Ga naar inhoud

jaap136

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    105

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door jaap136

  1. jaap136
    oke ik ben nu weer op mijn eigen computer op een of andere manier is het gelukt om opstartherstel te doen haha ik heb het logje wel maar ik weet nu niet of het efect heeft gehad na een computerherstel ComboFix 12-07-12.02 - Diana 12-07-2012 18:31:42.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.7159.3855 [GMT 2:00] Gestart vanuit: c:\users\Diana\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Diana\Desktop\cfscript.txt AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\isRS-000.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-12 to 2012-07-12 )))))))))))))))))))))))))))))) . . 2012-07-12 16:54 . 2012-07-12 16:54 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-07-12 16:54 . 2012-07-12 16:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-12 12:13 . 2012-05-30 19:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{146C7D79-924A-4A6D-9AD3-1C98289FADB4}\mpengine.dll 2012-07-12 08:18 . 2012-05-30 19:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-07-11 18:25 . 2012-07-12 13:21 -------- d-----w- c:\windows\system32\drivers\AVG 2012-07-11 16:39 . 2012-07-11 16:39 562032 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor13.dll 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\users\Diana\AppData\Roaming\Malwarebytes 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\programdata\Malwarebytes 2012-07-11 09:47 . 2012-07-12 16:55 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-07-11 09:47 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-11 09:05 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 08:59 . 2012-04-03 14:17 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5367DD61-4D48-4A48-A586-56EB3570C265}\gapaengine.dll 2012-07-11 08:22 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2012-07-09 19:14 . 2012-07-09 19:14 -------- d-----w- c:\users\Diana\AppData\Roaming\Origin 2012-07-08 12:24 . 2012-07-11 18:14 -------- d-----w- c:\users\Diana\AppData\Roaming\.techniclauncher 2012-07-04 13:39 . 2012-07-04 17:41 -------- d-----w- c:\users\Diana\AppData\Roaming\.platinum 2012-07-01 16:11 . 2012-07-11 18:14 -------- d-----w- c:\program files (x86)\Smallvideosoft 2012-07-01 12:13 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2012-07-01 12:13 . 2012-07-01 12:13 -------- d-----w- c:\program files (x86)\DVDVideoSoft 2012-06-30 20:53 . 2012-07-09 07:48 -------- dc----w- c:\users\Diana\AppData\Local\MigWiz 2012-06-30 20:49 . 2012-07-11 18:26 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-06-30 13:32 . 2012-06-30 13:32 -------- d-----w- c:\users\Diana\AppData\Local\LogMeIn 2012-06-30 13:32 . 2012-06-30 13:32 -------- d-----w- c:\programdata\LogMeIn 2012-06-30 13:29 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\LogMeIn Ignition 2012-06-30 12:03 . 2012-06-30 12:03 -------- d-----w- c:\programdata\Canneverbe Limited 2012-06-30 12:03 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\CDBurnerXP 2012-06-30 09:54 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-06-30 09:54 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-06-29 13:49 . 2012-06-29 13:49 -------- d-----w- c:\users\Diana\AppData\Local\Macromedia 2012-06-29 13:48 . 2012-06-14 22:19 85472 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-29 13:47 . 2012-06-14 22:16 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-29 13:47 . 2012-06-14 22:16 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-29 13:09 . 2012-06-29 13:09 -------- d-----w- c:\users\Diana\AppData\Local\Chromium 2012-06-29 13:08 . 2012-07-11 08:47 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls 2012-06-29 13:04 . 2012-07-11 08:47 -------- d-----w- c:\programdata\Hi-Rez Studios 2012-06-29 13:04 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Hi-Rez Studios 2012-06-29 12:24 . 2012-06-30 09:57 -------- d-----w- c:\users\Diana\AppData\Local\LogMeIn Hamachi 2012-06-29 10:31 . 2012-07-11 08:47 -------- d-----w- c:\programdata\MySQL 2012-06-28 10:55 . 2012-06-28 10:55 82816 ----a-w- c:\users\Diana\AppData\Roaming\pcouffin.sys 2012-06-27 20:10 . 2012-06-27 20:30 -------- d-----w- c:\users\Diana\AppData\Roaming\SQLyog 2012-06-27 20:10 . 2012-06-28 06:21 -------- d-----w- c:\program files (x86)\SQLyog Community 2012-06-25 17:38 . 2012-07-11 08:46 -------- d-----w- C:\Nexon 2012-06-25 12:38 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack 2012-06-25 12:30 . 2012-07-11 08:49 -------- d-----w- c:\users\Diana\AppData\Roaming\vlc 2012-06-22 18:29 . 2012-06-22 18:29 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-06-22 18:29 . 2012-07-11 08:47 -------- d-----w- c:\program files (x86)\Java 2012-06-19 15:01 . 2012-06-19 15:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2012-06-19 14:55 . 2012-07-11 08:47 -------- d-----w- c:\program files\Common Files\Adobe 2012-06-17 15:20 . 2012-06-28 10:52 -------- d-----w- c:\users\Diana\AppData\Roaming\AVS4YOU 2012-06-17 15:19 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia 2012-06-17 15:19 . 2012-06-28 10:55 -------- d-----w- c:\program files (x86)\AVS4YOU 2012-06-17 15:19 . 2012-06-17 15:20 -------- d-----w- c:\programdata\AVS4YOU 2012-06-17 15:19 . 2012-03-23 17:59 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll 2012-06-17 15:19 . 2012-03-23 17:59 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll 2012-06-15 19:19 . 2012-06-15 19:19 -------- d-----w- c:\programdata\ATI 2012-06-15 16:59 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2012-06-15 16:58 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\ATI Technologies 2012-06-14 17:44 . 2012-06-14 17:44 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-06-14 13:39 . 2012-06-30 10:24 -------- d-----w- c:\users\Diana\AppData\Roaming\Vso 2012-06-12 19:05 . 2012-07-11 08:47 -------- d-----w- c:\program files\Speccy 2012-06-12 18:37 . 2012-04-03 14:17 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-06-12 18:35 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-12 18:35 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-12 18:35 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-12 18:35 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-12 18:34 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-12 18:34 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-12 18:34 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-12 18:34 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-12 18:34 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-12 18:34 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-12 18:34 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-12 18:34 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-12 18:34 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-12 18:34 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-12 18:34 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-12 18:34 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-12 16:11 . 2011-11-21 20:03 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-07-12 16:11 . 2011-11-21 19:58 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-07-12 16:11 . 2011-11-21 19:58 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-07-12 11:02 . 2012-04-01 15:15 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-12 11:02 . 2011-11-20 20:38 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-25 17:38 . 2011-12-26 14:55 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat 2012-06-25 17:38 . 2011-12-26 14:55 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2012-06-22 18:29 . 2012-01-15 15:50 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-06-17 08:17 . 2011-11-21 19:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-06-02 22:19 . 2012-06-09 20:41 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-09 20:42 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-09 20:42 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-09 20:42 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-09 20:41 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-09 20:42 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-09 20:41 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-09 20:41 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-09 20:41 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-01 21:18 . 2012-06-01 21:18 41224 ----a-w- c:\windows\system32\drivers\hssdrv6.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-07-11_17.35.34 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-06-23 20:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-12 16:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-06-23 20:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-07-12 16:51 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-06-23 20:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-12 16:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-08-30 05:38 . 2012-07-12 08:19 75040 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-12 08:19 40564 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-11-20 18:04 . 2012-07-12 08:19 17600 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3476176345-4275865163-1462088770-1001_UserData.bin - 2009-07-14 05:30 . 2012-06-28 10:20 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 05:30 . 2012-07-11 18:25 86016 c:\windows\system32\DriverStore\infpub.dat + 2011-05-22 23:03 . 2011-05-22 23:03 48992 c:\windows\system32\DriverStore\FileRepository\avgfwfd6.inf_amd64_neutral_ae1e76d52507ef34\avgfwd6a.sys - 2011-05-23 00:03 . 2011-05-23 00:03 48992 c:\windows\system32\DriverStore\FileRepository\avgfwfd6.inf_amd64_neutral_ae1e76d52507ef34\avgfwd6a.sys + 2011-09-13 04:30 . 2011-09-13 04:30 37456 c:\windows\system32\drivers\avgrkx64.sys + 2011-08-08 04:08 . 2011-08-08 04:08 46672 c:\windows\system32\drivers\avgmfx64.sys + 2011-07-10 23:14 . 2011-07-10 23:14 29776 c:\windows\system32\drivers\AVGIDSFilter.sys + 2011-07-10 23:14 . 2011-07-10 23:14 26704 c:\windows\system32\drivers\AVGIDSEH.sys + 2011-05-22 23:03 . 2011-05-22 23:03 48992 c:\windows\system32\drivers\avgfwd6a.sys - 2011-11-20 17:24 . 2012-06-30 14:39 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-11-20 17:24 . 2012-07-12 11:02 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-11-20 17:24 . 2012-07-12 11:02 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-11-20 17:24 . 2012-06-30 14:39 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-07-12 11:02 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-06-30 14:39 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2012-07-11 17:45 94528 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2011-11-26 22:02 . 2012-07-11 18:06 6452 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2012-07-12 16:55 . 2012-07-12 16:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-11 17:35 . 2012-07-11 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-12 16:55 . 2012-07-12 16:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-07-11 17:35 . 2012-07-11 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-12 11:02 . 2012-07-12 11:02 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe + 2012-07-12 10:02 . 2012-07-12 10:02 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe + 2012-07-12 10:02 . 2012-07-12 10:02 465096 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.dll - 2012-04-01 15:15 . 2012-06-23 20:02 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe + 2012-04-01 15:15 . 2012-07-12 11:02 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe + 2011-11-22 02:00 . 2012-07-12 12:00 285186 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin - 2011-11-21 01:52 . 2012-07-11 14:42 748340 c:\windows\system32\perfh013.dat + 2011-11-21 01:52 . 2012-07-12 16:59 748340 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2012-07-11 14:42 657134 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-07-12 16:59 657134 c:\windows\system32\perfh009.dat - 2011-11-21 01:52 . 2012-07-11 14:42 154446 c:\windows\system32\perfc013.dat + 2011-11-21 01:52 . 2012-07-12 16:59 154446 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-07-12 16:59 122906 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-07-11 14:42 122906 c:\windows\system32\perfc009.dat + 2012-07-12 11:02 . 2012-07-12 11:02 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_265_Plugin.exe + 2012-07-12 10:02 . 2012-07-12 10:02 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_265_ActiveX.exe + 2012-07-12 10:02 . 2012-07-12 10:02 512200 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_265_ActiveX.dll + 2009-07-14 05:30 . 2012-07-11 18:25 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2012-06-28 10:20 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2012-07-11 18:25 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:30 . 2012-06-28 10:19 143360 c:\windows\system32\DriverStore\infstor.dat + 2011-07-10 23:14 . 2011-07-10 23:14 375376 c:\windows\system32\drivers\avgtdia.sys + 2011-10-07 04:23 . 2011-10-07 04:23 283728 c:\windows\system32\drivers\avgldx64.sys + 2011-07-10 23:14 . 2011-07-10 23:14 120400 c:\windows\system32\drivers\AVGIDSDriver.sys - 2009-07-14 05:01 . 2012-07-11 17:34 482316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-12 16:54 482316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-07-12 11:02 . 2012-07-12 11:02 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll + 2012-07-12 11:02 . 2012-07-12 11:02 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe - 2011-12-05 21:36 . 2012-07-11 17:34 1794312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-12-05 21:36 . 2012-07-12 16:54 1794312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-11-20 21:27 . 2012-07-12 08:17 4202558 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-12288.dat + 2012-07-11 18:23 . 2012-07-11 18:23 7629312 c:\windows\Installer\10ea4d.msi + 2012-07-11 18:24 . 2012-07-11 18:24 2871808 c:\windows\Installer\10ea42.msi + 2012-07-12 11:02 . 2012-07-12 11:02 12314312 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll + 2011-11-20 21:27 . 2012-07-12 16:54 14293332 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-8192.dat - 2011-11-20 21:27 . 2012-07-11 17:34 14293332 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-8192.dat + 2011-11-20 21:27 . 2012-07-12 16:54 42281832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-4096.dat . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-05-07 1073312] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ %I Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp Authentication Packages REG_MULTI_SZ %I . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056] R3 ALSysIO;ALSysIO;c:\users\Diana\AppData\Local\Temp\ALSysIO64.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 getbus;getbus;c:\users\Diana\AppData\Local\Temp\getbus.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-20 1255736] R4 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176] R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176] R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376] S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-06-01 41224] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe [2011-11-09 1677072] S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-06-20 468848] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-06-20 384880] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-14 283200] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-01-04 413800] . . Inhoud van de 'Gedeelde Taken' map . 2012-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 11:02] . 2012-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 20:10] . 2012-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 20:10] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nederland.fm/ uLocal Page = c:\windows\SYSTEM32\blank.htm mStart Page = hxxp://acer.msn.com mLocal Page = c:\windows\SYSTEM32\blank.htm IE: &Block This Image (ABP) - c:\program files\Adblock Pro\blockimg.html IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\sidzk657.default\ . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3476176345-4275865163-1462088770-1001\Software\SecuROM\License information*] "datasecu"=hex:b6,45,79,a8,1a,0e,6a,c6,23,d6,4c,35,26,95,68,3f,4c,59,eb,84,69, 58,a3,0e,91,d8,00,26,bd,43,4d,79,3b,00,39,d7,e8,1a,d7,eb,e0,ff,7d,50,6c,f9,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE c:\windows\SysWOW64\PnkBstrA.exe . ************************************************************************** . Voltooingstijd: 2012-07-12 19:18:39 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-12 17:18 ComboFix2.txt 2012-07-12 08:10 . Pre-Run: 286.821.507.072 bytes beschikbaar Post-Run: 286.886.002.688 bytes beschikbaar . - - End Of File - - A786A1543B36B6EB9F0C8FEF4C4A3349
  2. jaap136
    computer 5 keer opgestart hij ik moet hem ook uitzetten met de aan knop computer 5 keer opgestart hij ik moet hem ook uitzetten met de aan knop dan vraagt het in het begin windows nomaal opstaren of veilige modus veiligemodus met met nerwerkmoglijkheden prompt met opdrachtprompt maar bij deze allemaal krijg ik zwart scherm met alleen de muis te zien
  3. jaap136
    met win7 cd volgs mij doet dat het ook niet heel raar alleen mijn muis zie ik
  4. jaap136
    hellemal niks alleen mijn muis niks doet het wel bios
  5. jaap136
    veiligmodus doet het ook niet
  6. jaap136
    oke ik had die combofix gedaan nu is met opstart scherm zwart ik zie niks behalven mijn muis denk pc is gechrasd
  7. jaap136
    het is gelukt om het cfscript te maken hij scant nu superlangzaam 10min pas op deel 6 het gaat nu iets sneller maar wat ik vertellde over dat je scherm zwart word door microsoft dat is in het uiterste geval die mijn vriend zijn vader had want als je dat deel in je computer kend kan je goud geld verdienen zij hij (hij is zelf microsoft lid maar dan devlopper ofzoiets) dus ik zal uitkijken maar het komt wel goed ik bel vrijdag microsoft nog keer kijken van hoe en wat maar ik denk dat het klaar met de scammer (hij belt ook niet meer xD) dan zullen we zien hoe het laatste logje eruit ziet
  8. jaap136
    nee ze werken niet met teamviewer dat gaat allemaal professional je eigen scherm word zwart met meschien een plaatje erop maar meer niet je mag niks zien dit had ik van een vriend zijn vader gehoord maar hier heb je het logje : (van die cfscript.txt dat snapte ik niet helemaal maar ik deed het maar volgens mij had het geen efect op combofix want hij ging gewoon door met scannen van 1/50 delen) ComboFix 12-07-11.03 - Diana 12-07-2012 10:00:44.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.7159.5106 [GMT 2:00] Gestart vanuit: c:\users\Diana\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Diana\AppData\Local\Temp\{D87B4862-5FD8-40A0-AB1C-5613D63F2C39}\fpb.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-12 to 2012-07-12 )))))))))))))))))))))))))))))) . . 2012-07-12 08:05 . 2012-07-12 08:05 -------- d-----w- c:\users\Gast\AppData\Local\temp 2012-07-12 08:05 . 2012-07-12 08:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-11 16:39 . 2012-07-11 16:39 562032 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor13.dll 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\users\Diana\AppData\Roaming\Malwarebytes 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\programdata\Malwarebytes 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-07-11 09:47 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-11 09:05 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 08:59 . 2012-04-03 14:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5367DD61-4D48-4A48-A586-56EB3570C265}\gapaengine.dll 2012-07-11 08:22 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2012-07-09 19:14 . 2012-07-09 19:14 -------- d-----w- c:\users\Diana\AppData\Roaming\Origin 2012-07-08 12:24 . 2012-07-11 18:14 -------- d-----w- c:\users\Diana\AppData\Roaming\.techniclauncher 2012-07-04 13:39 . 2012-07-04 17:41 -------- d-----w- c:\users\Diana\AppData\Roaming\.platinum 2012-07-01 16:11 . 2012-07-11 18:14 -------- d-----w- c:\program files (x86)\Smallvideosoft 2012-07-01 12:13 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2012-07-01 12:13 . 2012-07-01 12:13 -------- d-----w- c:\program files (x86)\DVDVideoSoft 2012-06-30 20:53 . 2012-07-09 07:48 -------- dc----w- c:\users\Diana\AppData\Local\MigWiz 2012-06-30 20:49 . 2012-07-11 18:26 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-06-30 13:32 . 2012-06-30 13:32 -------- d-----w- c:\users\Diana\AppData\Local\LogMeIn 2012-06-30 13:32 . 2012-06-30 13:32 -------- d-----w- c:\programdata\LogMeIn 2012-06-30 13:29 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\LogMeIn Ignition 2012-06-30 12:03 . 2012-06-30 12:03 -------- d-----w- c:\programdata\Canneverbe Limited 2012-06-30 12:03 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\CDBurnerXP 2012-06-30 09:54 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-06-30 09:54 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-06-29 13:49 . 2012-06-29 13:49 -------- d-----w- c:\users\Diana\AppData\Local\Macromedia 2012-06-29 13:48 . 2012-06-14 22:19 85472 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-29 13:47 . 2012-06-14 22:16 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-29 13:47 . 2012-06-14 22:16 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-29 13:09 . 2012-06-29 13:09 -------- d-----w- c:\users\Diana\AppData\Local\Chromium 2012-06-29 13:08 . 2012-07-11 08:47 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls 2012-06-29 13:04 . 2012-07-11 08:47 -------- d-----w- c:\programdata\Hi-Rez Studios 2012-06-29 13:04 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Hi-Rez Studios 2012-06-29 12:24 . 2012-06-30 09:57 -------- d-----w- c:\users\Diana\AppData\Local\LogMeIn Hamachi 2012-06-29 10:31 . 2012-07-11 08:47 -------- d-----w- c:\programdata\MySQL 2012-06-29 07:32 . 2012-05-31 04:04 9013136 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-28 10:55 . 2012-06-28 10:55 82816 ----a-w- c:\users\Diana\AppData\Roaming\pcouffin.sys 2012-06-27 20:10 . 2012-06-27 20:30 -------- d-----w- c:\users\Diana\AppData\Roaming\SQLyog 2012-06-27 20:10 . 2012-06-28 06:21 -------- d-----w- c:\program files (x86)\SQLyog Community 2012-06-25 17:38 . 2012-07-11 08:46 -------- d-----w- C:\Nexon 2012-06-25 12:38 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack 2012-06-25 12:30 . 2012-07-11 08:49 -------- d-----w- c:\users\Diana\AppData\Roaming\vlc 2012-06-22 18:29 . 2012-06-22 18:29 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-06-22 18:29 . 2012-07-11 08:47 -------- d-----w- c:\program files (x86)\Java 2012-06-19 15:01 . 2012-06-19 15:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2012-06-19 14:55 . 2012-07-11 08:47 -------- d-----w- c:\program files\Common Files\Adobe 2012-06-17 15:20 . 2012-06-28 10:52 -------- d-----w- c:\users\Diana\AppData\Roaming\AVS4YOU 2012-06-17 15:19 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia 2012-06-17 15:19 . 2012-06-28 10:55 -------- d-----w- c:\program files (x86)\AVS4YOU 2012-06-17 15:19 . 2012-06-17 15:20 -------- d-----w- c:\programdata\AVS4YOU 2012-06-17 15:19 . 2012-03-23 17:59 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll 2012-06-17 15:19 . 2012-03-23 17:59 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll 2012-06-15 19:19 . 2012-06-15 19:19 -------- d-----w- c:\programdata\ATI 2012-06-15 16:59 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2012-06-15 16:58 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\ATI Technologies 2012-06-14 17:44 . 2012-06-14 17:44 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-06-14 13:39 . 2012-06-30 10:24 -------- d-----w- c:\users\Diana\AppData\Roaming\Vso 2012-06-12 19:05 . 2012-07-11 08:47 -------- d-----w- c:\program files\Speccy 2012-06-12 18:37 . 2012-04-03 14:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-06-12 18:35 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-12 18:35 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-12 18:35 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-12 18:35 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-12 18:34 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-12 18:34 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-12 18:34 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-12 18:34 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-12 18:34 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-12 18:34 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-12 18:34 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-12 18:34 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-12 18:34 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-12 18:34 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-12 18:34 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-12 18:34 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-11 20:23 . 2011-11-21 20:03 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-07-11 20:23 . 2011-11-21 19:58 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-07-11 20:23 . 2011-11-21 19:58 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-06-25 17:38 . 2011-12-26 14:55 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat 2012-06-25 17:38 . 2011-12-26 14:55 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2012-06-23 20:02 . 2012-04-01 15:15 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-23 20:02 . 2011-11-20 20:38 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-22 18:29 . 2012-01-15 15:50 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-06-17 08:17 . 2011-11-21 19:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-06-02 22:19 . 2012-06-09 20:41 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-09 20:42 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-09 20:42 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-09 20:42 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-09 20:41 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-09 20:42 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-09 20:41 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-09 20:41 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-09 20:41 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-01 21:18 . 2012-06-01 21:18 41224 ----a-w- c:\windows\system32\drivers\hssdrv6.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-07-11_17.35.34 ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-30 05:38 . 2012-07-12 07:46 74802 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-12 07:46 40428 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-11-20 18:04 . 2012-07-12 07:46 17576 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3476176345-4275865163-1462088770-1001_UserData.bin - 2009-07-14 05:30 . 2012-06-28 10:20 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 05:30 . 2012-07-11 18:25 86016 c:\windows\system32\DriverStore\infpub.dat - 2011-05-23 00:03 . 2011-05-23 00:03 48992 c:\windows\system32\DriverStore\FileRepository\avgfwfd6.inf_amd64_neutral_ae1e76d52507ef34\avgfwd6a.sys + 2011-05-22 23:03 . 2011-05-22 23:03 48992 c:\windows\system32\DriverStore\FileRepository\avgfwfd6.inf_amd64_neutral_ae1e76d52507ef34\avgfwd6a.sys + 2011-09-13 04:30 . 2011-09-13 04:30 37456 c:\windows\system32\drivers\avgrkx64.sys + 2011-08-08 04:08 . 2011-08-08 04:08 46672 c:\windows\system32\drivers\avgmfx64.sys + 2011-07-10 23:14 . 2011-07-10 23:14 29776 c:\windows\system32\drivers\AVGIDSFilter.sys + 2011-07-10 23:14 . 2011-07-10 23:14 26704 c:\windows\system32\drivers\AVGIDSEH.sys + 2011-05-22 23:03 . 2011-05-22 23:03 48992 c:\windows\system32\drivers\avgfwd6a.sys + 2009-07-14 04:46 . 2012-07-11 17:45 94528 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2011-11-26 22:02 . 2012-07-11 18:06 6452 c:\windows\system32\wdi\ERCQueuedResolutions.dat - 2012-07-11 17:35 . 2012-07-11 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-12 08:06 . 2012-07-12 08:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-12 08:06 . 2012-07-12 08:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-07-11 17:35 . 2012-07-11 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-11-21 01:52 . 2012-07-12 07:47 748340 c:\windows\system32\perfh013.dat - 2011-11-21 01:52 . 2012-07-11 14:42 748340 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-07-12 07:47 657134 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-07-11 14:42 657134 c:\windows\system32\perfh009.dat - 2011-11-21 01:52 . 2012-07-11 14:42 154446 c:\windows\system32\perfc013.dat + 2011-11-21 01:52 . 2012-07-12 07:47 154446 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2012-07-11 14:42 122906 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2012-07-12 07:47 122906 c:\windows\system32\perfc009.dat - 2009-07-14 05:30 . 2012-06-28 10:20 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2012-07-11 18:25 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2012-07-11 18:25 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:30 . 2012-06-28 10:19 143360 c:\windows\system32\DriverStore\infstor.dat + 2011-07-10 23:14 . 2011-07-10 23:14 375376 c:\windows\system32\drivers\avgtdia.sys + 2011-10-07 04:23 . 2011-10-07 04:23 283728 c:\windows\system32\drivers\avgldx64.sys + 2011-07-10 23:14 . 2011-07-10 23:14 120400 c:\windows\system32\drivers\AVGIDSDriver.sys + 2009-07-14 05:01 . 2012-07-12 08:05 482316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-07-11 17:34 482316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-12-05 21:36 . 2012-07-12 08:05 1794312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2011-12-05 21:36 . 2012-07-11 17:34 1794312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-11-20 21:27 . 2012-07-11 20:37 4191694 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-12288.dat + 2012-07-11 18:23 . 2012-07-11 18:23 7629312 c:\windows\Installer\10ea4d.msi + 2012-07-11 18:24 . 2012-07-11 18:24 2871808 c:\windows\Installer\10ea42.msi + 2011-11-20 21:27 . 2012-07-12 08:05 14293332 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-8192.dat - 2011-11-20 21:27 . 2012-07-11 17:34 14293332 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-8192.dat + 2011-11-20 21:27 . 2012-07-12 08:05 42274184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3476176345-4275865163-1462088770-1001-4096.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-05-07 1073312] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056] R3 ALSysIO;ALSysIO;c:\users\Diana\AppData\Local\Temp\ALSysIO64.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 getbus;getbus;c:\users\Diana\AppData\Local\Temp\getbus.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-20 1255736] R4 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176] R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176] R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376] S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-06-01 41224] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe [2011-11-09 1677072] S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-06-20 468848] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-06-20 384880] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-14 283200] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-01-04 413800] . . Inhoud van de 'Gedeelde Taken' map . 2012-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 20:02] . 2012-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 20:10] . 2012-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 20:10] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nederland.fm/ uLocal Page = c:\windows\SYSTEM32\blank.htm mStart Page = hxxp://acer.msn.com mLocal Page = c:\windows\SYSTEM32\blank.htm IE: &Block This Image (ABP) - c:\program files\Adblock Pro\blockimg.html IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\sidzk657.default\ FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.gopher_port - 0 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3476176345-4275865163-1462088770-1001\Software\SecuROM\License information*] "datasecu"=hex:b6,45,79,a8,1a,0e,6a,c6,23,d6,4c,35,26,95,68,3f,4c,59,eb,84,69, 58,a3,0e,91,d8,00,26,bd,43,4d,79,3b,00,39,d7,e8,1a,d7,eb,e0,ff,7d,50,6c,f9,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE c:\windows\SysWOW64\PnkBstrA.exe . ************************************************************************** . Voltooingstijd: 2012-07-12 10:10:30 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-12 08:10 . Pre-Run: 293.664.706.560 bytes beschikbaar Post-Run: 293.597.556.736 bytes beschikbaar . - - End Of File - - 1F0DED43702E050A91124BBF6FA296E3
  9. jaap136
    het probeem van: er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering is opgelost door ccleaner (was tip op een ander site die ook combofix gebruikte hij had zelfde probleem) maar is mijn computer nu veilig naar Hijackthis --> malwarebytes --> combofix.exe
  10. jaap136
    het is gelukt om logje te openen: ComboFix 12-07-11.03 - Diana 11-07-2012 19:31:07.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.7159.4100 [GMT 2:00] Gestart vanuit: c:\users\Diana\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1333461294.bdinstall.bin c:\programdata\1333462120.bdinstall.bin c:\programdata\AMMYY c:\programdata\AMMYY\hr c:\programdata\AMMYY\hr3 c:\programdata\AMMYY\settings3.bin c:\programdata\FullRemove.exe c:\users\Diana\AppData\Local\Temp\{EC51A8C7-BFA0-4894-B9A3-071E2B4EF204}\fpb.tmp c:\users\Diana\AppData\Roaming\inst.exe c:\users\Diana\AppData\Roaming\vso_ts_preview.xml . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-11 to 2012-07-11 )))))))))))))))))))))))))))))) . . 2012-07-11 16:39 . 2012-07-11 16:39 562032 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor13.dll 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\users\Diana\AppData\Roaming\Malwarebytes 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\programdata\Malwarebytes 2012-07-11 09:47 . 2012-07-11 09:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-07-11 09:47 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-11 09:05 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 08:59 . 2012-04-03 14:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5367DD61-4D48-4A48-A586-56EB3570C265}\gapaengine.dll 2012-07-11 08:58 . 2012-05-30 19:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B22CEB0B-4C89-4253-984A-91357F2F2C3C}\mpengine.dll 2012-07-11 08:22 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2012-07-09 19:14 . 2012-07-09 19:14 -------- d-----w- c:\users\Diana\AppData\Roaming\Origin 2012-07-08 12:24 . 2012-07-11 18:14 -------- d-----w- c:\users\Diana\AppData\Roaming\.techniclauncher 2012-07-04 13:39 . 2012-07-04 17:41 -------- d-----w- c:\users\Diana\AppData\Roaming\.platinum 2012-07-01 16:11 . 2012-07-11 18:14 -------- d-----w- c:\program files (x86)\Smallvideosoft 2012-07-01 12:13 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2012-07-01 12:13 . 2012-07-01 12:13 -------- d-----w- c:\program files (x86)\DVDVideoSoft 2012-06-30 20:53 . 2012-07-09 07:48 -------- dc----w- c:\users\Diana\AppData\Local\MigWiz 2012-06-30 20:49 . 2012-07-11 08:49 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-06-30 13:32 . 2012-06-30 13:32 -------- d-----w- c:\users\Diana\AppData\Local\LogMeIn 2012-06-30 13:32 . 2012-06-30 13:32 -------- d-----w- c:\programdata\LogMeIn 2012-06-30 13:29 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\LogMeIn Ignition 2012-06-30 12:03 . 2012-06-30 12:03 -------- d-----w- c:\programdata\Canneverbe Limited 2012-06-30 12:03 . 2012-07-11 08:49 -------- d-----w- c:\program files (x86)\CDBurnerXP 2012-06-30 09:54 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-06-30 09:54 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-06-29 13:49 . 2012-06-29 13:49 -------- d-----w- c:\users\Diana\AppData\Local\Macromedia 2012-06-29 13:48 . 2012-06-14 22:19 85472 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-29 13:47 . 2012-06-14 22:16 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-29 13:47 . 2012-06-14 22:16 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-29 13:09 . 2012-06-29 13:09 -------- d-----w- c:\users\Diana\AppData\Local\Chromium 2012-06-29 13:08 . 2012-07-11 08:47 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls 2012-06-29 13:04 . 2012-07-11 08:47 -------- d-----w- c:\programdata\Hi-Rez Studios 2012-06-29 13:04 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Hi-Rez Studios 2012-06-29 12:24 . 2012-06-30 09:57 -------- d-----w- c:\users\Diana\AppData\Local\LogMeIn Hamachi 2012-06-29 10:31 . 2012-07-11 08:47 -------- d-----w- c:\programdata\MySQL 2012-06-29 07:32 . 2012-05-31 04:04 9013136 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-28 10:55 . 2012-06-28 10:55 82816 ----a-w- c:\users\Diana\AppData\Roaming\pcouffin.sys 2012-06-27 20:10 . 2012-06-27 20:30 -------- d-----w- c:\users\Diana\AppData\Roaming\SQLyog 2012-06-27 20:10 . 2012-06-28 06:21 -------- d-----w- c:\program files (x86)\SQLyog Community 2012-06-25 17:38 . 2012-07-11 08:46 -------- d-----w- C:\Nexon 2012-06-25 12:38 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack 2012-06-25 12:30 . 2012-07-11 08:49 -------- d-----w- c:\users\Diana\AppData\Roaming\vlc 2012-06-22 18:29 . 2012-06-22 18:29 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-06-22 18:29 . 2012-07-11 08:47 -------- d-----w- c:\program files (x86)\Java 2012-06-19 15:01 . 2012-06-19 15:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2012-06-19 14:55 . 2012-07-11 08:47 -------- d-----w- c:\program files\Common Files\Adobe 2012-06-17 15:20 . 2012-06-28 10:52 -------- d-----w- c:\users\Diana\AppData\Roaming\AVS4YOU 2012-06-17 15:19 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia 2012-06-17 15:19 . 2012-06-28 10:55 -------- d-----w- c:\program files (x86)\AVS4YOU 2012-06-17 15:19 . 2012-06-17 15:20 -------- d-----w- c:\programdata\AVS4YOU 2012-06-17 15:19 . 2012-03-23 17:59 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll 2012-06-17 15:19 . 2012-03-23 17:59 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll 2012-06-15 19:19 . 2012-06-15 19:19 -------- d-----w- c:\programdata\ATI 2012-06-15 16:59 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2012-06-15 16:58 . 2012-07-11 08:46 -------- d-----w- c:\program files (x86)\ATI Technologies 2012-06-14 17:44 . 2012-06-14 17:44 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-06-14 13:39 . 2012-06-30 10:24 -------- d-----w- c:\users\Diana\AppData\Roaming\Vso 2012-06-12 19:05 . 2012-07-11 08:47 -------- d-----w- c:\program files\Speccy 2012-06-12 18:37 . 2012-04-03 14:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-06-12 18:35 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-12 18:35 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-12 18:35 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-12 18:35 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-12 18:34 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-12 18:34 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-12 18:34 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-12 18:34 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-12 18:34 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-12 18:34 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-12 18:34 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-12 18:34 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-12 18:34 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-12 18:34 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-12 18:34 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-12 18:34 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-29 17:15 . 2011-11-21 20:03 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-06-29 17:15 . 2011-11-21 19:58 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-06-29 17:15 . 2011-11-21 19:58 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-06-25 17:38 . 2011-12-26 14:55 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat 2012-06-25 17:38 . 2011-12-26 14:55 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2012-06-23 20:02 . 2012-04-01 15:15 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-23 20:02 . 2011-11-20 20:38 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-22 18:29 . 2012-01-15 15:50 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-06-17 08:17 . 2011-11-21 19:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-06-02 22:19 . 2012-06-09 20:41 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-09 20:42 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-09 20:42 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-09 20:42 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-09 20:41 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-09 20:42 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-09 20:41 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-09 20:41 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-09 20:41 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-01 21:18 . 2012-06-01 21:18 41224 ----a-w- c:\windows\system32\drivers\hssdrv6.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-05-07 1073312] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056] R3 ALSysIO;ALSysIO;c:\users\Diana\AppData\Local\Temp\ALSysIO64.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 getbus;getbus;c:\users\Diana\AppData\Local\Temp\getbus.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-20 1255736] R4 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176] R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176] R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-06-01 41224] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544] S2 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe [2011-11-09 1677072] S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-06-20 468848] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-06-20 384880] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-14 283200] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-01-04 413800] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 20:02] . 2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 20:10] . 2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 20:10] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] 2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nederland.fm/ uLocal Page = c:\windows\SYSTEM32\blank.htm mStart Page = hxxp://acer.msn.com mLocal Page = c:\windows\SYSTEM32\blank.htm IE: &Block This Image (ABP) - c:\program files\Adblock Pro\blockimg.html IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 10.90.104.1 FF - ProfilePath - c:\users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\sidzk657.default\ FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.gopher_port - 0 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3476176345-4275865163-1462088770-1001\Software\SecuROM\License information*] "datasecu"=hex:b6,45,79,a8,1a,0e,6a,c6,23,d6,4c,35,26,95,68,3f,4c,59,eb,84,69, 58,a3,0e,91,d8,00,26,bd,43,4d,79,3b,00,39,d7,e8,1a,d7,eb,e0,ff,7d,50,6c,f9,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE c:\windows\SysWOW64\PnkBstrA.exe . ************************************************************************** . Voltooingstijd: 2012-07-11 19:39:02 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-11 17:39 . Pre-Run: 296.707.506.176 bytes beschikbaar Post-Run: 296.492.457.984 bytes beschikbaar . - - End Of File - - E71127D296E7CE943D320889E20BCE53
  11. jaap136
    oww het lukt nu alleen met administrator
  12. jaap136
    ook met alle ander bestanden ik heb nu geen firewall of virusscanner =(
  13. jaap136
    nou ik heb combofix gedaan maar ik krijg nu steeds een raar bericht: er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering (dat kreeg ik toen ik het logje probeerde te openen en ook internet maar dat fixte ik via adminstrator te openen)
  14. jaap136
    ik poste hem perongelukt 2x sorry
  15. jaap136
    ja het is de echte microsoft NL tel. 0205001500 Malwarebytes Anti-Malware (-evaluatieversie-) 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.07.11.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 JAAP :: JAAP-PC [administrator] Realtime bescherming: Ingeschakeld 11-7-2012 11:48:04 mbam-log-2012-07-11 (11-48-04).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 235588 Verstreken tijd: 4 minuut/minuten, 8 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 4 C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  16. jaap136
    en bij die malwarebytes scan als resultaat 7 virussen en die heeft hij verwijderd maar ik vandaag microsoft gebeld naar technische dienst en die bellen mij morgen terug (hij zij dat ze mijn computer gingen nakijken dus ik hoop dat het goed komt)
  17. jaap136
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:40:27, on 11-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Users\Diana\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted IP range: http://192.168.0.1 O15 - ESC Trusted IP range: http://192.168.0.1 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files (x86)\GameTracker\GSInGameService.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10756 bytes
  18. jaap136
    is goed dankje
  19. jaap136
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:55:39, on 11-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Users\Diana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUAGOEIC\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted IP range: http://192.168.0.1 O15 - ESC Trusted IP range: http://192.168.0.1 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files (x86)\GameTracker\GSInGameService.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10266 bytes
  20. jaap136
    hallo, ik word 2 keer al gebeld door iemand van microsoft hij zij dat er allemaal errors op mijn computer waren en allemaal in het engels heel raar dat de (nederlandse microsoft niet belt) ik moest van hem naar een site maar dat lukte niet dus ik hangde op (:hmpf:9:00 uur s'ochtens dan ben ik niet wakker) (microsoft belt je niet, dat vond het heel raar) de volgende dag belde hij nog een keer deze keer lukte mij het wel om in het engels naar hem te praten en te doen wat hij zij dus ik ging naar deze site Ammyy Admin - Free Remote Desktop Access, PC Remote Control Software and Remote Desktop Sharing en daar het programma downloaden om je beeldscherm over te nemen en dat was gelukt hij liet mij in het logboek kijken naar errors (waar er heel veel) dus hij zij dat ik een programma moet kopen om mijn pc niet kapot te laten gaan zij hij dan. www.mscorp-payment.com en dan de tweede: eur (to pay using euro) en te kopen maar dat ga ik niet doen kost mij te veel dus mijn vraag is: moet ik hem geloven en kopen of iets anders ?hij heeft wel zijn nummer en naam gegeven en welk land hij woond (zweden)
  21. jaap136
    ik heb een fritz repeater van 60 euro
  22. jaap136
    ik denk dat je het is gewoon moet proberen als een repeater of range extender hebt zo niet dan is een repeater echt goed zat voor 15 meter ik zit met mijn ipad 40 meter van mijn repeater en router en ik goed internet
  23. jaap136
    het is niet gebruikelijk als het beeld vervormd
  24. jaap136
    als er toch niks tussen jou huis en die van je ouders zit waarom trek je dan geen kabel;-)
  25. jaap136
    en welke browser gebruik je explorer of firefox om je geluid of te spelen (heb je als een keer geprobeerd om ander boxen, koptelfoon, oortjes te testen kijken of het nog steeds raar geluid geeft)
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.