Ga naar inhoud

Windows-hostproces (rundll32) werkt niet meer

BaconStrips

Door BaconStrips
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

  • Reacties 27
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Je kan in het bios ook de datum en tijd aanpassen.

Om in het bios te gaan, moet je kijken bij het opstarten welke toets je moet gebruiken om naar setup te gaan.

Meestal is dit del of enter zijn maar het kan ook een andere zijn.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Maak dan een nieuw logje met hijackthis ter controle.

Link naar reactie
Delen op andere sites
BaconStrips Groentje

BaconStrips

Geplaatst:
  • Auteur
Geplaatst:

Ik heb alles gedaan wat er stond maar ik wil er even bij melden dat ik tussen door heel vaak die error kreeg.

Log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:20:43, on 8-10-2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Packard Bell\FIJI\ABoard.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Packard Bell\FIJI\AOSD.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Common Files\AOL\1341418222\ee\aolsoftware.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\FixCamera.exe

C:\Windows\vsnpstd3.exe

C:\Windows\tsnpstd3.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Users\Lars\AppData\Local\Akamai\netsession_win.exe

C:\Users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

C:\Users\Lars\AppData\Local\Akamai\netsession_win.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Users\Lars\AppData\Roaming\Spotify\spotify.exe

E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.97\deploy\LoLLauncher.exe

E:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.208\deploy\LolClient.exe

C:\Windows\system32\conime.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Lars\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1341418222\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe

O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe

O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe

O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKCU\..\Run: [Google Update] "C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Lars\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lars\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} (HLauncher Control) - http://mythos.t3fun.com/ActiveX/HLauncher_V.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~1\google\google~3\goec62~1.dll c:\progra~1\sprote~1\sprote~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe

O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe

O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE

O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--

End of file - 11385 bytes

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Lukte het niet om via het BIOS de datum aan te passen?

Nog enkele restjes van AVG opruimen.

Klik met de rechter muisknop op de icoon van Hijackthis en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

Klik op 'Fix checked' om de items te verwijderen.

Maak een nieuw logje.

Ga naar start, typ logboek in het zoekveld en druk enter.

Klap de windows logboeken uit en open het logboek voor toepassingen.

In de rechterkolom bij acties klik je op huidig logboek filteren.

Bij geregistreerd selecteer je de afgelopen 24 uur en bij niveau vink je kritiek en fout aan. Klik op OK.

Selecteer alle gebeurtenissen

Klik nu onderaan in de kolom acties op geselecteerde gebeurtenissen opslaan.

Bepaal de lokatie en noem het bestand AppLog.

Bij opslaan als selecteer je tekst (door tabs gescheiden) (.txt)

Voeg nu dit bestand toe als bijlage aan een volgend bericht.

Hoe je een bijlage toevoegt aan een bericht, kan je lezen in deze handleiding.

Link naar reactie
Delen op andere sites
BaconStrips Groentje

BaconStrips

Geplaatst:
  • Auteur
Geplaatst:

Log Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:11:56, on 8-10-2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Packard Bell\FIJI\ABoard.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Common Files\AOL\1341418222\ee\aolsoftware.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\FixCamera.exe

C:\Windows\vsnpstd3.exe

C:\Windows\tsnpstd3.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Program Files\Packard Bell\FIJI\AOSD.exe

C:\Users\Lars\AppData\Local\Akamai\netsession_win.exe

C:\Users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

C:\Users\Lars\AppData\Local\Akamai\netsession_win.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Hotspot Shield\bin\openvpntray.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Lars\Downloads\HijackThis.exe

C:\Windows\system32\mmc.exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1341418222\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe

O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe

O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe

O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKCU\..\Run: [Google Update] "C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Lars\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lars\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} (HLauncher Control) - http://mythos.t3fun.com/ActiveX/HLauncher_V.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~1\google\google~3\goec62~1.dll c:\progra~1\sprote~1\sprote~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe

O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe

O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE

O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--

End of file - 10701 bytes

Logboek:

[ATTACH]21690[/ATTACH]

AppLog.txt

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
BaconStrips Groentje

BaconStrips

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-10-08.02 - Lars 08-10-2012 19:07:42.1.4 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3325.1133 [GMT 2:00]

Gestart vanuit: c:\users\Lars\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\CFLog

C:\Install.exe

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\regtlib.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-08 to 2012-10-08 ))))))))))))))))))))))))))))))

.

.

2012-10-08 17:18 . 2012-10-08 17:18 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-08 14:13 . 2012-10-08 14:13 -------- d-----w- c:\program files\CCleaner

2012-10-07 13:30 . 2012-10-07 13:30 -------- d-----w- c:\programdata\IObit

2012-10-07 13:30 . 2012-10-07 13:30 -------- d-----w- c:\users\Lars\AppData\Roaming\IObit

2012-10-07 13:29 . 2012-10-07 13:29 -------- d-----w- c:\program files\IObit

2012-10-06 15:17 . 2012-10-06 15:17 -------- d-----w- c:\programdata\Hotspot Shield

2012-10-06 15:17 . 2012-10-06 15:18 -------- d-----w- c:\program files\Hotspot Shield

2012-10-05 13:08 . 2012-10-05 13:08 -------- d-----w- c:\users\Lars\AppData\Local\MFAData

2012-10-05 13:08 . 2012-10-05 13:08 -------- d-----w- c:\users\Lars\AppData\Local\Avg2013

2012-10-03 20:05 . 2012-10-03 20:06 -------- d-----w- c:\programdata\Premium

2012-10-03 20:05 . 2012-10-03 20:05 -------- d-----w- c:\program files\SProtector

2012-10-03 20:05 . 2012-10-03 20:05 -------- d-----w- c:\program files\GadgetBox

2012-10-03 20:05 . 2012-10-03 20:06 -------- d-----w- c:\programdata\InstallMate

2012-10-03 19:54 . 2012-01-19 06:23 339320 ----a-w- c:\windows\system32\HMIPCore.dll

2012-10-03 17:56 . 2012-10-06 15:50 -------- d-----w- c:\users\Lars\AppData\Roaming\.minecraft

2012-10-03 13:36 . 2012-10-03 13:37 -------- d-----w- c:\windows\system32\drivers\NIS\1309000.009

2012-10-02 13:10 . 2012-10-02 13:24 -------- d-----w- c:\users\Lars\AppData\Roaming\Mijn Battle for Middle-earth™ II-bestanden

2012-10-02 12:59 . 2012-10-02 12:59 -------- d-----w- c:\program files\Electronic Arts

2012-10-02 12:13 . 2012-10-02 12:13 -------- d-----w- c:\program files\The Creative Assembly

2012-10-02 12:12 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll

2012-10-02 12:12 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll

2012-10-02 12:12 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll

2012-10-02 12:12 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll

2012-10-02 12:12 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe

2012-10-02 12:12 . 2012-10-02 12:12 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll

2012-10-02 12:12 . 2012-10-02 12:12 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll

2012-09-28 21:04 . 2012-09-28 21:04 -------- d-----w- c:\users\Lars\AppData\Local\SKIDROW

2012-09-28 20:48 . 2012-09-28 20:48 -------- d-----w- c:\program files\2K Games

2012-09-28 14:02 . 2012-09-28 14:02 -------- d-----w- c:\program files\Rockstar Games

2012-09-28 14:02 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2012-09-28 14:02 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2012-09-28 14:02 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2012-09-28 14:02 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2012-09-28 14:02 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2012-09-28 14:02 . 2012-09-28 14:02 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2012-09-28 14:02 . 2012-09-28 14:02 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2012-09-27 11:59 . 2012-10-03 15:05 -------- d-----w- c:\users\Lars\AppData\Roaming\Tunngle

2012-09-27 11:59 . 2012-10-03 15:05 -------- d-----w- c:\programdata\Tunngle

2012-09-27 11:59 . 2009-09-16 06:02 27136 ----a-w- c:\windows\system32\drivers\tap0901t.sys

2012-09-27 11:59 . 2012-09-27 12:02 -------- d-----w- c:\program files\Tunngle

2012-09-25 15:31 . 2012-09-25 15:31 -------- d-----w- c:\programdata\RELOADED

2012-09-25 15:27 . 2012-09-25 15:31 -------- d-----w- c:\program files\Torchlight II

2012-09-24 15:45 . 2012-10-07 16:22 -------- d-----w- c:\program files\LIMBO

2012-09-19 15:25 . 2007-09-06 14:56 98304 ----a-w- c:\windows\amcap.exe

2012-09-19 15:25 . 2007-07-11 14:09 20480 ----a-w- c:\windows\FixCamera.exe

2012-09-19 15:25 . 2009-02-20 14:55 326656 ----a-w- c:\windows\tsnpstd3.exe

2012-09-19 15:25 . 2007-02-09 12:13 172032 ----a-w- c:\windows\system32\rsnpstd3.dll

2012-09-19 15:25 . 2012-09-19 15:25 -------- d-----w- c:\program files\Common Files\snpstd3

2012-09-19 15:25 . 2005-11-23 11:55 53248 ----a-w- c:\windows\csnpstd3.dll

2012-09-19 15:24 . 2012-09-19 15:24 -------- d-----w- c:\users\Lars\AppData\Roaming\InstallShield

2012-09-17 20:08 . 2012-09-17 20:08 -------- d-----w- c:\program files\NVIDIA Corporation

2012-09-16 22:31 . 2012-09-16 22:32 -------- d-----w- c:\users\Lars\AppData\Local\Rockstar Games

2012-09-16 22:08 . 2012-09-16 22:08 -------- d-sh--w- c:\programdata\SecuROM

2012-09-16 14:20 . 2012-09-16 14:29 -------- d-----w- c:\users\Lars\AppData\Local\Ubisoft Game Launcher

2012-09-16 14:18 . 2012-09-16 14:18 -------- d-----w- c:\programdata\Ubisoft

2012-09-16 13:51 . 2012-10-02 12:49 -------- d-----w- c:\program files\Ubisoft

2012-09-16 10:08 . 2012-09-16 10:08 -------- d--h--r- c:\users\Lars\AppData\Roaming\SecuROM

2012-09-15 19:33 . 2012-10-02 12:54 -------- d-----w- c:\programdata\Media Center Programs

2012-09-15 19:33 . 2012-09-16 10:07 -------- d-----w- c:\program files\Common Files\BioWare

2012-09-14 00:02 . 2012-09-14 00:02 -------- d-----w- c:\programdata\AMD

2012-09-13 21:13 . 2009-09-30 03:33 24576 ----a-r- c:\windows\system32\AsIO.dll

2012-09-13 21:13 . 2009-08-04 02:28 11296 ----a-r- c:\windows\system32\drivers\AsIO.sys

2012-09-13 21:13 . 2008-01-04 11:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys

2012-09-13 21:13 . 2008-01-04 11:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys

2012-09-13 21:13 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll

2012-09-13 21:13 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2012-09-13 21:13 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2012-09-13 21:13 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2012-09-13 21:06 . 2012-09-13 21:06 -------- d-----w- c:\programdata\ATI

2012-09-13 21:02 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys

2012-09-13 20:56 . 2006-10-18 05:44 7680 ----a-w- c:\windows\system32\drivers\ASACPI.sys

2012-09-13 20:43 . 2012-09-13 21:13 -------- d-----w- c:\program files\ASUS

2012-09-13 20:42 . 2012-09-13 20:42 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-09-13 20:40 . 2012-09-13 20:40 -------- d-----w- c:\programdata\McAfee

2012-09-13 20:38 . 2011-09-08 08:40 80416 ----a-w- c:\windows\system32\RtNicProp32.dll

2012-09-13 20:38 . 2011-09-08 08:40 363112 ----a-w- c:\windows\system32\drivers\Rtlh86.sys

2012-09-13 20:38 . 2011-09-08 08:40 100896 ----a-w- c:\windows\system32\RTNUninst32.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-13 20:42 . 2012-01-26 15:17 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 15:04 . 2012-01-13 23:22 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-08-23 17:07 . 2009-08-18 09:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll

2012-08-23 17:07 . 2009-08-18 09:24 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-08-21 12:04 . 2012-08-21 12:04 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-21 09:13 . 2012-05-09 13:07 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-08-21 09:13 . 2012-05-09 13:07 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-08-21 09:13 . 2012-05-09 13:07 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13 . 2012-09-04 17:08 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys

2012-08-21 09:13 . 2012-05-09 13:07 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-08-21 09:13 . 2012-05-09 13:07 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-08-21 09:13 . 2012-05-09 13:07 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-08-21 09:12 . 2012-05-09 13:06 41224 ----a-w- c:\windows\avastSS.scr

2012-08-21 09:12 . 2012-05-09 13:06 227648 ----a-w- c:\windows\system32\aswBoot.exe

2012-08-01 18:13 . 2012-08-01 18:13 35560 ----a-w- c:\windows\system32\drivers\hssdrv6.sys

2012-08-01 18:13 . 2012-08-01 18:13 33512 ----a-w- c:\windows\system32\drivers\taphss.sys

2012-07-28 04:09 . 2011-11-10 02:33 5538984 ----a-w- c:\windows\system32\atiumdag.dll

2012-07-28 04:06 . 2012-07-28 04:06 8758784 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2012-07-28 03:43 . 2012-07-28 03:43 58880 ----a-w- c:\windows\system32\coinst_8.982.dll

2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\system32\atioglxx.dll

2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe

2012-07-28 02:15 . 2011-11-10 03:16 931328 ----a-w- c:\windows\system32\aticfx32.dll

2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2012-07-28 02:10 . 2012-07-28 02:10 469504 ----a-w- c:\windows\system32\atieclxx.exe

2012-07-28 02:09 . 2012-07-28 02:09 217600 ----a-w- c:\windows\system32\atiesrxx.exe

2012-07-28 02:08 . 2012-07-28 02:08 163840 ----a-w- c:\windows\system32\atitmmxx.dll

2012-07-28 02:08 . 2012-07-28 02:08 20992 ----a-w- c:\windows\system32\atimuixx.dll

2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\system32\ati2edxx.dll

2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\system32\atidxx32.dll

2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\system32\aticalrt.dll

2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\system32\aticalcl.dll

2012-07-28 01:32 . 2011-11-10 02:29 4751872 ----a-w- c:\windows\system32\atiumdva.dll

2012-07-28 01:30 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\system32\aticaldd.dll

2012-07-28 01:22 . 2012-07-28 01:22 77312 ----a-w- c:\windows\system32\amdave32.dll

2012-07-28 01:22 . 2012-07-28 01:22 71168 ----a-w- c:\windows\system32\atisamu32.dll

2012-07-28 01:15 . 2012-07-28 01:15 368640 ----a-w- c:\windows\system32\atiadlxx.dll

2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll

2012-07-28 01:14 . 2012-07-28 01:14 33280 ----a-w- c:\windows\system32\atigktxx.dll

2012-07-28 01:14 . 2012-07-28 01:14 296448 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\system32\atiuxpag.dll

2012-07-28 01:13 . 2011-11-10 02:11 83456 ----a-w- c:\windows\system32\atiu9pag.dll

2012-07-28 01:13 . 2011-11-10 02:11 37376 ----a-w- c:\windows\system32\atitmpxx.dll

2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\atimpc32.dll

2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\amdpcom32.dll

2012-07-26 01:21 . 2012-07-26 01:21 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-07-21 14:23 . 2012-07-21 14:23 4608 ----a-w- c:\windows\system32\w95inf32.dll

2012-07-21 14:23 . 2012-07-21 14:23 2272 ----a-w- c:\windows\system32\w95inf16.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]

"Akamai NetSession Interface"="c:\users\Lars\AppData\Local\Akamai\netsession_win.exe" [2012-08-10 4440896]

"Spotify Web Helper"="c:\users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-20 1193176]

"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2007-10-01 4702208]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-14 29744]

"ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]

"Skytel"="Skytel.exe" [2007-08-03 1826816]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]

"HostManager"="c:\program files\Common Files\AOL\1341418222\ee\AOLSoftware.exe" [2010-03-08 41800]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]

"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]

"tsnpstd3"="c:\windows\tsnpstd3.exe" [2009-02-20 326656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^Users^Lars^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]

path=c:\users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk

backup=c:\windows\pss\MagicDisc.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Lars^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]

path=c:\users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk

backup=c:\windows\pss\OpenOffice.org 3.3 .lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite]

2012-05-16 17:57 1241240 ----a-w- c:\program files\Aeria Games\Ignite\aeriaignite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]

2008-04-07 14:09 306112 ----a-w- c:\program files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]

2012-06-11 08:48 1097464 ----a-w- c:\program files\Clownfish\Clownfish.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]

2012-08-29 10:03 1996200 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2007-07-06 19:15 8466432 ----a-w- c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2007-07-06 19:15 81920 ----a-w- c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

2007-07-06 19:15 86016 ----a-w- c:\windows\System32\nvsvc.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

2012-08-20 21:27 5576408 ----a-w- c:\users\Lars\AppData\Roaming\Spotify\spotify.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

2012-08-20 21:27 1193176 ----a-w- c:\users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]

2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [x]

S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2863995821-880207880-1057330699-1000Core.job

- c:\users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 19:41]

.

2012-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2863995821-880207880-1057330699-1000UA.job

- c:\users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 19:41]

.

2012-10-08 c:\windows\Tasks\Uitgebreide garantie-Lars.job

- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-08-14 09:13]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://go.packardbell.com/?id=9152

uInternet Settings,ProxyOverride = <local>

IE: Free YouTube to MP3 Converter - c:\users\Lars\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} - hxxp://mythos.t3fun.com/ActiveX/HLauncher_V.cab

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file)

MSConfigStartUp-Steam - c:\program files\Steam\steam.exe

AddRemove-ComandoMPDDeinstKey - c:\program files\Eidos Interactive\Pyro\Commandos

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-10-08 19:18

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]

"ServiceDll"="c:\program files\common files\akamai/netsession_win_5891ae0.dll"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{2D8D9ACC-F6D7-4362-8876-A275CA929591}"=hex:51,66,7a,6c,4c,1d,38,12,a2,99,9e,

29,e5,b8,0c,06,f7,60,e1,35,cf,cc,d1,85

"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,

91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27

"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,

02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{CA6319C0-31B7-401E-A518-A07C3DB8F777}"=hex:51,66,7a,6c,4c,1d,38,12,ae,1a,70,

ce,85,7f,70,05,da,0e,e3,3c,38,e6,b3,63

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{7EA6F3AF-DC54-4CB2-A7F8-FACC58E3F7DD}"=hex:51,66,7a,6c,4c,1d,38,12,c1,f0,b5,

7a,66,92,dc,09,d8,ee,b9,8c,5d,bd,b3,c9

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:fd,3c,3d,05,29,26,cd,01

.

[HKEY_USERS\S-1-5-21-2863995821-880207880-1057330699-1000\Software\SecuROM\License information*]

"datasecu"=hex:97,97,8c,30,79,12,7e,ba,08,55,35,eb,53,5e,65,b8,b8,89,b9,10,bd,

de,d1,b8,46,e7,96,54,ff,60,76,98,3c,bc,51,98,fb,04,c4,bf,06,a3,97,6e,38,ba,\

"rkeysecu"=hex:a3,6c,69,19,02,89,9b,22,43,f0,2a,6d,c1,9f,e9,09

.

Voltooingstijd: 2012-10-08 19:22:15

ComboFix-quarantined-files.txt 2012-10-08 17:22

.

Pre-Run: 133.594.415.104 bytes beschikbaar

Post-Run: 133.566.681.088 bytes beschikbaar

.

- - End Of File - - FD8814753B59766E4B4A01418D4A7F78

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\programdata\Premium

c:\program files\GadgetBox

c:\program files\SProtector

c:\programdata\InstallMate

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.