migsken
-
Items
29 -
Registratiedatum
-
Laatst bezocht
migsken's prestaties
-
Ben ik dan al mijn bestanden kwijt?
-
Als ik naar systeemherstel wil gaan, dan krijg ik een foutmelding: er is een onverwachte fout in het eigenschappenpagina opgetreden. de volume shadow copy-service die door systeemherstel wordt gebruikt, werkt niet. raadpleeg voor meer informatie het gebeurtenissenlogboek (0x81000202)
-
Nee niets terug te vinden. Is er een groot verschil tussen 64 en 32 bit?
-
Op mijn laptop staat er origineel 64 bit. Maar door al mijn problemen denk ik dat er fouten zijn of bestanden verwijderd zijn. Daardoor wil ik Windows opnieuw installeren, maar de cd's die meegeleverd zijn, die zijn 32 bit.
-
Windows 7 home premium 32 bit ---------- Post toegevoegd om 14:07 ---------- Vorige post was om 14:05 ---------- Vraag me wel af, wat is het verschil tussen een 32 en 64 bit
-
Heb nog altijd geen geluid, ik kan zelf niets meer updaten. Heb ook allerhande foutmeldingen als ik iets wil installeren zoals 0x80040154 Ik zat met het idee om alles van mijn pc te verwijderen, maar als ik kijk naar de cd's die meegeleverd zijn, zijn die windows 32 bit terwijl ik nu met een 64 bit werk. ---------- Post toegevoegd om 13:33 ---------- Vorige post was om 13:23 ---------- Heb bericht 9 ook nog eens uitgevoerd, en werkte niet
-
Nog altijd geen geluid
-
ComboFix 11-01-28.03 - vdb 30/01/2011 15:53:42.4.2 - x64 Gestart vanuit: c:\users\vdb\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\vdb\Desktop\CFScript.txt * Nieuw herstelpunt werd aangemaakt FILE :: "c:\windows\system32\drivers\byoyame.sys" "c:\windows\system32\drivers\ccfbvdp.sys" "c:\windows\system32\drivers\dnmz.sys" "c:\windows\system32\drivers\fdszfqkf.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files (x86)\Ask.com c:\program files (x86)\Ask.com\cobrand.ico c:\program files (x86)\Ask.com\config.xml c:\program files (x86)\Ask.com\favicon.ico c:\program files (x86)\Ask.com\fv_f335.ico c:\program files (x86)\Ask.com\mupcfg.xml c:\program files (x86)\Ask.com\SaUpdate.exe c:\program files (x86)\Ask.com\UpdateTask.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_ehstv -------\Service_nyjhaj -------\Service_obnvjcbp -------\Service_shffduxw (((((((((((((((((((( Bestanden Gemaakt van 2010-12-28 to 2011-01-30 )))))))))))))))))))))))))))))) . 2011-01-30 14:59 . 2011-01-30 14:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-28 22:24 . 2011-01-28 22:24 -------- d-----w- c:\program files (x86)\Unlocker 2011-01-28 20:41 . 2011-01-28 20:41 -------- d-----w- C:\!KillBox 2011-01-28 18:32 . 2011-01-28 18:32 -------- d-----w- c:\programdata\MFAData 2011-01-27 20:23 . 2011-01-27 20:23 -------- d-----w- c:\users\vdb\AppData\Roaming\Malwarebytes 2011-01-27 20:23 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-01-27 20:23 . 2011-01-27 20:23 -------- d-----w- c:\programdata\Malwarebytes 2011-01-27 20:23 . 2011-01-27 20:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-01-27 20:23 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-27 16:00 . 2011-01-27 16:00 -------- d-----w- c:\users\vdb\AppData\Roaming\WinBatch 2011-01-26 23:15 . 2011-01-26 23:15 -------- d-----w- C:\FM Genie Scout 11 2011-01-26 21:36 . 2011-01-26 21:36 -------- d-----w- c:\program files\Recuva 2011-01-25 23:46 . 2011-01-25 23:46 -------- d-----w- c:\program files\CCleaner 2011-01-25 20:37 . 2011-01-25 20:37 -------- d-----w- c:\users\vdb\AppData\Local\VS Revo Group 2011-01-25 20:37 . 2009-12-30 10:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys 2011-01-25 20:37 . 2011-01-25 20:37 -------- d-----w- c:\program files\VS Revo Group 2011-01-25 18:56 . 2011-01-28 20:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-01-25 18:56 . 2011-01-25 18:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-01-23 18:59 . 2011-01-23 18:59 -------- d-----w- c:\windows\system32\drivers\NSSx64 2011-01-23 18:59 . 2011-01-23 18:59 -------- d-----w- c:\program files (x86)\Norton Security Scan 2011-01-23 18:59 . 2011-01-23 18:59 -------- d-----w- c:\program files (x86)\NortonInstaller 2011-01-18 21:35 . 2011-01-18 21:35 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive 2011-01-18 21:25 . 2011-01-18 21:25 -------- d-----w- c:\users\vdb\AppData\Local\{7F94D053-43D7-4124-BC5C-6E3AF837563E} 2011-01-17 16:09 . 2011-01-17 16:09 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f41a32601cbb66013\DSETUP.dll 2011-01-17 16:09 . 2011-01-17 16:09 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f41a32601cbb66013\DXSETUP.exe 2011-01-17 16:09 . 2011-01-17 16:09 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f41a32601cbb66013\dsetup32.dll 2011-01-17 16:09 . 2011-01-17 16:09 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee5780c81cbb66012\DSETUP.dll 2011-01-17 16:09 . 2011-01-17 16:09 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee5780c81cbb66012\DXSETUP.exe 2011-01-17 16:09 . 2011-01-17 16:09 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee5780c81cbb66012\dsetup32.dll 2011-01-17 16:08 . 2011-01-18 21:21 -------- d-----w- c:\users\vdb\AppData\Local\Windows Live . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-27 10:07 . 2010-12-27 10:07 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl 2010-11-04 06:35 . 2010-12-15 16:01 1194496 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 06:31 . 2010-12-15 16:01 57856 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 05:52 . 2010-12-15 16:01 978944 ----a-w- c:\windows\SysWow64\wininet.dll 2010-11-04 05:48 . 2010-12-15 16:01 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll 2010-11-04 05:16 . 2010-12-15 16:01 482816 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:41 . 2010-12-15 16:01 386048 ----a-w- c:\windows\SysWow64\html.iec 2010-11-04 04:35 . 2010-12-15 16:01 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-04 04:08 . 2010-12-15 16:01 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2010-11-02 05:18 . 2010-12-15 16:01 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 05:17 . 2010-12-15 16:01 473600 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 05:17 . 2010-12-15 16:01 1169408 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 05:16 . 2010-12-15 16:01 1114624 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 05:10 . 2010-12-15 16:01 464384 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 05:10 . 2010-12-15 16:01 285696 ----a-w- c:\windows\system32\schtasks.exe 2010-11-02 04:40 . 2010-12-15 16:01 496128 ----a-w- c:\windows\SysWow64\taskschd.dll 2010-11-02 04:40 . 2010-12-15 16:01 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll 2010-11-02 04:34 . 2010-12-15 16:01 192000 ----a-w- c:\windows\SysWow64\taskeng.exe 2010-11-02 04:34 . 2010-12-15 16:01 179712 ----a-w- c:\windows\SysWow64\schtasks.exe . ((((((((((((((((((((((((((((( SnapShot@2011-01-29_14.10.15 ))))))))))))))))))))))))))))))))))))))))) . + 2009-09-10 08:09 . 2011-01-30 14:47 56630 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-01-30 15:02 47250 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2011-01-29 13:58 47250 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-01-28 17:38 . 2011-01-30 15:03 10774 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3010251308-1964656382-1606146038-1000_UserData.bin . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-16 1242448] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2010-11-16 422912] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256] "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936] "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-27 251760] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560] R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736] S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 203264] S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688] S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368] S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-08-26 942080] . Inhoud van de 'Gedeelde Taken' map 2011-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 16:11] 2011-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 16:11] 2011-01-24 c:\windows\Tasks\Norton Security Scan for vdb.job - c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-01-23 08:48] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="c:\combofix\CF32313.cfxxe" [X] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976] "Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2009-08-06 1050000] "TosNC"="%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe" [bU] "TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [bU] "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe" [bU] "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" [bU] "HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe" [bU] "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe" [bU] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [bU] "SmartFaceVWatcher"="%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [bU] "Teco"="%ProgramFiles%\TOSHIBA\TECO\Teco.exe" [bU] "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe" [bU] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-07-30 134032] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google mStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html FF - ProfilePath - c:\users\vdb\AppData\Roaming\Mozilla\Firefox\Profiles\23ejn3nm.default\ FF - prefs.js: browser.search.selectedEngine - hxxp://downloads.phpnuke.org/en/index.php?rvs=google FF - prefs.js: browser.startup.homepage - hxxp://downloads.phpnuke.org/en/index.php?rvs=google FF - prefs.js: keyword.URL - hxxp://downloads.phpnuke.org/en/index.php?rvs=google FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} . - - - - ORPHANS VERWIJDERD - - - - Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\G*e*n*i*e*"!\FM Genie Scout 10] "GameDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\games" "ShortlistDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists" "ScreenshotsDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010" "SaveDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\" "HistoryDir"="c:\\Users\\vdb\\AppData\\Local\\Temp\\Rar$EX00.297\\History Points" "LangDB"="" "LastSaveGame"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\games\\parmentierke (v02).fm" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Champions League" "LastUpdateCheck"=dword:00009e50 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000074 "UniqueID"="25-8680-E15F" "Currency"=dword:0000001c "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11] "GameDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011\\games" "ShortlistDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011\\shortlists" "FMPath"="" "ScreenshotsDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011" "SaveDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011\\" "HistoryDir"="c:\\FM Genie Scout 11\\History Points" "LangDB"="c:\\FM Genie Scout 11\\lang_db.dat" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="PSV Eindhoven" "LastUpdateCheck"=dword:00009e7c "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000080 "UniqueID"="25-8680-E15F" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:00000003 "StaffSearchFeatureNum"=dword:00000000 "ClubSearchFeatureNum"=dword:00000000 "FilterByClubFeatureNum"=dword:00000001 "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:00000003 "HintsFeatureNum"=dword:00000001 "GenieReportFeatureNum"=dword:00000003 "TopFormationFeatureNum"=dword:00000000 "ScreenshotFeatureNum"=dword:00000000 "Currency"=dword:00000056 [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11g] "PicturesNumber"=dword:00000479 [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:3e,f9,d4,c0,45,e2,2d,88,3c,49,ce,0b,16,f1,a4,f3,97,1e,c7,e9,68,a9,ae, 0a,9a,e1,7a,73,8e,05,52,42,6f,a9,44,85,5f,96,ba,0f,4f,fd,b9,d3,81,6f,5c,e4,\ "??"=hex:f2,fc,7e,c5,79,f3,32,25,2c,a5,fc,66,cc,de,4a,cf [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\SecuROM\License information*] @Allowed: (Read) (RestrictedCode) "datasecu"=hex:92,25,e1,55,b2,02,ec,60,c7,b1,7f,25,76,2a,f0,a1,65,8d,3d,06,33, 5b,5a,ca,95,a7,4f,9e,ab,e6,5a,d4,82,fe,fc,8a,c0,66,af,32,ed,53,da,8c,27,51,\ "rkeysecu"=hex:69,94,d9,ec,7d,1a,49,de,27,e0,e5,77,53,b7,91,1b [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\TMonitor.exe c:\program files (x86)\Common Files\Steam\SteamService.exe . ************************************************************************** . Voltooingstijd: 2011-01-30 16:08:22 - machine werd herstart ComboFix-quarantined-files.txt 2011-01-30 15:08 ComboFix2.txt 2011-01-29 14:12 Pre-Run: 157.964.713.984 bytes beschikbaar Post-Run: 157.668.143.104 bytes beschikbaar - - End Of File - - 19B99FD25AB0A003FA3E498EE78D70D6
-
ComboFix 11-01-28.03 - vdb 29/01/2011 15:05:36.3.2 - x64 Gestart vanuit: c:\users\vdb\Downloads\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\SysWow64\Drivers\byoyame.sys c:\windows\SysWow64\Drivers\ccfbvdp.sys c:\windows\SysWow64\Drivers\dnmz.sys c:\windows\SysWow64\Drivers\fdszfqkf.sys . (((((((((((((((((((( Bestanden Gemaakt van 2010-12-28 to 2011-01-29 )))))))))))))))))))))))))))))) . 2011-01-29 14:10 . 2011-01-29 14:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-27 20:23 . 2011-01-27 20:23 -------- d-----w- c:\users\vdb\AppData\Roaming\Malwarebytes 2011-01-27 20:23 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-01-27 20:23 . 2011-01-27 20:23 -------- d-----w- c:\programdata\Malwarebytes 2011-01-27 20:23 . 2011-01-27 20:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-01-27 20:23 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-27 16:00 . 2011-01-27 16:00 -------- d-----w- c:\users\vdb\AppData\Roaming\WinBatch 2011-01-26 23:15 . 2011-01-26 23:15 -------- d-----w- C:\FM Genie Scout 11 2011-01-26 21:36 . 2011-01-26 21:36 -------- d-----w- c:\program files\Recuva 2011-01-25 23:46 . 2011-01-25 23:46 -------- d-----w- c:\program files\CCleaner 2011-01-25 20:37 . 2011-01-25 20:37 -------- d-----w- c:\users\vdb\AppData\Local\VS Revo Group 2011-01-25 20:37 . 2009-12-30 10:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys 2011-01-25 20:37 . 2011-01-25 20:37 -------- d-----w- c:\program files\VS Revo Group 2011-01-25 18:56 . 2011-01-28 20:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-01-25 18:56 . 2011-01-25 18:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-01-25 17:30 . 2011-01-27 20:16 -------- d-----w- c:\program files (x86)\Ask.com 2011-01-23 18:59 . 2011-01-23 18:59 -------- d-----w- c:\windows\system32\drivers\NSSx64 2011-01-23 18:59 . 2011-01-23 18:59 -------- d-----w- c:\program files (x86)\Norton Security Scan 2011-01-23 18:59 . 2011-01-23 18:59 -------- d-----w- c:\program files (x86)\NortonInstaller 2011-01-18 21:35 . 2011-01-18 21:35 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive 2011-01-18 21:25 . 2011-01-18 21:25 -------- d-----w- c:\users\vdb\AppData\Local\{7F94D053-43D7-4124-BC5C-6E3AF837563E} 2011-01-17 16:09 . 2011-01-17 16:09 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f41a32601cbb66013\DSETUP.dll 2011-01-17 16:09 . 2011-01-17 16:09 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f41a32601cbb66013\DXSETUP.exe 2011-01-17 16:09 . 2011-01-17 16:09 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\f41a32601cbb66013\dsetup32.dll 2011-01-17 16:09 . 2011-01-17 16:09 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee5780c81cbb66012\DSETUP.dll 2011-01-17 16:09 . 2011-01-17 16:09 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee5780c81cbb66012\DXSETUP.exe 2011-01-17 16:09 . 2011-01-17 16:09 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee5780c81cbb66012\dsetup32.dll 2011-01-17 16:08 . 2011-01-18 21:21 -------- d-----w- c:\users\vdb\AppData\Local\Windows Live . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-27 10:07 . 2010-12-27 10:07 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl 2010-11-04 06:35 . 2010-12-15 16:01 1194496 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 06:31 . 2010-12-15 16:01 57856 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 05:52 . 2010-12-15 16:01 978944 ----a-w- c:\windows\SysWow64\wininet.dll 2010-11-04 05:48 . 2010-12-15 16:01 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll 2010-11-04 05:16 . 2010-12-15 16:01 482816 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:41 . 2010-12-15 16:01 386048 ----a-w- c:\windows\SysWow64\html.iec 2010-11-04 04:35 . 2010-12-15 16:01 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-04 04:08 . 2010-12-15 16:01 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2010-11-02 05:18 . 2010-12-15 16:01 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 05:17 . 2010-12-15 16:01 473600 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 05:17 . 2010-12-15 16:01 1169408 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 05:16 . 2010-12-15 16:01 1114624 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 05:10 . 2010-12-15 16:01 464384 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 05:10 . 2010-12-15 16:01 285696 ----a-w- c:\windows\system32\schtasks.exe 2010-11-02 04:40 . 2010-12-15 16:01 496128 ----a-w- c:\windows\SysWow64\taskschd.dll 2010-11-02 04:40 . 2010-12-15 16:01 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll 2010-11-02 04:34 . 2010-12-15 16:01 192000 ----a-w- c:\windows\SysWow64\taskeng.exe 2010-11-02 04:34 . 2010-12-15 16:01 179712 ----a-w- c:\windows\SysWow64\schtasks.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-16 1242448] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2010-11-16 422912] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256] "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936] "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R0 ehstv;ehstv;c:\windows\system32\drivers\ccfbvdp.sys [x] R0 nyjhaj;nyjhaj;c:\windows\system32\drivers\dnmz.sys [x] R0 obnvjcbp;obnvjcbp;c:\windows\system32\drivers\byoyame.sys [x] R0 shffduxw;shffduxw;c:\windows\system32\drivers\fdszfqkf.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-27 251760] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560] R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736] S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 203264] S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688] S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368] S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-08-26 942080] S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512] . Inhoud van de 'Gedeelde Taken' map 2011-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 16:11] 2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 16:11] 2011-01-24 c:\windows\Tasks\Norton Security Scan for vdb.job - c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-01-23 08:48] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976] "Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2009-08-06 1050000] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-07-30 134032] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google mStart Page = hxxp://downloads.phpnuke.org/en/index.php?rvs=google mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html FF - ProfilePath - c:\users\vdb\AppData\Roaming\Mozilla\Firefox\Profiles\23ejn3nm.default\ FF - prefs.js: browser.search.selectedEngine - hxxp://downloads.phpnuke.org/en/index.php?rvs=google FF - prefs.js: browser.startup.homepage - hxxp://downloads.phpnuke.org/en/index.php?rvs=google FF - prefs.js: keyword.URL - hxxp://downloads.phpnuke.org/en/index.php?rvs=google FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} . - - - - ORPHANS VERWIJDERD - - - - Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) HKLM-Run-TosNC - %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SmartFaceVWatcher - %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-Teco - %ProgramFiles%\TOSHIBA\TECO\Teco.exe HKLM-Run-TosWaitSrv - %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\G*e*n*i*e*"!\FM Genie Scout 10] "GameDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\games" "ShortlistDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\shortlists" "ScreenshotsDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010" "SaveDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\" "HistoryDir"="c:\\Users\\vdb\\AppData\\Local\\Temp\\Rar$EX00.297\\History Points" "LangDB"="" "LastSaveGame"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2010\\games\\parmentierke (v02).fm" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Champions League" "LastUpdateCheck"=dword:00009e50 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000074 "UniqueID"="25-8680-E15F" "Currency"=dword:0000001c "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11] "GameDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011\\games" "ShortlistDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011\\shortlists" "FMPath"="" "ScreenshotsDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011" "SaveDir"="c:\\Users\\vdb\\Documents\\Sports Interactive\\Football Manager 2011\\" "HistoryDir"="c:\\FM Genie Scout 11\\History Points" "LangDB"="c:\\FM Genie Scout 11\\lang_db.dat" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="PSV Eindhoven" "LastUpdateCheck"=dword:00009e7b "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000080 "UniqueID"="25-8680-E15F" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:00000002 "StaffSearchFeatureNum"=dword:00000000 "ClubSearchFeatureNum"=dword:00000000 "FilterByClubFeatureNum"=dword:00000000 "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:00000002 "HintsFeatureNum"=dword:00000001 "GenieReportFeatureNum"=dword:00000002 "TopFormationFeatureNum"=dword:00000000 "ScreenshotFeatureNum"=dword:00000000 "Currency"=dword:00000056 [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11g] "PicturesNumber"=dword:00000479 [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:3e,f9,d4,c0,45,e2,2d,88,3c,49,ce,0b,16,f1,a4,f3,97,1e,c7,e9,68,a9,ae, 0a,9a,e1,7a,73,8e,05,52,42,6f,a9,44,85,5f,96,ba,0f,4f,fd,b9,d3,81,6f,5c,e4,\ "??"=hex:f2,fc,7e,c5,79,f3,32,25,2c,a5,fc,66,cc,de,4a,cf [HKEY_USERS\S-1-5-21-3010251308-1964656382-1606146038-1000\Software\SecuROM\License information*] @Allowed: (Read) (RestrictedCode) "datasecu"=hex:92,25,e1,55,b2,02,ec,60,c7,b1,7f,25,76,2a,f0,a1,65,8d,3d,06,33, 5b,5a,ca,95,a7,4f,9e,ab,e6,5a,d4,82,fe,fc,8a,c0,66,af,32,ed,53,da,8c,27,51,\ "rkeysecu"=hex:69,94,d9,ec,7d,1a,49,de,27,e0,e5,77,53,b7,91,1b [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-01-29 15:12:25 ComboFix-quarantined-files.txt 2011-01-29 14:12 Pre-Run: 158.222.585.856 bytes beschikbaar Post-Run: 158.137.450.496 bytes beschikbaar - - End Of File - - 543FD02A2C438A1C51CEED588A3EDE17
-
Nee, geen effect.
-
Nee, lukt nog niet. Om radeloos van te komen...
-
Het lukt maar niet om het te verwijderen. ---------- Post toegevoegd om 22:12 ---------- Vorige post was om 22:10 ---------- Kan ik niet alles verwijderen en mijn windows terug installeren? Ik heb 3cd's van toshiba met windows 7 home premium 32 bit, of is dit ook geen oplossing?
-
is nog niet verwijderd...
-
qoobox is verwijderd, maar ask.com niet anders alles gedaan wat je vroeg
-
Als ik ask.com wil verwijderen meld men "klasse is niet geregistreerd" ---------- Post toegevoegd om 21:10 ---------- Vorige post was om 21:08 ---------- qoobox verwijdert hij ook niet ---------- Post toegevoegd om 21:13 ---------- Vorige post was om 21:10 ---------- combofix uninstall werkt ook niet
