Ga naar inhoud

vastloper

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    48

  • Registratiedatum

  • Laatst bezocht

vastloper's prestaties

Bijdrager

Bijdrager (5/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. vastloper
    Het lijkt inderdaad helemaal opgelost te zijn. Ik wil jullie heel hartelijk bedanken voor alle hulp en steun! ik zal hem op Opgelost zetten.
  2. vastloper
    bij het opstarten voordat ik een programma kan openen is wel langzamer dan eerst.
  3. vastloper
    Ik heb dat onderdeel afgesloten, en ik heb vandaag nog geen vastlopers gehad. Ik wacht het nog even af, en ik hou je op de hoogte.
  4. vastloper
    Dan wil ik je hartelijk bedanken, en ga ik verder met de andere discussie. Ik zal deze als Opgelost markeren. Nogmaals bedankt
  5. vastloper
    Ik heb de map nu verwijderd. maar is daarmee alles opgelost? met de actieve delen van F-secure enzo?
  6. vastloper
    De map staat er nog steeds. Er opende geen logje, maar dit heb ik wel gevonden: Pocket Killbox version 2.0.0.881 Running on as Loch(Limited Account) was started @ donderdag, december 22, 2011, 7:08 PM # 1 [Delete on Reboot] Path = C:\Program Files (x86)\PC Veilig I Rebooted @ 7:08:59 PM Killbox Closed(Exit) @ 7:08:59 PM __________________________________________________ Pocket Killbox version 2.0.0.881 Running on as Loch(Limited Account) was started @ donderdag, december 22, 2011, 7:12 PM
  7. vastloper
    Pocket Killbox Download - Softpedia Hier heb ik Softpedia Mirror (US) [EXE] gekozen
  8. vastloper
    nu krijg ik de error: Unsupported Version ik heb wel killbox van softpedia gedownload. zal ik die maar gebruiken?
  9. vastloper
    Als ik het probeer te downloaden is het een file van 0 kb en kan het niet uitvoeren. zal ik het ergens anders vandaan downloaden?
  10. vastloper
    weer het zelfde resultaat.
  11. vastloper
    Ik heb het gedaan, maar er opende geen logfile en deze staat ook niet in C:\ Ook staat de map nog in program files (86x)
  12. vastloper
    Pc Veilig zit in C:\Program Files (x86)\Pc Veilig en zo ziet de map eruit, misschien heb je er wat aan. ComboFix 11-12-21.02 - Loch 21-12-2011 20:09:19.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4094.2765 [GMT 1:00] Gestart vanuit: c:\users\Loch\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Loch\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: F-Secure Anti-Virus 9.20.15437 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: PC Veilig 9.12 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: F-Secure Anti-Virus 9.20.15437 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\Loch\AppData\Local\BIT59D2.tmp" "c:\users\Loch\AppData\Local\Temp\002E7B2.tmp" "c:\users\Loch\AppData\Local\Temp\003B61A.tmp" "c:\users\Loch\AppData\Local\Temp\00567D6.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DIFxAPI.dll c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DifXInstall64.exe c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DIFxInstallLog.txt c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\GEARAspiWDM.inf c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\gearaspiwdmx64.cat c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64\GEARAspi.dll c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64\GEARAspi64.dll c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64\GEARAspiWDM.sys c:\users\Loch\AppData\Local\{D25D1306-D270-4315-9E73-99864914DC21} c:\users\Loch\AppData\Local\{D25D1306-D270-4315-9E73-99864914DC21}\wls1.tmp c:\users\Loch\AppData\Local\BIT59D2.tmp . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_X6VA002 -------\Legacy_X6VA003 -------\Legacy_X6VA005 -------\Service_X6va002 -------\Service_X6va003 -------\Service_X6va005 . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-21 to 2011-12-21 )))))))))))))))))))))))))))))) . . 2011-12-21 19:28 . 2011-12-21 19:28 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A12E338A-8550-45F3-B05D-0188923AC22E}\offreg.dll 2011-12-21 19:23 . 2011-12-21 19:23 -------- d-----w- c:\users\Machiel\AppData\Local\temp 2011-12-21 19:23 . 2011-12-21 19:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-12-21 18:07 . 1998-07-17 12:36 140800 ----a-w- c:\windows\SysWow64\tm20dec.ax 2011-12-21 18:07 . 1997-12-17 17:33 304128 ----a-w- c:\windows\IsUninst.exe 2011-12-21 18:03 . 2011-12-21 18:46 -------- d-----w- c:\users\Loch\AppData\Roaming\Apple Computer 2011-12-21 18:03 . 2011-12-21 18:03 -------- d-----w- c:\users\Loch\AppData\Local\Apple Computer 2011-12-21 18:03 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-12-21 18:03 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-12-21 18:03 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-12-21 18:03 . 2011-12-21 18:03 -------- d-----w- c:\program files\iPod 2011-12-21 18:02 . 2011-12-21 18:03 -------- d-----w- c:\program files\iTunes 2011-12-21 18:02 . 2011-12-21 18:03 -------- d-----w- c:\program files (x86)\iTunes 2011-12-21 18:02 . 2011-12-21 18:02 -------- d-----w- c:\programdata\Apple Computer 2011-12-21 18:02 . 2011-12-21 18:02 -------- d-----w- c:\users\Loch\AppData\Local\Apple 2011-12-21 18:02 . 2011-12-21 18:02 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\program files\Common Files\Apple 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\program files (x86)\Bonjour 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\program files\Bonjour 2011-12-21 18:01 . 2011-12-21 18:02 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\programdata\Apple 2011-12-20 18:42 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-12-20 18:42 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-12-20 18:42 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-12-20 18:42 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-12-20 18:42 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-12-20 18:42 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe 2011-12-20 18:42 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-12-20 18:41 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr 2011-12-20 18:35 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-12-20 18:35 . 2011-12-20 18:35 -------- d-----w- c:\programdata\AVAST Software 2011-12-20 18:35 . 2011-12-20 18:35 -------- d-----w- c:\program files\AVAST Software 2011-12-20 15:32 . 2010-04-27 02:25 15872 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys 2011-12-20 15:32 . 2010-04-27 02:25 136192 ----a-w- c:\windows\system32\drivers\ssm_bus.sys 2011-12-20 15:13 . 2011-12-07 16:14 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A12E338A-8550-45F3-B05D-0188923AC22E}\mpengine.dll 2011-12-15 14:34 . 2011-12-20 16:41 -------- d-----w- c:\users\Machiel\AppData\Local\Windows Live 2011-12-15 14:34 . 2011-12-15 15:00 -------- d-----w- c:\users\Machiel\AppData\Roaming\Windows Live Writer 2011-12-15 14:34 . 2011-12-15 14:34 -------- d-----w- c:\users\Machiel\AppData\Local\Windows Live Writer 2011-12-15 14:22 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-15 14:22 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-12-15 14:22 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll 2011-12-15 14:22 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll 2011-12-15 14:22 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-15 14:22 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-12-15 13:53 . 2011-12-15 13:53 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-12-13 16:56 . 2010-07-04 18:07 238952 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe 2011-12-13 16:56 . 2010-06-14 08:32 36608 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sys 2011-12-13 16:56 . 2010-06-14 08:32 110592 ----a-w- c:\windows\SysWow64\FsUsbExDevice.Dll 2011-12-13 16:29 . 2010-04-27 02:25 15872 ----a-w- c:\windows\system32\drivers\ssm_wh.sys 2011-12-13 16:29 . 2010-04-27 02:25 15360 ----a-w- c:\windows\system32\drivers\ssm_cm.sys 2011-12-13 16:26 . 2011-12-13 16:26 -------- d-----w- c:\program files (x86)\MarkAny 2011-12-13 16:12 . 2011-12-13 16:12 -------- d-----w- c:\program files\SAMSUNG 2011-12-13 15:47 . 2011-12-13 15:47 -------- d-----w- c:\programdata\Samsung 2011-12-13 15:46 . 2010-07-04 18:11 25960 ----a-w- c:\windows\SysWow64\FsExService64.Exe 2011-12-13 15:46 . 2010-06-14 08:32 16448 ----a-w- c:\windows\SysWow64\drivers\TFsExDisk.Sys 2011-12-13 15:46 . 2010-07-04 18:11 25960 ----a-w- c:\windows\system32\FsExService64.exe 2011-12-13 15:46 . 2010-06-14 08:32 16448 ----a-w- c:\windows\system32\drivers\TFsExDisk.sys 2011-12-13 15:44 . 2011-12-13 15:44 -------- d-----w- c:\users\Loch\AppData\Roaming\Samsung 2011-12-13 15:42 . 2011-12-13 15:48 -------- d-----w- c:\program files (x86)\Samsung 2011-12-12 15:38 . 2011-12-12 15:38 -------- d-----w- c:\program files (x86)\HD Tune 2011-12-08 17:50 . 2011-12-08 17:50 -------- d-----w- c:\program files\Speccy 2011-11-30 20:05 . 2011-11-30 20:05 -------- d-----w- c:\users\Loch\AppData\Roaming\Superfoto Editor 2011 2011-11-30 20:01 . 2011-11-30 20:01 -------- d-----w- c:\program files (x86)\Reviversoft 2011-11-30 20:01 . 2011-08-09 16:26 18760 ----a-w- c:\windows\system32\roboot64.exe 2011-11-30 19:59 . 2011-11-30 20:00 -------- d-----w- c:\program files (x86)\Superfoto Editor 2011 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-07 16:14 . 2010-05-10 12:17 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-11-20 11:04 . 2011-11-20 11:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-11-20 11:04 . 2011-11-20 11:04 882496 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-11-16 16:29 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-11-15 20:29 . 2011-11-15 20:29 388096 ----a-r- c:\users\Loch\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-25 12:18 . 2011-11-07 19:23 2701696 ----a-w- c:\programdata\UpdateKPNAssistent.exe 2011-10-14 11:27 . 2011-06-04 08:23 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-03 03:06 . 2010-05-16 15:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-09-29 16:29 . 2011-11-08 20:03 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((( SnapShot@2011-12-21_18.38.28 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2011-12-21 18:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-12-21 19:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-12-21 18:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-12-21 19:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-12-21 18:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-12-21 19:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-05-10 12:26 . 2011-12-21 18:47 15928 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-12-21 19:27 22822 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-05-10 12:12 . 2011-12-21 19:27 29938 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2470778596-1899047671-4230289399-1000_UserData.bin + 2009-07-14 04:46 . 2011-12-21 18:52 91600 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2010-05-31 19:15 . 2011-12-21 18:44 1604 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2011-12-21 19:25 . 2011-12-21 19:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-12-21 18:36 . 2011-12-21 18:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-12-21 19:25 . 2011-12-21 19:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-12-21 18:36 . 2011-12-21 18:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-11-15 19:26 . 2011-12-21 18:35 516104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-11-15 19:26 . 2011-12-21 19:24 516104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2009-07-14 05:01 . 2011-12-21 19:24 315712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2011-12-21 18:35 315712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 04:45 . 2011-12-21 18:40 7149840 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2011-12-20 18:54 7149840 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2010-11-04 18:14 . 2011-12-21 18:35 6717124 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2470778596-1899047671-4230289399-1000-8192.dat + 2010-11-04 18:14 . 2011-12-21 19:24 6717124 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2470778596-1899047671-4230289399-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 136176] R3 cpuz135;cpuz135;c:\users\Loch\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x] R3 dump_wmimmc;dump_wmimmc;d:\prius\gPotato\PriusOnline\GameGuard\dump_wmimmc.sys [x] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS [2010-06-14 36608] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 136176] R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x] R3 speccy;speccy;c:\users\Loch\AppData\Local\Temp\5fbf5539-4691-46d1-9058-4d9218b80230 [x] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-13 5790064] S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-13 487280] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 18:24] . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 18:24] . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470778596-1899047671-4230289399-1000Core.job - c:\users\Loch\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-29 11:34] . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470778596-1899047671-4230289399-1000UA.job - c:\users\Loch\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-29 11:34] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-08 9642528] "combofix"="c:\combofix\CF29426.3XE" [2010-11-20 345088] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Add animation to IncrediMail Style Box - c:\program files (x86)\IncrediMail\bin\resources\WebMenuImg.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download alles met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm IE: Download met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm IE: Download selectie met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm IE: Download video met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm TCP: DhcpNameServer = 192.168.23.1 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\users\Loch\AppData\Roaming\Mozilla\Firefox\Profiles\05bp2mxe.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&a=6PPRtFKFRo&search= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\speccy] "ImagePath"="\??\c:\users\Loch\AppData\Local\Temp\5fbf5539-4691-46d1-9058-4d9218b80230" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SysWOW64\FsUsbExService.Exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\CyberLink\Shared files\RichVideo.exe . ************************************************************************** . Voltooingstijd: 2011-12-21 20:47:11 - machine werd herstart ComboFix-quarantined-files.txt 2011-12-21 19:47 ComboFix2.txt 2011-12-21 18:43 . Pre-Run: 112.944.386.048 bytes beschikbaar Post-Run: 112.700.203.008 bytes beschikbaar . - - End Of File - - FDA428BAE1C1CB4F9A8C86FD59C7BEF0
  13. vastloper
    ComboFix 11-12-21.02 - Loch 21-12-2011 19:26:06.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4094.2633 [GMT 1:00] Gestart vanuit: c:\users\Loch\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: F-Secure Anti-Virus 9.20.15437 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: PC Veilig 9.12 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: F-Secure Anti-Virus 9.20.15437 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\users\Loch\AppData\Local\assembly\tmp c:\users\Loch\AppData\Roaming\Adobe\plugs c:\users\Loch\AppData\Roaming\Adobe\shed c:\users\Loch\AppData\Roaming\EurekaLog c:\users\Loch\AppData\Roaming\EurekaLog\KPN_Assistent\KPN_Assistent_LOCH-PC.elf c:\windows\system32\java.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-21 to 2011-12-21 )))))))))))))))))))))))))))))) . . 2011-12-21 18:34 . 2011-12-21 18:34 -------- d-----w- c:\users\Machiel\AppData\Local\temp 2011-12-21 18:34 . 2011-12-21 18:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-12-21 18:07 . 1998-07-17 12:36 140800 ----a-w- c:\windows\SysWow64\tm20dec.ax 2011-12-21 18:07 . 1997-12-17 17:33 304128 ----a-w- c:\windows\IsUninst.exe 2011-12-21 18:03 . 2011-12-21 18:03 -------- d-----w- c:\users\Loch\AppData\Roaming\Apple Computer 2011-12-21 18:03 . 2011-12-21 18:03 -------- d-----w- c:\users\Loch\AppData\Local\Apple Computer 2011-12-21 18:03 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-12-21 18:03 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-12-21 18:03 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-12-21 18:03 . 2011-12-21 18:03 -------- d-----w- c:\program files\iPod 2011-12-21 18:02 . 2011-12-21 18:03 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-12-21 18:02 . 2011-12-21 18:03 -------- d-----w- c:\program files\iTunes 2011-12-21 18:02 . 2011-12-21 18:03 -------- d-----w- c:\program files (x86)\iTunes 2011-12-21 18:02 . 2011-12-21 18:02 -------- d-----w- c:\programdata\Apple Computer 2011-12-21 18:02 . 2011-12-21 18:02 -------- d-----w- c:\users\Loch\AppData\Local\Apple 2011-12-21 18:02 . 2011-12-21 18:02 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\program files\Common Files\Apple 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\program files (x86)\Bonjour 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\program files\Bonjour 2011-12-21 18:01 . 2011-12-21 18:02 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-12-21 18:01 . 2011-12-21 18:01 -------- d-----w- c:\programdata\Apple 2011-12-20 18:42 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-12-20 18:42 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-12-20 18:42 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-12-20 18:42 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-12-20 18:42 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-12-20 18:42 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe 2011-12-20 18:42 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-12-20 18:41 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr 2011-12-20 18:35 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-12-20 18:35 . 2011-12-20 18:35 -------- d-----w- c:\programdata\AVAST Software 2011-12-20 18:35 . 2011-12-20 18:35 -------- d-----w- c:\program files\AVAST Software 2011-12-20 15:32 . 2010-04-27 02:25 15872 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys 2011-12-20 15:32 . 2010-04-27 02:25 136192 ----a-w- c:\windows\system32\drivers\ssm_bus.sys 2011-12-20 15:13 . 2011-12-07 16:14 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A12E338A-8550-45F3-B05D-0188923AC22E}\mpengine.dll 2011-12-19 15:56 . 2011-12-19 15:56 -------- d-----w- c:\users\Loch\AppData\Local\{D25D1306-D270-4315-9E73-99864914DC21} 2011-12-15 14:34 . 2011-12-20 16:41 -------- d-----w- c:\users\Machiel\AppData\Local\Windows Live 2011-12-15 14:34 . 2011-12-15 15:00 -------- d-----w- c:\users\Machiel\AppData\Roaming\Windows Live Writer 2011-12-15 14:34 . 2011-12-15 14:34 -------- d-----w- c:\users\Machiel\AppData\Local\Windows Live Writer 2011-12-15 14:22 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-15 14:22 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-12-15 14:22 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll 2011-12-15 14:22 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll 2011-12-15 14:22 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-15 14:22 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-12-15 13:53 . 2011-12-15 13:53 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-12-13 16:56 . 2010-07-04 18:07 238952 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe 2011-12-13 16:56 . 2010-06-14 08:32 36608 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sys 2011-12-13 16:56 . 2010-06-14 08:32 110592 ----a-w- c:\windows\SysWow64\FsUsbExDevice.Dll 2011-12-13 16:29 . 2010-04-27 02:25 15872 ----a-w- c:\windows\system32\drivers\ssm_wh.sys 2011-12-13 16:29 . 2010-04-27 02:25 15360 ----a-w- c:\windows\system32\drivers\ssm_cm.sys 2011-12-13 16:26 . 2011-12-13 16:26 -------- d-----w- c:\program files (x86)\MarkAny 2011-12-13 16:12 . 2011-12-13 16:12 -------- d-----w- c:\program files\SAMSUNG 2011-12-13 15:47 . 2011-12-13 15:47 -------- d-----w- c:\programdata\Samsung 2011-12-13 15:46 . 2010-07-04 18:11 25960 ----a-w- c:\windows\SysWow64\FsExService64.Exe 2011-12-13 15:46 . 2010-06-14 08:32 16448 ----a-w- c:\windows\SysWow64\drivers\TFsExDisk.Sys 2011-12-13 15:46 . 2010-07-04 18:11 25960 ----a-w- c:\windows\system32\FsExService64.exe 2011-12-13 15:46 . 2010-06-14 08:32 16448 ----a-w- c:\windows\system32\drivers\TFsExDisk.sys 2011-12-13 15:44 . 2011-12-13 15:44 -------- d-----w- c:\users\Loch\AppData\Roaming\Samsung 2011-12-13 15:42 . 2011-12-13 15:48 -------- d-----w- c:\program files (x86)\Samsung 2011-12-12 15:38 . 2011-12-12 15:38 -------- d-----w- c:\program files (x86)\HD Tune 2011-12-08 17:50 . 2011-12-08 17:50 -------- d-----w- c:\program files\Speccy 2011-12-06 18:13 . 2011-12-06 18:13 0 ---ha-w- c:\users\Loch\AppData\Local\BIT59D2.tmp 2011-11-30 20:05 . 2011-11-30 20:05 -------- d-----w- c:\users\Loch\AppData\Roaming\Superfoto Editor 2011 2011-11-30 20:01 . 2011-11-30 20:01 -------- d-----w- c:\program files (x86)\Reviversoft 2011-11-30 20:01 . 2011-08-09 16:26 18760 ----a-w- c:\windows\system32\roboot64.exe 2011-11-30 19:59 . 2011-11-30 20:00 -------- d-----w- c:\program files (x86)\Superfoto Editor 2011 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-21 18:40 . 2011-12-21 18:40 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A12E338A-8550-45F3-B05D-0188923AC22E}\offreg.dll 2011-12-07 16:14 . 2010-05-10 12:17 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-11-20 11:04 . 2011-11-20 11:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-11-20 11:04 . 2011-11-20 11:04 882496 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-11-16 16:29 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-11-15 20:29 . 2011-11-15 20:29 388096 ----a-r- c:\users\Loch\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-25 12:18 . 2011-11-07 19:23 2701696 ----a-w- c:\programdata\UpdateKPNAssistent.exe 2011-10-14 11:27 . 2011-06-04 08:23 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-03 03:06 . 2010-05-16 15:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-09-29 16:29 . 2011-11-08 20:03 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 136176] R3 cpuz135;cpuz135;c:\users\Loch\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x] R3 dump_wmimmc;dump_wmimmc;d:\prius\gPotato\PriusOnline\GameGuard\dump_wmimmc.sys [x] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS [2010-06-14 36608] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 136176] R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x] R3 speccy;speccy;c:\users\Loch\AppData\Local\Temp\5fbf5539-4691-46d1-9058-4d9218b80230 [x] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 X6va002;X6va002;c:\users\Loch\AppData\Local\Temp\002E7B2.tmp [x] R3 X6va003;X6va003;c:\users\Loch\AppData\Local\Temp\003B61A.tmp [x] R3 X6va005;X6va005;c:\users\Loch\AppData\Local\Temp\00567D6.tmp [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-13 5790064] S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-13 487280] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 18:24] . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-29 18:24] . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470778596-1899047671-4230289399-1000Core.job - c:\users\Loch\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-29 11:34] . 2011-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470778596-1899047671-4230289399-1000UA.job - c:\users\Loch\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-29 11:34] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-08 9642528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Add animation to IncrediMail Style Box - c:\program files (x86)\IncrediMail\bin\resources\WebMenuImg.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download alles met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm IE: Download met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm IE: Download selectie met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm IE: Download video met Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm TCP: DhcpNameServer = 192.168.23.1 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\users\Loch\AppData\Roaming\Mozilla\Firefox\Profiles\05bp2mxe.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&a=6PPRtFKFRo&search= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKLM-Run-NPSStartup - (no file) WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\speccy] "ImagePath"="\??\c:\users\Loch\AppData\Local\Temp\5fbf5539-4691-46d1-9058-4d9218b80230" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va002] "ImagePath"="\??\c:\users\Loch\AppData\Local\Temp\002E7B2.tmp" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003] "ImagePath"="\??\c:\users\Loch\AppData\Local\Temp\003B61A.tmp" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\Loch\AppData\Local\Temp\00567D6.tmp" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SysWOW64\FsUsbExService.Exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\CyberLink\Shared files\RichVideo.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe . ************************************************************************** . Voltooingstijd: 2011-12-21 19:43:20 - machine werd herstart ComboFix-quarantined-files.txt 2011-12-21 18:43 . Pre-Run: 113.049.149.440 bytes beschikbaar Post-Run: 113.108.963.328 bytes beschikbaar . - - End Of File - - 664F790677633A52CB784C73B7829AEB
  14. vastloper
    Pc Veilig staat nog steeds bij de program files, met alles erin ik weet niet of er nog processen van bezig zijn Hier is een tasklist, misschien dat je het daar in kan vinden: Imagenaam Proces-i Sessienaam Sessienr. Geheugengebr ========================= ======== ================ =========== ============ System Idle Process 0 Services 0 24 kB System 4 Services 0 1.892 kB smss.exe 312 Services 0 1.180 kB csrss.exe 448 Services 0 5.120 kB wininit.exe 516 Services 0 5.360 kB csrss.exe 532 Console 1 18.588 kB services.exe 568 Services 0 11.304 kB lsass.exe 584 Services 0 14.212 kB lsm.exe 592 Services 0 5.144 kB winlogon.exe 648 Console 1 8.012 kB svchost.exe 740 Services 0 10.352 kB svchost.exe 836 Services 0 9.272 kB atiesrxx.exe 884 Services 0 4.948 kB svchost.exe 964 Services 0 23.808 kB svchost.exe 1008 Services 0 180.328 kB svchost.exe 240 Services 0 37.472 kB svchost.exe 1032 Services 0 16.744 kB atieclxx.exe 1096 Console 1 7.316 kB SbieSvc.exe 1112 Services 0 4.596 kB Pen_TouchService.exe 1240 Services 0 5.664 kB wisptis.exe 1252 Console 1 9.260 kB svchost.exe 1500 Services 0 16.352 kB wisptis.exe 1656 Console 1 12.436 kB TabTip.exe 1668 Console 1 15.668 kB AvastSvc.exe 1732 Services 0 49.580 kB TabTip32.exe 1764 Console 1 3.344 kB dwm.exe 1816 Console 1 7.608 kB explorer.exe 1864 Console 1 76.396 kB Pen_TouchUser.exe 1884 Console 1 12.100 kB RAVCpl64.exe 624 Console 1 14.508 kB spoolsv.exe 2180 Services 0 12.760 kB taskhost.exe 2196 Console 1 10.040 kB svchost.exe 2272 Services 0 21.732 kB svchost.exe 2300 Services 0 19.552 kB PhotoshopElementsFileAgen 2416 Services 0 992 kB FsUsbExService.Exe 2636 Services 0 5.548 kB LSSrvc.exe 2688 Services 0 4.720 kB RichVideo.exe 2744 Services 0 4.708 kB svchost.exe 2792 Services 0 6.412 kB Pen_Tablet.exe 2844 Services 0 6.744 kB WLIDSVC.EXE 2908 Services 0 16.400 kB Pen_TabletUser.exe 3000 Console 1 6.868 kB AvastUI.exe 3044 Console 1 4.668 kB MOM.exe 2460 Console 1 6.764 kB Pen_Tablet.exe 2596 Console 1 20.232 kB SearchIndexer.exe 3100 Services 0 24.324 kB WLIDSVCM.EXE 3352 Services 0 4.040 kB CCC.exe 3536 Console 1 24.164 kB svchost.exe 3704 Services 0 6.416 kB wmpnetwk.exe 3756 Services 0 12.876 kB svchost.exe 2496 Services 0 12.632 kB PresentationFontCache.exe 4900 Services 0 18.544 kB svchost.exe 3052 Services 0 29.568 kB InputPersonalization.exe 3272 Console 1 528 kB svchost.exe 4480 Services 0 4.780 kB taskhost.exe 4756 Services 0 3.840 kB audiodg.exe 4984 Services 0 18.264 kB Setup.exe 1576 Console 1 6.460 kB is-12IQ7.tmp 4380 Console 1 45.408 kB firefox.exe 1420 Console 1 133.456 kB msnmsgr.exe 4780 Console 1 121.512 kB wlcomm.exe 2592 Console 1 24.372 kB plugin-container.exe 1648 Console 1 16.432 kB cmd.exe 3132 Console 1 3.456 kB conhost.exe 3780 Console 1 7.348 kB tasklist.exe 3664 Console 1 6.604 kB WmiPrvSE.exe 1640 Services 0 7.248 kB
  15. vastloper
    @michel, nee nog niet. Hier is het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:09:07, on 21-12-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: # Copyright © 1993-2009 Microsoft Corp. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\bin\resources\WebMenuImg.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video met Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/3285/defaults/activex/ips/IPSUploader4.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://asp.photoprintit.de/microsite/8/defaults/activex/XUpload.ocx O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASP.NET-statusservice (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - D:\andere\sandboxie\SbieSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10715 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.