Ga naar inhoud

live security platform


Aanbevolen berichten

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287

c:\documents and settings\Administrator\Application Data\Iliwl

c:\documents and settings\Administrator\Application Data\Okbe

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

ComboFix 12-09-20.02 - Administrator 20-09-2012 22:33:27.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.239 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll

c:\documents and settings\Administrator\Application Data\Iliwl

c:\documents and settings\Administrator\Application Data\Okbe

c:\documents and settings\Administrator\Application Data\Okbe\azilx.ipa

c:\documents and settings\Administrator\Application Data\Okbe\azilx.tmp

c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll

c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287

c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287

c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.ico

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-08-20 to 2012-09-20 ))))))))))))))))))))))))))))))

.

.

2012-09-20 20:57 . 2012-09-20 20:57 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl9a27b3a9.sys

2012-09-20 20:22 . 2012-09-20 20:22 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl77587ddf.sys

2012-09-19 19:41 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\mpengine.dll

2012-09-18 16:41 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-09-16 17:24 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities

2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun

2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax

2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-20 20:05 . 2012-06-08 20:39 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-20 20:05 . 2011-05-15 19:49 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll

2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll

2012-07-06 13:58 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05 . 2004-08-04 08:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 18:23 . 2004-08-04 08:00 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-07-02 17:38 . 2004-08-04 08:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-07-02 17:38 . 2004-08-04 08:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-07-02 17:38 . 2004-08-04 08:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-07-02 12:05 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec

2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-09-19_19.10.39 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-09-20 20:54 . 2012-09-20 20:54 16384 c:\windows\Temp\Perflib_Perfdata_300.dat

- 2004-08-04 08:00 . 2012-05-11 14:44 67072 c:\windows\system32\mshtmled.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 67072 c:\windows\system32\mshtmled.dll

+ 2009-03-08 03:31 . 2012-07-02 17:38 55296 c:\windows\system32\msfeedsbs.dll

- 2009-03-08 03:31 . 2012-05-11 14:44 55296 c:\windows\system32\msfeedsbs.dll

- 2004-08-04 08:00 . 2012-05-11 14:44 25600 c:\windows\system32\jsproxy.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 25600 c:\windows\system32\jsproxy.dll

+ 2010-12-25 13:53 . 2012-07-02 17:38 12800 c:\windows\system32\dllcache\xpshims.dll

- 2010-12-25 13:53 . 2012-05-11 14:44 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2010-09-09 14:24 . 2012-07-02 17:38 67072 c:\windows\system32\dllcache\mshtmled.dll

- 2010-09-09 14:24 . 2012-05-11 14:44 67072 c:\windows\system32\dllcache\mshtmled.dll

- 2010-12-25 13:53 . 2012-05-11 14:44 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2010-12-25 13:53 . 2012-07-02 17:38 55296 c:\windows\system32\dllcache\msfeedsbs.dll

- 2009-03-08 03:34 . 2012-05-11 14:44 43520 c:\windows\system32\dllcache\licmgr10.dll

+ 2009-03-08 03:34 . 2012-07-02 17:38 43520 c:\windows\system32\dllcache\licmgr10.dll

+ 2009-03-08 03:33 . 2012-07-02 17:38 25600 c:\windows\system32\dllcache\jsproxy.dll

- 2009-03-08 03:33 . 2012-05-11 14:44 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2012-07-06 13:58 . 2012-07-06 13:58 78336 c:\windows\system32\dllcache\browser.dll

- 2007-08-02 03:00 . 2012-07-11 08:38 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe

- 2007-08-02 03:00 . 2012-07-11 08:38 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe

- 2007-08-02 03:00 . 2012-07-11 08:38 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2012-09-19 20:52 . 2012-05-11 14:44 12800 c:\windows\ie8updates\KB2722913-IE8\xpshims.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 67072 c:\windows\ie8updates\KB2722913-IE8\mshtmled.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 55296 c:\windows\ie8updates\KB2722913-IE8\msfeedsbs.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 43520 c:\windows\ie8updates\KB2722913-IE8\licmgr10.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 25600 c:\windows\ie8updates\KB2722913-IE8\jsproxy.dll

- 2004-08-04 08:00 . 2012-05-11 14:44 105984 c:\windows\system32\url.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 105984 c:\windows\system32\url.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 206848 c:\windows\system32\occache.dll

- 2004-08-04 08:00 . 2012-05-11 14:44 206848 c:\windows\system32\occache.dll

+ 2004-08-04 08:00 . 2012-07-06 13:58 337920 c:\windows\system32\netapi32.dll

- 2004-08-04 08:00 . 2012-05-11 14:44 611840 c:\windows\system32\mstime.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 611840 c:\windows\system32\mstime.dll

- 2009-03-08 03:32 . 2012-05-11 14:44 629760 c:\windows\system32\msfeeds.dll

+ 2009-03-08 03:32 . 2012-07-02 17:38 629760 c:\windows\system32\msfeeds.dll

+ 2012-09-20 20:05 . 2012-09-20 20:05 690096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_Plugin.exe

+ 2012-09-20 19:07 . 2012-09-20 19:07 690096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe

+ 2012-09-20 19:07 . 2012-09-20 19:07 474544 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.dll

+ 2012-06-08 20:39 . 2012-09-20 20:05 250288 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

- 2004-08-04 08:00 . 2009-05-07 15:34 347136 c:\windows\system32\localspl.dll

+ 2004-08-04 08:00 . 2012-05-14 09:23 347136 c:\windows\system32\localspl.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 184320 c:\windows\system32\iepeers.dll

- 2004-08-04 08:00 . 2012-05-11 14:44 184320 c:\windows\system32\iepeers.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 387584 c:\windows\system32\iedkcs32.dll

- 2004-08-04 08:00 . 2012-05-11 14:44 387584 c:\windows\system32\iedkcs32.dll

- 2004-08-04 08:00 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe

+ 2004-08-04 08:00 . 2012-07-02 12:05 174080 c:\windows\system32\ie4uinit.exe

- 2004-09-08 07:48 . 2012-07-12 06:14 321928 c:\windows\system32\FNTCACHE.DAT

+ 2004-09-08 07:48 . 2012-09-20 10:08 321928 c:\windows\system32\FNTCACHE.DAT

- 2010-09-09 14:24 . 2012-05-16 15:09 916992 c:\windows\system32\dllcache\wininet.dll

+ 2010-09-09 14:24 . 2012-07-02 17:38 916992 c:\windows\system32\dllcache\wininet.dll

+ 2009-03-08 03:34 . 2012-07-02 17:38 105984 c:\windows\system32\dllcache\url.dll

- 2009-03-08 03:34 . 2012-05-11 14:44 105984 c:\windows\system32\dllcache\url.dll

+ 2011-08-11 07:46 . 2012-07-04 14:05 139784 c:\windows\system32\dllcache\rdpwd.sys

+ 2009-03-08 03:34 . 2012-07-02 17:38 206848 c:\windows\system32\dllcache\occache.dll

- 2009-03-08 03:34 . 2012-05-11 14:44 206848 c:\windows\system32\dllcache\occache.dll

+ 2010-12-11 22:07 . 2012-07-06 13:58 337920 c:\windows\system32\dllcache\netapi32.dll

+ 2010-11-05 05:02 . 2012-07-02 17:38 611840 c:\windows\system32\dllcache\mstime.dll

- 2010-11-05 05:02 . 2012-05-11 14:44 611840 c:\windows\system32\dllcache\mstime.dll

- 2010-12-25 13:53 . 2012-05-11 14:44 629760 c:\windows\system32\dllcache\msfeeds.dll

+ 2010-12-25 13:53 . 2012-07-02 17:38 629760 c:\windows\system32\dllcache\msfeeds.dll

- 2009-05-07 15:34 . 2009-05-07 15:34 347136 c:\windows\system32\dllcache\localspl.dll

+ 2009-05-07 15:34 . 2012-05-14 09:23 347136 c:\windows\system32\dllcache\localspl.dll

- 2012-06-13 08:18 . 2012-05-11 14:44 521728 c:\windows\system32\dllcache\jsdbgui.dll

+ 2012-06-13 08:18 . 2012-07-02 17:38 521728 c:\windows\system32\dllcache\jsdbgui.dll

+ 2010-12-25 13:53 . 2012-07-02 17:38 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2010-12-25 13:53 . 2012-05-11 14:44 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2010-09-09 14:24 . 2012-05-11 14:44 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2010-09-09 14:24 . 2012-07-02 17:38 184320 c:\windows\system32\dllcache\iepeers.dll

- 2010-12-25 13:53 . 2012-05-11 14:44 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2010-12-25 13:53 . 2012-07-02 17:38 743424 c:\windows\system32\dllcache\iedvtool.dll

- 2009-03-08 13:09 . 2012-05-11 14:44 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2009-03-08 13:09 . 2012-07-02 17:38 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2009-03-08 03:32 . 2012-07-02 12:05 174080 c:\windows\system32\dllcache\ie4uinit.exe

- 2009-03-08 03:32 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe

+ 2012-07-18 13:46 . 2012-07-18 13:46 593408 c:\windows\Installer\5f4b90.msp

- 2007-08-02 03:00 . 2012-07-11 08:38 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe

- 2007-08-02 03:00 . 2012-07-11 08:38 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe

- 2007-08-02 03:00 . 2012-07-11 08:38 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe

- 2007-08-02 03:00 . 2012-07-11 08:38 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe

- 2007-08-02 03:00 . 2012-07-11 08:38 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2011-06-23 08:54 . 2011-06-23 08:54 119160 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MSCONV97.DLL

+ 2012-09-19 20:52 . 2012-05-16 15:09 916992 c:\windows\ie8updates\KB2722913-IE8\wininet.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 105984 c:\windows\ie8updates\KB2722913-IE8\url.dll

+ 2012-09-19 20:52 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2722913-IE8\spuninst\updspapi.dll

+ 2012-09-19 20:52 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2722913-IE8\spuninst\spuninst.exe

+ 2012-09-19 20:52 . 2012-05-11 14:44 206848 c:\windows\ie8updates\KB2722913-IE8\occache.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 611840 c:\windows\ie8updates\KB2722913-IE8\mstime.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 629760 c:\windows\ie8updates\KB2722913-IE8\msfeeds.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 521728 c:\windows\ie8updates\KB2722913-IE8\jsdbgui.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 247808 c:\windows\ie8updates\KB2722913-IE8\ieproxy.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 184320 c:\windows\ie8updates\KB2722913-IE8\iepeers.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 743424 c:\windows\ie8updates\KB2722913-IE8\iedvtool.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 387584 c:\windows\ie8updates\KB2722913-IE8\iedkcs32.dll

+ 2012-09-19 20:52 . 2012-05-11 11:38 174080 c:\windows\ie8updates\KB2722913-IE8\ie4uinit.exe

- 2004-08-04 08:00 . 2012-05-11 14:44 1212416 c:\windows\system32\urlmon.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 1212416 c:\windows\system32\urlmon.dll

+ 2004-08-04 08:00 . 2012-07-02 17:38 6008320 c:\windows\system32\mshtml.dll

+ 2012-09-20 20:05 . 2012-09-20 20:05 9813424 c:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll

- 2009-03-08 03:32 . 2012-05-11 14:44 2000384 c:\windows\system32\iertutil.dll

+ 2009-03-08 03:32 . 2012-07-02 17:38 2000384 c:\windows\system32\iertutil.dll

- 2010-09-01 07:57 . 2012-06-13 13:55 1866240 c:\windows\system32\dllcache\win32k.sys

+ 2010-09-01 07:57 . 2012-07-03 18:23 1866240 c:\windows\system32\dllcache\win32k.sys

+ 2010-09-09 14:24 . 2012-07-02 17:38 1212416 c:\windows\system32\dllcache\urlmon.dll

- 2010-09-09 14:24 . 2012-05-11 14:44 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2010-09-09 14:24 . 2012-07-02 17:38 6008320 c:\windows\system32\dllcache\mshtml.dll

+ 2010-12-25 13:53 . 2012-07-02 17:38 2000384 c:\windows\system32\dllcache\iertutil.dll

- 2010-12-25 13:53 . 2012-05-11 14:44 2000384 c:\windows\system32\dllcache\iertutil.dll

+ 2012-08-30 01:06 . 2012-08-30 01:06 5007872 c:\windows\Installer\5f4c08.msp

+ 2012-06-26 16:03 . 2012-06-26 16:03 3875840 c:\windows\Installer\5f4be0.msp

- 2007-08-02 03:00 . 2012-07-11 08:38 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe

+ 2007-08-02 03:00 . 2012-09-19 21:02 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe

- 2007-08-02 03:00 . 2012-07-11 08:38 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe

- 2011-01-10 19:35 . 2012-07-11 08:36 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2011-01-10 19:35 . 2012-09-19 21:02 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2011-01-10 19:34 . 2012-09-19 21:02 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe

- 2011-01-10 19:34 . 2012-07-11 08:36 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2012-09-19 20:52 . 2012-05-11 14:44 1212416 c:\windows\ie8updates\KB2722913-IE8\urlmon.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 6007808 c:\windows\ie8updates\KB2722913-IE8\mshtml.dll

+ 2012-09-19 20:52 . 2012-05-11 14:44 2000384 c:\windows\ie8updates\KB2722913-IE8\iertutil.dll

+ 2010-12-12 09:35 . 2012-08-30 22:12 62164608 c:\windows\system32\MRT.exe

- 2009-03-08 03:39 . 2012-05-11 18:14 11111424 c:\windows\system32\ieframe.dll

+ 2009-03-08 03:39 . 2012-07-02 21:08 11111424 c:\windows\system32\ieframe.dll

- 2010-12-25 13:52 . 2012-05-11 18:14 11111424 c:\windows\system32\dllcache\ieframe.dll

+ 2010-12-25 13:52 . 2012-07-02 21:08 11111424 c:\windows\system32\dllcache\ieframe.dll

+ 2012-07-25 14:59 . 2012-07-25 14:59 11032064 c:\windows\Installer\5f4bb8.msp

+ 2012-07-18 13:53 . 2012-07-18 13:53 10937344 c:\windows\Installer\5f4b68.msp

+ 2011-08-03 18:53 . 2011-08-03 18:53 17324928 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MSO.DLL

+ 2012-09-19 20:52 . 2012-05-11 18:14 11111424 c:\windows\ie8updates\KB2722913-IE8\ieframe.dll

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]

"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]

"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]

"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]

"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]

"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]

"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]

"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]

"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]

"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]

"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344]

"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]

"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336]

"ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632]

"GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]

"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360]

"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536]

"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]

DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\APSHook.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

.

R1 MpKsl9a27b3a9;MpKsl9a27b3a9;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl9a27b3a9.sys [20-9-2012 22:57 29904]

R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]

R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]

R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400]

R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224]

R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776]

R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016]

R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [16-9-2012 19:24 399432]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-9-2012 19:24 676936]

R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-9-2012 19:24 22856]

S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250288]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144]

S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432]

S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSL9A27B3A9

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

Cognizance REG_MULTI_SZ ASBroker ASChannel

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HPService REG_MULTI_SZ HPSLPSVC

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 20:05]

.

2012-09-20 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

.

------- Bijkomende Scan -------

.

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-09-20 22:57

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Windows 5.1.2600

.

CreateFile("\\.\PHYSICALDRIVE0"): Het proces heeft geen toegang tot het bestand omdat

het bestand door een ander proces wordt gebruikt.

device: opened successfully

user: error reading MBR

kernel: MBR read successfully

user != kernel MBR !!!

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher]

"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1184)

c:\windows\system32\Ati2evxx.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll

c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll

c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll

c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll

c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL

c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll

c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll

c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll

c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll

c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

.

- - - - - - - > 'lsass.exe'(1240)

c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

.

- - - - - - - > 'explorer.exe'(4808)

c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

c:\windows\system32\APSHook.dll

c:\windows\system32\btmmhook.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\msdtc.exe

c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

c:\program files\Java\jre7\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\system32\mqsvc.exe

c:\windows\system32\mqtgsvc.exe

c:\program files\Hewlett-Packard\IAM\bin\asghost.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\program files\Hewlett-Packard\Shared\HpqToaster.exe

c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe

.

**************************************************************************

.

Voltooingstijd: 2012-09-20 23:17:27 - machine werd herstart

ComboFix-quarantined-files.txt 2012-09-20 21:17

ComboFix2.txt 2012-09-19 19:41

.

Pre-Run: 113.097.093.120 bytes beschikbaar

Post-Run: 113.084.592.128 bytes beschikbaar

.

- - End Of File - - F4C69C7F3D581C34A117E83338199BFC

Link naar reactie
Delen op andere sites

ComboFix 12-09-20.03 - Administrator 21-09-2012 15:28:43.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.411 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll

c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-08-21 to 2012-09-21 ))))))))))))))))))))))))))))))

.

.

2012-09-21 15:20 . 2012-09-21 15:20 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKslb18ab3d8.sys

2012-09-21 13:23 . 2012-09-21 13:23 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKsl7d23df20.sys

2012-09-20 21:12 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\mpengine.dll

2012-09-19 19:41 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities

2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun

2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax

2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-20 20:05 . 2012-06-08 20:39 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-20 20:05 . 2011-05-15 19:49 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll

2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll

2012-07-06 13:58 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05 . 2004-08-04 08:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 18:23 . 2004-08-04 08:00 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-07-02 17:38 . 2004-08-04 08:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-07-02 17:38 . 2004-08-04 08:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-07-02 17:38 . 2004-08-04 08:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-07-02 12:05 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec

2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]

"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]

"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]

"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]

"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]

"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]

"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]

"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]

"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]

"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]

"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344]

"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]

"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336]

"ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632]

"GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]

"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360]

"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536]

"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]

DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\APSHook.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

.

R1 MpKslb18ab3d8;MpKslb18ab3d8;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKslb18ab3d8.sys [21-9-2012 17:20 29904]

R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]

R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]

R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400]

R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224]

R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776]

R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016]

R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280]

R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448]

S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250288]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144]

S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432]

S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSLB18AB3D8

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

Cognizance REG_MULTI_SZ ASBroker ASChannel

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HPService REG_MULTI_SZ HPSLPSVC

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-09-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 20:05]

.

2012-09-21 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

.

------- Bijkomende Scan -------

.

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-09-21 17:20

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher]

"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1128)

c:\windows\system32\Ati2evxx.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll

c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll

c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll

c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll

c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL

c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll

c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll

c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

.

- - - - - - - > 'lsass.exe'(1184)

c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

.

- - - - - - - > 'explorer.exe'(5648)

c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

c:\windows\system32\APSHook.dll

c:\windows\system32\btmmhook.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\msdtc.exe

c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

c:\program files\Java\jre7\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\system32\mqsvc.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\windows\system32\mqtgsvc.exe

c:\program files\Hewlett-Packard\IAM\bin\asghost.exe

c:\program files\Hewlett-Packard\Shared\HpqToaster.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

c:\windows\system32\msiexec.exe

c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe

.

**************************************************************************

.

Voltooingstijd: 2012-09-21 17:27:14 - machine werd herstart

ComboFix-quarantined-files.txt 2012-09-21 15:27

ComboFix2.txt 2012-09-20 21:17

ComboFix3.txt 2012-09-19 19:41

.

Pre-Run: 112.980.197.376 bytes beschikbaar

Post-Run: 113.058.713.600 bytes beschikbaar

.

- - End Of File - - A42192DC2E5E5430A077827E54B0168D

Het lijk beter te gaan heb al de programma's eraf gegooid om te kijken of ik nog popup meldingen kreeg, maar dat lijkt goed te gaan. Krijg alleen bij opstarten nog een melding van skype maar dat heeft te maken met samsung kies programma. Hierboven is mijn laatste scan weet niet of jullie hier nog iets bijzonders aan zien? Heel erg bedankt tot nu toe!

Link naar reactie
Delen op andere sites

Als je programma's hebt verwijderd, is het aangeraden om het register eens op te ruimen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.