Ga naar inhoud

daniel43

Lid
  • Items

    51
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door daniel43

  1. Beide geprobeerd maar zonder succes. Heb besloten om laptop terug te sturen naar Dell (steeds in garantie) Met dank voor Uw raad
  2. Na wat omwegen is het mij toch gelukt om een recente systeemcopie te copieren met een andere Paragon rescue disk. Hierin kon met een "simple restore wizard" uitvoeren. Helaas bij, het herstarten na copie, krijg ik de vermelding : "file:\Boot\BCD Status 0xc000000f an error occured while attemting to read the boot configuration" Op de Paragon herstelschijf staat ook een "boot corrector" met volgende mogelijkheden: - search for windows installation to correct - correct the master boot record (MBR) - correct the the partition boot record - correct boot parameters (boot.ini, BCD) - modify partition parameters Op eerste zicht zou er iets kunnen gebeuren in "correct boot parameters (boot.ini, BCD)" Heeft U ervaring met dit, of zijn er andere mogelijkheden om dit te herstellen ?
  3. Verscheidene pogingen om transfert van files te doen maar steeds melding "cannot write on destination selected" Daarna bij een van de opstartherstellen kon ik opnieuw opstarten. Explorer werkt normaal, maar bij het opstarten van programma's verkrijg ik steeds de navolgende melding : "De toepassing kan niet worden gestart omdat de configuratie naast elkaar onjuist is. Raadpleeg het gebeurtenislogbook Toepassing of gebruik sxstrace.exe voor meer informatie" Bij opstarten in safemode : idem Bij de eerste opstart kreeg ik bij het opstarten van Microsoft Security Essentials de foutmelding 0x8007002 en file COMCTL32.dll ontbreekt. Wat nu ?
  4. een systeem copie terugzetten gaat niet, ik kan enkel files terugzetten. Ik heb geprobeerd met "Windows" maar er waren problemen met de bestemming E, na 5h copieren kreeg ik een bericht dat het wegschrijven niet lukt. Opnieuw aan het proberen maar nu met een bestemming My Computer/E maar nog 4h te gaan Normaal staat windows op C ! Afwachten en mijn ervaring met Paragon is beperkt tot het maken van backup's niet het terugzetten !
  5. Hallo, Sinds enkele dagen had ik problemen met het verdwijnen van programma's. Gescand naar virussen gaf aan dat er problemen waren met enkele files in de "bin" Heb deze files verwijderd en nu start mijn laptop niet meer op. Getracht om naar een eerder herstelpunt te gaan zijn mislukt (in safe mode) bij normaal opstarten geeft de laptop een opstartherstel window en tracht een herstel uit te voeren zonder succes Ik bezit een recente systeemcopie op een externe harde schijf va Paragon backup & recovery 11(free) in map arc_verscheidene cijfers en een Paragon rescue kit 11 (free) CD Ook bezit ik een Sardu 64bit rescue DVD met daarop verscheidene antivirus programma's en windows 7_64 bit recoverydisk.iso. Wat is de beste manier om verder te gaan ? Dit is mij nog nooit overkomen ... Groetjes
  6. De bank is toch met een oplossing gekomen : Bij Extra/opties/algemeen bij downloads moet "mij altijd vragen waar bestanden moeten worden opgeslagen" aangevinkt zijn Bij mij was de optie "bestanden opslaan in ...." aangevinkt !
  7. ja de bank is verwittigd maar ik verwacht daar niet veel hulp van dan gebruik dan explorer !
  8. Beste wensen, om terug tekomen op mijn bericht van 5/12 : opgelost door te veranderen van gebruiker Recent bij het downloaden van uittreksels van de bank opnieuw een pdf bestand en een pdf bestand met 0 bytes verkregen. Bij verder onderzoek gebeurd dit enkel als ik download met firefox, downloaden met explorer komt het pdf bestand zonder bijkomend pdf bestand met 0 bytes ? groeten firefox 9.0.1 explorer 9 (64bits) windows7 sp1 prof 64bits
  9. Opgelost met het verwijderen van mijn gebruikersaccount : - nieuwe account aanmaken - copieren van "mijn documenten" met uitzondering van de map waarin de niet verwijderbare "0 byte" files staan - oude account verwijderen Met dank voor alle hulp en prettige feesten
  10. Paragon11 compact hoe moet het met de softprogrammas dewelke draaien op "daniel" ? buiten documenten zijn er nog andere zaken die overgebracht moeten worden ?
  11. in map c:\users\daniel\downloads staan de bestanden dewelke ik niet kan verwijderen. ik zou dan alle documenten willen backuppen met uitzondering van "downloads" denk je dat dit mogelijk is ?
  12. Ik denk dat het op te lossen is wanneer ik mijn gebruiker "daniel" verwijder. Wanneer ik mij aanmeld als "administrator" is de map "downloads" maagdelijk. Probleem : programma's/documenten in "daniel" zijn weg + ? Hebt U een idee hoe een nieuwe gebruiker aan te maken met alle programma's/documenten van de oude gebruiker ?
  13. originele bestanden opnieuw gedownload van de bank bij openen van een bestand bv 163kb dan krijg ik onmiddellijk het document in Adobe Reader bij openen van hetzelfde bestand met 0 bytes dan verkrijg ik eerst een keuze menu verder klikken op Adobe Reader opent het document aan de IT dienst van de bank het probleem voorgelegd, nog geen nieuws gekregen
  14. ComboFix 11-12-12.02 - daniel 13/12/2011 14:15:59.3.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.4085.2887 [GMT 1:00] Gestart vanuit: c:\users\daniel\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\daniel\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . FILE :: "c:\users\daniel\downloads\20111006094150001482(1)" "c:\users\daniel\downloads\20111006094150001482(1).pdf" "c:\users\daniel\downloads\20111006094150001482(2)" "c:\users\daniel\downloads\20111006094150001482(2).pdf" "c:\users\daniel\downloads\20111006094150001482(3)" "c:\users\daniel\downloads\20111006094150001482(3).pdf" "c:\users\daniel\downloads\20111006094150001482.pdf" "c:\users\daniel\downloads\20111105070009041204.pdf" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\daniel\downloads\20111006094150001482(2).pdf c:\users\daniel\downloads\20111006094150001482(3).pdf c:\users\daniel\downloads\20111006094150001482.pdf c:\users\daniel\downloads\20111105070009041204.pdf . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-13 to 2011-12-13 )))))))))))))))))))))))))))))) . . 2011-12-13 13:20 . 2011-12-13 13:20 -------- d-----w- c:\users\Gast\AppData\Local\temp 2011-12-13 13:20 . 2011-12-13 13:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-12-13 13:20 . 2011-12-13 13:20 -------- d-----w- c:\users\daniel\AppData\Local\temp 2011-12-13 13:20 . 2011-12-13 13:20 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2011-12-13 09:21 . 2011-12-13 09:21 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C0D1155-B05A-4D5E-B498-2536CB8A8FD7}\offreg.dll 2011-12-13 09:21 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C0D1155-B05A-4D5E-B498-2536CB8A8FD7}\mpengine.dll 2011-12-08 16:56 . 2011-12-08 16:56 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-12-08 14:33 . 2011-12-08 14:33 -------- d-----w- c:\users\daniel\Mijn backup dossier 2011-12-07 10:06 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe 2011-12-05 16:12 . 2011-12-05 16:12 -------- d-----w- c:\program files (x86)\Unlocker 2011-12-05 14:18 . 2011-12-11 15:09 -------- d-----w- c:\users\HiJackThis 2011-12-02 15:35 . 2011-12-02 15:35 -------- d-----w- c:\program files (x86)\SIW 2011-12-01 10:34 . 2011-12-01 10:34 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-30 17:27 . 2011-11-30 17:27 -------- d-----w- c:\program files (x86)\Trend Micro 2011-11-28 15:44 . 2011-11-28 15:44 53248 ----a-r- c:\users\daniel\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-11-28 15:43 . 2011-11-28 15:43 -------- d-----w- c:\program files\Logitech 2011-11-25 16:48 . 2011-11-27 18:45 -------- d-----w- c:\users\daniel\AppData\Local\Spotify 2011-11-25 16:48 . 2011-11-27 18:45 -------- d-----w- c:\users\daniel\AppData\Roaming\Spotify 2011-11-21 10:15 . 2011-11-21 10:15 -------- d-----w- c:\users\daniel\AppData\Roaming\URSoft 2011-11-21 10:15 . 2011-11-21 10:15 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7 2011-11-16 11:48 . 2011-11-16 11:48 -------- d-----w- c:\programdata\complexbackup 2011-11-16 11:47 . 2011-11-16 11:47 -------- d-----w- c:\programdata\launcher 2011-11-16 10:51 . 2011-11-16 10:51 -------- d-----w- c:\program files (x86)\Paragon_Software 2011-11-16 10:46 . 2011-11-16 10:46 -------- d-----w- c:\programdata\explauncher 2011-11-16 09:15 . 2011-11-16 09:15 -------- d-----w- c:\windows\system32\Macromed 2011-11-14 07:11 . 2011-11-14 07:11 251696 ----a-w- c:\windows\SysWow64\prgiso.dll 2011-11-14 07:11 . 2011-11-14 07:11 59184 ----a-w- c:\windows\system32\drivers\uimx64.sys 2011-11-14 07:11 . 2011-11-14 07:11 572336 ----a-w- c:\windows\system32\drivers\Uim_IMx64.sys 2011-11-14 07:11 . 2011-11-14 07:11 412464 ----a-w- c:\windows\system32\drivers\UimFIO.sys 2011-11-14 07:11 . 2011-11-14 07:11 352816 ----a-w- c:\windows\system32\drivers\uim_vimx64.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-28 15:44 . 2011-10-08 13:40 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-11-21 11:40 . 2011-02-08 16:52 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-11-16 09:15 . 2011-05-19 08:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-09 10:03 . 2011-05-20 14:46 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-11-07 16:44 . 2011-11-07 16:44 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys 2011-11-05 18:45 . 2011-11-05 18:46 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-11-05 18:45 . 2009-11-12 06:24 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2011-11-05 18:45 . 2011-11-05 18:46 565352 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-11-05 18:37 . 2010-06-02 09:59 35344 ----a-w- c:\windows\system32\drivers\npf.sys 2011-10-21 21:47 . 2011-11-08 16:48 25224 ----a-w- c:\windows\system32\fbnative.exe 2011-10-21 21:46 . 2011-09-04 13:50 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys 2011-10-21 21:46 . 2011-09-04 13:50 50312 ----a-w- c:\windows\system32\drivers\EUBKMON.sys 2011-10-21 21:46 . 2011-09-04 13:50 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys 2011-10-21 21:46 . 2011-09-04 13:50 44680 ----a-w- c:\windows\system32\drivers\eubakup.sys 2011-10-21 09:34 . 2010-06-24 12:47 627600 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-11 19:40 . 2011-10-11 19:41 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A206B7BD-CC45-4DA1-B478-B1393704F018}\gapaengine.dll 2011-09-29 16:29 . 2011-11-09 12:45 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-09-29 04:03 . 2011-11-09 12:45 3144704 ----a-w- c:\windows\system32\win32k.sys 2011-09-13 09:46 . 2011-09-13 09:46 153296 ----a-w- c:\program files (x86)\uninst.exe 2011-09-13 09:45 . 2011-09-13 09:45 1267008 ----a-w- c:\program files (x86)\df64.exe 2011-09-13 09:45 . 2011-09-13 09:45 3909440 ----a-w- c:\program files (x86)\Defraggler64.exe 2011-09-13 09:45 . 2011-09-13 09:45 2365248 ----a-w- c:\program files (x86)\Defraggler.exe 2010-09-30 15:14 . 2010-09-30 15:14 6 ----a-w- c:\program files (x86)\Common Files\UnInstallCompleted.tmp 2010-09-30 15:13 . 2010-05-21 13:59 154688 ----a-w- c:\program files (x86)\Common Files\osdinst.dll 2010-05-28 07:53 . 2010-05-28 07:53 3096576 ----a-w- c:\program files (x86)\openofficeorg32.msi 2010-05-14 18:52 . 2010-05-21 13:59 4906048 ----a-w- c:\program files (x86)\Common Files\xsignal.exe . . ((((((((((((((((((((((((((((( SnapShot@2011-12-11_15.07.33 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 05:10 . 2011-12-13 09:08 42642 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2011-12-11 14:55 42642 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-12-31 10:21 . 2011-12-13 09:08 21192 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3049350583-4237318727-1982880771-1001_UserData.bin + 2009-12-30 16:29 . 2011-12-13 10:01 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-30 16:29 . 2011-12-11 14:55 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-30 16:29 . 2011-12-11 14:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-30 16:29 . 2011-12-13 10:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-12-13 10:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-12-11 14:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-12-13 09:06 . 2011-12-13 09:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-12-11 14:52 . 2011-12-11 14:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-12-13 09:06 . 2011-12-13 09:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-12-11 14:52 . 2011-12-11 14:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-01-16 13:57 . 2011-12-13 13:08 476704 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2009-12-31 15:07 . 2011-12-13 11:50 520574 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-12-26 08:12 . 2011-12-13 09:08 100438 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 09:16 . 2011-12-11 14:58 703898 c:\windows\system32\perfh013.dat + 2009-07-14 09:16 . 2011-12-13 09:10 703898 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2011-12-13 09:10 618342 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-12-11 14:58 618342 c:\windows\system32\perfh009.dat - 2009-07-14 09:16 . 2011-12-11 14:58 134798 c:\windows\system32\perfc013.dat + 2009-07-14 09:16 . 2011-12-13 09:10 134798 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2011-12-13 09:10 107622 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-12-11 14:58 107622 c:\windows\system32\perfc009.dat + 2011-12-08 17:39 . 2011-12-12 17:47 381048 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2009-07-14 05:01 . 2011-12-12 17:47 330320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2011-12-10 17:21 330320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-02-03 13:35 . 2011-12-12 17:47 3880028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3049350583-4237318727-1982880771-1001-8192.dat - 2011-02-03 13:35 . 2011-12-10 17:21 3880028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3049350583-4237318727-1982880771-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-10 107000] . c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 EaseUS Agent;EaseUS Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2011-10-21 60552] R3 Guard Agent;Guard Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2011-10-21 23176] R3 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2011-06-13 343856] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472] R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-07-05 16448] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 ViewRightDVRService.exe;ViewRightDVRService;c:\program files (x86)\Nokia Siemens Network\Home Media Center\ViewRightDVRService.exe [2010-12-21 299008] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-09-28 885160] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x] R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [x] S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [x] S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [x] S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [x] S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2011-11-25 1517976] S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe [2009-08-24 544768] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928] S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys [2011-03-08 12824] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-11-09 498208] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x] S3 CryptOSD;Phoenix CryptOSD Device Driver;c:\windows\system32\DRIVERS\CryptOSD.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-10-06 25072] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-12-12 c:\windows\Tasks\Defraggler Volume C Task.job - c:\program files (x86)\df64.exe [2011-09-13 09:45] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11 08:14] . 2011-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11 08:14] . 2011-12-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3049350583-4237318727-1982880771-1001Core.job - c:\users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 14:54] . 2011-12-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3049350583-4237318727-1982880771-1001UA.job - c:\users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 14:54] . 2011-11-20 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32] . 2011-12-13 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208] "Ashampoo HDD-Control 2 Guard"="c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe" [2011-11-25 3783064] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://nl.giveawayoftheday.com/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Menu aanpassen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\daniel\AppData\Roaming\Mozilla\Firefox\Profiles\oc3ewbgo.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.standaard.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.ftp - pac.pandora.be FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - pac.pandora.be FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - pac.pandora.be FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - pac.pandora.be FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - pac.pandora.be FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 2 FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-12-13 14:22:30 ComboFix-quarantined-files.txt 2011-12-13 13:22 ComboFix2.txt 2011-12-12 17:08 ComboFix3.txt 2011-12-11 15:09 . Pre-Run: 421.297.491.968 bytes beschikbaar Post-Run: 421.239.566.336 bytes beschikbaar . - - End Of File - - 6B9BF16903737284C96FDF39B54FD0B0 nazicht laat zien dat er nog 5 bestanden met 0 bytes aanwezig zijn
  15. niets gevonden voor beide scans heb dit ook gedaan voor bestanden : 20111006094150001482.pdf met 160 kbytes en bestand 20111006094150001482.pdf met 0 bytes : resultaat beide niets gevonden copy and paste voor deze bestanden werkt niet
  16. heb problemen met het zoeken met die bestanden : in verkenner zie ik de bestanden staan, in programma Jotti bij klikken op "bladeren" zijn deze bestanden niet te zien ! mijn verborgen bestanden en systeembestanden zijn zichtbaar
  17. In bijlage log van combofix moet er bij vertellen dat tijdens het starten het programma vroeg om updates te downloaden ik heb ja geclikt tevens is het bestand CFScript verdwenen van het bureaublad ComboFix 11-12-12.02 - daniel 12/12/2011 18:02:10.2.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.4085.2534 [GMT 1:00] Gestart vanuit: c:\users\daniel\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\daniel\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\user.js . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-12 to 2011-12-12 )))))))))))))))))))))))))))))) . . 2011-12-12 17:06 . 2011-12-12 17:06 -------- d-----w- c:\users\Gast\AppData\Local\temp 2011-12-12 17:06 . 2011-12-12 17:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-12-12 17:06 . 2011-12-12 17:06 -------- d-----w- c:\users\daniel\AppData\Local\temp 2011-12-12 17:06 . 2011-12-12 17:06 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2011-12-12 15:28 . 2011-12-12 15:28 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A37764D1-A278-42A3-A91D-11B5C54C33A9}\offreg.dll 2011-12-11 16:16 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A37764D1-A278-42A3-A91D-11B5C54C33A9}\mpengine.dll 2011-12-08 16:56 . 2011-12-08 16:56 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-12-08 14:33 . 2011-12-08 14:33 -------- d-----w- c:\users\daniel\Mijn backup dossier 2011-12-07 10:06 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe 2011-12-05 16:12 . 2011-12-05 16:12 -------- d-----w- c:\program files (x86)\Unlocker 2011-12-05 14:18 . 2011-12-11 15:09 -------- d-----w- c:\users\HiJackThis 2011-12-02 15:35 . 2011-12-02 15:35 -------- d-----w- c:\program files (x86)\SIW 2011-12-01 10:34 . 2011-12-01 10:34 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-30 17:27 . 2011-11-30 17:27 -------- d-----w- c:\program files (x86)\Trend Micro 2011-11-28 15:44 . 2011-11-28 15:44 53248 ----a-r- c:\users\daniel\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-11-28 15:43 . 2011-11-28 15:43 -------- d-----w- c:\program files\Logitech 2011-11-25 16:48 . 2011-11-27 18:45 -------- d-----w- c:\users\daniel\AppData\Local\Spotify 2011-11-25 16:48 . 2011-11-27 18:45 -------- d-----w- c:\users\daniel\AppData\Roaming\Spotify 2011-11-21 10:15 . 2011-11-21 10:15 -------- d-----w- c:\users\daniel\AppData\Roaming\URSoft 2011-11-21 10:15 . 2011-11-21 10:15 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7 2011-11-16 11:48 . 2011-11-16 11:48 -------- d-----w- c:\programdata\complexbackup 2011-11-16 11:47 . 2011-11-16 11:47 -------- d-----w- c:\programdata\launcher 2011-11-16 10:51 . 2011-11-16 10:51 -------- d-----w- c:\program files (x86)\Paragon_Software 2011-11-16 10:46 . 2011-11-16 10:46 -------- d-----w- c:\programdata\explauncher 2011-11-16 09:15 . 2011-11-16 09:15 -------- d-----w- c:\windows\system32\Macromed 2011-11-14 07:11 . 2011-11-14 07:11 251696 ----a-w- c:\windows\SysWow64\prgiso.dll 2011-11-14 07:11 . 2011-11-14 07:11 59184 ----a-w- c:\windows\system32\drivers\uimx64.sys 2011-11-14 07:11 . 2011-11-14 07:11 572336 ----a-w- c:\windows\system32\drivers\Uim_IMx64.sys 2011-11-14 07:11 . 2011-11-14 07:11 412464 ----a-w- c:\windows\system32\drivers\UimFIO.sys 2011-11-14 07:11 . 2011-11-14 07:11 352816 ----a-w- c:\windows\system32\drivers\uim_vimx64.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-28 15:44 . 2011-10-08 13:40 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-11-21 11:40 . 2011-02-08 16:52 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-11-16 09:15 . 2011-05-19 08:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-09 10:03 . 2011-05-20 14:46 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-11-07 16:44 . 2011-11-07 16:44 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys 2011-11-05 18:45 . 2011-11-05 18:46 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-11-05 18:45 . 2009-11-12 06:24 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2011-11-05 18:45 . 2011-11-05 18:46 565352 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-11-05 18:37 . 2010-06-02 09:59 35344 ----a-w- c:\windows\system32\drivers\npf.sys 2011-10-21 21:47 . 2011-11-08 16:48 25224 ----a-w- c:\windows\system32\fbnative.exe 2011-10-21 21:46 . 2011-09-04 13:50 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys 2011-10-21 21:46 . 2011-09-04 13:50 50312 ----a-w- c:\windows\system32\drivers\EUBKMON.sys 2011-10-21 21:46 . 2011-09-04 13:50 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys 2011-10-21 21:46 . 2011-09-04 13:50 44680 ----a-w- c:\windows\system32\drivers\eubakup.sys 2011-10-21 09:34 . 2010-06-24 12:47 627600 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-11 19:40 . 2011-10-11 19:41 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A206B7BD-CC45-4DA1-B478-B1393704F018}\gapaengine.dll 2011-09-29 16:29 . 2011-11-09 12:45 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-09-29 04:03 . 2011-11-09 12:45 3144704 ----a-w- c:\windows\system32\win32k.sys 2011-09-13 09:46 . 2011-09-13 09:46 153296 ----a-w- c:\program files (x86)\uninst.exe 2011-09-13 09:45 . 2011-09-13 09:45 1267008 ----a-w- c:\program files (x86)\df64.exe 2011-09-13 09:45 . 2011-09-13 09:45 3909440 ----a-w- c:\program files (x86)\Defraggler64.exe 2011-09-13 09:45 . 2011-09-13 09:45 2365248 ----a-w- c:\program files (x86)\Defraggler.exe 2010-09-30 15:14 . 2010-09-30 15:14 6 ----a-w- c:\program files (x86)\Common Files\UnInstallCompleted.tmp 2010-09-30 15:13 . 2010-05-21 13:59 154688 ----a-w- c:\program files (x86)\Common Files\osdinst.dll 2010-05-28 07:53 . 2010-05-28 07:53 3096576 ----a-w- c:\program files (x86)\openofficeorg32.msi 2010-05-14 18:52 . 2010-05-21 13:59 4906048 ----a-w- c:\program files (x86)\Common Files\xsignal.exe . . ((((((((((((((((((((((((((((( SnapShot@2011-12-11_15.07.33 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 05:10 . 2011-12-12 15:30 42642 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2011-12-11 14:55 42642 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-12-31 10:21 . 2011-12-12 15:30 21192 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3049350583-4237318727-1982880771-1001_UserData.bin + 2009-12-30 16:29 . 2011-12-12 16:01 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-30 16:29 . 2011-12-11 14:55 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-30 16:29 . 2011-12-11 14:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-30 16:29 . 2011-12-12 16:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-12-12 16:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-12-11 14:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-12-12 15:28 . 2011-12-12 15:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-12-11 14:52 . 2011-12-11 14:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-12-12 15:28 . 2011-12-12 15:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-12-11 14:52 . 2011-12-11 14:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-12-31 15:07 . 2011-12-11 16:05 519086 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-12-26 08:12 . 2011-12-12 15:30 100438 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 09:16 . 2011-12-11 14:58 703898 c:\windows\system32\perfh013.dat + 2009-07-14 09:16 . 2011-12-12 15:33 703898 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2011-12-11 14:58 618342 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-12-12 15:33 618342 c:\windows\system32\perfh009.dat + 2009-07-14 09:16 . 2011-12-12 15:33 134798 c:\windows\system32\perfc013.dat - 2009-07-14 09:16 . 2011-12-11 14:58 134798 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2011-12-11 14:58 107622 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2011-12-12 15:33 107622 c:\windows\system32\perfc009.dat + 2011-12-08 17:39 . 2011-12-12 09:46 381048 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2009-07-14 05:01 . 2011-12-10 17:21 330320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-12-12 09:46 330320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-02-03 13:35 . 2011-12-10 17:21 3880028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3049350583-4237318727-1982880771-1001-8192.dat + 2011-02-03 13:35 . 2011-12-12 09:46 3880028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3049350583-4237318727-1982880771-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-10 107000] . c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 EaseUS Agent;EaseUS Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2011-10-21 60552] R3 Guard Agent;Guard Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2011-10-21 23176] R3 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2011-06-13 343856] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472] R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-07-05 16448] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 ViewRightDVRService.exe;ViewRightDVRService;c:\program files (x86)\Nokia Siemens Network\Home Media Center\ViewRightDVRService.exe [2010-12-21 299008] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-09-28 885160] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x] R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [x] S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [x] S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [x] S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [x] S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2011-11-25 1517976] S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe [2009-08-24 544768] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928] S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys [2011-03-08 12824] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-11-09 498208] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x] S3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x] S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] S3 CryptOSD;Phoenix CryptOSD Device Driver;c:\windows\system32\DRIVERS\CryptOSD.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-10-06 25072] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-12-12 c:\windows\Tasks\Defraggler Volume C Task.job - c:\program files (x86)\df64.exe [2011-09-13 09:45] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11 08:14] . 2011-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11 08:14] . 2011-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3049350583-4237318727-1982880771-1001Core.job - c:\users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 14:54] . 2011-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3049350583-4237318727-1982880771-1001UA.job - c:\users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 14:54] . 2011-11-20 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32] . 2011-12-12 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208] "Ashampoo HDD-Control 2 Guard"="c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe" [2011-11-25 3783064] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://nl.giveawayoftheday.com/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Menu aanpassen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\daniel\AppData\Roaming\Mozilla\Firefox\Profiles\oc3ewbgo.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.standaard.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.ftp - pac.pandora.be FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - pac.pandora.be FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - pac.pandora.be FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - pac.pandora.be FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - pac.pandora.be FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 2 FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-12-12 18:08:35 ComboFix-quarantined-files.txt 2011-12-12 17:08 ComboFix2.txt 2011-12-11 15:09 . Pre-Run: 418.587.553.792 bytes beschikbaar Post-Run: 418.296.393.728 bytes beschikbaar . - - End Of File - - 5939CFF50625585469654956B16D1A23 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:16:43, on 12/12/2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Giveaway of the Day in Dutch. Today: Zentimo 1.4 - Zentimo biedt een nieuwe manier voor het beheren van je USB & eSATA apparaten. Naast dat het problemen oplost in ... R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.euro.dell.com/systemprofiler/SysProExe.CAB O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.euro.dell.com/systemprofiler/DellSystemLite.CAB O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package 1) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: EaseUS Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Guard Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_fd9b60625db011f9\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: ViewRightDVRService (ViewRightDVRService.exe) - Verimatrix Inc. - C:\Program Files (x86)\Nokia Siemens Network\Home Media Center\ViewRightDVRService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe -- End of file - 10794 bytes
  18. ComboFix 11-12-10.01 - daniel 11/12/2011 16:01:39.1.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.4085.2292 [GMT 1:00] Gestart vanuit: c:\users\daniel\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\program files (x86)\df.exe c:\program files (x86)\Setup.exe c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-11 to 2011-12-11 )))))))))))))))))))))))))))))) . . 2011-12-11 15:07 . 2011-12-11 15:07 -------- d-----w- c:\users\Gast\AppData\Local\temp 2011-12-11 15:07 . 2011-12-11 15:07 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-12-10 10:12 . 2011-12-11 14:52 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA57C59B-961D-4AB0-A0F5-3B9A468B8421}\offreg.dll 2011-12-10 10:12 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA57C59B-961D-4AB0-A0F5-3B9A468B8421}\mpengine.dll 2011-12-08 16:56 . 2011-12-08 16:56 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-12-08 16:56 . 2011-12-08 16:56 237 ----a-w- C:\user.js 2011-12-08 14:33 . 2011-12-08 14:33 -------- d-----w- c:\users\daniel\Mijn backup dossier 2011-12-07 10:06 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe 2011-12-05 16:12 . 2011-12-05 16:12 -------- d-----w- c:\program files (x86)\Unlocker 2011-12-05 14:18 . 2011-12-06 16:58 -------- d-----w- c:\users\HiJackThis 2011-12-02 15:35 . 2011-12-02 15:35 -------- d-----w- c:\program files (x86)\SIW 2011-12-01 10:34 . 2011-12-01 10:34 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-30 17:27 . 2011-11-30 17:27 -------- d-----w- c:\program files (x86)\Trend Micro 2011-11-28 15:44 . 2011-11-28 15:44 53248 ----a-r- c:\users\daniel\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-11-28 15:43 . 2011-11-28 15:43 -------- d-----w- c:\program files\Logitech 2011-11-25 16:48 . 2011-11-27 18:45 -------- d-----w- c:\users\daniel\AppData\Local\Spotify 2011-11-25 16:48 . 2011-11-27 18:45 -------- d-----w- c:\users\daniel\AppData\Roaming\Spotify 2011-11-21 10:15 . 2011-11-21 10:15 -------- d-----w- c:\users\daniel\AppData\Roaming\URSoft 2011-11-21 10:15 . 2011-11-21 10:15 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7 2011-11-16 11:48 . 2011-11-16 11:48 -------- d-----w- c:\programdata\complexbackup 2011-11-16 11:47 . 2011-11-16 11:47 -------- d-----w- c:\programdata\launcher 2011-11-16 10:51 . 2011-11-16 10:51 -------- d-----w- c:\program files (x86)\Paragon_Software 2011-11-16 10:46 . 2011-11-16 10:46 -------- d-----w- c:\programdata\explauncher 2011-11-16 09:15 . 2011-11-16 09:15 -------- d-----w- c:\windows\system32\Macromed 2011-11-14 07:11 . 2011-11-14 07:11 251696 ----a-w- c:\windows\SysWow64\prgiso.dll 2011-11-14 07:11 . 2011-11-14 07:11 59184 ----a-w- c:\windows\system32\drivers\uimx64.sys 2011-11-14 07:11 . 2011-11-14 07:11 572336 ----a-w- c:\windows\system32\drivers\Uim_IMx64.sys 2011-11-14 07:11 . 2011-11-14 07:11 412464 ----a-w- c:\windows\system32\drivers\UimFIO.sys 2011-11-14 07:11 . 2011-11-14 07:11 352816 ----a-w- c:\windows\system32\drivers\uim_vimx64.sys 2011-11-11 17:05 . 2011-11-11 17:05 -------- d-----w- c:\program files\Soluto . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-28 15:44 . 2011-10-08 13:40 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-11-21 11:40 . 2011-02-08 16:52 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-11-16 09:15 . 2011-05-19 08:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-09 10:03 . 2011-05-20 14:46 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-11-07 16:44 . 2011-11-07 16:44 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys 2011-11-05 18:45 . 2011-11-05 18:46 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-11-05 18:45 . 2009-11-12 06:24 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2011-11-05 18:45 . 2011-11-05 18:46 565352 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-11-05 18:37 . 2010-06-02 09:59 35344 ----a-w- c:\windows\system32\drivers\npf.sys 2011-10-21 21:47 . 2011-11-08 16:48 25224 ----a-w- c:\windows\system32\fbnative.exe 2011-10-21 21:46 . 2011-09-04 13:50 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys 2011-10-21 21:46 . 2011-09-04 13:50 50312 ----a-w- c:\windows\system32\drivers\EUBKMON.sys 2011-10-21 21:46 . 2011-09-04 13:50 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys 2011-10-21 21:46 . 2011-09-04 13:50 44680 ----a-w- c:\windows\system32\drivers\eubakup.sys 2011-10-21 09:34 . 2010-06-24 12:47 627600 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-11 19:40 . 2011-10-11 19:41 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A206B7BD-CC45-4DA1-B478-B1393704F018}\gapaengine.dll 2011-09-29 16:29 . 2011-11-09 12:45 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-09-29 04:03 . 2011-11-09 12:45 3144704 ----a-w- c:\windows\system32\win32k.sys 2011-09-13 09:46 . 2011-09-13 09:46 153296 ----a-w- c:\program files (x86)\uninst.exe 2011-09-13 09:45 . 2011-09-13 09:45 1267008 ----a-w- c:\program files (x86)\df64.exe 2011-09-13 09:45 . 2011-09-13 09:45 3909440 ----a-w- c:\program files (x86)\Defraggler64.exe 2011-09-13 09:45 . 2011-09-13 09:45 2365248 ----a-w- c:\program files (x86)\Defraggler.exe 2010-09-30 15:14 . 2010-09-30 15:14 6 ----a-w- c:\program files (x86)\Common Files\UnInstallCompleted.tmp 2010-09-30 15:13 . 2010-05-21 13:59 154688 ----a-w- c:\program files (x86)\Common Files\osdinst.dll 2010-05-28 07:53 . 2010-05-28 07:53 3096576 ----a-w- c:\program files (x86)\openofficeorg32.msi 2010-05-14 18:52 . 2010-05-21 13:59 4906048 ----a-w- c:\program files (x86)\Common Files\xsignal.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-10 107000] . c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 EaseUS Agent;EaseUS Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2011-10-21 60552] R3 Guard Agent;Guard Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2011-10-21 23176] R3 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2011-06-13 343856] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-10-06 25072] R3 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472] R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-07-05 16448] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 ViewRightDVRService.exe;ViewRightDVRService;c:\program files (x86)\Nokia Siemens Network\Home Media Center\ViewRightDVRService.exe [2010-12-21 299008] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-09-28 885160] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x] R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [x] S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [x] S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [x] S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [x] S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2011-11-25 1517976] S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe [2009-08-24 544768] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928] S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys [2011-03-08 12824] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-11-09 498208] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x] S3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x] S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] S3 CryptOSD;Phoenix CryptOSD Device Driver;c:\windows\system32\DRIVERS\CryptOSD.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-27 c:\windows\Tasks\Defraggler Volume C Task.job - c:\program files (x86)\df64.exe [2011-09-13 09:45] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11 08:14] . 2011-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11 08:14] . 2011-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3049350583-4237318727-1982880771-1001Core.job - c:\users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 14:54] . 2011-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3049350583-4237318727-1982880771-1001UA.job - c:\users\daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 14:54] . 2011-11-20 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32] . 2011-12-11 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208] "Ashampoo HDD-Control 2 Guard"="c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe" [2011-11-25 3783064] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://nl.giveawayoftheday.com/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Menu aanpassen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: RoboForm Werkbalk - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\daniel\AppData\Roaming\Mozilla\Firefox\Profiles\oc3ewbgo.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.standaard.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.ftp - pac.pandora.be FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - pac.pandora.be FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - pac.pandora.be FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - pac.pandora.be FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - pac.pandora.be FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 2 FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108973 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 7eb5843300000000000000265e8fcd00 FF - user.js: extensions.BabylonToolbar_i.hardId - 7eb5843300000000000000265e8fcd00 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15316 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:56 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - std . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-fsm - (no file) Wow6432Node-HKLM-Run-NPSStartup - (no file) Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-12-11 16:09:33 ComboFix-quarantined-files.txt 2011-12-11 15:09 . Pre-Run: 419.135.356.928 bytes beschikbaar Post-Run: 419.395.735.552 bytes beschikbaar . - - End Of File - - 1501DCCFBB80E82C31FD07917F5E4F6B
  19. bij toeval heb ik gevonden waar mijn downloads vandaan k deze documenten opnieuw gedownload : opnieuw verkrijg ik een document + een 0 byte bestand getracht van het origineel bestand te verwijderen : origineel ok, 0 byte blijft staan getracht van het 0 byte bestand te verwijderen : origineel verdwijnt, o byte blijft bestaan
  20. Heb je een idee waarom ik Killbox en Killafile niet kan gebruiken ? 64bites ! Bedankt voor alle hulp
  21. Daar wacht ik liever mee, zo erg zijn die bestanden nu ook niet Ik ga ervan uit dat het terug zetten naar een herstelpunt voor 23/11 niet help. Correct ?
  22. uitgevoerd als administrator alsook in safe mode, bestanden niet te verwijderen het is zoals je zegt dit zijn geen bestanden maar overblijfsels van een download heb ook geprobeerd om een willekeurige pdf file te herbenoemen naar een bestand maar dat werkt ook niet via recuva getracht om het originele download terug te halen maar geen geluk
  23. del van de file gaat niet in DOS wat ik wel raar vind is dat ik 2 mappen heb met "." en ".." maar deze zijn niet zichtbaar in de verkenner
  24. problemen met Killbox unzippen gaat niet bij openen volgende foutmelding
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.