!!

1. Problemen bij het installeren van Malwarebytes' Anti-Malware
2. Problemen bij het starten van Malwarebytes' Anti-Malware
3. Problemen bij het updaten van Malwarebytes' Anti-Malware

___________________________________________________________

Stap 2:

Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:

• DDS.com.
• DDS.scr.
• DDS.pif.

DDS is een diagnosetool en maakt gebruik van scripts.
Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.

Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
Beide logfiles sla je op je bureaublad.

Post de inhoud van DDS.txt.

De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.



___________________________________________________________

Stap 3:

Controle op updates...

Download Security Check op je bureaublad via hier of hier

Start Security Check
Volg de Instructies in het scherm
Aan het eind verschijnt een log ( checkup.txt )
Plaats de inhoud ervan in je volgende antwoord.


In je volgende posting, had ik graag de volgende logs gezien,
gemaakt in de opgestelde volgorde:

• MBAM
• DDS
• checkup.txt

Emphyrio

[folkert100]

ik heb alles stap voor stap gedaan ik heb hier alvast de dds.txt ik ga nu bezig met stap 3.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by folkert at 22:53:06 on 2011-11-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3874.2049 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {2D8D9ACC-F6D7-4362-8876-A275CA929591} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [NPSStartup]
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBER~1.LNK - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Enviar a OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - C:\Users\folkert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA} : DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\3596475636F6D6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\442756E647865636F6C6C6567656D23547574656E64756E6 : DhcpNameServer = 10.0.4.40 10.0.4.41
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\4505D2C494E4B4F5342393235434 : DhcpNameServer = 192.168.2.254 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
{6D53EC84-6AAE-4787-AEEE-F4628F01010C}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {2D8D9ACC-F6D7-4362-8876-A275CA929591} - No File
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [NPSStartup]
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1301010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1301010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1301010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1301010.003\SYMEFA64.SYS [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1301010.003\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1301010.003\ccSetx64.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111028.030\IDSviA64.sys [2011-10-29 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1301010.003\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1301010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1301010.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1301010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-7 44768]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccsvchst.exe [2011-10-5 138760]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-20 2655768]
R2 wsnm;VMware View Client;C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe [2011-2-18 494192]
R2 wsnm_usbctrl;VMware View USB Control;C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-2-18 1120368]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 vmwvusb;VMware View Generic USB Driver;C:\Windows\system32\Drivers\vmwvusb.sys --> C:\Windows\system32\Drivers\vmwvusb.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-15 1155704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2011-11-24 21:38:24 -------- d-----w- C:\Users\folkert\AppData\Roaming\Malwarebytes
2011-11-24 21:38:15 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-24 21:38:13 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-24 21:38:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-24 21:19:44 388096 ----a-r- C:\Users\folkert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-24 21:19:44 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-11-24 21:07:53 13312 ----a-w- C:\Windows\NET Checker.exe
2011-11-24 20:54:24 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-11-24 18:06:42 -------- d-----w- C:\Users\folkert\AppData\Local\{CF465566-C78F-4EF4-8D1B-0FA7C4302229}
2011-11-24 18:05:51 -------- d-----w- C:\Users\folkert\AppData\Local\{006FC8AE-1BBF-4CF8-B412-2F25A6821A73}
2011-11-24 07:31:47 -------- d-----w- C:\Users\folkert\AppData\Local\{7D735945-F419-41B9-A07C-D628E5788F8A}
2011-11-24 07:31:15 -------- d-----w- C:\Users\folkert\AppData\Local\{8779F651-02A7-4813-80B6-9BDCEDDA1C38}
2011-11-23 19:30:40 -------- d-----w- C:\Users\folkert\AppData\Local\{FE66965D-D2EA-4BD9-80DC-7C7CCA2D261A}
2011-11-23 19:30:17 -------- d-----w- C:\Users\folkert\AppData\Local\{591E0F6D-5ED3-417F-B60E-A7997AE48A90}
2011-11-23 07:29:03 -------- d-----w- C:\Users\folkert\AppData\Local\{584662DD-9BB2-4B36-9670-DB929E427551}
2011-11-23 07:28:31 -------- d-----w- C:\Users\folkert\AppData\Local\{4822F339-1BF5-4D3C-A95A-86D38603ABB4}
2011-11-22 10:49:16 -------- d-----w- C:\Users\folkert\AppData\Local\{D9387111-0E18-4061-9761-8DBD5D222A8F}
2011-11-22 10:48:45 -------- d-----w- C:\Users\folkert\AppData\Local\{8B58EEAD-B18B-4CA3-9B29-41FA85C02E17}
2011-11-22 08:43:28 -------- d-----w- C:\Users\folkert\AppData\Local\{3A62FCD0-117D-4144-B357-9488EE5FEAE3}
2011-11-22 08:00:42 -------- d-----w- C:\Users\folkert\AppData\Local\{F8C80126-0782-41B1-A87C-2CC214D5A5EC}
2011-11-22 08:00:01 -------- d-----w- C:\Users\folkert\AppData\Local\{865256BA-A690-4EC5-9C8F-A3B792C17983}
2011-11-21 21:07:41 -------- d-----w- C:\Program Files (x86)\Skype
2011-11-21 18:39:16 -------- d-----w- C:\Users\folkert\AppData\Local\{355511BE-4366-41F4-A182-CAB1A1B688B7}
2011-11-21 18:38:41 -------- d-----w- C:\Users\folkert\AppData\Local\{30E75E84-D4E7-4154-896F-2E389DF44B55}
2011-11-21 06:37:29 -------- d-----w- C:\Users\folkert\AppData\Local\{585023B5-B3AA-47F9-B18F-3B16B9A92307}
2011-11-21 06:35:51 -------- d-----w- C:\Users\folkert\AppData\Local\{EF6B1869-3488-4D89-B688-9E870CFC88FE}
2011-11-20 15:52:00 -------- d-----w- C:\Users\folkert\AppData\Local\{EC1179E1-53E0-4D29-9632-7B60FD1BF198}
2011-11-20 15:51:23 -------- d-----w- C:\Users\folkert\AppData\Local\{33D28ADA-7C21-4703-AD11-CA0011315A77}
2011-11-19 12:51:12 -------- d-----w- C:\Users\folkert\AppData\Local\{727928FF-D5DD-4A79-9DFF-3F86106FD87D}
2011-11-19 12:50:44 -------- d-----w- C:\Users\folkert\AppData\Local\{7D458416-96A8-4D1A-BC04-D70DE8F82B9F}
2011-11-18 10:04:28 -------- d-----w- C:\Users\folkert\AppData\Local\{1281C82C-DAD5-4305-9B3A-F2389ECFC216}
2011-11-18 10:03:50 -------- d-----w- C:\Users\folkert\AppData\Local\{DCFF14F2-4487-4779-9E6E-C7E165BF9198}
2011-11-17 09:48:35 -------- d-----w- C:\Users\folkert\AppData\Local\{B82A163D-1727-47CB-A342-3E8C44CF43E4}
2011-11-17 09:48:05 -------- d-----w- C:\Users\folkert\AppData\Local\{B0458A56-1566-46FA-B59F-F5D78E6BB00A}
2011-11-16 16:22:16 -------- d-----w- C:\Users\folkert\AppData\Local\{14F9BC40-F9D2-472D-9EF2-F1E7BA50CF8E}
2011-11-16 16:21:34 -------- d-----w- C:\Users\folkert\AppData\Local\{90CD1929-2741-4BA8-B245-6A9F220A98C0}
2011-11-16 14:27:51 -------- d-----w- C:\Users\folkert\AppData\Local\{AF41EDA3-9BB1-4D1E-AA30-B768FE67C136}
2011-11-16 11:24:54 -------- d-----w- C:\Users\folkert\AppData\Local\{C71BBD98-8019-44F6-AB72-A2EB26EF1BFB}
2011-11-16 09:35:12 -------- d-----w- C:\Users\folkert\AppData\Local\{C5049FF4-1EB5-410D-B67A-5F6FC55F57A1}
2011-11-15 17:45:04 -------- d-----w- C:\Users\folkert\AppData\Local\Skyrim
2011-11-15 10:34:38 -------- d-----w- C:\Users\folkert\AppData\Local\{E180A15B-A4C2-4D47-8C52-F47C1AADC67D}
2011-11-15 10:34:15 -------- d-----w- C:\Users\folkert\AppData\Local\{9305D796-C04A-4DE6-A841-E629C732C863}
2011-11-14 21:49:34 -------- d-----w- C:\Users\folkert\AppData\Local\{DFCEE804-4E36-4FD1-A98C-8A7E14E57EE5}
2011-11-14 21:48:44 -------- d-----w- C:\Users\folkert\AppData\Local\{23E1BBD6-6BC7-44E1-813E-2CF2E34970F5}
2011-11-14 09:47:51 -------- d-----w- C:\Users\folkert\AppData\Local\{3E67B423-8082-4A7A-8D7B-71C66BF92EB8}
2011-11-14 09:47:08 -------- d-----w- C:\Users\folkert\AppData\Local\{3F3E8BBD-AC81-439F-B303-D12870284060}
2011-11-13 21:51:47 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2011-11-13 12:58:09 -------- d-----w- C:\Users\folkert\AppData\Local\{4BDEE319-ECE6-4F42-A2B9-2AE16A894337}
2011-11-13 12:57:02 -------- d-----w- C:\Users\folkert\AppData\Local\{B9341A77-E332-480C-AAA6-FD0C9329AA1F}
2011-11-12 14:18:10 -------- d-----w- C:\Users\folkert\AppData\Local\{6FF1B0CF-80A3-4A3D-AF15-0626917D0BA5}
2011-11-12 14:17:48 -------- d-----w- C:\Users\folkert\AppData\Local\{4059F069-87A2-40CB-A333-470E033BEA8B}
2011-11-11 11:12:59 -------- d-----w- C:\Users\folkert\AppData\Local\{1EDFE2C2-477E-467F-BB3A-E79EE7918B0B}
2011-11-11 11:12:24 -------- d-----w- C:\Users\folkert\AppData\Local\{E56735DD-7D98-426B-8D88-53F9686FAC55}
2011-11-10 23:02:32 -------- d-----w- C:\Users\folkert\AppData\Local\{452910A6-376D-4543-94B6-E6A13DA9244A}
2011-11-10 23:02:10 -------- d-----w- C:\Users\folkert\AppData\Local\{3CF5B4C7-A5D7-4786-B455-11E286F50180}
2011-11-10 11:01:00 -------- d-----w- C:\Users\folkert\AppData\Local\{A9DA78CE-3A86-4D03-9558-987D90891E26}
2011-11-10 11:00:34 -------- d-----w- C:\Users\folkert\AppData\Local\{3EE91BDD-407A-4314-BB86-E2075649A520}
2011-11-09 22:14:48 -------- d-----w- C:\Users\folkert\AppData\Local\{27562DE0-8E76-4572-AC23-47DFD529C25E}
2011-11-09 22:14:25 -------- d-----w- C:\Users\folkert\AppData\Local\{CE2E6615-026C-4903-A42D-25C609004B20}
2011-11-09 19:51:44 -------- d-----w- C:\ProgramData\Solidshield
2011-11-09 19:50:42 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-11-09 19:50:40 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-09 19:50:39 -------- d-----w- C:\Users\folkert\AppData\Roaming\PunkBuster
2011-11-09 19:47:59 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2011-11-09 19:47:59 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2011-11-09 10:13:20 -------- d-----w- C:\Users\folkert\AppData\Local\{C8ED6B41-AC7C-44C5-AE50-69657A71C1DF}
2011-11-09 10:12:50 -------- d-----w- C:\Users\folkert\AppData\Local\{9A95CAC6-80F0-43F0-A8DB-B2E0C4CDD3D1}
2011-11-09 07:34:42 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 07:34:42 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 07:34:41 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 07:34:41 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-08 22:44:41 -------- d-----w- C:\Users\folkert\AppData\Local\Activision
2011-11-08 22:09:39 -------- d-----w- C:\Users\folkert\AppData\Local\{369BB374-9CA2-46B4-A37C-9BFFD9DD7A00}
2011-11-08 22:09:05 -------- d-----w- C:\Users\folkert\AppData\Local\{C3BACAA8-E25A-4791-AB40-60837F134015}
2011-11-08 12:35:02 -------- d-----w- C:\Users\folkert\AppData\Local\SKIDROW
2011-11-08 07:24:32 -------- d-----w- C:\Users\folkert\AppData\Local\{0B1EB31C-1E6C-4E8C-BD13-8C83145290AB}
2011-11-08 07:24:19 -------- d-----w- C:\Users\folkert\AppData\Local\{570A97F1-9781-4EF3-82CB-5F1EB701094E}
2011-11-07 20:42:36 -------- d-----w- C:\Program Files\Babylon
2011-11-07 20:13:26 272448 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-11-07 20:13:06 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
2011-11-07 20:12:23 -------- d-----w- C:\Users\folkert\AppData\Roaming\DAEMON Tools Pro
2011-11-07 20:12:23 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2011-11-07 18:45:58 -------- d-----w- C:\Users\folkert\AppData\Local\{90CAAF68-A09D-4F77-BE58-3AD43CC3C1AF}
2011-11-07 18:45:35 -------- d-----w- C:\Users\folkert\AppData\Local\{2786E915-3A38-4D13-B199-55129DD8004E}
2011-11-07 15:04:02 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2011-11-07 15:04:00 -------- d-----w- C:\ProgramData\Tarma Installer
2011-11-07 10:19:24 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-07 10:19:23 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-07 10:19:11 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-07 10:18:59 -------- d-----w- C:\ProgramData\AVAST Software
2011-11-07 10:18:59 -------- d-----w- C:\Program Files\AVAST Software
2011-11-07 06:37:05 -------- d-----w- C:\Users\folkert\AppData\Local\{FC40AE6F-4D7A-4738-B7A9-D233963D430A}
2011-11-07 06:36:53 -------- d-----w- C:\Users\folkert\AppData\Local\{B65A8B0B-B309-42BF-AB51-0F1B6D45180A}
2011-11-06 18:20:59 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll
2011-11-06 18:20:59 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2011-11-06 18:20:59 513544 ----a-w- C:\Windows\System32\XAudio2_2.dll
2011-11-06 18:20:59 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2011-11-06 18:20:57 238088 ----a-w- C:\Windows\SysWow64\xactengine3_2.dll
2011-11-06 18:20:57 177672 ----a-w- C:\Windows\System32\xactengine3_2.dll
2011-11-06 16:36:08 -------- d-----w- C:\Users\folkert\AppData\Local\{7571FA61-29B9-479F-BCC5-88B36085EDAB}
2011-11-06 16:35:57 -------- d-----w- C:\Users\folkert\AppData\Local\{3FC517CD-8B37-44CD-A59A-72E21CE24DF4}
2011-11-04 11:46:18 -------- d-----w- C:\Users\folkert\AppData\Local\{E61F332F-B8E8-4A0C-AE75-1A1D95A49492}
2011-11-04 11:45:58 -------- d-----w- C:\Users\folkert\AppData\Local\{A0E1AB95-836B-4C6A-A187-B97700BEF323}
2011-11-04 11:32:31 -------- d-----w- C:\Users\folkert\AppData\Local\{378E7C55-EF3E-478B-9C90-B4611D1DD372}
2011-11-04 11:32:19 -------- d-----w- C:\Users\folkert\AppData\Local\{9B0067BC-DAF3-4E47-8AB9-2DE8FD2FD528}
2011-11-03 07:51:32 -------- d-----w- C:\Users\folkert\AppData\Local\{43BBC115-909D-4DC6-A13D-ADF661B9C3AA}
2011-11-03 07:51:20 -------- d-----w- C:\Users\folkert\AppData\Local\{3EF7FC9D-6FDE-4C55-963B-B3BD7CBBB311}
2011-11-03 07:16:34 -------- d-----w- C:\Program Files\Symantec
2011-11-02 20:29:36 -------- d-----w- C:\Users\folkert\AppData\Local\{CEFAC273-59DA-4B4B-B5EC-AE7458C388C8}
2011-11-02 20:29:24 -------- d-----w- C:\Users\folkert\AppData\Local\{4E5759B0-B987-4777-BA7E-9E78E8807C88}
2011-11-02 17:19:52 -------- d-----w- C:\Users\folkert\AppData\Local\{931BEEA4-334D-4CAF-9F03-F1C2B4475CB3}
2011-11-02 17:19:40 -------- d-----w- C:\Users\folkert\AppData\Local\{CF615126-3DFF-47C6-928A-01D1DAB90E93}
2011-11-01 18:39:09 -------- d-----w- C:\Users\folkert\AppData\Local\{12D8EC9F-478B-446E-8AF8-0B75388BBB0F}
2011-11-01 18:38:56 -------- d-----w- C:\Users\folkert\AppData\Local\{083295D5-BEF3-4FC7-8EDD-D493E9D15215}
2011-10-31 19:16:16 -------- d-----w- C:\Users\folkert\AppData\Local\{74A8C6F9-0A60-436C-96BE-D4E87C06E201}
2011-10-31 19:16:05 -------- d-----w- C:\Users\folkert\AppData\Local\{E2B60774-938B-45E8-8ED4-6B5A4D68C81B}
2011-10-31 19:15:54 -------- d-----w- C:\Users\folkert\AppData\Local\{3EA83EA3-190C-4815-A6BB-1775255F33BB}
2011-10-31 19:15:43 -------- d-----w- C:\Users\folkert\AppData\Local\{BE4E3F84-3BBE-4577-BBD9-59E20F9A4A1D}
2011-10-31 07:14:50 -------- d-----w- C:\Users\folkert\AppData\Local\{91CFC759-F175-4356-BE48-B760E35AA231}
2011-10-31 07:14:38 -------- d-----w- C:\Users\folkert\AppData\Local\{217139AB-9731-4C85-A406-64A2E8410BD3}
2011-10-30 11:26:51 -------- d-----w- C:\Users\folkert\AppData\Local\{BB1CCDEB-FC3B-4484-BDF8-97D977BBF763}
2011-10-30 11:26:39 -------- d-----w- C:\Users\folkert\AppData\Local\{BF42E857-F0CF-4AB3-9B74-FF290EACB89C}
2011-10-29 15:01:20 -------- d-----w- C:\Users\folkert\AppData\Local\{0C570E7D-7BB0-43D1-B2BE-CD6E14BB0CCD}
2011-10-29 15:01:08 -------- d-----w- C:\Users\folkert\AppData\Local\{5B5BB918-456B-434D-93FD-4877412D306B}
2011-10-29 03:44:46 -------- d-----w- C:\Users\folkert\AppData\Local\{46CB84B3-5988-475F-8D87-548232460401}
2011-10-28 07:05:44 -------- d-----w- C:\Users\folkert\AppData\Local\{A20B34DF-00F4-41DA-8D8E-07B29706AC30}
2011-10-28 07:05:22 -------- d-----w- C:\Users\folkert\AppData\Local\{790BE96A-70B6-4BA4-8FD9-28D00D6FD67B}
2011-10-27 11:02:23 -------- d-----w- C:\Users\folkert\AppData\Local\{D8C4F44A-32F2-42D7-8E75-38C2075DF965}
2011-10-27 11:02:03 -------- d-----w- C:\Users\folkert\AppData\Local\{CD6845EB-FA7C-4757-841C-FA56591331E8}
2011-10-26 06:50:06 -------- d-----w- C:\Users\folkert\AppData\Local\{1E84DFBC-E85C-4714-B116-BBC43CDC1706}
2011-10-26 06:49:54 -------- d-----w- C:\Users\folkert\AppData\Local\{AE5A7A1F-FAB4-41D7-8590-0F78B6FF43E5}
.
==================== Find3M ====================
.
2011-11-24 21:47:06 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-10-06 21:32:38 24064 ----a-w- C:\Windows\SysWow64\FsExService64.Exe
2011-10-06 21:32:38 16392 ----a-w- C:\Windows\SysWow64\drivers\TFsExDisk.Sys
2011-10-06 21:32:11 5632 ----a-w- C:\Windows\SysWow64\drivers\StarOpen.sys
2011-10-04 13:24:59 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-09-27 14:01:58 1 ----a-w- C:\Windows\SysWow64\SI.bin
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 18:08:50 167704 ----a-w- C:\Windows\System32\igfxtray.exe
2011-08-31 18:08:48 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
2011-08-31 18:08:44 416024 ----a-w- C:\Windows\System32\igfxpers.exe
2011-08-31 18:08:42 239896 ----a-w- C:\Windows\System32\igfxext.exe
2011-08-31 18:08:34 392472 ----a-w- C:\Windows\System32\hkcmd.exe
2011-08-31 18:08:24 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
2011-08-31 18:08:22 179992 ----a-w- C:\Windows\System32\difx64.exe
2011-08-31 17:58:50 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2509.dll
2011-08-31 17:53:22 12306848 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2011-08-31 17:53:20 8312320 ----a-w- C:\Windows\System32\igdumd64.dll
2011-08-31 17:51:16 216000 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2011-08-31 17:51:16 216000 ----a-w- C:\Windows\System32\igfcg600m.bin
2011-08-31 17:51:04 75776 ----a-w- C:\Windows\System32\igdde64.dll
2011-08-31 17:47:42 6322688 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2011-08-31 17:46:00 56832 ----a-w- C:\Windows\SysWow64\igdde32.dll
2011-08-31 17:45:02 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2011-08-31 17:42:42 14598656 ----a-w- C:\Windows\System32\igd10umd64.dll
2011-08-31 17:37:18 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2011-08-31 17:31:14 18641408 ----a-w- C:\Windows\System32\ig4icd64.dll
2011-08-31 17:26:20 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2011-08-31 17:21:50 375808 ----a-w- C:\Windows\System32\igfxpph.dll
2011-08-31 17:21:46 378368 ----a-w- C:\Windows\System32\igfxTMM.dll
2011-08-31 17:21:40 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2011-08-31 17:21:26 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
2011-08-31 17:20:58 110080 ----a-w- C:\Windows\System32\hccutils.dll
2011-08-31 17:20:50 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2011-08-31 17:20:50 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
2011-08-31 17:20:48 390144 ----a-w- C:\Windows\System32\igfxdev.dll
2011-08-31 17:20:14 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
2011-08-31 17:20:08 9014784 ----a-w- C:\Windows\System32\igfxress.dll
2011-08-31 17:20:08 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2011-08-31 17:16:32 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2011-08-31 17:15:46 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2011-08-31 17:13:52 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2011-08-31 17:13:52 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
2011-08-31 17:13:52 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2011-08-31 17:13:52 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
2011-08-31 17:13:52 162816 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2011-08-31 17:13:52 140288 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2011-08-30 11:06:27 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll
2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
.
============= FINISH: 22:54:10,17 ===============

[folkert100]

sorry was te voorbarig



Results of screen317's Security Check version 0.99.28
Windows 7 x64
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
avast! Free Antivirus
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Adobe Flash Player ( 10.0.32.18) Flash Player out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
``````````End of Log````````````

sorry dat ik het niet allemaal in een keer poste maar dit is allemaal nieuw voor me:P moet me weg er nog een beetje in maken.


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Databaseversie: 8235

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

24-11-2011 22:45:41
mbam-log-2011-11-24 (22-45-41).txt

Scantype: Snelle scan
Objecten gescand: 175088
Verstreken tijd: 3 minuut/minuten, 26 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
c:\Users\folkert\AppData\Local\Temp\imsp.exe (Adware.Agent) -> Quarantined and deleted successfully.



Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Databaseversie: 8235

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

24-11-2011 22:51:40
mbam-log-2011-11-24 (22-51-40).txt

Scantype: Snelle scan
Objecten gescand: 175172
Verstreken tijd: 2 minuut/minuten, 55 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

[Emphyrio]

De logs niet als bijlagen posten zoals gevraagd geweest is aub.


Ik merk dat je Norton Internet Security én Avast hebt.

Indien NIS (Norton Internet Security) een betaalde versie is, verwijder je Avast van je PC.

Herstart daarna je PC en post een nieuwe DDS log.

[folkert100]

norton heb ik verwijderd als het goed was want het was maar een 30 dagen versie, daarna heb ik avast er op gezet. hoe zet je die dds bestand er als een log en niet als bijlagen?

uhmm je had inderdaag gelijk over die norton maar als ik norton wil verwijderen of wil open doet hij niks hij geeft ook niks aan ook als ik naar start>deze computer> een progamma verwijderen of wijzigin doet hij niks?

[folkert100]

ik heb norton verwijderd en heb een nieuwe dds gemaakt maar ik snap niet helemaal wat je bedoel met niet in bijlage voegen maar in log dus post ik hem hier maar.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 17-8-2011 21:24:12
System Uptime: 25-11-2011 13:26:51 (0 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K53E
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | CPU 1 | 1386/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 186 GiB total, 88,164 GiB free.
D: is FIXED (NTFS) - 254 GiB total, 195,178 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Norton Internet Security Settings Manager
Device ID: ROOT\LEGACY_CCSET_NIS\0000
Manufacturer:
Name: Norton Internet Security Settings Manager
PNP Device ID: ROOT\LEGACY_CCSET_NIS\0000
Service: ccSet_NIS
.
==== System Restore Points ===================
.
RP138: 13-11-2011 22:49:22 - DirectX is geïnstalleerd.
RP139: 15-11-2011 18:42:03 - DirectX is geïnstalleerd.
RP140: 20-11-2011 19:00:12 - Windows Back-up
RP141: 24-11-2011 18:55:40 - Herstelbewerking
RP142: 24-11-2011 22:19:06 - Installed HiJackThis
.
==== Installed Programs ======================
.
??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
???? ??? Windows Live
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
??????? Windows Live Mesh ActiveX ???
???????? ?????????? Windows Live
?????????? Windows Live
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.8
Alcor Micro USB Card Reader
Assassin's Creed Brotherhood
ASUS AI Recovery
ASUS FancyStart
ASUS LifeFrame3
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
AsusScr_K3 Series_ENG
AsusVibe2.0
ATK Package
avast! Free Antivirus
Battlefield 3™
Beowulf TM
Bing Bar
BitTorrent
Bookworm Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Crysis 2 version 1.0
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
DAEMON Tools Pro
DealPly
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Free YouTube to MP3 Converter version 3.10.11.923
Galeria de Fotografias do Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
GameSpy Arcade
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Junk Mail filter update
Malwarebytes' Anti-Malware versie 1.51.2.1300
Mesh Runtime
Microsoft Office Access MUI (Dutch) 2010
Microsoft Office Excel MUI (Dutch) 2010
Microsoft Office Groove MUI (Dutch) 2010
Microsoft Office InfoPath MUI (Dutch) 2010
Microsoft Office OneNote MUI (Dutch) 2010
Microsoft Office Outlook MUI (Dutch) 2010
Microsoft Office PowerPoint MUI (Dutch) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Dutch) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proofing (Dutch) 2010
Microsoft Office Publisher MUI (Dutch) 2010
Microsoft Office Shared MUI (Dutch) 2010
Microsoft Office Word MUI (Dutch) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nuance PDF Reader
NVIDIA PhysX v8.04.25
PC Connectivity Solution
PowerISO
PunkBuster Services
Raccolta foto di Windows Live
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver
Rome - Total War - Gold Edition
S?????? f?t???af??? t?? Windows Live
Samsung New PC Studio
SamsungConnectivityCableDriver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Excel 2010 (KB2553070)
Security Update for Microsoft InfoPath 2010 (KB2510065)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft PowerPoint 2010 (KB2519975)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Word 2010 (KB2345000)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
Sonic Focus
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
Stronghold 3
syncables desktop SE
Total Commander
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
WinISO 5.3
WinRAR
Wireless Console 3
.
==== End Of File ===========================

[Emphyrio]

.... maar ik snap niet helemaal wat je bedoel met niet in bijlage voegen maar in log dus post ik hem hier maar.

Dat staat ook nergens in mijn instructies

De logs niet als bijlagen posten zoals gevraagd geweest is aub.


Ik merk dat je Norton Internet Security én Avast hebt.

Indien NIS (Norton Internet Security) een betaalde versie is, verwijder je Avast van je PC.

Herstart daarna je PC en post een nieuwe DDS log.

De instructies goed lezen dus. Versta je iets niet: vragen


Graag had ik een verse DDS log gehad aub.
Je post dus de DDS.txt niet de attach.txt, tenzij ik erom vtaag.

[folkert100]

ik heb je een verse dds log gestuurd na dat ik norton heb verwijderd

[folkert100]

hierbij de de verse dds log

[Emphyrio]

Ik had graag gehad dat je mijn instructies uitvoerd, folkert100, ik heb dit reeds tweemaal gevraagd.

Post je DDS log dus NIET ALS BIJLAGE

[folkert100]

hoe moet ik hem dan posten ik snap het gewoon niet. ik probeer echt mee te werken hoor.

[Emphyrio]

De DDS.txt wordt geopend met kladblok.
Selecteer in kladblok Bewerken > "alles selecteren".
Vervolgens Bewerken > "Kopiëren".
In je volgend antwoord plak je de inhoud van het gekopieerde.

[folkert100]

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by folkert at 10:22:48 on 2011-11-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3874.2095 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\AsScrPro.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\igfxsrvc.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {2D8D9ACC-F6D7-4362-8876-A275CA929591} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [NPSStartup]
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBER~1.LNK - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Enviar a OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - C:\Users\folkert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA} : DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\3596475636F6D6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\442756E647865636F6C6C6567656D23547574656E64756E6 : DhcpNameServer = 10.0.4.40 10.0.4.41
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\4505D2C494E4B4F5342393235434 : DhcpNameServer = 192.168.2.254 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {2D8D9ACC-F6D7-4362-8876-A275CA929591} - No File
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [NPSStartup]
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-7 44768]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-20 2655768]
R2 wsnm;VMware View Client;C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe [2011-2-18 494192]
R2 wsnm_usbctrl;VMware View USB Control;C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-2-18 1120368]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 vmwvusb;VMware View Generic USB Driver;C:\Windows\system32\Drivers\vmwvusb.sys --> C:\Windows\system32\Drivers\vmwvusb.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1301010.003\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1301010.003\ccSetx64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S2 NIS;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2011-11-27 09:18:47 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B0E72DD-CCB5-42D3-BDE2-42C63E3C13C9}\offreg.dll
2011-11-27 09:17:48 -------- d-----w- C:\Users\folkert\AppData\Local\{D7AB6B03-F22D-415F-BFF5-50C9A92C19D5}
2011-11-27 09:17:37 -------- d-----w- C:\Users\folkert\AppData\Local\{9D3116E7-3C5C-44D6-8A86-AB78AFB566F8}
2011-11-26 23:21:52 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B0E72DD-CCB5-42D3-BDE2-42C63E3C13C9}\mpengine.dll
2011-11-26 13:29:08 -------- d-----w- C:\Users\folkert\AppData\Local\{21765D58-E5DF-415A-B8BF-A8F25FBB2094}
2011-11-26 13:28:56 -------- d-----w- C:\Users\folkert\AppData\Local\{0B24F410-2DF2-4009-AF6C-56E0EE957C84}
2011-11-25 19:55:37 -------- d-----w- C:\Users\folkert\AppData\Local\{04BE1207-94A4-4050-8FFA-0FE20C83D22E}
2011-11-25 19:55:14 -------- d-----w- C:\Users\folkert\AppData\Local\{A14D3996-2C8F-4883-9639-DC2DB13EB1D8}
2011-11-25 07:54:17 -------- d-----w- C:\Users\folkert\AppData\Local\{3D6F9DE8-3E1B-4438-849F-4A5AC37E183A}
2011-11-25 07:53:53 -------- d-----w- C:\Users\folkert\AppData\Local\{89D3A235-0E54-419E-9DAB-B002206CE50F}
2011-11-24 21:38:24 -------- d-----w- C:\Users\folkert\AppData\Roaming\Malwarebytes
2011-11-24 21:38:15 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-24 21:38:13 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-24 21:38:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-24 21:19:44 388096 ----a-r- C:\Users\folkert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-24 21:19:44 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-11-24 21:07:53 13312 ----a-w- C:\Windows\NET Checker.exe
2011-11-24 20:54:24 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-11-24 18:06:42 -------- d-----w- C:\Users\folkert\AppData\Local\{CF465566-C78F-4EF4-8D1B-0FA7C4302229}
2011-11-24 18:05:51 -------- d-----w- C:\Users\folkert\AppData\Local\{006FC8AE-1BBF-4CF8-B412-2F25A6821A73}
2011-11-24 07:31:47 -------- d-----w- C:\Users\folkert\AppData\Local\{7D735945-F419-41B9-A07C-D628E5788F8A}
2011-11-24 07:31:15 -------- d-----w- C:\Users\folkert\AppData\Local\{8779F651-02A7-4813-80B6-9BDCEDDA1C38}
2011-11-23 19:30:40 -------- d-----w- C:\Users\folkert\AppData\Local\{FE66965D-D2EA-4BD9-80DC-7C7CCA2D261A}
2011-11-23 19:30:17 -------- d-----w- C:\Users\folkert\AppData\Local\{591E0F6D-5ED3-417F-B60E-A7997AE48A90}
2011-11-23 07:29:03 -------- d-----w- C:\Users\folkert\AppData\Local\{584662DD-9BB2-4B36-9670-DB929E427551}
2011-11-23 07:28:31 -------- d-----w- C:\Users\folkert\AppData\Local\{4822F339-1BF5-4D3C-A95A-86D38603ABB4}
2011-11-22 10:49:16 -------- d-----w- C:\Users\folkert\AppData\Local\{D9387111-0E18-4061-9761-8DBD5D222A8F}
2011-11-22 10:48:45 -------- d-----w- C:\Users\folkert\AppData\Local\{8B58EEAD-B18B-4CA3-9B29-41FA85C02E17}
2011-11-22 08:43:28 -------- d-----w- C:\Users\folkert\AppData\Local\{3A62FCD0-117D-4144-B357-9488EE5FEAE3}
2011-11-22 08:00:42 -------- d-----w- C:\Users\folkert\AppData\Local\{F8C80126-0782-41B1-A87C-2CC214D5A5EC}
2011-11-22 08:00:01 -------- d-----w- C:\Users\folkert\AppData\Local\{865256BA-A690-4EC5-9C8F-A3B792C17983}
2011-11-21 21:07:41 -------- d-----w- C:\Program Files (x86)\Skype
2011-11-21 18:39:16 -------- d-----w- C:\Users\folkert\AppData\Local\{355511BE-4366-41F4-A182-CAB1A1B688B7}
2011-11-21 18:38:41 -------- d-----w- C:\Users\folkert\AppData\Local\{30E75E84-D4E7-4154-896F-2E389DF44B55}
2011-11-21 06:37:29 -------- d-----w- C:\Users\folkert\AppData\Local\{585023B5-B3AA-47F9-B18F-3B16B9A92307}
2011-11-21 06:35:51 -------- d-----w- C:\Users\folkert\AppData\Local\{EF6B1869-3488-4D89-B688-9E870CFC88FE}
2011-11-20 15:52:00 -------- d-----w- C:\Users\folkert\AppData\Local\{EC1179E1-53E0-4D29-9632-7B60FD1BF198}
2011-11-20 15:51:23 -------- d-----w- C:\Users\folkert\AppData\Local\{33D28ADA-7C21-4703-AD11-CA0011315A77}
2011-11-19 12:51:12 -------- d-----w- C:\Users\folkert\AppData\Local\{727928FF-D5DD-4A79-9DFF-3F86106FD87D}
2011-11-19 12:50:44 -------- d-----w- C:\Users\folkert\AppData\Local\{7D458416-96A8-4D1A-BC04-D70DE8F82B9F}
2011-11-18 10:04:28 -------- d-----w- C:\Users\folkert\AppData\Local\{1281C82C-DAD5-4305-9B3A-F2389ECFC216}
2011-11-18 10:03:50 -------- d-----w- C:\Users\folkert\AppData\Local\{DCFF14F2-4487-4779-9E6E-C7E165BF9198}
2011-11-17 09:48:35 -------- d-----w- C:\Users\folkert\AppData\Local\{B82A163D-1727-47CB-A342-3E8C44CF43E4}
2011-11-17 09:48:05 -------- d-----w- C:\Users\folkert\AppData\Local\{B0458A56-1566-46FA-B59F-F5D78E6BB00A}
2011-11-16 16:22:16 -------- d-----w- C:\Users\folkert\AppData\Local\{14F9BC40-F9D2-472D-9EF2-F1E7BA50CF8E}
2011-11-16 16:21:34 -------- d-----w- C:\Users\folkert\AppData\Local\{90CD1929-2741-4BA8-B245-6A9F220A98C0}
2011-11-16 14:27:51 -------- d-----w- C:\Users\folkert\AppData\Local\{AF41EDA3-9BB1-4D1E-AA30-B768FE67C136}
2011-11-16 11:24:54 -------- d-----w- C:\Users\folkert\AppData\Local\{C71BBD98-8019-44F6-AB72-A2EB26EF1BFB}
2011-11-16 09:35:12 -------- d-----w- C:\Users\folkert\AppData\Local\{C5049FF4-1EB5-410D-B67A-5F6FC55F57A1}
2011-11-15 17:45:04 -------- d-----w- C:\Users\folkert\AppData\Local\Skyrim
2011-11-15 10:34:38 -------- d-----w- C:\Users\folkert\AppData\Local\{E180A15B-A4C2-4D47-8C52-F47C1AADC67D}
2011-11-15 10:34:15 -------- d-----w- C:\Users\folkert\AppData\Local\{9305D796-C04A-4DE6-A841-E629C732C863}
2011-11-14 21:49:34 -------- d-----w- C:\Users\folkert\AppData\Local\{DFCEE804-4E36-4FD1-A98C-8A7E14E57EE5}
2011-11-14 21:48:44 -------- d-----w- C:\Users\folkert\AppData\Local\{23E1BBD6-6BC7-44E1-813E-2CF2E34970F5}
2011-11-14 09:47:51 -------- d-----w- C:\Users\folkert\AppData\Local\{3E67B423-8082-4A7A-8D7B-71C66BF92EB8}
2011-11-14 09:47:08 -------- d-----w- C:\Users\folkert\AppData\Local\{3F3E8BBD-AC81-439F-B303-D12870284060}
2011-11-13 21:51:47 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2011-11-13 12:58:09 -------- d-----w- C:\Users\folkert\AppData\Local\{4BDEE319-ECE6-4F42-A2B9-2AE16A894337}
2011-11-13 12:57:02 -------- d-----w- C:\Users\folkert\AppData\Local\{B9341A77-E332-480C-AAA6-FD0C9329AA1F}
2011-11-12 14:18:10 -------- d-----w- C:\Users\folkert\AppData\Local\{6FF1B0CF-80A3-4A3D-AF15-0626917D0BA5}
2011-11-12 14:17:48 -------- d-----w- C:\Users\folkert\AppData\Local\{4059F069-87A2-40CB-A333-470E033BEA8B}
2011-11-11 11:12:59 -------- d-----w- C:\Users\folkert\AppData\Local\{1EDFE2C2-477E-467F-BB3A-E79EE7918B0B}
2011-11-11 11:12:24 -------- d-----w- C:\Users\folkert\AppData\Local\{E56735DD-7D98-426B-8D88-53F9686FAC55}
2011-11-10 23:02:32 -------- d-----w- C:\Users\folkert\AppData\Local\{452910A6-376D-4543-94B6-E6A13DA9244A}
2011-11-10 23:02:10 -------- d-----w- C:\Users\folkert\AppData\Local\{3CF5B4C7-A5D7-4786-B455-11E286F50180}
2011-11-10 11:01:00 -------- d-----w- C:\Users\folkert\AppData\Local\{A9DA78CE-3A86-4D03-9558-987D90891E26}
2011-11-10 11:00:34 -------- d-----w- C:\Users\folkert\AppData\Local\{3EE91BDD-407A-4314-BB86-E2075649A520}
2011-11-09 22:14:48 -------- d-----w- C:\Users\folkert\AppData\Local\{27562DE0-8E76-4572-AC23-47DFD529C25E}
2011-11-09 22:14:25 -------- d-----w- C:\Users\folkert\AppData\Local\{CE2E6615-026C-4903-A42D-25C609004B20}
2011-11-09 19:51:44 -------- d-----w- C:\ProgramData\Solidshield
2011-11-09 19:50:42 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-11-09 19:50:40 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-09 19:50:39 -------- d-----w- C:\Users\folkert\AppData\Roaming\PunkBuster
2011-11-09 19:47:59 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2011-11-09 19:47:59 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2011-11-09 10:13:20 -------- d-----w- C:\Users\folkert\AppData\Local\{C8ED6B41-AC7C-44C5-AE50-69657A71C1DF}
2011-11-09 10:12:50 -------- d-----w- C:\Users\folkert\AppData\Local\{9A95CAC6-80F0-43F0-A8DB-B2E0C4CDD3D1}
2011-11-09 07:34:42 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 07:34:42 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 07:34:41 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 07:34:41 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-08 22:44:41 -------- d-----w- C:\Users\folkert\AppData\Local\Activision
2011-11-08 22:09:39 -------- d-----w- C:\Users\folkert\AppData\Local\{369BB374-9CA2-46B4-A37C-9BFFD9DD7A00}
2011-11-08 22:09:05 -------- d-----w- C:\Users\folkert\AppData\Local\{C3BACAA8-E25A-4791-AB40-60837F134015}
2011-11-08 12:35:02 -------- d-----w- C:\Users\folkert\AppData\Local\SKIDROW
2011-11-08 07:24:32 -------- d-----w- C:\Users\folkert\AppData\Local\{0B1EB31C-1E6C-4E8C-BD13-8C83145290AB}
2011-11-08 07:24:19 -------- d-----w- C:\Users\folkert\AppData\Local\{570A97F1-9781-4EF3-82CB-5F1EB701094E}
2011-11-07 20:42:36 -------- d-----w- C:\Program Files\Babylon
2011-11-07 20:13:26 272448 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-11-07 20:13:06 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
2011-11-07 20:12:23 -------- d-----w- C:\Users\folkert\AppData\Roaming\DAEMON Tools Pro
2011-11-07 20:12:23 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2011-11-07 18:45:58 -------- d-----w- C:\Users\folkert\AppData\Local\{90CAAF68-A09D-4F77-BE58-3AD43CC3C1AF}
2011-11-07 18:45:35 -------- d-----w- C:\Users\folkert\AppData\Local\{2786E915-3A38-4D13-B199-55129DD8004E}
2011-11-07 15:04:02 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2011-11-07 15:04:00 -------- d-----w- C:\ProgramData\Tarma Installer
2011-11-07 10:19:24 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-07 10:19:23 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-07 10:19:11 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-07 10:18:59 -------- d-----w- C:\ProgramData\AVAST Software
2011-11-07 10:18:59 -------- d-----w- C:\Program Files\AVAST Software
2011-11-07 06:37:05 -------- d-----w- C:\Users\folkert\AppData\Local\{FC40AE6F-4D7A-4738-B7A9-D233963D430A}
2011-11-07 06:36:53 -------- d-----w- C:\Users\folkert\AppData\Local\{B65A8B0B-B309-42BF-AB51-0F1B6D45180A}
2011-11-06 18:20:59 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll
2011-11-06 18:20:59 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2011-11-06 18:20:59 513544 ----a-w- C:\Windows\System32\XAudio2_2.dll
2011-11-06 18:20:59 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2011-11-06 18:20:57 238088 ----a-w- C:\Windows\SysWow64\xactengine3_2.dll
2011-11-06 18:20:57 177672 ----a-w- C:\Windows\System32\xactengine3_2.dll
2011-11-06 16:36:08 -------- d-----w- C:\Users\folkert\AppData\Local\{7571FA61-29B9-479F-BCC5-88B36085EDAB}
2011-11-06 16:35:57 -------- d-----w- C:\Users\folkert\AppData\Local\{3FC517CD-8B37-44CD-A59A-72E21CE24DF4}
2011-11-04 11:46:18 -------- d-----w- C:\Users\folkert\AppData\Local\{E61F332F-B8E8-4A0C-AE75-1A1D95A49492}
2011-11-04 11:45:58 -------- d-----w- C:\Users\folkert\AppData\Local\{A0E1AB95-836B-4C6A-A187-B97700BEF323}
2011-11-04 11:32:31 -------- d-----w- C:\Users\folkert\AppData\Local\{378E7C55-EF3E-478B-9C90-B4611D1DD372}
2011-11-04 11:32:19 -------- d-----w- C:\Users\folkert\AppData\Local\{9B0067BC-DAF3-4E47-8AB9-2DE8FD2FD528}
2011-11-03 07:51:32 -------- d-----w- C:\Users\folkert\AppData\Local\{43BBC115-909D-4DC6-A13D-ADF661B9C3AA}
2011-11-03 07:51:20 -------- d-----w- C:\Users\folkert\AppData\Local\{3EF7FC9D-6FDE-4C55-963B-B3BD7CBBB311}
2011-11-02 20:29:36 -------- d-----w- C:\Users\folkert\AppData\Local\{CEFAC273-59DA-4B4B-B5EC-AE7458C388C8}
2011-11-02 20:29:24 -------- d-----w- C:\Users\folkert\AppData\Local\{4E5759B0-B987-4777-BA7E-9E78E8807C88}
2011-11-02 17:19:52 -------- d-----w- C:\Users\folkert\AppData\Local\{931BEEA4-334D-4CAF-9F03-F1C2B4475CB3}
2011-11-02 17:19:40 -------- d-----w- C:\Users\folkert\AppData\Local\{CF615126-3DFF-47C6-928A-01D1DAB90E93}
2011-11-01 18:39:09 -------- d-----w- C:\Users\folkert\AppData\Local\{12D8EC9F-478B-446E-8AF8-0B75388BBB0F}
2011-11-01 18:38:56 -------- d-----w- C:\Users\folkert\AppData\Local\{083295D5-BEF3-4FC7-8EDD-D493E9D15215}
2011-10-31 19:16:16 -------- d-----w- C:\Users\folkert\AppData\Local\{74A8C6F9-0A60-436C-96BE-D4E87C06E201}
2011-10-31 19:16:05 -------- d-----w- C:\Users\folkert\AppData\Local\{E2B60774-938B-45E8-8ED4-6B5A4D68C81B}
2011-10-31 19:15:54 -------- d-----w- C:\Users\folkert\AppData\Local\{3EA83EA3-190C-4815-A6BB-1775255F33BB}
2011-10-31 19:15:43 -------- d-----w- C:\Users\folkert\AppData\Local\{BE4E3F84-3BBE-4577-BBD9-59E20F9A4A1D}
2011-10-31 07:14:50 -------- d-----w- C:\Users\folkert\AppData\Local\{91CFC759-F175-4356-BE48-B760E35AA231}
2011-10-31 07:14:38 -------- d-----w- C:\Users\folkert\AppData\Local\{217139AB-9731-4C85-A406-64A2E8410BD3}
2011-10-30 11:26:51 -------- d-----w- C:\Users\folkert\AppData\Local\{BB1CCDEB-FC3B-4484-BDF8-97D977BBF763}
2011-10-30 11:26:39 -------- d-----w- C:\Users\folkert\AppData\Local\{BF42E857-F0CF-4AB3-9B74-FF290EACB89C}
2011-10-29 15:01:20 -------- d-----w- C:\Users\folkert\AppData\Local\{0C570E7D-7BB0-43D1-B2BE-CD6E14BB0CCD}
2011-10-29 15:01:08 -------- d-----w- C:\Users\folkert\AppData\Local\{5B5BB918-456B-434D-93FD-4877412D306B}
2011-10-29 03:44:46 -------- d-----w- C:\Users\folkert\AppData\Local\{46CB84B3-5988-475F-8D87-548232460401}
.
==================== Find3M ====================
.
2011-11-25 18:57:42 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-10-06 21:32:38 24064 ----a-w- C:\Windows\SysWow64\FsExService64.Exe
2011-10-06 21:32:38 16392 ----a-w- C:\Windows\SysWow64\drivers\TFsExDisk.Sys
2011-10-06 21:32:11 5632 ----a-w- C:\Windows\SysWow64\drivers\StarOpen.sys
2011-09-27 14:01:58 1 ----a-w- C:\Windows\SysWow64\SI.bin
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 18:08:50 167704 ----a-w- C:\Windows\System32\igfxtray.exe
2011-08-31 18:08:48 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
2011-08-31 18:08:44 416024 ----a-w- C:\Windows\System32\igfxpers.exe
2011-08-31 18:08:42 239896 ----a-w- C:\Windows\System32\igfxext.exe
2011-08-31 18:08:34 392472 ----a-w- C:\Windows\System32\hkcmd.exe
2011-08-31 18:08:24 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
2011-08-31 18:08:22 179992 ----a-w- C:\Windows\System32\difx64.exe
2011-08-31 17:58:50 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2509.dll
2011-08-31 17:53:22 12306848 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2011-08-31 17:53:20 8312320 ----a-w- C:\Windows\System32\igdumd64.dll
2011-08-31 17:51:16 216000 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2011-08-31 17:51:16 216000 ----a-w- C:\Windows\System32\igfcg600m.bin
2011-08-31 17:51:04 75776 ----a-w- C:\Windows\System32\igdde64.dll
2011-08-31 17:47:42 6322688 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2011-08-31 17:46:00 56832 ----a-w- C:\Windows\SysWow64\igdde32.dll
2011-08-31 17:45:02 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2011-08-31 17:42:42 14598656 ----a-w- C:\Windows\System32\igd10umd64.dll
2011-08-31 17:37:18 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2011-08-31 17:31:14 18641408 ----a-w- C:\Windows\System32\ig4icd64.dll
2011-08-31 17:26:20 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2011-08-31 17:21:50 375808 ----a-w- C:\Windows\System32\igfxpph.dll
2011-08-31 17:21:46 378368 ----a-w- C:\Windows\System32\igfxTMM.dll
2011-08-31 17:21:40 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2011-08-31 17:21:26 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
2011-08-31 17:20:58 110080 ----a-w- C:\Windows\System32\hccutils.dll
2011-08-31 17:20:50 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2011-08-31 17:20:50 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
2011-08-31 17:20:48 390144 ----a-w- C:\Windows\System32\igfxdev.dll
2011-08-31 17:20:14 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
2011-08-31 17:20:08 9014784 ----a-w- C:\Windows\System32\igfxress.dll
2011-08-31 17:20:08 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2011-08-31 17:16:32 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2011-08-31 17:15:46 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2011-08-31 17:13:52 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2011-08-31 17:13:52 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
2011-08-31 17:13:52 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2011-08-31 17:13:52 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
2011-08-31 17:13:52 162816 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2011-08-31 17:13:52 140288 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2011-08-30 11:06:27 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll
.
============= FINISH: 10:26:56,14 ===============

zo dus

[Emphyrio]

Prima

We gaan even verder analyzeren........



Download TFC en sla deze op je Bureaublad op.

• Dubbelklik op TFC.exe om het programma te openen.
• Het programma zal alle andere programma's sluiten, zorg er dus voor dat je al je werk hebt opgeslagen voordat je verder gaat.
• Klik op de knop Start om het programma te starten.
• Als het programma klaar is, dan zal het je computer opnieuw opstarten.
  Als dit niet gebeurt, start dan je computer handmatig opnieuw op.

Download Combofix en plaats het op je bureaublad.

Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

Als Combofix vraagt om een update, dan staat je dit toe.

Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
Deze kan je vinden als C:\combofix.txt.

Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

Emphyrio

[folkert100]

de combo log

ComboFix 11-11-27.02 - folkert 27-11-2011 19:15:37.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3874.2370 [GMT 1:00]
Gestart vanuit: c:\users\folkert\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-10-27 to 2011-11-27 ))))))))))))))))))))))))))))))
.
.
2011-11-27 18:21 . 2011-11-27 18:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-27 18:08 . 2011-11-27 18:08 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B0E72DD-CCB5-42D3-BDE2-42C63E3C13C9}\offreg.dll
2011-11-26 23:21 . 2011-10-18 00:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B0E72DD-CCB5-42D3-BDE2-42C63E3C13C9}\mpengine.dll
2011-11-24 21:38 . 2011-11-24 21:38 -------- d-----w- c:\users\folkert\AppData\Roaming\Malwarebytes
2011-11-24 21:38 . 2011-11-24 21:38 -------- d-----w- c:\programdata\Malwarebytes
2011-11-24 21:38 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-24 21:38 . 2011-11-24 21:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-24 21:19 . 2011-11-24 21:19 388096 ----a-r- c:\users\folkert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-24 21:19 . 2011-11-24 21:19 -------- d-----w- c:\program files (x86)\Trend Micro
2011-11-24 21:07 . 2008-09-29 18:06 13312 ----a-w- c:\windows\NET Checker.exe
2011-11-24 20:54 . 2011-11-24 20:54 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-11-21 21:07 . 2011-11-24 17:58 -------- d-----w- c:\users\folkert\AppData\Roaming\Skype
2011-11-21 21:07 . 2011-11-24 17:59 -------- d-----w- c:\program files (x86)\Skype
2011-11-21 21:07 . 2011-11-24 17:59 -------- d-----w- c:\programdata\Skype
2011-11-15 17:45 . 2011-11-15 17:45 -------- d-----w- c:\users\folkert\AppData\Local\Skyrim
2011-11-13 21:51 . 2011-11-13 21:51 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2011-11-09 19:54 . 2011-11-09 19:54 -------- d-----w- c:\programdata\Ubisoft
2011-11-09 19:51 . 2011-11-09 19:53 -------- d-----w- c:\programdata\Solidshield
2011-11-09 19:50 . 2011-11-09 19:50 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-11-09 19:50 . 2011-11-09 19:50 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-11-09 19:50 . 2011-11-09 19:50 -------- d-----w- c:\users\folkert\AppData\Roaming\PunkBuster
2011-11-09 19:50 . 2011-11-09 19:50 -------- d-----w- c:\program files (x86)\Ubisoft
2011-11-09 19:47 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-11-09 19:47 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2011-11-09 07:34 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 07:34 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 07:34 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 07:34 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 22:44 . 2011-11-08 22:44 -------- d-----w- c:\users\folkert\AppData\Local\Activision
2011-11-08 12:35 . 2011-11-08 12:35 -------- d-----w- c:\users\folkert\AppData\Local\SKIDROW
2011-11-07 20:42 . 2011-11-07 20:50 -------- d-----w- c:\program files\Babylon
2011-11-07 20:13 . 2011-11-07 20:13 272448 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-11-07 20:13 . 2011-11-07 20:13 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2011-11-07 20:12 . 2011-11-07 20:46 -------- d-----w- c:\users\folkert\AppData\Roaming\DAEMON Tools Pro
2011-11-07 20:12 . 2011-11-07 20:12 -------- d-----w- c:\programdata\DAEMON Tools Pro
2011-11-07 15:04 . 2011-11-07 15:04 -------- d-----w- c:\program files (x86)\Yontoo Layers Runtime
2011-11-07 10:19 . 2011-09-06 21:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-07 10:19 . 2011-09-06 21:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-07 10:19 . 2011-09-06 21:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-07 10:19 . 2011-09-06 21:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-07 10:19 . 2011-09-06 21:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-07 10:19 . 2011-09-06 21:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-07 10:19 . 2011-09-06 21:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-07 10:19 . 2011-09-06 21:45 41184 ----a-w- c:\windows\avastSS.scr
2011-11-07 10:19 . 2011-09-06 21:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-07 10:18 . 2011-11-07 10:18 -------- d-----w- c:\programdata\AVAST Software
2011-11-07 10:18 . 2011-11-07 10:18 -------- d-----w- c:\program files\AVAST Software
2011-11-06 18:20 . 2008-07-31 09:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-11-06 18:20 . 2008-07-31 09:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2011-11-06 18:20 . 2008-07-31 09:40 513544 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-11-06 18:20 . 2008-07-31 09:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2011-11-06 18:20 . 2008-07-31 09:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2011-11-06 18:20 . 2008-07-31 09:41 177672 ----a-w- c:\windows\system32\xactengine3_2.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 18:57 . 2011-08-17 19:24 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-10-06 21:32 . 2011-09-12 20:25 24064 ----a-w- c:\windows\SysWow64\FsExService64.Exe
2011-10-06 21:32 . 2011-09-12 20:25 16392 ----a-w- c:\windows\SysWow64\drivers\TFsExDisk.Sys
2011-10-06 21:32 . 2007-10-25 15:26 5632 ----a-w- c:\windows\SysWow64\drivers\StarOpen.sys
2011-09-01 05:24 . 2011-10-14 05:55 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 05:55 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 05:55 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 05:55 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 05:55 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 05:55 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-31 18:08 . 2011-08-31 18:08 167704 ----a-w- c:\windows\system32\igfxtray.exe
2011-08-31 18:08 . 2011-08-31 18:08 510232 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-08-31 18:08 . 2011-08-31 18:08 416024 ----a-w- c:\windows\system32\igfxpers.exe
2011-08-31 18:08 . 2011-08-31 18:08 239896 ----a-w- c:\windows\system32\igfxext.exe
2011-08-31 18:08 . 2011-08-31 18:08 392472 ----a-w- c:\windows\system32\hkcmd.exe
2011-08-31 18:08 . 2011-08-31 18:08 4378392 ----a-w- c:\windows\system32\GfxUI.exe
2011-08-31 18:08 . 2011-08-31 18:08 179992 ----a-w- c:\windows\system32\difx64.exe
2011-08-31 17:58 . 2011-08-31 17:58 90112 ----a-w- c:\windows\system32\igfxCoIn_v2509.dll
2011-08-31 17:53 . 2011-08-31 17:53 12306848 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2011-08-31 17:53 . 2011-08-31 17:53 8312320 ----a-w- c:\windows\system32\igdumd64.dll
2011-08-31 17:51 . 2011-08-31 17:51 216000 ----a-w- c:\windows\system32\igfcg600m.bin
2011-08-31 17:51 . 2011-08-31 17:51 75776 ----a-w- c:\windows\system32\igdde64.dll
2011-08-31 17:47 . 2011-08-31 17:47 6322688 ----a-w- c:\windows\SysWow64\igdumd32.dll
2011-08-31 17:46 . 2011-08-31 17:46 56832 ----a-w- c:\windows\SysWow64\igdde32.dll
2011-08-31 17:45 . 2011-08-31 17:45 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2011-08-31 17:42 . 2011-04-11 02:48 14598656 ----a-w- c:\windows\system32\igd10umd64.dll
2011-08-31 17:37 . 2011-04-11 02:48 12340224 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2011-08-31 17:31 . 2011-08-31 17:31 18641408 ----a-w- c:\windows\system32\ig4icd64.dll
2011-08-31 17:26 . 2011-08-31 17:26 13903872 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2011-08-31 17:22 . 2011-08-31 17:22 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2011-08-31 17:22 . 2011-08-31 17:22 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2011-08-31 17:22 . 2011-08-31 17:22 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2011-08-31 17:22 . 2011-08-31 17:22 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2011-08-31 17:22 . 2011-08-31 17:22 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2011-08-31 17:22 . 2011-08-31 17:22 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2011-08-31 17:22 . 2011-08-31 17:22 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2011-08-31 17:22 . 2011-08-31 17:22 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2011-08-31 17:22 . 2011-08-31 17:22 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2011-08-31 17:22 . 2011-08-31 17:22 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-08-31 17:22 . 2011-08-31 17:22 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2011-08-31 17:22 . 2011-08-31 17:22 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-08-31 17:22 . 2011-08-31 17:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2011-08-31 17:21 . 2011-08-31 17:21 375808 ----a-w- c:\windows\system32\igfxpph.dll
2011-08-31 17:21 . 2011-08-31 17:21 378368 ----a-w- c:\windows\system32\igfxTMM.dll
2011-08-31 17:21 . 2011-08-31 17:21 28672 ----a-w- c:\windows\system32\igfxexps.dll
2011-08-31 17:21 . 2011-04-11 02:48 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-08-31 17:20 . 2011-04-11 02:48 110080 ----a-w- c:\windows\system32\hccutils.dll
2011-08-31 17:20 . 2011-08-31 17:20 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-08-31 17:20 . 2011-08-31 17:20 146432 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-08-31 17:20 . 2011-08-31 17:20 390144 ----a-w- c:\windows\system32\igfxdev.dll
2011-08-31 17:20 . 2011-08-31 17:20 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-08-31 17:20 . 2011-08-31 17:20 142336 ----a-w- c:\windows\system32\igfxdo.dll
2011-08-31 17:20 . 2011-04-11 02:48 9014784 ----a-w- c:\windows\system32\igfxress.dll
2011-08-31 17:16 . 2011-08-31 17:16 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2011-08-31 17:15 . 2011-08-31 17:15 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2011-08-31 17:13 . 2011-08-31 17:13 98304 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2011-08-31 17:13 . 2011-08-31 17:13 98304 ----a-w- c:\windows\system32\iglhcp64.dll
2011-08-31 17:13 . 2011-08-31 17:13 376832 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2011-08-31 17:13 . 2011-08-31 17:13 376832 ----a-w- c:\windows\system32\iglhsip64.dll
2011-08-31 17:13 . 2011-08-31 17:13 162816 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2011-08-31 17:13 . 2011-08-31 17:13 140288 ----a-w- c:\windows\system32\igfxcmrt64.dll
2011-08-30 11:06 . 2011-08-30 11:06 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-09-30 17:27 194848 ----a-w- c:\program files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-03-17 842048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 549040]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-8-18 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp wsauth
.
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1301010.003\ccSetx64.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 wsnm;VMware View Client;c:\program files\VMware\VMware View\Client\bin\wsnm.exe [2011-02-18 494192]
S2 wsnm_usbctrl;VMware View USB Control;c:\program files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-02-18 1120368]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x]
S3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\Drivers\vmwvusb.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Enviar a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\folkert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.54.35.25 212.54.40.25
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file)
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-Stronghold 3_is1 - d:\stronghold 3\Stronghold 3\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.1.1.3\diMaster.dll\" /prefetch:1"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1279898059-1376363585-2201123525-1000\Software\SecuROM\License information*]
"datasecu"=hex:e4,9b,e5,a4,b7,9f,cb,40,fa,80,b8,c4,7c,4d,46,f2,12,3d,dc,a8,3d,
68,92,8b,6c,0b,26,0a,35,4c,ac,76,f8,b1,86,34,47,e2,3f,a6,84,91,1a,bd,e3,55,\
"rkeysecu"=hex:99,ec,02,43,e5,fc,30,db,f7,7a,df,93,b9,b2,f8,45
.
[HKEY_USERS\S-1-5-21-1279898059-1376363585-2201123525-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\battlefield 3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T17:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T17:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T17:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-1279898059-1376363585-2201123525-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\d:\battlefield 3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"2011-10-10T17:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00"
"qkrcodecs4.dll"=multi:"2011-10-10T17:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00"
"qtwcodecs4.dll"=multi:"2011-10-10T17:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00"
.
[HKEY_USERS\S-1-5-21-1279898059-1376363585-2201123525-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\battlefield 3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T17:42\00\00"
"qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_USERS\S-1-5-21-1279898059-1376363585-2201123525-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\battlefield 3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2011-11-27 19:24:05
ComboFix-quarantined-files.txt 2011-11-27 18:24
.
Pre-Run: 79.668.346.880 bytes beschikbaar
Post-Run: 79.034.224.640 bytes beschikbaar
.
- - End Of File - - 043C27B9AE62811A6B98E0F392DB74A7

[folkert100]

en de verse dds

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by folkert at 19:29:24 on 2011-11-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3874.2142 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\AsScrPro.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBER~1.LNK - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Enviar a OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - C:\Users\folkert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA} : DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\3596475636F6D6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\442756E647865636F6C6C6567656D23547574656E64756E6 : DhcpNameServer = 10.0.4.40 10.0.4.41
TCP: Interfaces\{926A60CA-D6E3-416F-8CE9-8D581773A4AA}\4505D2C494E4B4F5342393235434 : DhcpNameServer = 192.168.2.254 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-7 44768]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-20 2655768]
R2 wsnm;VMware View Client;C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe [2011-2-18 494192]
R2 wsnm_usbctrl;VMware View USB Control;C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-2-18 1120368]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 vmwvusb;VMware View Generic USB Driver;C:\Windows\system32\Drivers\vmwvusb.sys --> C:\Windows\system32\Drivers\vmwvusb.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1301010.003\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1301010.003\ccSetx64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S2 NIS;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2011-11-27 18:14:39 98816 ----a-w- C:\Windows\sed.exe
2011-11-27 18:14:39 518144 ----a-w- C:\Windows\SWREG.exe
2011-11-27 18:14:39 256000 ----a-w- C:\Windows\PEV.exe
2011-11-27 18:14:39 208896 ----a-w- C:\Windows\MBR.exe
2011-11-27 18:08:18 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B0E72DD-CCB5-42D3-BDE2-42C63E3C13C9}\offreg.dll
2011-11-27 09:17:48 -------- d-----w- C:\Users\folkert\AppData\Local\{D7AB6B03-F22D-415F-BFF5-50C9A92C19D5}
2011-11-27 09:17:37 -------- d-----w- C:\Users\folkert\AppData\Local\{9D3116E7-3C5C-44D6-8A86-AB78AFB566F8}
2011-11-26 23:21:52 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B0E72DD-CCB5-42D3-BDE2-42C63E3C13C9}\mpengine.dll
2011-11-26 13:29:08 -------- d-----w- C:\Users\folkert\AppData\Local\{21765D58-E5DF-415A-B8BF-A8F25FBB2094}
2011-11-26 13:28:56 -------- d-----w- C:\Users\folkert\AppData\Local\{0B24F410-2DF2-4009-AF6C-56E0EE957C84}
2011-11-25 19:55:37 -------- d-----w- C:\Users\folkert\AppData\Local\{04BE1207-94A4-4050-8FFA-0FE20C83D22E}
2011-11-25 19:55:14 -------- d-----w- C:\Users\folkert\AppData\Local\{A14D3996-2C8F-4883-9639-DC2DB13EB1D8}
2011-11-25 07:54:17 -------- d-----w- C:\Users\folkert\AppData\Local\{3D6F9DE8-3E1B-4438-849F-4A5AC37E183A}
2011-11-25 07:53:53 -------- d-----w- C:\Users\folkert\AppData\Local\{89D3A235-0E54-419E-9DAB-B002206CE50F}
2011-11-24 21:38:24 -------- d-----w- C:\Users\folkert\AppData\Roaming\Malwarebytes
2011-11-24 21:38:15 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-24 21:38:13 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-24 21:38:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-24 21:19:44 388096 ----a-r- C:\Users\folkert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-24 21:19:44 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-11-24 21:07:53 13312 ----a-w- C:\Windows\NET Checker.exe
2011-11-24 20:54:24 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-11-24 18:06:42 -------- d-----w- C:\Users\folkert\AppData\Local\{CF465566-C78F-4EF4-8D1B-0FA7C4302229}
2011-11-24 18:05:51 -------- d-----w- C:\Users\folkert\AppData\Local\{006FC8AE-1BBF-4CF8-B412-2F25A6821A73}
2011-11-24 07:31:47 -------- d-----w- C:\Users\folkert\AppData\Local\{7D735945-F419-41B9-A07C-D628E5788F8A}
2011-11-24 07:31:15 -------- d-----w- C:\Users\folkert\AppData\Local\{8779F651-02A7-4813-80B6-9BDCEDDA1C38}
2011-11-23 19:30:40 -------- d-----w- C:\Users\folkert\AppData\Local\{FE66965D-D2EA-4BD9-80DC-7C7CCA2D261A}
2011-11-23 19:30:17 -------- d-----w- C:\Users\folkert\AppData\Local\{591E0F6D-5ED3-417F-B60E-A7997AE48A90}
2011-11-23 07:29:03 -------- d-----w- C:\Users\folkert\AppData\Local\{584662DD-9BB2-4B36-9670-DB929E427551}
2011-11-23 07:28:31 -------- d-----w- C:\Users\folkert\AppData\Local\{4822F339-1BF5-4D3C-A95A-86D38603ABB4}
2011-11-22 10:49:16 -------- d-----w- C:\Users\folkert\AppData\Local\{D9387111-0E18-4061-9761-8DBD5D222A8F}
2011-11-22 10:48:45 -------- d-----w- C:\Users\folkert\AppData\Local\{8B58EEAD-B18B-4CA3-9B29-41FA85C02E17}
2011-11-22 08:43:28 -------- d-----w- C:\Users\folkert\AppData\Local\{3A62FCD0-117D-4144-B357-9488EE5FEAE3}
2011-11-22 08:00:42 -------- d-----w- C:\Users\folkert\AppData\Local\{F8C80126-0782-41B1-A87C-2CC214D5A5EC}
2011-11-22 08:00:01 -------- d-----w- C:\Users\folkert\AppData\Local\{865256BA-A690-4EC5-9C8F-A3B792C17983}
2011-11-21 21:07:41 -------- d-----w- C:\Program Files (x86)\Skype
2011-11-21 18:39:16 -------- d-----w- C:\Users\folkert\AppData\Local\{355511BE-4366-41F4-A182-CAB1A1B688B7}
2011-11-21 18:38:41 -------- d-----w- C:\Users\folkert\AppData\Local\{30E75E84-D4E7-4154-896F-2E389DF44B55}
2011-11-21 06:37:29 -------- d-----w- C:\Users\folkert\AppData\Local\{585023B5-B3AA-47F9-B18F-3B16B9A92307}
2011-11-21 06:35:51 -------- d-----w- C:\Users\folkert\AppData\Local\{EF6B1869-3488-4D89-B688-9E870CFC88FE}
2011-11-20 15:52:00 -------- d-----w- C:\Users\folkert\AppData\Local\{EC1179E1-53E0-4D29-9632-7B60FD1BF198}
2011-11-20 15:51:23 -------- d-----w- C:\Users\folkert\AppData\Local\{33D28ADA-7C21-4703-AD11-CA0011315A77}
2011-11-19 12:51:12 -------- d-----w- C:\Users\folkert\AppData\Local\{727928FF-D5DD-4A79-9DFF-3F86106FD87D}
2011-11-19 12:50:44 -------- d-----w- C:\Users\folkert\AppData\Local\{7D458416-96A8-4D1A-BC04-D70DE8F82B9F}
2011-11-18 10:04:28 -------- d-----w- C:\Users\folkert\AppData\Local\{1281C82C-DAD5-4305-9B3A-F2389ECFC216}
2011-11-18 10:03:50 -------- d-----w- C:\Users\folkert\AppData\Local\{DCFF14F2-4487-4779-9E6E-C7E165BF9198}
2011-11-17 09:48:35 -------- d-----w- C:\Users\folkert\AppData\Local\{B82A163D-1727-47CB-A342-3E8C44CF43E4}
2011-11-17 09:48:05 -------- d-----w- C:\Users\folkert\AppData\Local\{B0458A56-1566-46FA-B59F-F5D78E6BB00A}
2011-11-16 16:22:16 -------- d-----w- C:\Users\folkert\AppData\Local\{14F9BC40-F9D2-472D-9EF2-F1E7BA50CF8E}
2011-11-16 16:21:34 -------- d-----w- C:\Users\folkert\AppData\Local\{90CD1929-2741-4BA8-B245-6A9F220A98C0}
2011-11-16 14:27:51 -------- d-----w- C:\Users\folkert\AppData\Local\{AF41EDA3-9BB1-4D1E-AA30-B768FE67C136}
2011-11-16 11:24:54 -------- d-----w- C:\Users\folkert\AppData\Local\{C71BBD98-8019-44F6-AB72-A2EB26EF1BFB}
2011-11-16 09:35:12 -------- d-----w- C:\Users\folkert\AppData\Local\{C5049FF4-1EB5-410D-B67A-5F6FC55F57A1}
2011-11-15 17:45:04 -------- d-----w- C:\Users\folkert\AppData\Local\Skyrim
2011-11-15 10:34:38 -------- d-----w- C:\Users\folkert\AppData\Local\{E180A15B-A4C2-4D47-8C52-F47C1AADC67D}
2011-11-15 10:34:15 -------- d-----w- C:\Users\folkert\AppData\Local\{9305D796-C04A-4DE6-A841-E629C732C863}
2011-11-14 21:49:34 -------- d-----w- C:\Users\folkert\AppData\Local\{DFCEE804-4E36-4FD1-A98C-8A7E14E57EE5}
2011-11-14 21:48:44 -------- d-----w- C:\Users\folkert\AppData\Local\{23E1BBD6-6BC7-44E1-813E-2CF2E34970F5}
2011-11-14 09:47:51 -------- d-----w- C:\Users\folkert\AppData\Local\{3E67B423-8082-4A7A-8D7B-71C66BF92EB8}
2011-11-14 09:47:08 -------- d-----w- C:\Users\folkert\AppData\Local\{3F3E8BBD-AC81-439F-B303-D12870284060}
2011-11-13 21:51:47 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2011-11-13 12:58:09 -------- d-----w- C:\Users\folkert\AppData\Local\{4BDEE319-ECE6-4F42-A2B9-2AE16A894337}
2011-11-13 12:57:02 -------- d-----w- C:\Users\folkert\AppData\Local\{B9341A77-E332-480C-AAA6-FD0C9329AA1F}
2011-11-12 14:18:10 -------- d-----w- C:\Users\folkert\AppData\Local\{6FF1B0CF-80A3-4A3D-AF15-0626917D0BA5}
2011-11-12 14:17:48 -------- d-----w- C:\Users\folkert\AppData\Local\{4059F069-87A2-40CB-A333-470E033BEA8B}
2011-11-11 11:12:59 -------- d-----w- C:\Users\folkert\AppData\Local\{1EDFE2C2-477E-467F-BB3A-E79EE7918B0B}
2011-11-11 11:12:24 -------- d-----w- C:\Users\folkert\AppData\Local\{E56735DD-7D98-426B-8D88-53F9686FAC55}
2011-11-10 23:02:32 -------- d-----w- C:\Users\folkert\AppData\Local\{452910A6-376D-4543-94B6-E6A13DA9244A}
2011-11-10 23:02:10 -------- d-----w- C:\Users\folkert\AppData\Local\{3CF5B4C7-A5D7-4786-B455-11E286F50180}
2011-11-10 11:01:00 -------- d-----w- C:\Users\folkert\AppData\Local\{A9DA78CE-3A86-4D03-9558-987D90891E26}
2011-11-10 11:00:34 -------- d-----w- C:\Users\folkert\AppData\Local\{3EE91BDD-407A-4314-BB86-E2075649A520}
2011-11-09 22:14:48 -------- d-----w- C:\Users\folkert\AppData\Local\{27562DE0-8E76-4572-AC23-47DFD529C25E}
2011-11-09 22:14:25 -------- d-----w- C:\Users\folkert\AppData\Local\{CE2E6615-026C-4903-A42D-25C609004B20}
2011-11-09 19:51:44 -------- d-----w- C:\ProgramData\Solidshield
2011-11-09 19:50:42 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-11-09 19:50:40 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-09 19:50:39 -------- d-----w- C:\Users\folkert\AppData\Roaming\PunkBuster
2011-11-09 19:47:59 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2011-11-09 19:47:59 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2011-11-09 10:13:20 -------- d-----w- C:\Users\folkert\AppData\Local\{C8ED6B41-AC7C-44C5-AE50-69657A71C1DF}
2011-11-09 10:12:50 -------- d-----w- C:\Users\folkert\AppData\Local\{9A95CAC6-80F0-43F0-A8DB-B2E0C4CDD3D1}
2011-11-09 07:34:42 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 07:34:42 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 07:34:41 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 07:34:41 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-08 22:44:41 -------- d-----w- C:\Users\folkert\AppData\Local\Activision
2011-11-08 22:09:39 -------- d-----w- C:\Users\folkert\AppData\Local\{369BB374-9CA2-46B4-A37C-9BFFD9DD7A00}
2011-11-08 22:09:05 -------- d-----w- C:\Users\folkert\AppData\Local\{C3BACAA8-E25A-4791-AB40-60837F134015}
2011-11-08 12:35:02 -------- d-----w- C:\Users\folkert\AppData\Local\SKIDROW
2011-11-08 07:24:32 -------- d-----w- C:\Users\folkert\AppData\Local\{0B1EB31C-1E6C-4E8C-BD13-8C83145290AB}
2011-11-08 07:24:19 -------- d-----w- C:\Users\folkert\AppData\Local\{570A97F1-9781-4EF3-82CB-5F1EB701094E}
2011-11-07 20:42:36 -------- d-----w- C:\Program Files\Babylon
2011-11-07 20:13:26 272448 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-11-07 20:13:06 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
2011-11-07 20:12:23 -------- d-----w- C:\Users\folkert\AppData\Roaming\DAEMON Tools Pro
2011-11-07 20:12:23 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2011-11-07 18:45:58 -------- d-----w- C:\Users\folkert\AppData\Local\{90CAAF68-A09D-4F77-BE58-3AD43CC3C1AF}
2011-11-07 18:45:35 -------- d-----w- C:\Users\folkert\AppData\Local\{2786E915-3A38-4D13-B199-55129DD8004E}
2011-11-07 15:04:02 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2011-11-07 10:19:24 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-07 10:19:23 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-07 10:19:11 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-07 10:18:59 -------- d-----w- C:\ProgramData\AVAST Software
2011-11-07 10:18:59 -------- d-----w- C:\Program Files\AVAST Software
2011-11-07 06:37:05 -------- d-----w- C:\Users\folkert\AppData\Local\{FC40AE6F-4D7A-4738-B7A9-D233963D430A}
2011-11-07 06:36:53 -------- d-----w- C:\Users\folkert\AppData\Local\{B65A8B0B-B309-42BF-AB51-0F1B6D45180A}
2011-11-06 18:20:59 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll
2011-11-06 18:20:59 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2011-11-06 18:20:59 513544 ----a-w- C:\Windows\System32\XAudio2_2.dll
2011-11-06 18:20:59 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2011-11-06 18:20:57 238088 ----a-w- C:\Windows\SysWow64\xactengine3_2.dll
2011-11-06 18:20:57 177672 ----a-w- C:\Windows\System32\xactengine3_2.dll
2011-11-06 16:36:08 -------- d-----w- C:\Users\folkert\AppData\Local\{7571FA61-29B9-479F-BCC5-88B36085EDAB}
2011-11-06 16:35:57 -------- d-----w- C:\Users\folkert\AppData\Local\{3FC517CD-8B37-44CD-A59A-72E21CE24DF4}
2011-11-04 11:46:18 -------- d-----w- C:\Users\folkert\AppData\Local\{E61F332F-B8E8-4A0C-AE75-1A1D95A49492}
2011-11-04 11:45:58 -------- d-----w- C:\Users\folkert\AppData\Local\{A0E1AB95-836B-4C6A-A187-B97700BEF323}
2011-11-04 11:32:31 -------- d-----w- C:\Users\folkert\AppData\Local\{378E7C55-EF3E-478B-9C90-B4611D1DD372}
2011-11-04 11:32:19 -------- d-----w- C:\Users\folkert\AppData\Local\{9B0067BC-DAF3-4E47-8AB9-2DE8FD2FD528}
2011-11-03 07:51:32 -------- d-----w- C:\Users\folkert\AppData\Local\{43BBC115-909D-4DC6-A13D-ADF661B9C3AA}
2011-11-03 07:51:20 -------- d-----w- C:\Users\folkert\AppData\Local\{3EF7FC9D-6FDE-4C55-963B-B3BD7CBBB311}
2011-11-02 20:29:36 -------- d-----w- C:\Users\folkert\AppData\Local\{CEFAC273-59DA-4B4B-B5EC-AE7458C388C8}
2011-11-02 20:29:24 -------- d-----w- C:\Users\folkert\AppData\Local\{4E5759B0-B987-4777-BA7E-9E78E8807C88}
2011-11-02 17:19:52 -------- d-----w- C:\Users\folkert\AppData\Local\{931BEEA4-334D-4CAF-9F03-F1C2B4475CB3}
2011-11-02 17:19:40 -------- d-----w- C:\Users\folkert\AppData\Local\{CF615126-3DFF-47C6-928A-01D1DAB90E93}
2011-11-01 18:39:09 -------- d-----w- C:\Users\folkert\AppData\Local\{12D8EC9F-478B-446E-8AF8-0B75388BBB0F}
2011-11-01 18:38:56 -------- d-----w- C:\Users\folkert\AppData\Local\{083295D5-BEF3-4FC7-8EDD-D493E9D15215}
2011-10-31 19:16:16 -------- d-----w- C:\Users\folkert\AppData\Local\{74A8C6F9-0A60-436C-96BE-D4E87C06E201}
2011-10-31 19:16:05 -------- d-----w- C:\Users\folkert\AppData\Local\{E2B60774-938B-45E8-8ED4-6B5A4D68C81B}
2011-10-31 19:15:54 -------- d-----w- C:\Users\folkert\AppData\Local\{3EA83EA3-190C-4815-A6BB-1775255F33BB}
2011-10-31 19:15:43 -------- d-----w- C:\Users\folkert\AppData\Local\{BE4E3F84-3BBE-4577-BBD9-59E20F9A4A1D}
2011-10-31 07:14:50 -------- d-----w- C:\Users\folkert\AppData\Local\{91CFC759-F175-4356-BE48-B760E35AA231}
2011-10-31 07:14:38 -------- d-----w- C:\Users\folkert\AppData\Local\{217139AB-9731-4C85-A406-64A2E8410BD3}
2011-10-30 11:26:51 -------- d-----w- C:\Users\folkert\AppData\Local\{BB1CCDEB-FC3B-4484-BDF8-97D977BBF763}
2011-10-30 11:26:39 -------- d-----w- C:\Users\folkert\AppData\Local\{BF42E857-F0CF-4AB3-9B74-FF290EACB89C}
2011-10-29 15:01:20 -------- d-----w- C:\Users\folkert\AppData\Local\{0C570E7D-7BB0-43D1-B2BE-CD6E14BB0CCD}
2011-10-29 15:01:08 -------- d-----w- C:\Users\folkert\AppData\Local\{5B5BB918-456B-434D-93FD-4877412D306B}
2011-10-29 03:44:46 -------- d-----w- C:\Users\folkert\AppData\Local\{46CB84B3-5988-475F-8D87-548232460401}
.
==================== Find3M ====================
.
2011-11-25 18:57:42 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-10-06 21:32:38 24064 ----a-w- C:\Windows\SysWow64\FsExService64.Exe
2011-10-06 21:32:38 16392 ----a-w- C:\Windows\SysWow64\drivers\TFsExDisk.Sys
2011-10-06 21:32:11 5632 ----a-w- C:\Windows\SysWow64\drivers\StarOpen.sys
2011-09-27 14:01:58 1 ----a-w- C:\Windows\SysWow64\SI.bin
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 18:08:50 167704 ----a-w- C:\Windows\System32\igfxtray.exe
2011-08-31 18:08:48 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
2011-08-31 18:08:44 416024 ----a-w- C:\Windows\System32\igfxpers.exe
2011-08-31 18:08:42 239896 ----a-w- C:\Windows\System32\igfxext.exe
2011-08-31 18:08:34 392472 ----a-w- C:\Windows\System32\hkcmd.exe
2011-08-31 18:08:24 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
2011-08-31 18:08:22 179992 ----a-w- C:\Windows\System32\difx64.exe
2011-08-31 17:58:50 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2509.dll
2011-08-31 17:53:22 12306848 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2011-08-31 17:53:20 8312320 ----a-w- C:\Windows\System32\igdumd64.dll
2011-08-31 17:51:16 216000 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2011-08-31 17:51:16 216000 ----a-w- C:\Windows\System32\igfcg600m.bin
2011-08-31 17:51:04 75776 ----a-w- C:\Windows\System32\igdde64.dll
2011-08-31 17:47:42 6322688 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2011-08-31 17:46:00 56832 ----a-w- C:\Windows\SysWow64\igdde32.dll
2011-08-31 17:45:02 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2011-08-31 17:42:42 14598656 ----a-w- C:\Windows\System32\igd10umd64.dll
2011-08-31 17:37:18 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2011-08-31 17:31:14 18641408 ----a-w- C:\Windows\System32\ig4icd64.dll
2011-08-31 17:26:20 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2011-08-31 17:21:50 375808 ----a-w- C:\Windows\System32\igfxpph.dll
2011-08-31 17:21:46 378368 ----a-w- C:\Windows\System32\igfxTMM.dll
2011-08-31 17:21:40 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2011-08-31 17:21:26 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
2011-08-31 17:20:58 110080 ----a-w- C:\Windows\System32\hccutils.dll
2011-08-31 17:20:50 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2011-08-31 17:20:50 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
2011-08-31 17:20:48 390144 ----a-w- C:\Windows\System32\igfxdev.dll
2011-08-31 17:20:14 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
2011-08-31 17:20:08 9014784 ----a-w- C:\Windows\System32\igfxress.dll
2011-08-31 17:20:08 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2011-08-31 17:16:32 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2011-08-31 17:15:46 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2011-08-31 17:13:52 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2011-08-31 17:13:52 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
2011-08-31 17:13:52 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2011-08-31 17:13:52 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
2011-08-31 17:13:52 162816 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2011-08-31 17:13:52 140288 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2011-08-30 11:06:27 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll
.
============= FINISH: 19:29:47,58 ===============

[folkert100]

ik zag dat ik was vergeten windows firewall uit te schakelen, maar hij heeft geen problemen geven tijdens de combo progamma, dus is dat een probleem of moet ik het als nog even over doen en dan windows firewall ook uitschakelen?

[Emphyrio]

Kan je me een update over je probleem geven aub?

[folkert100]

nou windows verkenner loopt nog steeds vast wel een stuk minder athans en het is gewoon irritant want dan ga ik naar mijn documenten en dan zegt hij windows verkenner loopt vast en hij start zich dan opnieuw op.