Ga naar inhoud

beeldscherm zonder picto's en taakbalk na opstart, enkel veilige modus is mogelijk

dasjka

Door dasjka
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

dasjka Leerling

dasjka

Geplaatst:
  • Auteur
Geplaatst:

Het heeft volgens mij bijna 4u geduurd, en er is toch wat zichtbaar precies...

Log was in excel opgeslagen om de 1 of andere reden, heb het in kladblok proberen openen:

browserconnection.dll;c:\program files (x86)\windows ilivid toolbar\datamngr\x64;Adware.Bandoo.4;Verwijderd.;

datamngr.dll;c:\program files (x86)\windows ilivid toolbar\datamngr\x64;Adware.Bandoo.4;Niet repareerbaar.Verplaatst.;

iebho.dll;c:\program files (x86)\windows ilivid toolbar\datamngr\x64;Adware.Bandoo.4;Verwijderd.;

OptimizerPro1.exe;C:\Documents and Settings\All Users\Application Data\OptimizerPro1;Program.Unwanted.6;;

OptimizerPro1.exe;C:\Documents and Settings\All Users\OptimizerPro1;Program.Unwanted.6;;

SoftonicDownloader_voor_google-desktop.exe;C:\Documents and Settings\Dasjka\Desktop;Adware.Downware.451;Verplaatst.;

datamngr.dll;C:\Documents and Settings\Dasjka\DoctorWeb\Quarantine;Adware.Bandoo.4;Verplaatst.;

SoftonicDownloader_voor_google-desktop.exe;C:\Documents and Settings\Dasjka\DoctorWeb\Quarantine;Adware.Downware.451;Verplaatst.;

DownloadManagerSetup.exe;C:\Documents and Settings\Dasjka\Downloads;Adware.InstallCore.53;Verplaatst.;

DownloadSetup (1).exe;C:\Documents and Settings\Dasjka\Downloads;Adware.Downware.448;Verplaatst.;

DownloadSetup (2).exe;C:\Documents and Settings\Dasjka\Downloads;Adware.Downware.448;Verplaatst.;

DownloadSetup (3).exe;C:\Documents and Settings\Dasjka\Downloads;Adware.Downware.448;Verplaatst.;

DownloadSetup (4).exe;C:\Documents and Settings\Dasjka\Downloads;Adware.Downware.448;Verplaatst.;

DownloadSetup (5).exe;C:\Documents and Settings\Dasjka\Downloads;Adware.Downware.448;Verplaatst.;

DownloadSetup (6).exe;C:\Documents and Settings\Dasjka\Downloads;Adware.Downware.448;Verplaatst.;

DownloadSetup.exe;C:\Documents and Settings\Dasjka\Downloads;Adware.Downware.448;Verplaatst.;

PDFReaderSetup.exe;C:\Documents and Settings\Dasjka\Downloads;Adware.InstallCore.38;Verplaatst.;

speedupmypc.exe;C:\Documents and Settings\Dasjka\Downloads;Program.Uniblue.8;;

cnet_ccsetup309_exe.exe;C:\Documents and Settings\Dasjka\Downloads\Downloads;Adware.InstallCore.2;Verplaatst.;

mainpackfa.exe;C:\Program Files (x86)\1ClickDownload;Adware.Downware.380;Verplaatst.;

DnsBHO.dll;C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64;Adware.Bandoo.4;Verplaatst.;

OptimizerPro1.exe;C:\ProgramData\OptimizerPro1;Program.Unwanted.6;;

OptimizerPro1.exe;C:\Users\All Users\OptimizerPro1;Program.Unwanted.6;;

speedupmypc.exe;C:\Users\Dasjka\Downloads;Program.Uniblue.8;;

cnet_ccsetup309_exe.exe;D:\Downloads;Adware.InstallCore.2;Verplaatst.;

cnet_ccsetup309_exe.exe;D:\Karen\Downloads;Adware.InstallCore.2;Verplaatst.;

Link naar reactie
Delen op andere sites
  • Reacties 41
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

dasjka Leerling

dasjka

Geplaatst:
  • Auteur
Geplaatst:

Nee, nog niks opgeleverd, maar, hij heeft een aantal zaken niet verwijderd of verplaatst:

OptimizerPro1.exe;C:\Documents and Settings\All Users\Application Data\OptimizerPro1;Program.Unwanted.6;;

OptimizerPro1.exe;C:\Documents and Settings\All Users\OptimizerPro1;Program.Unwanted.6;;

speedupmypc.exe;C:\Documents and Settings\Dasjka\Downloads;Program.Uniblue.8;;

OptimizerPro1.exe;C:\ProgramData\OptimizerPro1;Program.Unwanted.6;;

OptimizerPro1.exe;C:\Users\All Users\OptimizerPro1;Program.Unwanted.6;;

speedupmypc.exe;C:\Users\Dasjka\Downloads;Program.Uniblue.8;;

Wat hiermee doen?

Link naar reactie
Delen op andere sites
dasjka Leerling

dasjka

Geplaatst:
  • Auteur
Geplaatst:

Ok, ik heb dus ontdekt dat de pc naar een eerder herstelpunt is teruggebracht.

Wanneer dit moge geweest zijn, ik weet het niet, maar ik ben helaas ook niet de enige die hier rondloopt...

Ik heb de beginstappen opnieuw doorgelopen en alles zoals u al aangaf gedaan.

Tot aan combofix.

Ik heb daar een log van, zou je daar nog eens naar willen kijken aub?

ComboFix 12-09-16.01 - Dasjka 17/09/2012 12:12:59.1.2 - x64 NETWORK

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.2046.1037 [GMT 2:00]

Gestart vanuit: C:\Users\Dasjka\Desktop\ComboFix.exe

AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

C:\ProgramData\Bcool

C:\ProgramData\Bcool\settings.ini

C:\ProgramData\Bcool\uninstall.exe

C:\Windows\SysWow64\Packet.dll

C:\Windows\SysWow64\reghmf.exe

C:\Windows\SysWow64\wpcap.dll

---- Voorgaande Run -------

C:\found.000\file0000.chk

C:\found.001\file0000.chk

C:\found.002\file0000.chk

C:\found.003\dir0000.chk\dir0000.chk\31E.tmp

C:\found.003\dir0000.chk\dir0000.chk\32F.tmp

C:\found.003\dir0000.chk\dir0000.chk\330.tmp

C:\found.003\dir0000.chk\dir0000.chk\331.tmp

C:\found.003\dir0000.chk\dir0000.chk\341.tmp

C:\found.003\dir0000.chk\dir0000.chk\342.tmp

C:\found.003\dir0000.chk\dir0000.chk\343.tmp

C:\found.003\dir0000.chk\dir0000.chk\354.tmp

C:\found.003\dir0000.chk\dir0000.chk\355.tmp

C:\found.003\dir0000.chk\dir0000.chk\356.tmp

C:\found.003\dir0000.chk\dir0000.chk\366.tmp

C:\found.003\dir0000.chk\dir0000.chk\367.tmp

C:\found.003\dir0000.chk\dir0001.chk\Local State

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FADB.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FADC.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FADD.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FAEE.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FAEF.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FAF0.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB00.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB01.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB02.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB03.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB14.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB15.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB16.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB27.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB28.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB29.tmp

C:\found.003\dir0000.chk\dir0002.chk\JumpListIcons\FB2A.tmp

C:\found.003\dir0000.chk\file0000.chk

C:\found.003\dir0000.chk\file0001.chk

C:\found.004\dir0000.chk\F114.tmp

C:\found.004\dir0000.chk\F125.tmp

C:\found.004\dir0000.chk\F126.tmp

C:\found.004\dir0000.chk\F136.tmp

C:\found.004\dir0000.chk\F137.tmp

C:\found.004\dir0000.chk\F148.tmp

C:\found.004\dir0000.chk\F149.tmp

C:\found.004\dir0000.chk\F15A.tmp

C:\found.004\dir0000.chk\F15B.tmp

C:\found.004\dir0001.chk\39AA.tmp

C:\found.004\dir0001.chk\F9D0.tmp

C:\found.004\dir0001.chk\F9D1.tmp

C:\found.004\dir0001.chk\F9D2.tmp

C:\found.004\dir0001.chk\F9E3.tmp

C:\found.004\dir0001.chk\F9E4.tmp

C:\found.004\dir0001.chk\F9F4.tmp

C:\found.004\dir0001.chk\F9F6.tmp

C:\found.004\dir0001.chk\FA07.tmp

C:\found.004\dir0001.chk\FA08.tmp

C:\found.004\dir0001.chk\FA19.tmp

C:\found.004\dir0001.chk\FA1A.tmp

C:\found.004\dir0001.chk\FA1B.tmp

C:\found.004\dir0001.chk\FA2B.tmp

C:\found.004\dir0001.chk\FA2C.tmp

C:\found.004\dir0002.chk\JumpListIcons\7BE3.tmp

C:\found.004\dir0002.chk\JumpListIcons\7BE4.tmp

C:\found.004\dir0002.chk\JumpListIcons\7BF4.tmp

C:\found.004\dir0002.chk\JumpListIcons\7BF5.tmp

C:\found.004\dir0002.chk\JumpListIcons\7C06.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E1C.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E1D.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E2D.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E2E.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E2F.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E40.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E41.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E52.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E53.tmp

C:\found.004\dir0002.chk\JumpListIconsOld\6E54.tmp

C:\found.004\dir0002.chk\Managed Mode Settings

c:\program files (x86)\SweetIM\Messenger\default.xml

c:\program files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png

c:\program files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png

c:\program files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png

c:\program files (x86)\SweetIM\Messenger\resources\images\GamesButton.png

c:\program files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png

c:\program files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png

c:\program files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png

c:\program files (x86)\SweetIM\Messenger\resources\images\WinksButton.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\conf\logger.xml

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png

c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png

c:\program files (x86)\YourFileDownloader\Downloader.exe

c:\program files (x86)\YourFileDownloader\htmlayout.dll

c:\program files (x86)\YourFileDownloader\uninstall.exe

c:\program files (x86)\YourFileDownloader\YourFile.exe

c:\programdata\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\_Setup.dll

c:\programdata\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\Setup.exe

c:\programdata\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\Setup.ico

c:\programdata\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\TsuDll.dll

c:\programdata\InstallMate\7AC35F52\cfg\1.ini

c:\programdata\InstallMate\7AC35F52\cfg\2.ini

c:\programdata\InstallMate\7AC35F52\cfg\2_1.ini

c:\programdata\InstallMate\7AC35F52\cfg\4.ini

c:\programdata\InstallMate\7AC35F52\cfg\4_1.ini

c:\programdata\InstallMate\7AC35F52\cfg\5.ini

c:\programdata\InstallMate\7AC35F52\cfg\6.ini

c:\programdata\InstallMate\7AC35F52\cfg\7.ini

c:\programdata\InstallMate\7AC35F52\cfg\8.ini

c:\programdata\InstallMate\7AC35F52\cfg\8_1.ini

c:\programdata\InstallMate\7AC35F52\cfg\8_1_1.ini

c:\programdata\InstallMate\E2A466DA\cfg\1.ini

c:\programdata\InstallMate\E2A466DA\cfg\2.ini

c:\programdata\InstallMate\E2A466DA\cfg\2_1.ini

c:\programdata\InstallMate\E2A466DA\cfg\4.ini

c:\programdata\InstallMate\E2A466DA\cfg\4_1.ini

c:\programdata\InstallMate\E2A466DA\cfg\5.ini

c:\programdata\InstallMate\E2A466DA\cfg\6.ini

c:\programdata\InstallMate\E2A466DA\cfg\7.ini

c:\programdata\InstallMate\E2A466DA\cfg\8.ini

c:\programdata\InstallMate\E2A466DA\cfg\8_1.ini

c:\programdata\SweetIM\Communicator\conf\communicator.xml

c:\programdata\SweetIM\Messenger\conf\adapter.xml

c:\programdata\SweetIM\Messenger\conf\autoupdate.xml

c:\programdata\SweetIM\Messenger\conf\contentpackages.xml

c:\programdata\SweetIM\Messenger\conf\logger.xml

c:\programdata\SweetIM\Messenger\conf\messages.xml

c:\programdata\SweetIM\Messenger\conf\sweetim.xml

c:\programdata\SweetIM\Messenger\conf\sweetimapp.xml

c:\programdata\SweetIM\Messenger\conf\users\main_user_config.xml

c:\programdata\SweetIM\Messenger\data\Bars\Default\100\bar.html

c:\programdata\SweetIM\Messenger\data\Bars\Default\100\bar.swf

c:\programdata\SweetIM\Messenger\data\Bars\Default\200\bar.html

c:\programdata\SweetIM\Messenger\data\Bars\Default\200\bar.swf

c:\programdata\SweetIM\Messenger\data\Bars\Default\400\bar.html

c:\programdata\SweetIM\Messenger\data\Bars\Default\400\bar.swf

c:\programdata\SweetIM\Messenger\data\contentdb\cache_indx.dat

c:\programdata\SweetIM\Messenger\data\packages\FailDialog\activationFail.htm

c:\programdata\SweetIM\Messenger\data\packages\FailDialog\close_but.gif

c:\programdata\SweetIM\Messenger\data\packages\FailDialog\failure_dialog_BG.jpg

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_NPF

(((((((((((((((((((( Bestanden Gemaakt van 2012-08-17 to 2012-09-17 ))))))))))))))))))))))))))))))

2012-09-17 10:16:45 . 2012-09-17 10:16:45 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp

2012-09-17 10:16:45 . 2012-09-17 10:16:45 -------- d-----w- C:\Users\UpdatusUser.Dasjka-PC\AppData\Local\temp

2012-09-17 10:16:45 . 2012-09-17 10:16:45 -------- d-----w- C:\Users\Gast\AppData\Local\temp

2012-09-17 10:16:45 . 2012-09-17 10:16:45 -------- d-----w- C:\Users\Default\AppData\Local\temp

2012-09-17 09:26:49 . 2012-09-07 15:04:46 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys

2012-09-16 13:03:16 . 2012-09-16 13:27:10 -------- d-----w- C:\Users\Dasjka\DoctorWeb

2012-09-16 12:05:42 . 2012-09-16 12:05:42 119808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\GoogleDesktopMozilla.dll

2012-09-16 12:05:38 . 2012-09-16 12:05:38 -------- d-----w- C:\Program Files (x86)\Google

2012-09-16 11:25:12 . 2012-09-16 11:25:12 -------- d-----w- C:\Temp

2012-09-16 10:15:59 . 2012-09-16 10:15:59 -------- d-----w- C:\found.000

2012-09-16 08:39:27 . 2012-09-16 08:39:27 -------- d-----w- C:\Windows\system32\drivers\N360x64

2012-09-15 18:27:42 . 2012-09-15 18:27:42 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\ImgBurn

2012-09-15 18:20:51 . 2012-09-15 18:20:51 -------- d-----w- C:\Program Files (x86)\ImgBurn

2012-09-15 13:03:51 . 2012-08-21 09:12:02 285328 ----a-w- C:\Windows\system32\aswBoot.exe

2012-09-15 13:03:29 . 2012-09-15 13:03:29 -------- d-----w- C:\Program Files\AVAST Software

2012-09-14 19:28:30 . 2012-09-14 19:28:30 -------- d-----w- C:\ProgramData\Lavasoft

2012-09-14 19:28:30 . 2012-09-14 19:28:30 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus

2012-09-14 19:28:07 . 2012-09-14 19:28:07 -------- d-----w- C:\Users\Dasjka\AppData\Local\adawarebp

2012-09-14 19:28:06 . 2012-09-15 11:36:22 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection

2012-09-14 19:27:39 . 2012-09-15 11:36:26 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner

2012-09-14 19:27:37 . 2012-09-15 11:36:46 -------- d-----w- C:\Program Files (x86)\adawaretb

2012-09-14 19:27:13 . 2012-09-14 19:27:18 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\Ad-Aware Antivirus

2012-09-14 19:15:31 . 2012-09-15 11:36:21 -------- d-----w- C:\ProgramData\HitmanPro

2012-09-14 18:43:40 . 2012-09-14 18:43:40 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\Sammsoft

2012-09-14 18:43:26 . 2012-09-15 11:36:32 -------- d-----w- C:\Program Files (x86)\MemTurbo 4

2012-09-14 18:43:21 . 2012-09-15 11:36:37 -------- d-----w- C:\Program Files (x86)\ARO 2012

2012-09-14 18:07:31 . 2012-09-15 11:36:18 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-09-14 18:07:00 . 2012-09-15 11:36:26 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2012-09-14 13:58:41 . 2012-09-14 18:48:54 -------- d-----w- C:\Users\dasjka_2

2012-09-13 09:59:03 . 2012-09-17 09:26:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-09-12 14:32:22 . 2012-09-16 08:37:24 -------- d-----w- C:\ProgramData\AVAST Software

2012-09-12 13:05:45 . 2012-09-15 07:58:00 -------- d-----w- C:\Users\Dasjka\AppData\Local\Htc

2012-09-12 13:05:37 . 2012-09-12 13:05:48 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\HTC

2012-09-12 11:54:20 . 2012-09-12 11:54:20 -------- d-----w- C:\ProgramData\PCSettings

2012-09-11 09:33:29 . 2012-09-11 09:43:15 -------- d-----w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard

2012-09-11 09:28:17 . 2012-09-11 09:43:32 -------- d-----w- C:\Users\Dasjka\AppData\Local\NPE

2012-08-27 17:08:25 . 2012-09-15 11:37:00 -------- d-----w- C:\Program Files (x86)\YourFileDownloader

2012-08-27 11:49:45 . 2012-09-15 11:25:37 -------- d-----w- C:\Users\Dasjka\bureaublad

2012-08-27 11:10:07 . 2012-09-15 11:36:59 -------- d-----w- C:\Program Files (x86)\uTorrent

2012-08-27 10:55:34 . 2012-09-17 09:29:54 -------- d-----w- C:\ProgramData\OptimizerPro1

2012-08-27 10:53:52 . 2012-09-15 11:37:03 -------- d-----w- C:\ProgramData\InstallMate

2012-08-26 23:11:51 . 2012-08-26 23:11:51 -------- d-----w- C:\Program Files (x86)\Gophoto.it

2012-08-26 22:46:55 . 2012-09-15 18:54:43 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\uTorrent

2012-08-26 22:44:15 . 2012-08-26 22:45:47 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\.Tribler

2012-08-26 22:31:44 . 2012-09-15 11:36:59 -------- d-----w- C:\Program Files (x86)\smartdl

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-08-15 08:13:38 . 2012-01-04 13:47:45 62134624 ----a-w- C:\Windows\system32\MRT.exe

2012-08-14 22:29:14 . 2012-07-29 08:02:26 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-14 22:29:14 . 2012-02-11 09:23:16 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-18 18:15:06 . 2012-08-14 20:57:01 3148800 ----a-w- C:\Windows\system32\win32k.sys

2012-07-04 22:16:43 . 2012-08-14 20:57:02 73216 ----a-w- C:\Windows\system32\netapi32.dll

2012-07-04 22:13:27 . 2012-08-14 20:57:02 59392 ----a-w- C:\Windows\system32\browcli.dll

2012-07-04 22:13:27 . 2012-08-14 20:57:02 136704 ----a-w- C:\Windows\system32\browser.dll

2012-07-04 21:14:34 . 2012-08-14 20:57:02 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-07-03 18:56:30 . 2012-07-03 18:56:30 73728 ----a-w- C:\Windows\SysWow64\afasrv64.exe

2012-06-29 04:55:23 . 2012-08-15 08:17:47 17809920 ----a-w- C:\Windows\system32\mshtml.dll

2012-06-29 04:09:35 . 2012-08-15 08:17:46 10925568 ----a-w- C:\Windows\system32\ieframe.dll

2012-06-29 04:01:35 . 2012-06-29 04:01:35 704136 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-06-29 03:56:34 . 2012-08-15 08:17:53 2312704 ----a-w- C:\Windows\system32\jscript9.dll

2012-06-29 03:49:57 . 2012-08-15 08:17:55 1346048 ----a-w- C:\Windows\system32\urlmon.dll

2012-06-29 03:49:11 . 2012-08-15 08:17:52 1392128 ----a-w- C:\Windows\system32\wininet.dll

2012-06-29 03:48:07 . 2012-08-15 08:17:53 1494528 ----a-w- C:\Windows\system32\inetcpl.cpl

2012-06-29 03:47:35 . 2012-08-15 08:17:55 237056 ----a-w- C:\Windows\system32\url.dll

2012-06-29 03:45:55 . 2012-08-15 08:17:52 85504 ----a-w- C:\Windows\system32\jsproxy.dll

2012-06-29 03:44:51 . 2012-08-15 08:17:50 816640 ----a-w- C:\Windows\system32\jscript.dll

2012-06-29 03:43:49 . 2012-08-15 08:17:54 173056 ----a-w- C:\Windows\system32\ieUnatt.exe

2012-06-29 03:42:23 . 2012-08-15 08:17:55 2144768 ----a-w- C:\Windows\system32\iertutil.dll

2012-06-29 03:40:11 . 2012-08-15 08:17:57 96768 ----a-w- C:\Windows\system32\mshtmled.dll

2012-06-29 03:39:48 . 2012-08-15 08:17:57 2382848 ----a-w- C:\Windows\system32\mshtml.tlb

2012-06-29 03:35:21 . 2012-08-15 08:17:54 248320 ----a-w- C:\Windows\system32\ieui.dll

2012-06-29 00:16:58 . 2012-08-15 08:17:52 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 . 2012-08-15 08:17:53 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 . 2012-08-15 08:17:53 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 . 2012-08-15 08:17:54 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 . 2012-08-15 08:17:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-25 14:04:24 . 2012-06-25 14:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Zo kom je nog eens voor verrassingen te staan :-)

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

C:\found.000

C:\ProgramData\OptimizerPro1

C:\ProgramData\InstallMate

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
dasjka Leerling

dasjka

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-09-16.01 - Dasjka 17/09/2012 13:23:57.2.2 - x64 NETWORK

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.2046.1506 [GMT 2:00]

Gestart vanuit: C:\Users\Dasjka\Desktop\ComboFix.exe

gebruikte Opdracht switches :: C:\Users\Dasjka\Desktop\CFScript.txt

AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

C:\found.000

C:\found.000\file0000.chk

C:\ProgramData\InstallMate

C:\ProgramData\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\_Setup.dll

C:\ProgramData\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\Setup.exe

C:\ProgramData\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\Setup.ico

C:\ProgramData\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\TsuDll.dll

C:\ProgramData\InstallMate\7AC35F52\cfg\1.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\2.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\2_1.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\4.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\4_1.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\5.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\6.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\7.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\8.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\8_1.ini

C:\ProgramData\InstallMate\7AC35F52\cfg\8_1_1.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\1.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\2.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\2_1.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\4.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\4_1.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\5.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\6.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\7.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\8.ini

C:\ProgramData\InstallMate\E2A466DA\cfg\8_1.ini

C:\ProgramData\OptimizerPro1

---- Voorgaande Run -------

C:\ProgramData\Bcool\settings.ini

C:\ProgramData\Bcool\uninstall.exe

C:\Windows\SysWow64\Packet.dll

C:\Windows\SysWow64\reghmf.exe

C:\Windows\SysWow64\wpcap.dll

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_NPF

(((((((((((((((((((( Bestanden Gemaakt van 2012-08-17 to 2012-09-17 ))))))))))))))))))))))))))))))

2012-09-17 11:29:19 . 2012-09-17 11:29:19 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp

2012-09-17 11:29:19 . 2012-09-17 11:29:19 -------- d-----w- C:\Users\UpdatusUser.Dasjka-PC\AppData\Local\temp

2012-09-17 11:29:19 . 2012-09-17 11:29:19 -------- d-----w- C:\Users\Gast\AppData\Local\temp

2012-09-17 11:29:19 . 2012-09-17 11:29:19 -------- d-----w- C:\Users\Default\AppData\Local\temp

2012-09-17 09:26:49 . 2012-09-07 15:04:46 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys

2012-09-16 13:03:16 . 2012-09-16 13:27:10 -------- d-----w- C:\Users\Dasjka\DoctorWeb

2012-09-16 12:05:42 . 2012-09-16 12:05:42 119808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\GoogleDesktopMozilla.dll

2012-09-16 12:05:38 . 2012-09-16 12:05:38 -------- d-----w- C:\Program Files (x86)\Google

2012-09-16 11:25:12 . 2012-09-16 11:25:12 -------- d-----w- C:\Temp

2012-09-16 08:39:27 . 2012-09-16 08:39:27 -------- d-----w- C:\Windows\system32\drivers\N360x64

2012-09-15 18:27:42 . 2012-09-15 18:27:42 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\ImgBurn

2012-09-15 18:20:51 . 2012-09-15 18:20:51 -------- d-----w- C:\Program Files (x86)\ImgBurn

2012-09-15 13:03:51 . 2012-08-21 09:12:02 285328 ----a-w- C:\Windows\system32\aswBoot.exe

2012-09-15 13:03:29 . 2012-09-15 13:03:29 -------- d-----w- C:\Program Files\AVAST Software

2012-09-14 19:28:30 . 2012-09-14 19:28:30 -------- d-----w- C:\ProgramData\Lavasoft

2012-09-14 19:28:30 . 2012-09-14 19:28:30 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus

2012-09-14 19:28:07 . 2012-09-14 19:28:07 -------- d-----w- C:\Users\Dasjka\AppData\Local\adawarebp

2012-09-14 19:28:06 . 2012-09-15 11:36:22 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection

2012-09-14 19:27:39 . 2012-09-15 11:36:26 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner

2012-09-14 19:27:37 . 2012-09-15 11:36:46 -------- d-----w- C:\Program Files (x86)\adawaretb

2012-09-14 19:27:13 . 2012-09-14 19:27:18 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\Ad-Aware Antivirus

2012-09-14 19:15:31 . 2012-09-15 11:36:21 -------- d-----w- C:\ProgramData\HitmanPro

2012-09-14 18:43:40 . 2012-09-14 18:43:40 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\Sammsoft

2012-09-14 18:43:26 . 2012-09-15 11:36:32 -------- d-----w- C:\Program Files (x86)\MemTurbo 4

2012-09-14 18:43:21 . 2012-09-15 11:36:37 -------- d-----w- C:\Program Files (x86)\ARO 2012

2012-09-14 18:07:31 . 2012-09-15 11:36:18 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-09-14 18:07:00 . 2012-09-15 11:36:26 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2012-09-14 13:58:41 . 2012-09-14 18:48:54 -------- d-----w- C:\Users\dasjka_2

2012-09-13 09:59:03 . 2012-09-17 09:26:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-09-12 14:32:22 . 2012-09-16 08:37:24 -------- d-----w- C:\ProgramData\AVAST Software

2012-09-12 13:05:45 . 2012-09-15 07:58:00 -------- d-----w- C:\Users\Dasjka\AppData\Local\Htc

2012-09-12 13:05:37 . 2012-09-12 13:05:48 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\HTC

2012-09-12 11:54:20 . 2012-09-12 11:54:20 -------- d-----w- C:\ProgramData\PCSettings

2012-09-11 09:33:29 . 2012-09-11 09:43:15 -------- d-----w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard

2012-09-11 09:28:17 . 2012-09-11 09:43:32 -------- d-----w- C:\Users\Dasjka\AppData\Local\NPE

2012-08-27 17:08:25 . 2012-09-15 11:37:00 -------- d-----w- C:\Program Files (x86)\YourFileDownloader

2012-08-27 11:49:45 . 2012-09-15 11:25:37 -------- d-----w- C:\Users\Dasjka\bureaublad

2012-08-27 11:10:07 . 2012-09-15 11:36:59 -------- d-----w- C:\Program Files (x86)\uTorrent

2012-08-26 23:11:51 . 2012-08-26 23:11:51 -------- d-----w- C:\Program Files (x86)\Gophoto.it

2012-08-26 22:46:55 . 2012-09-15 18:54:43 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\uTorrent

2012-08-26 22:44:15 . 2012-08-26 22:45:47 -------- d-----w- C:\Users\Dasjka\AppData\Roaming\.Tribler

2012-08-26 22:31:44 . 2012-09-15 11:36:59 -------- d-----w- C:\Program Files (x86)\smartdl

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-08-15 08:13:38 . 2012-01-04 13:47:45 62134624 ----a-w- C:\Windows\system32\MRT.exe

2012-08-14 22:29:14 . 2012-07-29 08:02:26 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-14 22:29:14 . 2012-02-11 09:23:16 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-18 18:15:06 . 2012-08-14 20:57:01 3148800 ----a-w- C:\Windows\system32\win32k.sys

2012-07-04 22:16:43 . 2012-08-14 20:57:02 73216 ----a-w- C:\Windows\system32\netapi32.dll

2012-07-04 22:13:27 . 2012-08-14 20:57:02 59392 ----a-w- C:\Windows\system32\browcli.dll

2012-07-04 22:13:27 . 2012-08-14 20:57:02 136704 ----a-w- C:\Windows\system32\browser.dll

2012-07-04 21:14:34 . 2012-08-14 20:57:02 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-07-03 18:56:30 . 2012-07-03 18:56:30 73728 ----a-w- C:\Windows\SysWow64\afasrv64.exe

2012-06-29 04:55:23 . 2012-08-15 08:17:47 17809920 ----a-w- C:\Windows\system32\mshtml.dll

2012-06-29 04:09:35 . 2012-08-15 08:17:46 10925568 ----a-w- C:\Windows\system32\ieframe.dll

2012-06-29 04:01:35 . 2012-06-29 04:01:35 704136 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-06-29 03:56:34 . 2012-08-15 08:17:53 2312704 ----a-w- C:\Windows\system32\jscript9.dll

2012-06-29 03:49:57 . 2012-08-15 08:17:55 1346048 ----a-w- C:\Windows\system32\urlmon.dll

2012-06-29 03:49:11 . 2012-08-15 08:17:52 1392128 ----a-w- C:\Windows\system32\wininet.dll

2012-06-29 03:48:07 . 2012-08-15 08:17:53 1494528 ----a-w- C:\Windows\system32\inetcpl.cpl

2012-06-29 03:47:35 . 2012-08-15 08:17:55 237056 ----a-w- C:\Windows\system32\url.dll

2012-06-29 03:45:55 . 2012-08-15 08:17:52 85504 ----a-w- C:\Windows\system32\jsproxy.dll

2012-06-29 03:44:51 . 2012-08-15 08:17:50 816640 ----a-w- C:\Windows\system32\jscript.dll

2012-06-29 03:43:49 . 2012-08-15 08:17:54 173056 ----a-w- C:\Windows\system32\ieUnatt.exe

2012-06-29 03:42:23 . 2012-08-15 08:17:55 2144768 ----a-w- C:\Windows\system32\iertutil.dll

2012-06-29 03:40:11 . 2012-08-15 08:17:57 96768 ----a-w- C:\Windows\system32\mshtmled.dll

2012-06-29 03:39:48 . 2012-08-15 08:17:57 2382848 ----a-w- C:\Windows\system32\mshtml.tlb

2012-06-29 03:35:21 . 2012-08-15 08:17:54 248320 ----a-w- C:\Windows\system32\ieui.dll

2012-06-29 00:16:58 . 2012-08-15 08:17:52 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 . 2012-08-15 08:17:53 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 . 2012-08-15 08:17:53 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 . 2012-08-15 08:17:54 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 . 2012-08-15 08:17:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-25 14:04:24 . 2012-06-25 14:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

[7] 2010-11-21 03:24:29 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[-] 2010-08-14 09:37:49 . 87A00ED70FEC36D0DD968E5058C29AA1 . 389632 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\system32\winlogon.exe

[7] 2010-11-21 03:24:09 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

[-] 2012-01-04 14:23:58 . D186BABDFAE7C0D93C9F6AE63957EE96 . 1008128 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\system32\user32.dll

[-] 2012-01-04 14:23:57 . 0A8910F85D554ADB5C7F5B157FEE8622 . 833024 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\SysWOW64\user32.dll

[7] 2010-11-21 03:24:20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 10:30:40 59240]

"Registry Mechanic"="C:\Users\Dasjka\Desktop\rminstall_RevenueWire207_10.0.1.140.exe" [2012-05-01 09:53:02 511968]

"Norton Download Manager{N360P201102-SHPD-FSD31014}"="C:\Users\Public\Downloads\Norton\{N360P201102-SHPD-FSD31014}\N360Downloader (2).exe" [2012-09-16 08:35:04 916136]

"uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe" [2012-08-27 11:10:07 896400]

"Spotify Web Helper"="C:\Users\Dasjka\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-06-30 07:06:59 1192664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040]

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 18:06:18 59280]

"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 17:17:52 207424]

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" [bU]

"USBestCR"="C:\Program Files (x86)\Sitecom MD-020 SIM Editor\iconcs31462843.exe" [2012-07-03 18:56:31 7377920]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 09:07:54 252296]

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2012-04-18 18:56:22 421888]

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 17:33:22 421776]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 20:51:26 919008]

"Salling Media Sync"="C:\Program Files (x86)\Salling Software AB\Salling Media Sync\Salling Media Sync.exe" [2011-01-07 13:55:14 333512]

"Google Desktop Search"="C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2012-09-16 12:05:39 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Users\Dasjka\AppData\Local\Temp\Rar$EX58.400\Run\a2ddax64.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]

R2 FreemakeVideoCapture;FreemakeVideoCapture;C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 22:29:16 250056]

R3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 03:23:48 71168]

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2012-09-16 12:05:39 30192]

R3 HMFAxCore49faa33f15a1ac700ece463855b34160;HMFAxCore49faa33f15a1ac700ece463855b34160;C:\Windows\system32\drivers\HMFAxCore49faa33f15a1ac700ece463855b34160.sys [x]

R3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 16:16:50 33736]

R3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 15:08:10 36928]

R3 MHIKEY10;MHIKEY10;C:\Windows\system32\Drivers\MHIKEY10x64.sys [2010-09-15 06:46:14 60288]

R3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys [2011-08-02 16:38:44 22528]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys [2010-11-21 03:24:43 20992]

R3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys [2010-11-21 03:23:48 88960]

R3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys [2010-11-21 03:23:48 34816]

R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 03:24:33 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 03:23:47 31232]

R3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 03:23:48 117248]

R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys [2012-02-15 09:01:50 52736]

R3 VGPU;VGPU;C:\Windows\system32\drivers\rdvgkmd.sys [x]

S0 hotcore3;hotcore3;C:\Windows\SysWOW64\drivers\hotcore3.sys [2008-01-21 16:43:42 36368]

S0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 10:42:44 72240]

S0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 10:42:44 15920]

S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 00:07:22 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 20:51:26 63960]

S2 AfaService;Afa Card Reader Service;C:\Windows\system32\afasrv64.exe [x]

S2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-06-18 11:15:06 96768]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 15:04:46 399432]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 15:04:46 676936]

S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 04:13:00 2348352]

S2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 12:25:24 87040]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 19:05:32 382272]

S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2012-09-07 15:04:46 25928]

S3 netr28ux;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 20:35:36 867328]

S3 Ph3xIB64;Philips 713x Inbox PCI TV Card;C:\Windows\system32\DRIVERS\Ph3xIB64.sys [2009-06-10 20:32:37 1627520]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 00:07:28 17920]

Inhoud van de 'Gedeelde Taken' map

2012-09-16 C:\Windows\Tasks\Adobe Flash Player Updater.job

- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-29 08:02:26 . 2012-08-14 22:29:16]

2012-09-06 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2723141858-125272428-662678617-1000Core.job

- C:\Users\Dasjka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07 11:57:16 . 2012-08-07 11:57:15]

2012-09-12 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2723141858-125272428-662678617-1000UA.job

- C:\Users\Dasjka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07 11:57:16 . 2012-08-07 11:57:15]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"USBestCR"="C:\Program Files (x86)\Sitecom MD-020 SIM Editor\iconcs31462843.exe" [2012-07-03 18:56:31 7377920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

------- Bijkomende Scan -------

uStart Page = hxxp://www.google.nl/

mLocal Page = C:\Windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1 195.130.131.131

FF - ProfilePath - C:\Users\Dasjka\AppData\Roaming\Mozilla\Firefox\Profiles\4oxvarww.default\

- - - - ORPHANS VERWIJDERD - - - -

Toolbar-10 - (no file)

Wow6432Node-HKLM-Run-DATAMNGR - C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE

Toolbar-10 - (no file)

HKLM-Run-combofix - C:\ComboFix\CF3403.3XE

Ok, wat nu? Zal ik de rest ook opnieuw doen of terug stap voor stap?

Ik hoop echt dat dit opgelost geraakt, zeker omdat er dringende betalingen zijn ondertussen, maar durf dit niet meteen te doen, of zou dit kunnen in veilige modus zonder probs?

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.