Ga naar inhoud

last van gomeo.nl

Mankenelis1
 Delen

Aanbevolen berichten

kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Het logje is OK.

Open het opdrachtprompt.

Typ ipconfig /flushdns en druk op enter.

Verwijder alle tijdelijk internetbestanden en cookies.

Bij internet explorer doe je dit als volgt.

Open IE en ga naar extra - internet opties.

Op het tabblad algemeen klik bij browsergeschiedenis je op verwijderen.

Vink de bovenste 4 vakjes aan en klik op verwijderen.

Klik dan op OK en herstart IE.

Bij Firefox gaat het zo.

Open firefox en ga naar extra - opties.

Ga dan naar privacy en klik je op de link uw recente geschiedenis wissen.

Bij te wissen tijdsperiode selecteer je Alles.

Klik op het pijltje bij Details en vink alles aan behalve het onderste vakje.

Klik op de knop Nu wissen.

Klip op OK en herstart Firefox.

Link naar reactie
Delen op andere sites
  • Reacties 20
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
Mankenelis1 Groentje

Mankenelis1

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 11-02-19.01 - Sjaak 19-02-2011 19:54:43.1.2 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.3071.2222 [GMT 1:00]

Gestart vanuit: c:\users\Sjaak\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\desktop.ini

c:\users\Sjaak\AppData\Roaming\Internet Security Suite

c:\users\Sjaak\AppData\Roaming\Internet Security Suite\cookies.sqlite

c:\users\Sjaak\AppData\Roaming\Smart Engine

c:\users\Sjaak\AppData\Roaming\Smart Engine\cookies.sqlite

c:\windows\system32\install

c:\windows\system32\install\Svchost.exe.vir

c:\windows\explorer.exe . . . is geïnfecteerd!! . . .Failed to restore. Attempting to replace on reboot

Besmet exemplaar van c:\windows\System32\wininit.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

Besmet exemplaar van c:\windows\explorer.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))

.

2011-02-19 18:57 . 2011-02-19 18:59 -------- d-----w- c:\users\Sjaak\AppData\Local\temp

2011-02-19 18:57 . 2011-02-19 18:57 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-02-19 16:01 . 2011-02-19 16:01 -------- d-----w- c:\users\Sjaak\AppData\Local\{D84E8CDE-E8B3-4365-BA5A-3B5A4D8B5754}

2011-02-19 15:55 . 2011-02-19 15:55 -------- d-----w- c:\windows\nl

2011-02-19 15:53 . 2011-02-19 15:53 -------- dc----w- c:\windows\system32\DRVSTORE

2011-02-19 15:53 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\Microsoft

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\MSN Toolbar

2011-02-19 15:46 . 2011-02-19 15:47 -------- d-----w- c:\program files\Bing Bar Installer

2011-02-19 15:46 . 2011-02-19 15:46 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\27ade0fa1cbd04c07\InstallManager_WLE_WLE.exe

2011-02-19 15:45 . 2011-02-19 15:45 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\170b365e1cbd04c06\MeshBetaRemover.exe

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\dsetup32.dll

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\dsetup32.dll

2011-02-19 15:45 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll

2011-02-19 15:45 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-02-17 22:32 . 2011-02-17 22:32 388096 ----a-r- c:\users\Sjaak\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-02-17 22:28 . 2011-02-17 22:28 -------- d-----w- c:\program files\CCleaner

2011-02-17 17:56 . 2011-02-17 17:56 -------- dc-h--w- c:\programdata\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}

2011-02-17 14:58 . 2011-02-17 14:58 -------- d-----w- c:\users\Sjaak\AppData\Local\Adobe

2011-02-16 16:56 . 2011-02-16 16:56 -------- d-----w- c:\users\Sjaak\AppData\Local\Spotnet

2011-02-16 16:20 . 2011-02-17 15:14 -------- d-----w- c:\program files\Spotnet

2011-02-16 16:20 . 2011-02-16 22:20 -------- d-----w- c:\programdata\Spotnet

2011-02-16 15:50 . 2011-02-16 15:50 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Simply Super Software

2011-02-16 15:50 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll

2011-02-16 15:50 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll

2011-02-16 15:50 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll

2011-02-16 15:50 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll

2011-02-16 15:50 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll

2011-02-15 23:20 . 2011-02-17 15:37 -------- d-----w- c:\program files\Trojan Remover

2011-02-15 23:20 . 2011-02-15 23:20 -------- d-----w- c:\programdata\Simply Super Software

2011-02-15 16:15 . 2011-02-15 17:07 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Binreader

2011-02-11 14:11 . 2011-02-11 14:11 -------- d-----w- c:\program files\TomTom DesktopSuite

2011-02-08 16:07 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-08 16:07 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-02-04 14:08 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F930B61-329E-448B-8851-D0B90652450D}\mpengine.dll

2011-01-30 19:36 . 2011-01-30 19:36 -------- d-----w- c:\program files\Common Files\Adobe

2011-01-30 19:15 . 2011-01-30 19:28 -------- d-----w- c:\program files\Capsoft

2011-01-28 16:16 . 2011-01-28 16:16 -------- d--h--w- c:\windows\msdownld.tmp

2011-01-27 19:09 . 2011-01-27 19:09 -------- d-----w- c:\program files\Trend Micro

2011-01-27 15:15 . 2011-01-27 15:15 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Malwarebytes

2011-01-27 15:15 . 2011-01-28 14:45 -------- d-----w- c:\programdata\Malwarebytes

2011-01-27 15:14 . 2011-02-08 16:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-26 21:42 . 2011-01-28 14:54 -------- d-----w- c:\programdata\clp

2011-01-26 21:41 . 2011-01-26 21:41 -------- d-----w- c:\users\Sjaak\AppData\Local\PackageAware

2011-01-26 21:25 . 2011-01-26 21:28 -------- d-----w- c:\program files\WhiteSmoke

2011-01-23 20:42 . 2011-01-23 20:42 102416 ----a-w- c:\windows\system32\drivers\AtihdW73.sys

2011-01-23 20:41 . 2011-01-23 20:41 -------- d-----w- c:\programdata\Uniblue

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-01-09 19:43 . 2010-09-15 19:31 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-01-09 19:42 . 2010-09-15 19:44 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-01-09 19:42 . 2010-09-15 19:31 215128 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-01-03 21:41 . 2010-09-15 19:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2010-11-28 20:08 . 2010-11-28 19:27 29480 ----a-w- c:\windows\system32\msxml3a.dll

2010-11-28 20:08 . 2010-11-28 19:27 505128 ----a-w- c:\windows\system32\msvcp71.dll

2010-11-28 20:08 . 2010-11-28 19:27 353576 ----a-w- c:\windows\system32\msvcr71.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]

"WLSync"="c:\program files\Windows Live\Mesh\WLSync.exe" [2010-09-22 1448800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-07-25 1067912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

2010-02-22 14:17 1226024 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]

2010-03-16 01:58 718208 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]

2005-10-11 18:54 339968 ----a-w- c:\windows\vsnpstd.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-29 697328]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 176128]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 214016]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-01-23 102416]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]

.

Inhoud van de 'Gedeelde Taken' map

2011-02-19 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-01-21 14:19]

.

.

------- Bijkomende Scan -------

.

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

.

- - - - ORPHANS VERWIJDERD - - - -

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

MSConfigStartUp-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTProAgent.exe

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\atieclxx.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\CyberLink\Shared files\RichVideo.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\windows\system32\taskhost.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conhost.exe

c:\program files\Windows Live\Mesh\MOE.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\Windows Live\Contacts\wlcomm.exe

.

**************************************************************************

.

Voltooingstijd: 2011-02-19 20:01:08 - machine werd herstart

ComboFix-quarantined-files.txt 2011-02-19 19:01

Pre-Run: 484.378.804.224 bytes beschikbaar

Post-Run: 484.220.022.784 bytes beschikbaar

- - End Of File - - EDB218E7722EF2B41CA99442C914F518

---------- Post toegevoegd om 20:18 ---------- Vorige post was om 20:04 ----------

Ik denkt dat dit de oplossing was het is nu verdwenen gomeo/nl.

mag ik het team van pc helpforum bedanken voor de goede begeleiding met dit vervelende onderwerp.

bedankt bedankt:adore::adore:

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

We zijn er nog niet helemaal ...

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
Mankenelis1 Groentje

Mankenelis1

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 11-02-19.01 - Sjaak 19-02-2011 21:35:31.3.2 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.3071.2171 [GMT 1:00]

Gestart vanuit: c:\users\Sjaak\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Sjaak\Desktop\CFScript.txt. - Snelkoppeling.lnk

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))

.

2011-02-19 20:37 . 2011-02-19 20:37 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-02-19 18:57 . 2011-02-19 20:37 -------- d-----w- c:\users\Sjaak\AppData\Local\temp

2011-02-19 16:01 . 2011-02-19 16:01 -------- d-----w- c:\users\Sjaak\AppData\Local\{D84E8CDE-E8B3-4365-BA5A-3B5A4D8B5754}

2011-02-19 15:55 . 2011-02-19 15:55 -------- d-----w- c:\windows\nl

2011-02-19 15:53 . 2011-02-19 15:53 -------- dc----w- c:\windows\system32\DRVSTORE

2011-02-19 15:53 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\Microsoft

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\MSN Toolbar

2011-02-19 15:46 . 2011-02-19 15:47 -------- d-----w- c:\program files\Bing Bar Installer

2011-02-19 15:46 . 2011-02-19 15:46 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\27ade0fa1cbd04c07\InstallManager_WLE_WLE.exe

2011-02-19 15:45 . 2011-02-19 15:45 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\170b365e1cbd04c06\MeshBetaRemover.exe

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\dsetup32.dll

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\dsetup32.dll

2011-02-19 15:45 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll

2011-02-19 15:45 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-02-17 22:32 . 2011-02-17 22:32 388096 ----a-r- c:\users\Sjaak\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-02-17 22:28 . 2011-02-17 22:28 -------- d-----w- c:\program files\CCleaner

2011-02-17 17:56 . 2011-02-17 17:56 -------- dc-h--w- c:\programdata\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}

2011-02-17 14:58 . 2011-02-17 14:58 -------- d-----w- c:\users\Sjaak\AppData\Local\Adobe

2011-02-16 16:56 . 2011-02-16 16:56 -------- d-----w- c:\users\Sjaak\AppData\Local\Spotnet

2011-02-16 16:20 . 2011-02-17 15:14 -------- d-----w- c:\program files\Spotnet

2011-02-16 16:20 . 2011-02-16 22:20 -------- d-----w- c:\programdata\Spotnet

2011-02-16 15:50 . 2011-02-16 15:50 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Simply Super Software

2011-02-16 15:50 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll

2011-02-16 15:50 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll

2011-02-16 15:50 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll

2011-02-16 15:50 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll

2011-02-16 15:50 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll

2011-02-15 23:20 . 2011-02-17 15:37 -------- d-----w- c:\program files\Trojan Remover

2011-02-15 23:20 . 2011-02-15 23:20 -------- d-----w- c:\programdata\Simply Super Software

2011-02-15 16:15 . 2011-02-15 17:07 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Binreader

2011-02-11 14:11 . 2011-02-11 14:11 -------- d-----w- c:\program files\TomTom DesktopSuite

2011-02-08 16:07 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-08 16:07 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-02-04 14:08 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F930B61-329E-448B-8851-D0B90652450D}\mpengine.dll

2011-01-30 19:36 . 2011-01-30 19:36 -------- d-----w- c:\program files\Common Files\Adobe

2011-01-30 19:15 . 2011-01-30 19:28 -------- d-----w- c:\program files\Capsoft

2011-01-28 16:16 . 2011-01-28 16:16 -------- d--h--w- c:\windows\msdownld.tmp

2011-01-27 19:09 . 2011-01-27 19:09 -------- d-----w- c:\program files\Trend Micro

2011-01-27 15:15 . 2011-01-27 15:15 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Malwarebytes

2011-01-27 15:15 . 2011-01-28 14:45 -------- d-----w- c:\programdata\Malwarebytes

2011-01-27 15:14 . 2011-02-08 16:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-26 21:42 . 2011-01-28 14:54 -------- d-----w- c:\programdata\clp

2011-01-26 21:41 . 2011-01-26 21:41 -------- d-----w- c:\users\Sjaak\AppData\Local\PackageAware

2011-01-26 21:25 . 2011-01-26 21:28 -------- d-----w- c:\program files\WhiteSmoke

2011-01-23 20:42 . 2011-01-23 20:42 102416 ----a-w- c:\windows\system32\drivers\AtihdW73.sys

2011-01-23 20:41 . 2011-01-23 20:41 -------- d-----w- c:\programdata\Uniblue

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-01-09 19:43 . 2010-09-15 19:31 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-01-09 19:42 . 2010-09-15 19:44 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-01-09 19:42 . 2010-09-15 19:31 215128 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-01-03 21:41 . 2010-09-15 19:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2010-11-28 20:08 . 2010-11-28 19:27 29480 ----a-w- c:\windows\system32\msxml3a.dll

2010-11-28 20:08 . 2010-11-28 19:27 505128 ----a-w- c:\windows\system32\msvcp71.dll

2010-11-28 20:08 . 2010-11-28 19:27 353576 ----a-w- c:\windows\system32\msvcr71.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]

"WLSync"="c:\program files\Windows Live\Mesh\WLSync.exe" [2010-09-22 1448800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-07-25 1067912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

2010-02-22 14:17 1226024 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]

2010-03-16 01:58 718208 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]

2005-10-11 18:54 339968 ----a-w- c:\windows\vsnpstd.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-29 697328]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 176128]

S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 214016]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-01-23 102416]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]

.

Inhoud van de 'Gedeelde Taken' map

2011-02-19 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-01-21 14:19]

.

.

------- Bijkomende Scan -------

.

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-02-19 21:38:36

ComboFix-quarantined-files.txt 2011-02-19 20:38

ComboFix2.txt 2011-02-19 19:59

ComboFix3.txt 2011-02-19 19:01

Pre-Run: 484.252.987.392 bytes beschikbaar

Post-Run: 484.202.352.640 bytes beschikbaar

- - End Of File - - A53DF803EB2388E997185C4BBA6B3944

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dit is niet helemaal correct verlopen. Je hebt de snelkoppeling in Combofix geplaatst, maar moet effectief het bestandje CFScript.txt zelf in de snelkoppeling van Combofix slepen. Dan start dit automatisch terug op en verwijdert de aangeduide items.

Link naar reactie
Delen op andere sites
Mankenelis1 Groentje

Mankenelis1

Geplaatst:
  • Auteur
Geplaatst:

ik hoop dat het nu goed is gegaan kape .

ik ben ook maar een begingeling sory.

ben al blij dat je mij help .

ComboFix 11-02-19.01 - Sjaak 19-02-2011 22:18:26.4.2 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.3071.2124 [GMT 1:00]

Gestart vanuit: c:\users\Sjaak\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Sjaak\Desktop\CFScript.txt..txt

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))

.

2011-02-19 21:20 . 2011-02-19 21:20 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-02-19 21:02 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B21E4CD-AD69-4B1A-94FA-91A2C7E8B187}\mpengine.dll

2011-02-19 18:57 . 2011-02-19 21:20 -------- d-----w- c:\users\Sjaak\AppData\Local\temp

2011-02-19 16:01 . 2011-02-19 16:01 -------- d-----w- c:\users\Sjaak\AppData\Local\{D84E8CDE-E8B3-4365-BA5A-3B5A4D8B5754}

2011-02-19 15:55 . 2011-02-19 15:55 -------- d-----w- c:\windows\nl

2011-02-19 15:53 . 2011-02-19 15:53 -------- dc----w- c:\windows\system32\DRVSTORE

2011-02-19 15:53 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\Microsoft

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\MSN Toolbar

2011-02-19 15:46 . 2011-02-19 15:47 -------- d-----w- c:\program files\Bing Bar Installer

2011-02-19 15:46 . 2011-02-19 15:46 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\27ade0fa1cbd04c07\InstallManager_WLE_WLE.exe

2011-02-19 15:45 . 2011-02-19 15:45 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\170b365e1cbd04c06\MeshBetaRemover.exe

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\dsetup32.dll

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\dsetup32.dll

2011-02-19 15:45 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll

2011-02-19 15:45 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-02-17 22:32 . 2011-02-17 22:32 388096 ----a-r- c:\users\Sjaak\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-02-17 22:28 . 2011-02-17 22:28 -------- d-----w- c:\program files\CCleaner

2011-02-17 17:56 . 2011-02-17 17:56 -------- dc-h--w- c:\programdata\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}

2011-02-17 14:58 . 2011-02-17 14:58 -------- d-----w- c:\users\Sjaak\AppData\Local\Adobe

2011-02-16 16:56 . 2011-02-16 16:56 -------- d-----w- c:\users\Sjaak\AppData\Local\Spotnet

2011-02-16 16:20 . 2011-02-17 15:14 -------- d-----w- c:\program files\Spotnet

2011-02-16 16:20 . 2011-02-16 22:20 -------- d-----w- c:\programdata\Spotnet

2011-02-16 15:50 . 2011-02-16 15:50 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Simply Super Software

2011-02-16 15:50 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll

2011-02-16 15:50 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll

2011-02-16 15:50 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll

2011-02-16 15:50 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll

2011-02-16 15:50 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll

2011-02-15 23:20 . 2011-02-17 15:37 -------- d-----w- c:\program files\Trojan Remover

2011-02-15 23:20 . 2011-02-15 23:20 -------- d-----w- c:\programdata\Simply Super Software

2011-02-15 16:15 . 2011-02-15 17:07 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Binreader

2011-02-11 14:11 . 2011-02-11 14:11 -------- d-----w- c:\program files\TomTom DesktopSuite

2011-02-08 16:07 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-08 16:07 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-30 19:36 . 2011-01-30 19:36 -------- d-----w- c:\program files\Common Files\Adobe

2011-01-30 19:15 . 2011-01-30 19:28 -------- d-----w- c:\program files\Capsoft

2011-01-28 16:16 . 2011-01-28 16:16 -------- d--h--w- c:\windows\msdownld.tmp

2011-01-27 19:09 . 2011-01-27 19:09 -------- d-----w- c:\program files\Trend Micro

2011-01-27 15:15 . 2011-01-27 15:15 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Malwarebytes

2011-01-27 15:15 . 2011-01-28 14:45 -------- d-----w- c:\programdata\Malwarebytes

2011-01-27 15:14 . 2011-02-08 16:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-26 21:42 . 2011-01-28 14:54 -------- d-----w- c:\programdata\clp

2011-01-26 21:41 . 2011-01-26 21:41 -------- d-----w- c:\users\Sjaak\AppData\Local\PackageAware

2011-01-26 21:25 . 2011-01-26 21:28 -------- d-----w- c:\program files\WhiteSmoke

2011-01-23 20:42 . 2011-01-23 20:42 102416 ----a-w- c:\windows\system32\drivers\AtihdW73.sys

2011-01-23 20:41 . 2011-01-23 20:41 -------- d-----w- c:\programdata\Uniblue

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-02 16:11 . 2010-09-15 16:46 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-01-09 19:43 . 2010-09-15 19:31 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-01-09 19:42 . 2010-09-15 19:44 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-01-09 19:42 . 2010-09-15 19:31 215128 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-01-03 21:41 . 2010-09-15 19:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2010-11-28 20:08 . 2010-11-28 19:27 29480 ----a-w- c:\windows\system32\msxml3a.dll

2010-11-28 20:08 . 2010-11-28 19:27 505128 ----a-w- c:\windows\system32\msvcp71.dll

2010-11-28 20:08 . 2010-11-28 19:27 353576 ----a-w- c:\windows\system32\msvcr71.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]

"WLSync"="c:\program files\Windows Live\Mesh\WLSync.exe" [2010-09-22 1448800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-07-25 1067912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

2010-02-22 14:17 1226024 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]

2010-03-16 01:58 718208 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]

2005-10-11 18:54 339968 ----a-w- c:\windows\vsnpstd.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-29 697328]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 176128]

S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 214016]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-01-23 102416]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]

.

Inhoud van de 'Gedeelde Taken' map

2011-02-19 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-01-21 14:19]

.

.

------- Bijkomende Scan -------

.

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-02-19 22:21:32

ComboFix-quarantined-files.txt 2011-02-19 21:21

ComboFix2.txt 2011-02-19 20:38

ComboFix3.txt 2011-02-19 19:59

ComboFix4.txt 2011-02-19 19:01

Pre-Run: 484.292.521.984 bytes beschikbaar

Post-Run: 484.250.427.392 bytes beschikbaar

- - End Of File - - CF1F71635331AA3828A371C83977CCCA

Link naar reactie
Delen op andere sites
Mankenelis1 Groentje

Mankenelis1

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 11-02-19.01 - Sjaak 19-02-2011 23:41:40.10.2 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.3071.2096 [GMT 1:00]

Gestart vanuit: c:\users\Sjaak\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Sjaak\Desktop\CFScript.txt..txt

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))

.

2011-02-19 22:43 . 2011-02-19 22:43 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-02-19 21:02 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B21E4CD-AD69-4B1A-94FA-91A2C7E8B187}\mpengine.dll

2011-02-19 18:57 . 2011-02-19 22:43 -------- d-----w- c:\users\Sjaak\AppData\Local\temp

2011-02-19 16:01 . 2011-02-19 16:01 -------- d-----w- c:\users\Sjaak\AppData\Local\{D84E8CDE-E8B3-4365-BA5A-3B5A4D8B5754}

2011-02-19 15:55 . 2011-02-19 15:55 -------- d-----w- c:\windows\nl

2011-02-19 15:53 . 2011-02-19 15:53 -------- dc----w- c:\windows\system32\DRVSTORE

2011-02-19 15:53 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\Microsoft

2011-02-19 15:46 . 2011-02-19 15:46 -------- d-----w- c:\program files\MSN Toolbar

2011-02-19 15:46 . 2011-02-19 15:47 -------- d-----w- c:\program files\Bing Bar Installer

2011-02-19 15:46 . 2011-02-19 15:46 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\27ade0fa1cbd04c07\InstallManager_WLE_WLE.exe

2011-02-19 15:45 . 2011-02-19 15:45 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\170b365e1cbd04c06\MeshBetaRemover.exe

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\136467ce1cbd04c05\dsetup32.dll

2011-02-19 15:45 . 2011-02-19 15:45 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DSETUP.dll

2011-02-19 15:45 . 2011-02-19 15:45 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\DXSETUP.exe

2011-02-19 15:45 . 2011-02-19 15:45 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\e04bf3a1cbd04c04\dsetup32.dll

2011-02-19 15:45 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll

2011-02-19 15:45 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-02-17 22:32 . 2011-02-17 22:32 388096 ----a-r- c:\users\Sjaak\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-02-17 22:28 . 2011-02-17 22:28 -------- d-----w- c:\program files\CCleaner

2011-02-17 17:56 . 2011-02-17 17:56 -------- dc-h--w- c:\programdata\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}

2011-02-17 14:58 . 2011-02-17 14:58 -------- d-----w- c:\users\Sjaak\AppData\Local\Adobe

2011-02-16 16:56 . 2011-02-16 16:56 -------- d-----w- c:\users\Sjaak\AppData\Local\Spotnet

2011-02-16 16:20 . 2011-02-17 15:14 -------- d-----w- c:\program files\Spotnet

2011-02-16 16:20 . 2011-02-16 22:20 -------- d-----w- c:\programdata\Spotnet

2011-02-16 15:50 . 2011-02-16 15:50 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Simply Super Software

2011-02-16 15:50 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll

2011-02-16 15:50 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll

2011-02-16 15:50 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll

2011-02-16 15:50 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll

2011-02-16 15:50 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll

2011-02-15 23:20 . 2011-02-17 15:37 -------- d-----w- c:\program files\Trojan Remover

2011-02-15 23:20 . 2011-02-15 23:20 -------- d-----w- c:\programdata\Simply Super Software

2011-02-15 16:15 . 2011-02-15 17:07 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Binreader

2011-02-11 14:11 . 2011-02-11 14:11 -------- d-----w- c:\program files\TomTom DesktopSuite

2011-02-08 16:07 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-08 16:07 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-30 19:36 . 2011-01-30 19:36 -------- d-----w- c:\program files\Common Files\Adobe

2011-01-30 19:15 . 2011-01-30 19:28 -------- d-----w- c:\program files\Capsoft

2011-01-28 16:16 . 2011-01-28 16:16 -------- d--h--w- c:\windows\msdownld.tmp

2011-01-27 19:09 . 2011-01-27 19:09 -------- d-----w- c:\program files\Trend Micro

2011-01-27 15:15 . 2011-01-27 15:15 -------- d-----w- c:\users\Sjaak\AppData\Roaming\Malwarebytes

2011-01-27 15:15 . 2011-01-28 14:45 -------- d-----w- c:\programdata\Malwarebytes

2011-01-27 15:14 . 2011-02-08 16:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-26 21:42 . 2011-01-28 14:54 -------- d-----w- c:\programdata\clp

2011-01-26 21:41 . 2011-01-26 21:41 -------- d-----w- c:\users\Sjaak\AppData\Local\PackageAware

2011-01-26 21:25 . 2011-01-26 21:28 -------- d-----w- c:\program files\WhiteSmoke

2011-01-23 20:42 . 2011-01-23 20:42 102416 ----a-w- c:\windows\system32\drivers\AtihdW73.sys

2011-01-23 20:41 . 2011-01-23 20:41 -------- d-----w- c:\programdata\Uniblue

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-02 16:11 . 2010-09-15 16:46 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-01-09 19:43 . 2010-09-15 19:31 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-01-09 19:42 . 2010-09-15 19:44 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-01-09 19:42 . 2010-09-15 19:31 215128 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-01-03 21:41 . 2010-09-15 19:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2010-11-28 20:08 . 2010-11-28 19:27 29480 ----a-w- c:\windows\system32\msxml3a.dll

2010-11-28 20:08 . 2010-11-28 19:27 505128 ----a-w- c:\windows\system32\msvcp71.dll

2010-11-28 20:08 . 2010-11-28 19:27 353576 ----a-w- c:\windows\system32\msvcr71.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]

"WLSync"="c:\program files\Windows Live\Mesh\WLSync.exe" [2010-09-22 1448800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-07-25 1067912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

2010-02-22 14:17 1226024 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]

2010-03-16 01:58 718208 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]

2005-10-11 18:54 339968 ----a-w- c:\windows\vsnpstd.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-29 697328]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 176128]

S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 214016]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-01-23 102416]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]

.

Inhoud van de 'Gedeelde Taken' map

2011-02-19 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-01-21 14:19]

.

.

------- Bijkomende Scan -------

.

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-02-19 23:44:28

ComboFix-quarantined-files.txt 2011-02-19 22:44

ComboFix2.txt 2011-02-19 22:37

ComboFix3.txt 2011-02-19 22:18

ComboFix4.txt 2011-02-19 22:05

ComboFix5.txt 2011-02-19 22:39

Pre-Run: 483.942.055.936 bytes beschikbaar

Post-Run: 483.895.656.448 bytes beschikbaar

- - End Of File - - E29E35D82430F7A2976F0CE062ABDB77

Ik hoop dat het nu gelukt is 3x is scheep recht ha ha bedankt

---------- Post toegevoegd om 23:51 ---------- Vorige post was om 23:50 ----------

kan ik nu weer mij AVG er op zetten?

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dit is OK nu ... een keertje meer of minder daar kijken we niet naar :-)

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit

  • via Start -> Configuratiescherm -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  • Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  • Klik op "Toepassen" en "OK".
  • Herstart nu de PC.

That's it !

AVG mag er weer op.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.