Ga naar inhoud

lilythelen

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    8

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door lilythelen

    [OPGELOST] pagina kan niet worden weergeegeven

    in Archief Windows Algemeen

    Geplaatst:

    ComboFix 09-09-25.01 - lily 27-09-2009 0:03.3.2 - NTFSx86

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2045.1200 [GMT 2:00]

    Gestart vanuit: c:\users\lily\Desktop\ComboFix.exe

    AV: Windows Live OneCare *On-access scanning enabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}

    FW: Windows Live OneCare - Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    SP: Windows Live OneCare *enabled* (Updated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2009-08-26 to 2009-09-26 ))))))))))))))))))))))))))))))

    .

    2009-09-26 22:11 . 2009-09-26 22:11 -------- d-----w- c:\users\Public\AppData\Local\temp

    2009-09-26 22:11 . 2009-09-26 22:11 -------- d-----w- c:\users\Default\AppData\Local\temp

    2009-09-25 12:05 . 2009-09-25 12:05 -------- d-----w- c:\program files\Trend Micro

    2009-09-24 06:22 . 2009-09-24 06:22 -------- d-----w- c:\programdata\McAfee Security Scan

    2009-09-22 14:17 . 2009-09-22 14:17 -------- d-----w- C:\Sounds

    2009-09-22 13:44 . 2009-09-22 21:05 -------- d-----w- c:\program files\DivX

    2009-09-22 13:38 . 2009-09-22 14:18 -------- d-----w- c:\users\lily\AppData\Roaming\LG Electronics

    2009-09-09 11:18 . 2009-09-09 11:18 -------- d-----w- c:\programdata\Zylom

    2009-09-08 05:49 . 2009-09-21 05:32 -------- d-----w- c:\users\lily\Office Genuine Advantage

    2009-09-04 15:00 . 2009-09-04 15:00 -------- d-----w- c:\programdata\Office Genuine Advantage

    2009-09-04 14:53 . 2009-09-04 21:22 -------- d-----w- c:\users\lily\Tracing

    2009-09-04 14:51 . 2009-08-05 20:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys

    2009-09-04 14:50 . 2009-09-04 14:50 -------- d-----w- c:\program files\Microsoft Sync Framework

    2009-09-04 14:49 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll

    2009-09-04 14:49 . 2009-09-04 14:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

    2009-09-04 14:47 . 2009-09-04 14:47 -------- d-----w- c:\program files\Windows Live SkyDrive

    2009-09-04 14:47 . 2009-09-04 14:51 -------- d-----w- c:\program files\Windows Live

    2009-09-04 09:29 . 2009-09-04 09:29 -------- d-----w- c:\program files\Common Files\Windows Live

    2009-09-04 09:27 . 2009-09-04 14:48 -------- d-----w- c:\program files\Microsoft

    2009-09-04 09:11 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

    2009-09-04 09:11 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2009-09-26 21:21 . 2009-04-08 06:56 -------- d-----w- c:\programdata\Google Updater

    2009-09-26 17:08 . 2009-01-20 17:52 -------- d-----w- c:\program files\Microsoft Windows OneCare Live

    2009-09-25 12:13 . 2008-12-08 18:29 6944 ----a-w- c:\users\lily\AppData\Local\d3d9caps.dat

    2009-09-24 19:00 . 2009-03-09 06:33 -------- d-----w- c:\programdata\NOS

    2009-09-24 18:59 . 2009-03-09 06:33 -------- d-----w- c:\program files\NOS

    2009-09-23 14:29 . 2008-06-07 02:35 667352 ----a-w- c:\windows\system32\perfh013.dat

    2009-09-23 14:29 . 2008-06-07 02:35 126854 ----a-w- c:\windows\system32\perfc013.dat

    2009-09-22 21:12 . 2008-06-06 16:55 -------- d--h--w- c:\program files\InstallShield Installation Information

    2009-09-22 13:26 . 2009-03-08 18:31 -------- d-----w- c:\program files\Google

    2009-09-10 20:54 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

    2009-09-10 20:53 . 2009-03-02 22:31 -------- d-----w- c:\program files\Microsoft Silverlight

    2009-09-09 06:08 . 2009-04-11 09:49 -------- d-----w- c:\users\lily\AppData\Roaming\Zylom

    2009-08-14 16:27 . 2009-09-10 17:15 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys

    2009-08-14 15:53 . 2009-09-10 17:15 17920 ----a-w- c:\windows\system32\netevent.dll

    2009-08-14 13:49 . 2009-09-10 17:15 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 17920 ----a-w- c:\windows\system32\ROUTE.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 11264 ----a-w- c:\windows\system32\MRINFO.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 19968 ----a-w- c:\windows\system32\ARP.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 10240 ----a-w- c:\windows\system32\finger.exe

    2009-08-14 13:48 . 2009-09-10 17:15 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

    2009-08-14 13:48 . 2009-09-10 17:15 105984 ----a-w- c:\windows\system32\netiohlp.dll

    2009-08-13 09:56 . 2009-01-20 17:55 -------- d-----w- c:\program files\Common Files\PX Storage Engine

    2009-08-11 08:11 . 2008-06-06 18:23 -------- d-----w- c:\program files\Java

    2009-08-07 11:40 . 2009-06-12 17:18 -------- d-----w- c:\users\lily\AppData\Roaming\PlayFirst

    2009-08-07 11:40 . 2009-06-12 17:18 -------- d-----w- c:\programdata\PlayFirst

    2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll

    2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll

    2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe

    2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll

    2009-07-25 03:23 . 2008-12-09 15:21 411368 ----a-w- c:\windows\system32\deploytk.dll

    2009-07-21 21:52 . 2009-07-29 11:59 915456 ----a-w- c:\windows\system32\wininet.dll

    2009-07-21 21:47 . 2009-07-29 11:59 109056 ----a-w- c:\windows\system32\iesysprep.dll

    2009-07-21 21:47 . 2009-07-29 11:59 71680 ----a-w- c:\windows\system32\iesetup.dll

    2009-07-21 20:13 . 2009-07-29 11:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe

    2009-07-17 13:54 . 2009-08-12 07:05 71680 ----a-w- c:\windows\system32\atl.dll

    2009-07-15 12:40 . 2009-08-12 07:05 8147456 ----a-w- c:\windows\system32\wmploc.DLL

    2009-07-15 12:39 . 2009-08-12 07:05 313344 ----a-w- c:\windows\system32\wmpdxm.dll

    2009-07-15 12:39 . 2009-08-12 07:05 4096 ----a-w- c:\windows\system32\dxmasf.dll

    2009-07-15 12:39 . 2009-08-12 07:05 7680 ----a-w- c:\windows\system32\spwmp.dll

    2009-07-11 19:01 . 2009-09-10 17:15 293376 ----a-w- c:\windows\system32\wlanmsm.dll

    2009-07-11 19:01 . 2009-09-10 17:15 513536 ----a-w- c:\windows\system32\wlansvc.dll

    2009-07-11 19:01 . 2009-09-10 17:15 302592 ----a-w- c:\windows\system32\wlansec.dll

    2009-07-11 19:01 . 2009-09-10 17:15 65024 ----a-w- c:\windows\system32\wlanapi.dll

    2009-07-11 17:03 . 2009-09-10 17:15 127488 ----a-w- c:\windows\system32\L2SecHC.dll

    2009-07-10 11:24 . 2009-07-10 11:24 307568 ----a-w- c:\windows\WLXPGSS.SCR

    2009-07-05 09:22 . 2008-12-06 09:09 70952 ----a-w- c:\users\lily\AppData\Local\GDIPFONTCACHEV1.DAT

    .

    ((((((((((((((((((((((((((((( SnapShot@2009-09-26_06.00.31 )))))))))))))))))))))))))))))))))))))))))

    .

    + 2008-01-21 01:58 . 2009-09-26 22:00 53118 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

    + 2008-12-06 00:13 . 2009-09-26 22:00 12330 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4205627522-118475122-458670407-1000_UserData.bin

    + 2008-10-28 22:39 . 2009-09-26 21:58 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

    - 2008-10-28 22:39 . 2009-09-26 05:59 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

    + 2008-10-28 22:39 . 2009-09-26 21:58 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

    - 2008-10-28 22:39 . 2009-09-26 05:59 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

    - 2008-12-06 09:51 . 2009-09-25 20:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

    + 2008-12-06 09:51 . 2009-09-26 21:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

    - 2008-12-06 09:51 . 2009-09-25 20:54 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

    + 2008-12-06 09:51 . 2009-09-26 21:33 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

    - 2008-12-06 09:51 . 2009-09-25 20:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

    + 2008-12-06 09:51 . 2009-09-26 21:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

    + 2009-09-26 21:58 . 2009-09-26 21:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

    + 2009-09-26 21:58 . 2009-09-26 21:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

    + 2006-11-02 13:05 . 2009-09-26 22:00 103678 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

    + 2008-10-28 22:39 . 2009-09-26 21:58 851968 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

    - 2008-10-28 22:39 . 2009-09-26 05:59 851968 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-08 39408]

    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]

    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]

    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]

    "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]

    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]

    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

    "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

    "OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2009-07-09 65240]

    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]

    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]

    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

    "VistaSp2"=hex(B):8a,ae,61,c8,53,00,ca,01

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

    "{D41394BD-3104-42F5-85FD-1DC6714D1D20}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play

    "{9AB66611-15CE-48A1-B678-772A1CA51ED2}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program

    "{6FB5DCF0-4FDD-466C-9394-D00EE15BA2AC}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector

    "{7F6DB5AA-820F-4212-B783-3522AC4A0DCB}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{1E34E744-6594-43D5-84C9-A747DFDBDE17}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{0174B898-7CEF-4012-8356-1F11BC78BA39}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader

    "{D739E3FE-73C2-4AAD-A8A3-8B8026D0F245}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader

    "{75B0AFA2-7015-41C6-BD55-D79F41220450}"= UDP:c:\program files\Internet Veiligheidspakket\backweb\1334668\Program\fspex.exe:Internet Veiligheidspakket

    "{E3B04109-F326-4B8A-9857-29889F1C410E}"= TCP:c:\program files\Internet Veiligheidspakket\backweb\1334668\Program\fspex.exe:Internet Veiligheidspakket

    "{6933860F-B1DE-435E-A12C-1174F36EC70B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{A0E9989D-9086-42EA-BE78-EB69B592B142}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{B4D6153B-FB3C-44F0-8047-CD73EC48ECF1}"= c:\program files\Skype\Phone\Skype.exe:Skype

    "{66E140E2-A4D2-43AB-B226-EF333688ED9D}"= Disabled:UDP:c:\program files\KCeasy\giFT\giFTl.exe:giFT Loader for KCeasy

    "{C60673EE-B537-4D8C-BEA3-3A14D2C39E4D}"= Disabled:TCP:c:\program files\KCeasy\giFT\giFTl.exe:giFT Loader for KCeasy

    "{EA270BBB-4496-46C0-B802-FE6C0384CFED}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

    "{6DFF8191-2312-4D87-B5A1-B509FFAF0A2A}"= UDP:63331:Windows Live OneCare

    "{489ACDD5-BB12-4DA7-B7B0-7B28F1397989}"= UDP:63331:Windows Live OneCare

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

    "EnableFirewall"= 0 (0x0)

    R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\System32\drivers\Amddfltr.sys [29-10-2008 0:56 15416]

    R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090102.001\IDSvix86.sys [9-1-2009 9:32 270384]

    R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe [29-10-2008 0:51 73728]

    R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 4:23 21504]

    R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 17:24 19456]

    R2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\Microsoft Windows OneCare Live\OcHealthMon.exe [9-7-2009 12:15 26104]

    R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [6-6-2008 20:18 341328]

    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [6-6-2008 19:25 193840]

    R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [23-1-2008 23:23 52736]

    R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [1-4-2008 13:14 81296]

    S2 gupdate1c9b8173f8773d0;Google Updateservice (gupdate1c9b8173f8773d0);c:\program files\Google\Update\GoogleUpdate.exe [8-4-2009 8:57 133104]

    S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30-3-2009 16:28 1533808]

    S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [4-9-2009 16:51 54632]

    S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5-8-2009 22:48 704864]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

    ezSharedSvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

    "c:\program files\Common Files\LightScribe\LSRunOnce.exe"

    .

    Inhoud van de 'Gedeelde Taken' map

    2009-09-26 c:\windows\Tasks\Google Software Updater.job

    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-08 06:56]

    2009-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 06:57]

    2009-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 06:57]

    2009-09-26 c:\windows\Tasks\User_Feed_Synchronization-{426031BE-D89F-420F-8A45-2890894B5445}.job

    - c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]

    .

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = hxxp://www.hyves.nl

    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=Pavilion&pf=cnnb

    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab

    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

    Rootkit scan 2009-09-27 00:11

    Windows 6.0.6002 Service Pack 2 NTFS

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond

    verborgen bestanden: 0

    **************************************************************************

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    Voltooingstijd: 2009-09-26 0:14

    ComboFix-quarantined-files.txt 2009-09-26 22:14

    ComboFix2.txt 2009-09-26 21:53

    ComboFix3.txt 2009-09-26 06:05

    Pre-Run: 99.123.183.616 bytes beschikbaar

    Post-Run: 99.026.632.704 bytes beschikbaar

    234 --- E O F --- 2009-09-10 20:58

    [OPGELOST] pagina kan niet worden weergeegeven

    in Archief Windows Algemeen

    Geplaatst:

    oke kape bedankt, nu is het wel gelukt:ComboFix 09-09-25.01 - lily 26-09-2009 7:48.1.2 - NTFSx86

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2045.1235 [GMT 2:00]

    Gestart vanuit: c:\users\lily\Desktop\ComboFix.exe

    AV: Windows Live OneCare *On-access scanning enabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}

    FW: Windows Live OneCare - Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    SP: Windows Live OneCare *enabled* (Updated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    c:\$recycle.bin\S-1-5-21-4205627522-118475122-458670407-500

    c:\$recycle.bin\S-1-5-21-956569188-2611845445-1188343954-500

    C:\install.exe

    c:\windows\Installer\1ef2f.msi

    c:\windows\system32\drivers\RKHit.sys

    .

    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    -------\Legacy_RKHIT

    (((((((((((((((((((( Bestanden Gemaakt van 2009-08-26 to 2009-09-26 ))))))))))))))))))))))))))))))

    .

    2009-09-26 05:57 . 2009-09-26 05:57 -------- d-----w- c:\users\Default\AppData\Local\temp

    2009-09-25 12:05 . 2009-09-25 12:05 -------- d-----w- c:\program files\Trend Micro

    2009-09-24 06:22 . 2009-09-24 06:22 -------- d-----w- c:\programdata\McAfee Security Scan

    2009-09-22 14:17 . 2009-09-22 14:17 -------- d-----w- C:\Sounds

    2009-09-22 13:44 . 2009-09-22 21:05 -------- d-----w- c:\program files\DivX

    2009-09-22 13:38 . 2009-09-22 14:18 -------- d-----w- c:\users\lily\AppData\Roaming\LG Electronics

    2009-09-09 11:18 . 2009-09-09 11:18 -------- d-----w- c:\programdata\Zylom

    2009-09-08 05:49 . 2009-09-21 05:32 -------- d-----w- c:\users\lily\Office Genuine Advantage

    2009-09-04 15:00 . 2009-09-04 15:00 -------- d-----w- c:\programdata\Office Genuine Advantage

    2009-09-04 14:53 . 2009-09-04 21:22 -------- d-----w- c:\users\lily\Tracing

    2009-09-04 14:51 . 2009-08-05 20:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys

    2009-09-04 14:50 . 2009-09-04 14:50 -------- d-----w- c:\program files\Microsoft Sync Framework

    2009-09-04 14:49 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll

    2009-09-04 14:49 . 2009-09-04 14:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

    2009-09-04 14:47 . 2009-09-04 14:47 -------- d-----w- c:\program files\Windows Live SkyDrive

    2009-09-04 14:47 . 2009-09-04 14:51 -------- d-----w- c:\program files\Windows Live

    2009-09-04 09:29 . 2009-09-04 09:29 -------- d-----w- c:\program files\Common Files\Windows Live

    2009-09-04 09:27 . 2009-09-04 14:48 -------- d-----w- c:\program files\Microsoft

    2009-09-04 09:11 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

    2009-09-04 09:11 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2009-09-25 20:20 . 2009-04-08 06:56 -------- d-----w- c:\programdata\Google Updater

    2009-09-25 12:13 . 2008-12-08 18:29 6944 ----a-w- c:\users\lily\AppData\Local\d3d9caps.dat

    2009-09-25 11:34 . 2009-01-20 17:52 -------- d-----w- c:\program files\Microsoft Windows OneCare Live

    2009-09-24 19:00 . 2009-03-09 06:33 -------- d-----w- c:\programdata\NOS

    2009-09-24 18:59 . 2009-03-09 06:33 -------- d-----w- c:\program files\NOS

    2009-09-23 14:29 . 2008-06-07 02:35 667352 ----a-w- c:\windows\system32\perfh013.dat

    2009-09-23 14:29 . 2008-06-07 02:35 126854 ----a-w- c:\windows\system32\perfc013.dat

    2009-09-22 21:12 . 2008-06-06 16:55 -------- d--h--w- c:\program files\InstallShield Installation Information

    2009-09-22 13:26 . 2009-03-08 18:31 -------- d-----w- c:\program files\Google

    2009-09-10 20:54 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

    2009-09-10 20:53 . 2009-03-02 22:31 -------- d-----w- c:\program files\Microsoft Silverlight

    2009-09-09 06:08 . 2009-04-11 09:49 -------- d-----w- c:\users\lily\AppData\Roaming\Zylom

    2009-08-14 16:27 . 2009-09-10 17:15 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys

    2009-08-14 15:53 . 2009-09-10 17:15 17920 ----a-w- c:\windows\system32\netevent.dll

    2009-08-14 13:49 . 2009-09-10 17:15 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 17920 ----a-w- c:\windows\system32\ROUTE.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 11264 ----a-w- c:\windows\system32\MRINFO.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 19968 ----a-w- c:\windows\system32\ARP.EXE

    2009-08-14 13:49 . 2009-09-10 17:15 10240 ----a-w- c:\windows\system32\finger.exe

    2009-08-14 13:48 . 2009-09-10 17:15 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

    2009-08-14 13:48 . 2009-09-10 17:15 105984 ----a-w- c:\windows\system32\netiohlp.dll

    2009-08-13 09:56 . 2009-01-20 17:55 -------- d-----w- c:\program files\Common Files\PX Storage Engine

    2009-08-11 08:11 . 2008-06-06 18:23 -------- d-----w- c:\program files\Java

    2009-08-07 11:40 . 2009-06-12 17:18 -------- d-----w- c:\users\lily\AppData\Roaming\PlayFirst

    2009-08-07 11:40 . 2009-06-12 17:18 -------- d-----w- c:\programdata\PlayFirst

    2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll

    2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll

    2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe

    2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll

    2009-07-25 03:23 . 2008-12-09 15:21 411368 ----a-w- c:\windows\system32\deploytk.dll

    2009-07-21 21:52 . 2009-07-29 11:59 915456 ----a-w- c:\windows\system32\wininet.dll

    2009-07-21 21:47 . 2009-07-29 11:59 109056 ----a-w- c:\windows\system32\iesysprep.dll

    2009-07-21 21:47 . 2009-07-29 11:59 71680 ----a-w- c:\windows\system32\iesetup.dll

    2009-07-21 20:13 . 2009-07-29 11:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe

    2009-07-17 13:54 . 2009-08-12 07:05 71680 ----a-w- c:\windows\system32\atl.dll

    2009-07-15 12:40 . 2009-08-12 07:05 8147456 ----a-w- c:\windows\system32\wmploc.DLL

    2009-07-15 12:39 . 2009-08-12 07:05 313344 ----a-w- c:\windows\system32\wmpdxm.dll

    2009-07-15 12:39 . 2009-08-12 07:05 4096 ----a-w- c:\windows\system32\dxmasf.dll

    2009-07-15 12:39 . 2009-08-12 07:05 7680 ----a-w- c:\windows\system32\spwmp.dll

    2009-07-11 19:01 . 2009-09-10 17:15 293376 ----a-w- c:\windows\system32\wlanmsm.dll

    2009-07-11 19:01 . 2009-09-10 17:15 513536 ----a-w- c:\windows\system32\wlansvc.dll

    2009-07-11 19:01 . 2009-09-10 17:15 302592 ----a-w- c:\windows\system32\wlansec.dll

    2009-07-11 19:01 . 2009-09-10 17:15 65024 ----a-w- c:\windows\system32\wlanapi.dll

    2009-07-11 17:03 . 2009-09-10 17:15 127488 ----a-w- c:\windows\system32\L2SecHC.dll

    2009-07-10 11:24 . 2009-07-10 11:24 307568 ----a-w- c:\windows\WLXPGSS.SCR

    2009-07-05 09:22 . 2008-12-06 09:09 70952 ----a-w- c:\users\lily\AppData\Local\GDIPFONTCACHEV1.DAT

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-08 39408]

    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]

    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]

    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]

    "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]

    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]

    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

    "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

    "OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2009-07-09 65240]

    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]

    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]

    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

    "VistaSp2"=hex(B):8a,ae,61,c8,53,00,ca,01

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

    "{D41394BD-3104-42F5-85FD-1DC6714D1D20}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play

    "{9AB66611-15CE-48A1-B678-772A1CA51ED2}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program

    "{6FB5DCF0-4FDD-466C-9394-D00EE15BA2AC}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector

    "{7F6DB5AA-820F-4212-B783-3522AC4A0DCB}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{1E34E744-6594-43D5-84C9-A747DFDBDE17}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{0174B898-7CEF-4012-8356-1F11BC78BA39}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader

    "{D739E3FE-73C2-4AAD-A8A3-8B8026D0F245}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader

    "{75B0AFA2-7015-41C6-BD55-D79F41220450}"= UDP:c:\program files\Internet Veiligheidspakket\backweb\1334668\Program\fspex.exe:Internet Veiligheidspakket

    "{E3B04109-F326-4B8A-9857-29889F1C410E}"= TCP:c:\program files\Internet Veiligheidspakket\backweb\1334668\Program\fspex.exe:Internet Veiligheidspakket

    "{6933860F-B1DE-435E-A12C-1174F36EC70B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{A0E9989D-9086-42EA-BE78-EB69B592B142}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

    "{B4D6153B-FB3C-44F0-8047-CD73EC48ECF1}"= c:\program files\Skype\Phone\Skype.exe:Skype

    "{66E140E2-A4D2-43AB-B226-EF333688ED9D}"= Disabled:UDP:c:\program files\KCeasy\giFT\giFTl.exe:giFT Loader for KCeasy

    "{C60673EE-B537-4D8C-BEA3-3A14D2C39E4D}"= Disabled:TCP:c:\program files\KCeasy\giFT\giFTl.exe:giFT Loader for KCeasy

    "{EA270BBB-4496-46C0-B802-FE6C0384CFED}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

    "{EC3D6649-03BA-43B7-AB84-DF2A288E6D2F}"= UDP:63331:Windows Live OneCare

    "{CA00C768-5AF5-48DA-9F24-FDF856A0B9FD}"= UDP:63331:Windows Live OneCare

    "{BE83D0EB-5E42-4119-B0D5-4A5A202CD9D8}"= UDP:63331:Windows Live OneCare

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

    "EnableFirewall"= 0 (0x0)

    R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\System32\drivers\Amddfltr.sys [29-10-2008 0:56 15416]

    R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090102.001\IDSvix86.sys [9-1-2009 9:32 270384]

    R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe [29-10-2008 0:51 73728]

    R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 4:23 21504]

    R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 17:24 19456]

    R2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\Microsoft Windows OneCare Live\OcHealthMon.exe [9-7-2009 12:15 26104]

    R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [6-6-2008 20:18 341328]

    R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30-3-2009 16:28 1533808]

    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [6-6-2008 19:25 193840]

    R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [23-1-2008 23:23 52736]

    R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [1-4-2008 13:14 81296]

    S2 gupdate1c9b8173f8773d0;Google Updateservice (gupdate1c9b8173f8773d0);c:\program files\Google\Update\GoogleUpdate.exe [8-4-2009 8:57 133104]

    S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [4-9-2009 16:51 54632]

    S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5-8-2009 22:48 704864]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

    ezSharedSvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

    "c:\program files\Common Files\LightScribe\LSRunOnce.exe"

    .

    Inhoud van de 'Gedeelde Taken' map

    2009-09-26 c:\windows\Tasks\Google Software Updater.job

    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-08 06:56]

    2009-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 06:57]

    2009-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 06:57]

    2009-09-26 c:\windows\Tasks\User_Feed_Synchronization-{426031BE-D89F-420F-8A45-2890894B5445}.job

    - c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]

    .

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = hxxp://www.hyves.nl

    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=Pavilion&pf=cnnb

    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab

    .

    **************************************************************************

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond

    verborgen bestanden:

    **************************************************************************

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    ------------------------ Andere Aktieve Processen ------------------------

    .

    c:\program files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe

    c:\windows\System32\Ati2evxx.exe

    c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe

    c:\windows\System32\audiodg.exe

    c:\windows\System32\Ati2evxx.exe

    c:\windows\System32\wlanext.exe

    c:\program files\Common Files\LightScribe\LSSrvc.exe

    c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

    c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe

    c:\program files\CyberLink\Shared Files\RichVideo.exe

    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    c:\program files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe

    c:\program files\Microsoft Windows OneCare Live\winss.exe

    c:\windows\servicing\TrustedInstaller.exe

    c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

    c:\windows\System32\Narrator.exe

    c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

    c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

    c:\windows\ehome\ehmsas.exe

    c:\program files\Windows Media Player\wmpnetwk.exe

    c:\windows\System32\wbem\unsecapp.exe

    c:\program files\Hewlett-Packard\Shared\HpqToaster.exe

    c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe

    .

    **************************************************************************

    .

    Voltooingstijd: 2009-09-26 8:05 - machine werd herstart

    ComboFix-quarantined-files.txt 2009-09-26 06:05

    Pre-Run: 99.526.475.776 bytes beschikbaar

    Post-Run: 99.325.206.528 bytes beschikbaar

    248 --- E O F --- 2009-09-10 20:58

    ---------- Post toegevoegd om 08:14 ---------- Vorige post was om 08:10 ----------

    ---------- Post toegevoegd om 08:16 ---------- Vorige post was om 08:14 ----------

    Hallo Angel,

    Alle hulp is welkom hoor!

    Als ik je instructies opvolg krijg ik de volgende mededeling:

    De opdracht set global is mislukt op IPv4 U hebt niet de benodigde bevoegdheden voor deze bewerking

    Helaas mislukt.

    [OPGELOST] pagina kan niet worden weergeegeven

    in Archief Windows Algemeen

    Geplaatst:

    Geen logje, want na tig keer herstarten, want de pagina kan telkens niet worden weer gegeven........ en dan

    helaas, na windows live onecare te hebben uitgeschakeld krijg ik de volgende fout melding bij het installeren (poging) van combofix:

    U kunt combofix niet herbenoemen als combofix[1]

    Gelieve een andere naam te gebruiken, bij voorkeur opgebouwd uit

    alfanumerische karakters.

    Waar zou ik dit kunnen (en hoe..) doen.

    [OPGELOST] pagina kan niet worden weergeegeven

    in Archief Windows Algemeen

    Geplaatst:

    Volledige acracradabra (voor mij..):

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 14:15:04, on 25-9-2009

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18813)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\HP\QuickPlay\QPService.exe

    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

    C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe

    C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

    C:\Program Files\Java\jre6\bin\jusched.exe

    C:\Program Files\IDT\WDM\sttray.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hyves.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mijnAOL | HP

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Hyves

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O1 - Hosts: ::1 localhost

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

    O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

    O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

    O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"

    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

    O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O13 - Gopher Prefix:

    O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab

    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/54.14/uploader2.cab

    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab

    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe

    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

    O23 - Service: Google Updateservice (gupdate1c9b8173f8773d0) (gupdate1c9b8173f8773d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe

    --

    End of file - 10611 bytes

    Kun je hier iets mee?

    Alvast bedankt.

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.