Ga naar inhoud

px1175 start niet

Gast ctke

Door Gast ctke
in Archief Andere software

 Delen

Aanbevolen berichten

Gast ctke

Gast ctke

Geplaatst:
Geplaatst:

dit is de log van de combofix

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:52:38, on 14/02/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [MVS Splash] "C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe" /LOGON

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000

O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_2159adbc\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee Beveiligingsservice tegen virussen en spyware (myAgtSvc) - Unknown owner - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe (file missing)

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_2159adbc\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 12488 bytes

Link naar reactie
Delen op andere sites
Gast ctke

Gast ctke

Geplaatst:
Geplaatst:

hierbij logberichtje van ComboFix

ComboFix 12-02-13.01 - G4Ske 14/02/2012 14:08:54.2.2 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.1788.540 [GMT 1:00]

Gestart vanuit: c:\users\G4Ske\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-01-14 to 2012-02-14 ))))))))))))))))))))))))))))))

.

.

2012-02-14 13:55 . 2012-02-14 13:56 -------- d-----w- c:\users\G4Ske\AppData\Local\temp

2012-02-14 13:55 . 2012-02-14 13:55 -------- d-----w- c:\users\McAfeeMVSUser\AppData\Local\temp

2012-02-14 13:55 . 2012-02-14 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-14 06:50 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0F9BE8B-5F02-4967-8F09-D2EF71D6CA46}\mpengine.dll

2012-02-13 11:32 . 2011-10-07 17:24 126976 ----a-w- c:\windows\system32\drivers\ser2pl.sys

2012-02-13 11:31 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys

2012-02-13 11:31 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD

2012-02-10 15:41 . 2012-02-10 15:41 -------- d-----w- c:\program files\Prolific

2012-02-10 15:40 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2012-02-10 15:40 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2012-02-10 15:40 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2012-02-10 15:40 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2012-02-10 15:40 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2012-02-10 15:40 . 2012-02-10 15:40 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2012-02-10 15:40 . 2012-02-10 15:40 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2012-02-10 14:48 . 2012-02-10 14:48 -------- d-----w- c:\users\G4Ske\AppData\Roaming\Malwarebytes

2012-02-10 14:47 . 2012-02-10 14:47 -------- d-----w- c:\programdata\Malwarebytes

2012-02-10 14:47 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-10 14:47 . 2012-02-10 14:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-02-10 11:10 . 2012-02-10 11:10 388096 ----a-r- c:\users\G4Ske\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-02-10 11:10 . 2012-02-10 11:10 -------- d-----w- c:\program files\Trend Micro

2012-02-09 11:54 . 2012-02-09 11:54 -------- d-----w- C:\9dc411e7309c4fc55bd60ec27400

2012-02-09 11:54 . 2012-02-09 11:54 -------- d-----w- C:\e58e127479070d0cee07a0cf3c14

2012-02-08 14:41 . 2012-02-08 14:41 -------- d-----w- c:\programdata\Uniblue

2012-02-01 09:48 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-02-01 09:48 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll

2012-02-01 09:48 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll

2012-02-01 09:48 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll

2012-02-01 09:48 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll

2012-02-01 09:48 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-26 23:21 . 2010-03-24 11:59 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-14 14:56 . 2011-06-08 09:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-12-14 14:56 . 2011-12-14 14:56 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-12-14 14:56 . 2011-12-14 14:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-12-14 14:56 . 2011-12-14 14:56 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-12-14 14:56 . 2011-12-14 14:56 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-12-14 14:55 . 2011-12-14 14:55 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-14 14:55 . 2011-12-14 14:55 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-14 14:55 . 2011-12-14 14:55 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-14 14:54 . 2011-12-14 14:54 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 14:54 . 2011-12-14 14:54 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 14:54 . 2011-12-14 14:54 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-11-28 18:01 . 2011-02-16 19:39 41184 ----a-w- c:\windows\avastSS.scr

2011-11-28 18:01 . 2011-02-16 19:39 199816 ----a-w- c:\windows\system32\aswBoot.exe

2011-11-28 17:53 . 2011-04-22 05:17 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-11-28 17:53 . 2011-02-16 19:39 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-11-28 17:52 . 2011-02-16 19:39 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-11-28 17:52 . 2011-02-16 19:39 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-11-28 17:52 . 2011-02-16 19:39 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-11-28 17:51 . 2011-02-16 19:39 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-11-25 15:59 . 2012-01-12 17:15 376320 ----a-w- c:\windows\system32\winsrv.dll

2011-11-18 20:23 . 2012-01-12 17:15 1205064 ----a-w- c:\windows\system32\ntdll.dll

2011-11-18 17:47 . 2012-01-12 17:15 66560 ----a-w- c:\windows\system32\packager.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-05-19 2363392]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-13 39408]

"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-08-08 319000]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]

"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-02-18 506424]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-03 287288]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-16 61440]

"HPCam_Menu"="c:\program files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-30 483428]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840]

HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2159adbc\aestsrv.exe [2009-03-02 81920]

S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-10 09:16 118656]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-05-19 00:54 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-02-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 11:06]

.

2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 10:38]

.

2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 10:38]

.

2012-02-08 c:\windows\Tasks\HPCeeScheduleForG4Ske.job

- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02:22]

.

2012-02-14 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-01-21 14:19]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Trusted Zone: //about.htm/

Trusted Zone: //Exclude.htm/

Trusted Zone: //FWEvent.htm/

Trusted Zone: //LanguageSelection.htm/

Trusted Zone: //Message.htm/

Trusted Zone: //MyAgttryCmd.htm/

Trusted Zone: //MyAgttryNag.htm/

Trusted Zone: //MyNotification.htm/

Trusted Zone: //NOCLessUpdate.htm/

Trusted Zone: //quarantine.htm/

Trusted Zone: //ScanNow.htm/

Trusted Zone: //strings.vbs/

Trusted Zone: //Template.htm/

Trusted Zone: //Update.htm/

Trusted Zone: //VirFound.htm/

Trusted Zone: mcafeeasap.com\betavscan

Trusted Zone: mcafeeasap.com\vs

Trusted Zone: mcafeeasap.com\www

TCP: DhcpNameServer = 195.130.131.132 195.130.130.4

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-02-14 14:56

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]

"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(4820)

c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll

.

Voltooingstijd: 2012-02-14 14:58:31

ComboFix-quarantined-files.txt 2012-02-14 13:58

ComboFix2.txt 2012-02-14 13:03

.

Pre-Run: 80.554.618.880 bytes beschikbaar

Post-Run: 80.541.155.328 bytes beschikbaar

.

- - End Of File - - B884522F14E71E569D65FFE0CB4CCCFE

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

C:\9dc411e7309c4fc55bd60ec27400

C:\e58e127479070d0cee07a0cf3c14

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht

Link naar reactie
Delen op andere sites
Gast ctke

Gast ctke

Geplaatst:
Geplaatst:

Heb de combiFix uitgevoerd zoals aangegeven, maar moest niet heropstarten

hier de log :-)

ComboFix 12-02-13.01 - G4Ske 16/02/2012 8:40.3.2 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.1788.597 [GMT 1:00]

Gestart vanuit: c:\users\G4Ske\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\G4Ske\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\9dc411e7309c4fc55bd60ec27400

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msi.dll

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msiexec.exe

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msihnd.dll

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.ar-sa.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.bg-bg.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.ca-es.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.cs-cz.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.da-dk.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.de-de.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.el-gr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.en-us.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.es-es.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.et-ee.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.eu-es.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.fi-fi.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.fr-fr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.he-il.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.hr-hr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.hu-hu.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.it-it.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.ja-jp.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.ko-kr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.lt-lt.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.lv-lv.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.nb-no.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.nl-nl.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.pl-pl.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.pt-br.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.pt-pt.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.ro-ro.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.ru-ru.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.sk-sk.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.sl-si.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.sr-latn-cs.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.sv-se.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.th-th.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.tr-tr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.uk-ua.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.vi-vn.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.zh-cn.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msimsg.dll.zh-tw.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\msisip.dll

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsi.dll

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsiexec.exe

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsihnd.dll

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.ar-sa.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.bg-bg.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.ca-es.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.cs-cz.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.da-dk.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.de-de.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.el-gr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.en-us.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.es-es.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.et-ee.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.eu-es.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.fi-fi.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.fr-fr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.he-il.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.hr-hr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.hu-hu.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.it-it.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.ja-jp.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.ko-kr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.lt-lt.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.lv-lv.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.nb-no.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.nl-nl.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.pl-pl.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.pt-br.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.pt-pt.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.ro-ro.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.ru-ru.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.sk-sk.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.sl-si.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.sr-latn-cs.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.sv-se.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.th-th.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.tr-tr.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.uk-ua.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.vi-vn.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.zh-cn.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsimsg.dll.zh-tw.mui

c:\9dc411e7309c4fc55bd60ec27400\sp2qfe\wow\wmsisip.dll

C:\e58e127479070d0cee07a0cf3c14

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msi.dll

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msiexec.exe

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msihnd.dll

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.ar-sa.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.bg-bg.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.ca-es.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.cs-cz.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.da-dk.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.de-de.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.el-gr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.en-us.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.es-es.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.et-ee.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.eu-es.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.fi-fi.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.fr-fr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.he-il.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.hr-hr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.hu-hu.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.it-it.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.ja-jp.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.ko-kr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.lt-lt.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.lv-lv.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.nb-no.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.nl-nl.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.pl-pl.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.pt-br.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.pt-pt.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.ro-ro.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.ru-ru.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.sk-sk.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.sl-si.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.sr-latn-cs.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.sv-se.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.th-th.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.tr-tr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.uk-ua.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.vi-vn.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.zh-cn.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msimsg.dll.zh-tw.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\msisip.dll

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsi.dll

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsiexec.exe

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsihnd.dll

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.ar-sa.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.bg-bg.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.ca-es.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.cs-cz.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.da-dk.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.de-de.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.el-gr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.en-us.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.es-es.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.et-ee.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.eu-es.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.fi-fi.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.fr-fr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.he-il.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.hr-hr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.hu-hu.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.it-it.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.ja-jp.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.ko-kr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.lt-lt.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.lv-lv.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.nb-no.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.nl-nl.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.pl-pl.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.pt-br.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.pt-pt.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.ro-ro.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.ru-ru.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.sk-sk.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.sl-si.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.sr-latn-cs.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.sv-se.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.th-th.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.tr-tr.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.uk-ua.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.vi-vn.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.zh-cn.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsimsg.dll.zh-tw.mui

c:\e58e127479070d0cee07a0cf3c14\sp2qfe\wow\wmsisip.dll

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-01-16 to 2012-02-16 ))))))))))))))))))))))))))))))

.

.

2012-02-16 07:51 . 2012-02-16 07:51 -------- d-----w- c:\users\G4Ske\AppData\Local\temp

2012-02-16 07:51 . 2012-02-16 07:51 -------- d-----w- c:\users\McAfeeMVSUser\AppData\Local\temp

2012-02-16 07:51 . 2012-02-16 07:51 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-15 07:31 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-15 07:31 . 2012-01-12 19:52 2044416 ----a-w- c:\windows\system32\win32k.sys

2012-02-15 07:31 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2012-02-14 14:40 . 2012-02-15 07:16 -------- d-----w- C:\TEMP

2012-02-14 06:50 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0F9BE8B-5F02-4967-8F09-D2EF71D6CA46}\mpengine.dll

2012-02-13 11:32 . 2011-10-07 17:24 126976 ----a-w- c:\windows\system32\drivers\ser2pl.sys

2012-02-13 11:31 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys

2012-02-13 11:31 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD

2012-02-10 15:41 . 2012-02-10 15:41 -------- d-----w- c:\program files\Prolific

2012-02-10 15:40 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2012-02-10 15:40 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2012-02-10 15:40 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2012-02-10 15:40 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2012-02-10 15:40 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2012-02-10 15:40 . 2012-02-10 15:40 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2012-02-10 15:40 . 2012-02-10 15:40 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2012-02-10 14:48 . 2012-02-10 14:48 -------- d-----w- c:\users\G4Ske\AppData\Roaming\Malwarebytes

2012-02-10 14:47 . 2012-02-10 14:47 -------- d-----w- c:\programdata\Malwarebytes

2012-02-10 14:47 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-10 14:47 . 2012-02-10 14:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-02-10 11:10 . 2012-02-10 11:10 388096 ----a-r- c:\users\G4Ske\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-02-10 11:10 . 2012-02-10 11:10 -------- d-----w- c:\program files\Trend Micro

2012-02-08 14:41 . 2012-02-08 14:41 -------- d-----w- c:\programdata\Uniblue

2012-02-01 09:48 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-02-01 09:48 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll

2012-02-01 09:48 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll

2012-02-01 09:48 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll

2012-02-01 09:48 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll

2012-02-01 09:48 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-26 23:21 . 2010-03-24 11:59 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-14 14:56 . 2011-06-08 09:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-12-14 14:55 . 2011-12-14 14:55 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-14 14:55 . 2011-12-14 14:55 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-14 14:55 . 2011-12-14 14:55 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-14 14:54 . 2011-12-14 14:54 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 14:54 . 2011-12-14 14:54 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-11-28 18:01 . 2011-02-16 19:39 41184 ----a-w- c:\windows\avastSS.scr

2011-11-28 18:01 . 2011-02-16 19:39 199816 ----a-w- c:\windows\system32\aswBoot.exe

2011-11-28 17:53 . 2011-04-22 05:17 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-11-28 17:53 . 2011-02-16 19:39 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-11-28 17:52 . 2011-02-16 19:39 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-11-28 17:52 . 2011-02-16 19:39 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-11-28 17:52 . 2011-02-16 19:39 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-11-28 17:51 . 2011-02-16 19:39 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-11-25 15:59 . 2012-01-12 17:15 376320 ----a-w- c:\windows\system32\winsrv.dll

2011-11-18 20:23 . 2012-01-12 17:15 1205064 ----a-w- c:\windows\system32\ntdll.dll

2011-11-18 17:47 . 2012-01-12 17:15 66560 ----a-w- c:\windows\system32\packager.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-05-19 2363392]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-13 39408]

"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [bU]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-08-08 319000]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]

"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-02-18 506424]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-03 287288]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-16 61440]

"HPCam_Menu"="c:\program files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-30 483428]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840]

HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2159adbc\aestsrv.exe [2009-03-02 81920]

S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-10 09:16 118656]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-05-19 00:54 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-02-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 11:06]

.

2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 10:38]

.

2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 10:38]

.

2012-02-16 c:\windows\Tasks\HPCeeScheduleForG4Ske.job

- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02:22]

.

2012-02-16 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-01-21 14:19]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Trusted Zone: //about.htm/

Trusted Zone: //Exclude.htm/

Trusted Zone: //FWEvent.htm/

Trusted Zone: //LanguageSelection.htm/

Trusted Zone: //Message.htm/

Trusted Zone: //MyAgttryCmd.htm/

Trusted Zone: //MyAgttryNag.htm/

Trusted Zone: //MyNotification.htm/

Trusted Zone: //NOCLessUpdate.htm/

Trusted Zone: //quarantine.htm/

Trusted Zone: //ScanNow.htm/

Trusted Zone: //strings.vbs/

Trusted Zone: //Template.htm/

Trusted Zone: //Update.htm/

Trusted Zone: //VirFound.htm/

Trusted Zone: mcafeeasap.com\betavscan

Trusted Zone: mcafeeasap.com\vs

Trusted Zone: mcafeeasap.com\www

TCP: DhcpNameServer = 195.130.131.132 195.130.130.4

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-02-16 08:51

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]

"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2012-02-16 08:55:30

ComboFix-quarantined-files.txt 2012-02-16 07:55

ComboFix2.txt 2012-02-14 13:58

ComboFix3.txt 2012-02-14 13:03

.

Pre-Run: 80.397.148.160 bytes beschikbaar

Post-Run: 80.320.983.040 bytes beschikbaar

.

- - End Of File - - 28C0C2793AC1F68BEB535834ADC7E0A8

Link naar reactie
Delen op andere sites
  • 2 weken later...
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Ik heb de discussie weer geopend want het probleem is dan wel opgelost maar het werk is nog niet gedaan.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner. (Als je het nog niet hebt)

Let op bij de installatie.

Haal beide vinkjes weg bij de vraag over de Chrome browser.

Installeer het en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Bevestigen met JA of OK

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, lees dan deze handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar kunnen besmette herstelpunten tussen zitten die je zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Configuratiescherm -> Systeem en Onderhoud -> Systeem -> tabblad "Systeembeveiliging" -> vinkje weghalen bij de schijf waarvan je de herstelpunten wil verwijderen -> klikken op "toepassen".

Dan krijg je de schermmelding “Weet u zeker dat u systeemherstel wil uitschakelen”. Klik hier op “Systeemherstel uitschakelen”. Dan zijn alle herstelpunten verwijderd op de aangeduide schijf.

Zet daarna opnieuw een vinkje bij de harde schijf. Maak meteen ook een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.

That's it ! Nu mag je opnieuw als opgelost markeren.

Nog veel computerplezier :ciao:

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.