PC werkt trager, virus of hardwaregebrek ?

Brpo'Bizzkitos · 10 juni 2010

wow, heb eens die site over dat correct gebruik gelezen en ziet er mij nogal een riskante onderneming uit . Zou ik misschien niet beter eerst eens kijken hoe dat zit met die netwerkadapter ? Zodanig dat dat al uitgesloten is. Daarna kan ik nog steeds eens combofix toepassen.

mvg

kape · 10 juni 2010

Klinkt angstaanjagend, dat wel ... maar veel ongelukken gebeuren er - bij een correct gebruik en onder begeleiding - niet echt mee. Het was de laatste stap om malware te kunnen uitsluiten.

Maar als je liever eerst de andere optie aanpakt om hardware-problemen te elimineren, mag je dat zeker doen. Jij bent de baas

Brpo'Bizzkitos · 10 juni 2010

Wat de netwerkadapter betreft; denk ik dat het internet probleem daar ligt. Windows 7 heeft al gemeld dat het sturingsprogramma van mijn adapter niet correct is geïnstalleerd; wat mij trouwens zeer verbaasd. Zou het probleem opgelost kunnen raken mocht ik de driver eens opnieuw installeren en misschien eens kijken naar updates ?

Jean-Pierre · 10 juni 2010

Naar mijn bescheiden mening kun je beter eerst je malware probleem proberen opgelost te krijgen en dan pas naar eventuele hardware problemen te gaan zoeken.

Nu alleszins wat die drivers betreft dat kun je wel eens proberen maar zorg er dan wel voor dat je eerst de oude drivers via apparaatbeheer verwijderd alvorens de nieuwe drivers te installeren.

Brpo'Bizzkitos · 10 juni 2010

ok, heb al eens wat rond die driver geprobeert ma ga me er nu nog neit in verdiepen; zal dan eerst eens die combofix proberen.

Brpo'Bizzkitos · 14 juni 2010

eindelijk , duurde lang aangezien ik neit op mijn pc mocht tijdens de examens maar is er eidenlijk van gekomen. Het logje :

ComboFix 10-06-13.04 - eigenaar 14/06/2010 15:27:10.1.8 - x86

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.3063.2308 [GMT 2:00]

Gestart vanuit: c:\users\eigenaar\Desktop\ComboFix.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-05-14 to 2010-06-14 ))))))))))))))))))))))))))))))

.

2010-06-14 13:33 . 2010-06-14 13:33 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-06-14 13:10 . 2010-06-14 13:10 -------- d-----w- c:\users\eigenaar\AppData\Local\Temporary Projects

2010-06-14 13:06 . 2010-06-14 13:06 -------- d-----w- c:\users\eigenaar\AppData\Roaming\Microsoft Corporation

2010-06-13 19:45 . 2010-06-13 19:45 -------- d-----w- c:\program files\Microsoft SQL Server

2010-06-13 19:44 . 2010-06-14 06:21 -------- d-----w- c:\program files\Microsoft Silverlight

2010-06-13 19:44 . 2010-06-13 19:44 -------- d-----w- c:\program files\Microsoft Synchronization Services

2010-06-13 19:44 . 2010-06-13 19:44 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2010-06-13 19:44 . 2010-06-13 19:45 314048 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll

2010-06-13 19:42 . 2010-06-13 19:45 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0

2010-06-13 19:42 . 2010-06-13 19:42 -------- d-----w- c:\program files\Microsoft SDKs

2010-06-13 19:42 . 2010-06-13 19:42 -------- d-----w- c:\program files\Microsoft Help Viewer

2010-06-13 19:32 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-06-13 19:32 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-06-13 19:32 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-06-13 19:32 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-06-13 19:32 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-06-13 19:25 . 2010-01-06 16:23 142648 ----a-w- c:\windows\system32\fsproflt.exe

2010-06-13 19:25 . 2008-06-05 17:37 43792 ----a-w- c:\windows\system32\drivers\FSPFltd.sys

2010-06-13 19:25 . 2010-06-13 19:25 -------- d-----w- c:\program files\My Lockbox

2010-06-13 15:18 . 2010-06-13 15:18 -------- d-----w- c:\users\eigenaar\AppData\Local\Mozilla

2010-06-11 17:47 . 2010-06-11 17:47 -------- d-----w- c:\windows\Java

2010-06-11 17:47 . 2010-06-11 17:47 -------- d-----w- c:\program files\CPUID

2010-06-11 15:20 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll

2010-06-11 15:19 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys

2010-06-11 15:19 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll

2010-06-11 15:19 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-06-11 15:19 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll

2010-06-09 11:14 . 2010-06-09 11:14 -------- d-----w- c:\users\eigenaar\AppData\Roaming\Malwarebytes

2010-06-09 11:14 . 2010-06-09 11:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-06-09 11:14 . 2010-06-09 11:14 -------- d-----w- c:\programdata\Malwarebytes

2010-06-09 11:14 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-09 11:14 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-08 15:05 . 2010-06-08 15:05 388096 ----a-r- c:\users\eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-06-08 15:01 . 2010-06-08 15:01 -------- d-----w- c:\program files\Trend Micro

2010-06-07 17:14 . 2010-06-07 17:14 -------- d-----w- c:\users\eigenaar\AppData\Local\Smartbit_bvba

2010-06-07 17:14 . 2010-06-07 17:14 -------- d-----w- c:\program files\Smartbit bvba

2010-06-07 14:31 . 2010-06-07 14:31 -------- d-----w- c:\programdata\MessengerDiscovery 2

2010-06-07 14:30 . 2010-06-07 14:30 2167292 ----a-w- c:\users\eigenaar\AppData\Roaming\MessengerDiscovery 2\696819520\Update.exe

2010-06-06 13:12 . 2010-06-06 13:12 -------- d-----w- c:\programdata\Creative

2010-06-05 14:11 . 2010-06-05 14:11 -------- d-----w- c:\users\eigenaar\AppData\Local\HP

2010-06-05 14:08 . 2010-06-05 14:08 -------- d-----w- c:\programdata\HP Product Assistant

2010-06-05 14:06 . 2010-06-05 14:14 219557 ----a-w- c:\windows\hpoins21.dat

2010-06-05 14:06 . 2009-10-08 01:26 5474 ------w- c:\windows\hpomdl21.dat

2010-06-02 16:36 . 2010-06-02 16:36 29512 ----a-w- c:\programdata\avg9\update\backup\avgmfx86.sys

2010-06-02 16:36 . 2010-06-02 16:36 242896 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys

2010-06-01 18:52 . 2010-06-01 18:52 -------- d-sh--w- c:\programdata\SecuROM

2010-06-01 18:42 . 2010-06-01 18:52 -------- d-----w- c:\users\eigenaar\AppData\Local\Rockstar Games

2010-06-01 18:41 . 2010-06-01 18:41 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2010-06-01 17:38 . 2010-06-01 18:51 -------- d-----w- c:\program files\Rockstar Games

2010-05-30 11:26 . 2010-05-30 17:25 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE

2010-05-30 11:26 . 2010-05-30 11:26 -------- d-----w- c:\windows\system32\xlive

2010-05-26 10:52 . 2010-04-23 07:13 2048 ----a-w- c:\windows\system32\tzres.dll

2010-05-24 20:02 . 2010-05-24 20:02 -------- d-----w- c:\windows\system32\Wat

2010-05-22 20:11 . 2010-05-22 20:11 -------- d-----w- c:\program files\iPod

2010-05-22 20:11 . 2010-05-22 20:11 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-05-22 20:11 . 2010-05-22 20:11 -------- d-----w- c:\program files\iTunes

2010-05-22 20:09 . 2010-05-22 20:10 -------- d-----w- c:\program files\QuickTime

2010-05-22 20:08 . 2010-05-22 20:08 -------- d-----w- c:\program files\Bonjour

2010-05-22 20:06 . 2010-05-22 20:06 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe

2010-05-21 18:19 . 2010-05-21 18:19 -------- d-----w- c:\program files\MSXML 4.0

2010-05-20 18:10 . 2010-06-05 14:12 -------- d-----w- c:\users\eigenaar\AppData\Roaming\HP

2010-05-20 18:09 . 2008-07-24 10:09 273920 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp58a.dll

2010-05-20 18:07 . 2010-05-20 18:07 -------- d-----w- c:\program files\Common Files\HP

2010-05-20 18:07 . 2010-05-20 18:07 -------- d-----w- c:\program files\Common Files\Hewlett-Packard

2010-05-20 18:06 . 2008-07-24 10:10 118272 ----a-w- c:\windows\system32\hpz3l58a.dll

2010-05-20 18:06 . 2010-06-05 14:09 -------- d-----w- c:\program files\HP

2010-05-20 18:05 . 2010-06-05 14:11 200703 ----a-w- c:\windows\hpwins05.dat

2010-05-20 18:05 . 2010-01-08 20:38 2751 ------w- c:\windows\hpwmdl05.dat

2010-05-20 18:04 . 2009-10-26 11:59 892928 ----a-w- c:\windows\system32\hpwtiop2.dll

2010-05-20 18:04 . 2009-10-26 11:59 675840 ----a-w- c:\windows\system32\hpwwiax2.dll

2010-05-20 18:04 . 2009-10-26 11:59 294912 ----a-w- c:\windows\system32\hpovst11.dll

2010-05-20 18:04 . 2009-10-26 11:59 258048 ----a-w- c:\windows\system32\hpzids01.dll

2010-05-20 18:04 . 2009-10-05 07:20 364544 ----a-w- c:\windows\system32\hppldcoi.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-14 06:25 . 2009-07-14 08:27 742604 ----a-w- c:\windows\system32\perfh013.dat

2010-06-14 06:25 . 2009-07-14 08:27 151720 ----a-w- c:\windows\system32\perfc013.dat

2010-06-13 19:33 . 2010-02-15 13:51 -------- d-----w- c:\program files\Microsoft.NET

2010-06-13 19:32 . 2010-02-15 19:36 -------- d-----w- c:\program files\Steam

2010-06-12 21:44 . 2010-02-21 14:54 -------- d-----w- c:\users\eigenaar\AppData\Roaming\BitTorrent

2010-06-12 19:03 . 2010-02-15 19:36 -------- d-----w- c:\program files\Common Files\Steam

2010-06-12 18:05 . 2010-04-13 10:24 -------- d-----w- c:\program files\TeamViewer

2010-06-11 18:28 . 2010-02-15 13:50 -------- d-----w- c:\programdata\Microsoft Help

2010-06-09 12:02 . 2010-03-14 16:46 -------- d-----w- c:\users\eigenaar\AppData\Roaming\Audacity

2010-06-07 17:20 . 2010-03-16 18:11 -------- d-----w- c:\program files\Silkroad

2010-06-06 13:37 . 2010-02-21 09:30 -------- d-----w- c:\users\eigenaar\AppData\Roaming\FrostWire

2010-06-05 14:12 . 2010-02-15 18:28 109208 ----a-w- c:\users\eigenaar\AppData\Local\GDIPFONTCACHEV1.DAT

2010-06-05 14:12 . 2010-02-21 10:12 -------- d-----w- c:\programdata\HP

2010-06-03 18:31 . 2010-03-19 20:30 -------- d-----w- c:\users\eigenaar\AppData\Roaming\MessengerDiscovery 2

2010-06-03 17:33 . 2010-02-17 20:43 -------- d-----w- c:\users\eigenaar\AppData\Roaming\vlc

2010-06-02 16:35 . 2010-02-15 19:01 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-06-02 16:35 . 2010-02-15 19:01 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2010-06-01 18:51 . 2010-02-15 09:06 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-05-30 11:36 . 2010-04-13 10:24 -------- d-----w- c:\users\eigenaar\AppData\Roaming\TeamViewer

2010-05-22 20:11 . 2010-02-15 18:44 -------- d-----w- c:\program files\Common Files\Apple

2010-05-16 11:33 . 2010-02-15 19:15 -------- d-----w- c:\program files\Google

2010-05-12 13:31 . 2010-05-12 13:31 -------- d-----w- c:\program files\Common Files\Java

2010-05-12 13:31 . 2010-05-12 13:31 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-05-12 05:42 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail

2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe

2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll

2010-04-22 17:03 . 2010-02-15 19:22 -------- d-----w- c:\users\eigenaar\AppData\Roaming\SUPERAntiSpyware.com

2010-04-22 17:03 . 2010-02-15 19:22 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-04-22 17:03 . 2010-02-15 09:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-04-22 16:20 . 2010-04-22 16:20 -------- d-----w- c:\users\eigenaar\AppData\Roaming\NCH Software

2010-04-22 16:20 . 2010-04-22 16:20 -------- d-----w- c:\programdata\NCH Software

2010-04-21 16:08 . 2010-03-30 13:14 -------- d-----w- c:\program files\FrostWire

2010-04-12 12:38 . 2010-04-12 12:38 53248 ----a-r- c:\users\eigenaar\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2010-04-12 12:38 . 2010-04-12 12:38 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2010-04-09 20:48 . 2010-04-09 20:48 3600384 ----a-w- c:\windows\system32\GPhotos.scr

2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll

2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe

2010-04-08 09:58 . 2010-04-08 09:58 70728 ----a-w- c:\windows\system32\XDva346.sys

2010-04-02 15:17 . 2010-04-02 15:17 15426200 ----a-w- c:\windows\system32\xlive.dll

2010-04-02 15:17 . 2010-04-02 15:17 13642904 ----a-w- c:\windows\system32\xlivefnt.dll

2010-03-18 14:47 . 2010-03-18 14:47 17760 ----a-w- c:\windows\system32\aspnet_counters.dll

2010-03-18 11:16 . 2010-03-18 11:16 771424 ----a-w- c:\windows\system32\msvcr100_clr0400.dll

2010-03-18 07:15 . 2010-03-18 07:15 80720 ----a-w- c:\windows\system32\mfcm100u.dll

2010-03-18 07:15 . 2010-03-18 07:15 80208 ----a-w- c:\windows\system32\mfcm100.dll

2010-03-18 07:15 . 2010-03-18 07:15 770384 ----a-w- c:\windows\system32\msvcr100.dll

2010-03-18 07:15 . 2010-03-18 07:15 4368720 ----a-w- c:\windows\system32\mfc100u.dll

2010-03-18 07:15 . 2010-03-18 07:15 4342088 ----a-w- c:\windows\system32\mfc100.dll

2010-03-18 07:15 . 2010-03-18 07:15 421200 ----a-w- c:\windows\system32\msvcp100.dll

2010-03-18 07:15 . 2010-03-18 07:15 138056 ----a-w- c:\windows\system32\atl100.dll

2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2010-04-19 08:25 2117704 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

"Smartschool Me!"="c:\program files\Smartbit bvba\Smartschool Me!\Smartschool Me!.exe" [2010-05-20 2849280]

"Smartschool Me!"="c:\program files\Smartbit bvba\Smartschool Me!\Smartschool Me!.exe" [2010-06-07 2012]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-09-17 1310720]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-07-13 36864]

"TweakIt Help"="c:\program files\ASUS\TweakIt\TweakIt.exe" [2009-03-13 817152]

"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-02 2065248]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]

"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2010-05-30 1696992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-04-28 13:06 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

2010-05-07 05:08 1238352 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]

2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]

2009-07-07 12:13 241789 ------w- c:\program files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 135664]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-15 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-02-15 79360]

R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1343400]

R3 XDva337;XDva337;c:\windows\system32\XDva337.sys [x]

R3 XDva346;XDva346;c:\windows\system32\XDva346.sys [2010-04-08 70728]

S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2008-06-05 43792]

S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-13 216200]

S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-06-02 242896]

S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-13 916760]

S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-13 308064]

S2 fsproflt;FSPro Filter Service;c:\windows\system32\fsproflt.exe [2010-01-06 142648]

S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]

S3 MCfilt;MCfilt;c:\windows\system32\drivers\MCfilt32.sys [2009-09-17 17920]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPService REG_MULTI_SZ HPSLPSVC

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

2010-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 19:15]

2010-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 19:15]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\rf9cojjs.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll

FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll

FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

.

- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-ISUSPM - c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe

HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]

"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2010-06-14 15:35:16

ComboFix-quarantined-files.txt 2010-06-14 13:35

Pre-Run: 164.027.699.200 bytes beschikbaar

Post-Run: 167.409.180.672 bytes beschikbaar

- - End Of File - - EE4B6981FD12E61463D1BA5C7D37BE7F

kape · 15 juni 2010

Neen ... ook dit ziet er goed uit. Malware mag je nu wel uitsluiten.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Brpo'Bizzkitos · 15 juni 2010

Neen ... ook dit ziet er goed uit. Malware mag je nu wel uitsluiten.
Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

ok, thx ;-) Trouwens, vind het heel sjiek dat jij zulke "logjes" wilt bekijken, zo een groot bericht om door te nemen. Liever jij dan ik

15 juni 2010 aangepast door Brpo'Bizzkitos

Brpo'Bizzkitos · 15 juni 2010

Ik krijg combofix maar niet geïnstalleerd ! ik doe precies wat u zegt :s .

In plaats van te verwijderen update hij en maakt hij opnieuw logjes, combofix heeft zojuist weer iets verwijderd :s Voor de zekerheid plaats ik het toch maar hier:

ComboFix 10-06-14.03 - eigenaar 15/06/2010 17:04:48.2.8 - x86

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.3063.2253 [GMT 2:00]

Gestart vanuit: c:\users\eigenaar\Desktop\ComboFix.exe

gebruikte Opdracht switches :: /Unistall

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\eigenaar\AppData\Local\Temp\8C61.tmp

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-05-15 to 2010-06-15 ))))))))))))))))))))))))))))))

.

2010-06-15 15:10 . 2010-06-15 15:12 -------- d-----w- c:\users\eigenaar\AppData\Local\temp

2010-06-15 15:10 . 2010-06-15 15:10 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-06-15 15:10 . 2010-06-15 15:10 -------- d-----w- c:\users\Default\AppData\Local\temp