Windows-hostproces (rundll32) werkt niet meer

[BaconStrips]

Hmmm raar ik moest me chrome als administrator uitvoeren anders kon ik het niet opstarten ofzo

Log:

ComboFix 12-10-08.02 - Lars 08-10-2012 20:11:36.2.4 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3325.1995 [GMT 2:00]

Gestart vanuit: c:\users\Lars\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Lars\Desktop\CFScript.lnk

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-08 to 2012-10-08 ))))))))))))))))))))))))))))))

.

.

2012-10-08 18:19 . 2012-10-08 18:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-08 14:13 . 2012-10-08 14:13 -------- d-----w- c:\program files\CCleaner

2012-10-07 13:30 . 2012-10-07 13:30 -------- d-----w- c:\programdata\IObit

2012-10-07 13:30 . 2012-10-07 13:30 -------- d-----w- c:\users\Lars\AppData\Roaming\IObit

2012-10-07 13:29 . 2012-10-07 13:29 -------- d-----w- c:\program files\IObit

2012-10-06 15:17 . 2012-10-06 15:17 -------- d-----w- c:\programdata\Hotspot Shield

2012-10-06 15:17 . 2012-10-06 15:18 -------- d-----w- c:\program files\Hotspot Shield

2012-10-05 13:08 . 2012-10-05 13:08 -------- d-----w- c:\users\Lars\AppData\Local\MFAData

2012-10-05 13:08 . 2012-10-05 13:08 -------- d-----w- c:\users\Lars\AppData\Local\Avg2013

2012-10-03 20:05 . 2012-10-03 20:06 -------- d-----w- c:\programdata\Premium

2012-10-03 20:05 . 2012-10-03 20:05 -------- d-----w- c:\program files\SProtector

2012-10-03 20:05 . 2012-10-03 20:05 -------- d-----w- c:\program files\GadgetBox

2012-10-03 20:05 . 2012-10-03 20:06 -------- d-----w- c:\programdata\InstallMate

2012-10-03 19:54 . 2012-01-19 06:23 339320 ----a-w- c:\windows\system32\HMIPCore.dll

2012-10-03 17:56 . 2012-10-06 15:50 -------- d-----w- c:\users\Lars\AppData\Roaming\.minecraft

2012-10-03 13:36 . 2012-10-03 13:37 -------- d-----w- c:\windows\system32\drivers\NIS\1309000.009

2012-10-02 13:10 . 2012-10-02 13:24 -------- d-----w- c:\users\Lars\AppData\Roaming\Mijn Battle for Middle-earth™ II-bestanden

2012-10-02 12:59 . 2012-10-02 12:59 -------- d-----w- c:\program files\Electronic Arts

2012-10-02 12:13 . 2012-10-02 12:13 -------- d-----w- c:\program files\The Creative Assembly

2012-10-02 12:12 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll

2012-10-02 12:12 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll

2012-10-02 12:12 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll

2012-10-02 12:12 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll

2012-10-02 12:12 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe

2012-10-02 12:12 . 2012-10-02 12:12 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll

2012-10-02 12:12 . 2012-10-02 12:12 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll

2012-09-28 21:04 . 2012-09-28 21:04 -------- d-----w- c:\users\Lars\AppData\Local\SKIDROW

2012-09-28 20:48 . 2012-09-28 20:48 -------- d-----w- c:\program files\2K Games

2012-09-28 14:02 . 2012-09-28 14:02 -------- d-----w- c:\program files\Rockstar Games

2012-09-28 14:02 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2012-09-28 14:02 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2012-09-28 14:02 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2012-09-28 14:02 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2012-09-28 14:02 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2012-09-28 14:02 . 2012-09-28 14:02 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2012-09-28 14:02 . 2012-09-28 14:02 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2012-09-27 11:59 . 2012-10-03 15:05 -------- d-----w- c:\users\Lars\AppData\Roaming\Tunngle

2012-09-27 11:59 . 2012-10-03 15:05 -------- d-----w- c:\programdata\Tunngle

2012-09-27 11:59 . 2009-09-16 06:02 27136 ----a-w- c:\windows\system32\drivers\tap0901t.sys

2012-09-27 11:59 . 2012-09-27 12:02 -------- d-----w- c:\program files\Tunngle

2012-09-25 15:31 . 2012-09-25 15:31 -------- d-----w- c:\programdata\RELOADED

2012-09-25 15:27 . 2012-09-25 15:31 -------- d-----w- c:\program files\Torchlight II

2012-09-24 15:45 . 2012-10-07 16:22 -------- d-----w- c:\program files\LIMBO

2012-09-19 15:25 . 2007-09-06 14:56 98304 ----a-w- c:\windows\amcap.exe

2012-09-19 15:25 . 2007-07-11 14:09 20480 ----a-w- c:\windows\FixCamera.exe

2012-09-19 15:25 . 2009-02-20 14:55 326656 ----a-w- c:\windows\tsnpstd3.exe

2012-09-19 15:25 . 2007-02-09 12:13 172032 ----a-w- c:\windows\system32\rsnpstd3.dll

2012-09-19 15:25 . 2012-09-19 15:25 -------- d-----w- c:\program files\Common Files\snpstd3

2012-09-19 15:25 . 2005-11-23 11:55 53248 ----a-w- c:\windows\csnpstd3.dll

2012-09-19 15:24 . 2012-09-19 15:24 -------- d-----w- c:\users\Lars\AppData\Roaming\InstallShield

2012-09-17 20:08 . 2012-09-17 20:08 -------- d-----w- c:\program files\NVIDIA Corporation

2012-09-16 22:31 . 2012-09-16 22:32 -------- d-----w- c:\users\Lars\AppData\Local\Rockstar Games

2012-09-16 22:08 . 2012-09-16 22:08 -------- d-sh--w- c:\programdata\SecuROM

2012-09-16 14:20 . 2012-09-16 14:29 -------- d-----w- c:\users\Lars\AppData\Local\Ubisoft Game Launcher

2012-09-16 14:18 . 2012-09-16 14:18 -------- d-----w- c:\programdata\Ubisoft

2012-09-16 13:51 . 2012-10-02 12:49 -------- d-----w- c:\program files\Ubisoft

2012-09-16 10:08 . 2012-09-16 10:08 -------- d--h--r- c:\users\Lars\AppData\Roaming\SecuROM

2012-09-15 19:33 . 2012-10-02 12:54 -------- d-----w- c:\programdata\Media Center Programs

2012-09-15 19:33 . 2012-09-16 10:07 -------- d-----w- c:\program files\Common Files\BioWare

2012-09-14 00:02 . 2012-09-14 00:02 -------- d-----w- c:\programdata\AMD

2012-09-13 21:13 . 2009-09-30 03:33 24576 ----a-r- c:\windows\system32\AsIO.dll

2012-09-13 21:13 . 2009-08-04 02:28 11296 ----a-r- c:\windows\system32\drivers\AsIO.sys

2012-09-13 21:13 . 2008-01-04 11:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys

2012-09-13 21:13 . 2008-01-04 11:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys

2012-09-13 21:13 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll

2012-09-13 21:13 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2012-09-13 21:13 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2012-09-13 21:13 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2012-09-13 21:06 . 2012-09-13 21:06 -------- d-----w- c:\programdata\ATI

2012-09-13 21:02 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys

2012-09-13 20:56 . 2006-10-18 05:44 7680 ----a-w- c:\windows\system32\drivers\ASACPI.sys

2012-09-13 20:43 . 2012-09-13 21:13 -------- d-----w- c:\program files\ASUS

2012-09-13 20:42 . 2012-09-13 20:42 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-09-13 20:40 . 2012-09-13 20:40 -------- d-----w- c:\programdata\McAfee

2012-09-13 20:38 . 2011-09-08 08:40 80416 ----a-w- c:\windows\system32\RtNicProp32.dll

2012-09-13 20:38 . 2011-09-08 08:40 363112 ----a-w- c:\windows\system32\drivers\Rtlh86.sys

2012-09-13 20:38 . 2011-09-08 08:40 100896 ----a-w- c:\windows\system32\RTNUninst32.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-13 20:42 . 2012-01-26 15:17 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 15:04 . 2012-01-13 23:22 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-08-23 17:07 . 2009-08-18 09:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll

2012-08-23 17:07 . 2009-08-18 09:24 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-08-21 12:04 . 2012-08-21 12:04 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-21 09:13 . 2012-05-09 13:07 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-08-21 09:13 . 2012-05-09 13:07 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-08-21 09:13 . 2012-05-09 13:07 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13 . 2012-09-04 17:08 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys

2012-08-21 09:13 . 2012-05-09 13:07 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-08-21 09:13 . 2012-05-09 13:07 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-08-21 09:13 . 2012-05-09 13:07 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-08-21 09:12 . 2012-05-09 13:06 41224 ----a-w- c:\windows\avastSS.scr

2012-08-21 09:12 . 2012-05-09 13:06 227648 ----a-w- c:\windows\system32\aswBoot.exe

2012-08-01 18:13 . 2012-08-01 18:13 35560 ----a-w- c:\windows\system32\drivers\hssdrv6.sys

2012-08-01 18:13 . 2012-08-01 18:13 33512 ----a-w- c:\windows\system32\drivers\taphss.sys

2012-07-28 04:09 . 2011-11-10 02:33 5538984 ----a-w- c:\windows\system32\atiumdag.dll

2012-07-28 04:06 . 2012-07-28 04:06 8758784 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2012-07-28 03:43 . 2012-07-28 03:43 58880 ----a-w- c:\windows\system32\coinst_8.982.dll

2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\system32\atioglxx.dll

2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe

2012-07-28 02:15 . 2011-11-10 03:16 931328 ----a-w- c:\windows\system32\aticfx32.dll

2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2012-07-28 02:10 . 2012-07-28 02:10 469504 ----a-w- c:\windows\system32\atieclxx.exe

2012-07-28 02:09 . 2012-07-28 02:09 217600 ----a-w- c:\windows\system32\atiesrxx.exe

2012-07-28 02:08 . 2012-07-28 02:08 163840 ----a-w- c:\windows\system32\atitmmxx.dll

2012-07-28 02:08 . 2012-07-28 02:08 20992 ----a-w- c:\windows\system32\atimuixx.dll

2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\system32\ati2edxx.dll

2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\system32\atidxx32.dll

2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\system32\aticalrt.dll

2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\system32\aticalcl.dll

2012-07-28 01:32 . 2011-11-10 02:29 4751872 ----a-w- c:\windows\system32\atiumdva.dll

2012-07-28 01:30 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\system32\aticaldd.dll

2012-07-28 01:22 . 2012-07-28 01:22 77312 ----a-w- c:\windows\system32\amdave32.dll

2012-07-28 01:22 . 2012-07-28 01:22 71168 ----a-w- c:\windows\system32\atisamu32.dll

2012-07-28 01:15 . 2012-07-28 01:15 368640 ----a-w- c:\windows\system32\atiadlxx.dll

2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll

2012-07-28 01:14 . 2012-07-28 01:14 33280 ----a-w- c:\windows\system32\atigktxx.dll

2012-07-28 01:14 . 2012-07-28 01:14 296448 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\system32\atiuxpag.dll

2012-07-28 01:13 . 2011-11-10 02:11 83456 ----a-w- c:\windows\system32\atiu9pag.dll

2012-07-28 01:13 . 2011-11-10 02:11 37376 ----a-w- c:\windows\system32\atitmpxx.dll

2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\atimpc32.dll

2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\amdpcom32.dll

2012-07-26 01:21 . 2012-07-26 01:21 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-07-21 14:23 . 2012-07-21 14:23 4608 ----a-w- c:\windows\system32\w95inf32.dll

2012-07-21 14:23 . 2012-07-21 14:23 2272 ----a-w- c:\windows\system32\w95inf16.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]

"Akamai NetSession Interface"="c:\users\Lars\AppData\Local\Akamai\netsession_win.exe" [2012-08-10 4440896]

"Spotify Web Helper"="c:\users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-20 1193176]

"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2007-10-01 4702208]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-14 29744]

"ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]

"Skytel"="Skytel.exe" [2007-08-03 1826816]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]

"HostManager"="c:\program files\Common Files\AOL\1341418222\ee\AOLSoftware.exe" [2010-03-08 41800]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]

"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]

"tsnpstd3"="c:\windows\tsnpstd3.exe" [2009-02-20 326656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^Users^Lars^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]

path=c:\users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk

backup=c:\windows\pss\MagicDisc.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Lars^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]

path=c:\users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk

backup=c:\windows\pss\OpenOffice.org 3.3 .lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite]

2012-05-16 17:57 1241240 ----a-w- c:\program files\Aeria Games\Ignite\aeriaignite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]

2008-04-07 14:09 306112 ----a-w- c:\program files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]

2012-06-11 08:48 1097464 ----a-w- c:\program files\Clownfish\Clownfish.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]

2012-08-29 10:03 1996200 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2007-07-06 19:15 8466432 ----a-w- c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2007-07-06 19:15 81920 ----a-w- c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

2007-07-06 19:15 86016 ----a-w- c:\windows\System32\nvsvc.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

2012-08-20 21:27 5576408 ----a-w- c:\users\Lars\AppData\Roaming\Spotify\spotify.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

2012-08-20 21:27 1193176 ----a-w- c:\users\Lars\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]

2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [x]

S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2863995821-880207880-1057330699-1000Core.job

- c:\users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 19:41]

.

2012-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2863995821-880207880-1057330699-1000UA.job

- c:\users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 19:41]

.

2012-10-08 c:\windows\Tasks\Uitgebreide garantie-Lars.job

- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-08-14 09:13]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://go.packardbell.com/?id=9152

uInternet Settings,ProxyOverride = <local>

IE: Free YouTube to MP3 Converter - c:\users\Lars\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} - hxxp://mythos.t3fun.com/ActiveX/HLauncher_V.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-10-08 20:19

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]

"ServiceDll"="c:\program files\common files\akamai/netsession_win_5891ae0.dll"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{2D8D9ACC-F6D7-4362-8876-A275CA929591}"=hex:51,66,7a,6c,4c,1d,38,12,a2,99,9e,

29,e5,b8,0c,06,f7,60,e1,35,cf,cc,d1,85

"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,

91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27

"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,

02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{CA6319C0-31B7-401E-A518-A07C3DB8F777}"=hex:51,66,7a,6c,4c,1d,38,12,ae,1a,70,

ce,85,7f,70,05,da,0e,e3,3c,38,e6,b3,63

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{7EA6F3AF-DC54-4CB2-A7F8-FACC58E3F7DD}"=hex:51,66,7a,6c,4c,1d,38,12,c1,f0,b5,

7a,66,92,dc,09,d8,ee,b9,8c,5d,bd,b3,c9

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:fd,3c,3d,05,29,26,cd,01

.

[HKEY_USERS\S-1-5-21-2863995821-880207880-1057330699-1000\Software\SecuROM\License information*]

"datasecu"=hex:97,97,8c,30,79,12,7e,ba,08,55,35,eb,53,5e,65,b8,b8,89,b9,10,bd,

de,d1,b8,46,e7,96,54,ff,60,76,98,3c,bc,51,98,fb,04,c4,bf,06,a3,97,6e,38,ba,\

"rkeysecu"=hex:a3,6c,69,19,02,89,9b,22,43,f0,2a,6d,c1,9f,e9,09

.

Voltooingstijd: 2012-10-08 20:20:45

ComboFix-quarantined-files.txt 2012-10-08 18:20

ComboFix2.txt 2012-10-08 17:22

.

Pre-Run: 133.423.804.416 bytes beschikbaar

Post-Run: 133.371.027.456 bytes beschikbaar

.

- - End Of File - - BD28154B84C3E972150E41F4DB0B5CF4

[BaconStrips]

Ik moet alles als administrator uitvoeren

[BaconStrips]

Laat maar pc opnieuw opstarten was genoeg.

[kape]

Je hebt de aanpassing willen uitvoeren via CFScript.lnk ... maar dan werkt het niet. Het kladblokbestand moet opgeslagen worden als CFScript.txt. Dit bestand moet je dan in de rode snelkoppeling van Combofix slepen, zodat dit tooltje opnieuw opstart en de verbeteringen uitvoert.

[BaconStrips]

Ik heb geen last meer van het probleem maar ik zal het alsnog doen.

[kape]

Ik heb geen last meer van het probleem maar ik zal het alsnog doen.

Dat klopt inderdaad, het probleem is al eerder opgelost. Die laatste opdracht was om enkele ongewenste mappen en bestanden nog van de PC te halen.

[kape]

Ben je ondertussen al een stap verder ?

[BaconStrips]

O shit ik was dit helemaal vergeten. Ik ga het morgen gelijk doen.