Ga naar inhoud

trage laptop

paddepoel

Door paddepoel
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

paddepoel Enthousiasteling

paddepoel

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Sorry voor het wel heel laattijdige antwoord. Hierbij het logje:

ComboFix 11-11-14.03 - pgadebac 15/11/2011 7:50.9.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2942.2329 [GMT 1:00]

Gestart vanuit: d:\documents and settings\pgadebac\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: d:\documents and settings\pgadebac\Bureaublad\CFScript.txt

AV: McAfee VirusScan Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

* Nieuw herstelpunt werd aangemaakt

* Aanwezig AV is actief

.

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\winnt\system32\PowerToyReadme.htm

d:\documents and settings\All Users\Application Data\TEMP

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-10-15 to 2011-11-15 ))))))))))))))))))))))))))))))

.

.

2011-11-14 14:54 . 2011-11-15 06:45 -------- d--h--r- d:\documents and settings\pgadebac\Onlangs geopend

2011-11-14 14:26 . 2011-11-14 14:26 -------- d-----w- d:\documents and settings\pgadebac\Application Data\smkits

2011-10-28 13:08 . 2011-04-12 20:41 406896 ----a-w- c:\winnt\system32\dsNcSmartCardProv.dll

2011-10-28 13:08 . 2011-04-12 20:41 361840 ----a-w- c:\winnt\system32\dsNcCredProv.dll

2011-10-24 13:46 . 2011-10-24 13:46 -------- d-----w- d:\documents and settings\pgadebac\Application Data\Foxit Software

2011-10-21 07:24 . 2010-06-19 06:30 14848 ----a-w- c:\winnt\system32\drivers\InputFilter_FlexDef2b.sys

2011-10-21 07:23 . 2011-10-21 07:24 -------- d-----w- c:\program files\SilverCrest OMC807 Driver

2011-10-17 08:00 . 2011-10-17 08:00 -------- d-----w- c:\program files\Foxit Software

2011-10-17 05:57 . 2011-10-17 07:56 -------- d-----w- d:\documents and settings\pgadebac\Local Settings\Application Data\Solid State Networks

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-14 14:55 . 2009-02-08 14:16 41272 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys

2011-10-04 15:40 . 2011-10-04 15:40 388096 ----a-r- d:\documents and settings\pgadebac\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-03 04:06 . 2011-05-11 13:11 472808 ----a-w- c:\winnt\system32\deployJava1.dll

2011-10-03 01:37 . 2008-10-01 18:03 73728 ----a-w- c:\winnt\system32\javacpl.cpl

2011-08-31 16:00 . 2009-02-08 14:16 22216 ----a-w- c:\winnt\system32\drivers\mbam.sys

2011-06-18 12:01 . 2011-03-24 05:08 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-02-04 18:07 . 2010-06-18 16:02 23864 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-10-21_06.06.48 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-11-15 06:22 . 2011-11-15 06:22 16384 c:\winnt\Temp\Perflib_Perfdata_72c.dat

- 2004-08-04 12:00 . 2011-08-27 11:18 87088 c:\winnt\system32\perfc009.dat

+ 2004-08-04 12:00 . 2011-11-15 06:26 87088 c:\winnt\system32\perfc009.dat

+ 2011-04-12 20:10 . 2011-04-12 20:10 26624 c:\winnt\system32\drivers\dsNcAdpt.sys

- 2009-03-27 02:41 . 2010-02-19 00:07 26624 c:\winnt\system32\drivers\dsNcAdpt.sys

+ 2011-10-04 09:02 . 2011-11-14 14:49 23040 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2011-10-04 09:02 . 2011-10-20 11:03 23040 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2011-10-04 09:02 . 2011-10-20 11:02 61440 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe

+ 2011-10-04 09:02 . 2011-11-14 14:49 61440 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe

+ 2011-10-04 09:02 . 2011-11-14 14:49 27136 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2011-10-04 09:02 . 2011-10-20 11:03 27136 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2011-08-16 08:55 . 2011-11-14 14:49 11264 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2011-08-16 08:55 . 2011-10-20 11:02 11264 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2011-10-04 09:02 . 2011-11-14 14:49 86016 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe

- 2011-10-04 09:02 . 2011-10-20 11:02 86016 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2011-08-16 08:55 . 2011-11-14 14:49 12288 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2011-08-16 08:55 . 2011-10-20 11:02 12288 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2011-10-04 09:02 . 2011-10-20 11:03 4096 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2011-10-04 09:02 . 2011-11-14 14:49 4096 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2004-08-04 12:00 . 2011-11-15 06:26 554110 c:\winnt\system32\perfh013.dat

- 2004-08-04 12:00 . 2011-08-27 11:18 554110 c:\winnt\system32\perfh013.dat

- 2004-08-04 12:00 . 2011-08-27 11:18 480484 c:\winnt\system32\perfh009.dat

+ 2004-08-04 12:00 . 2011-11-15 06:26 480484 c:\winnt\system32\perfh009.dat

+ 2004-08-04 12:00 . 2011-11-15 06:26 111184 c:\winnt\system32\perfc013.dat

- 2004-08-04 12:00 . 2011-08-27 11:18 111184 c:\winnt\system32\perfc013.dat

+ 2011-11-07 07:10 . 2011-10-03 04:06 157472 c:\winnt\system32\javaws.exe

- 2011-05-11 13:11 . 2011-05-11 13:11 157472 c:\winnt\system32\javaws.exe

+ 2011-11-07 07:10 . 2011-10-03 04:06 145184 c:\winnt\system32\javaw.exe

- 2011-05-11 13:11 . 2011-05-11 13:11 145184 c:\winnt\system32\javaw.exe

- 2011-05-11 13:11 . 2011-05-11 13:11 145184 c:\winnt\system32\java.exe

+ 2011-11-07 07:10 . 2011-10-03 04:06 145184 c:\winnt\system32\java.exe

+ 2011-11-07 07:12 . 2011-11-07 07:12 203776 c:\winnt\Installer\55a63.msi

- 2011-08-16 08:55 . 2011-10-20 11:02 409600 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2011-08-16 08:55 . 2011-11-14 14:49 409600 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe

- 2011-08-16 08:55 . 2011-10-20 11:02 286720 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2011-08-16 08:55 . 2011-11-14 14:49 286720 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2011-08-16 08:55 . 2011-10-20 11:02 249856 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2011-08-16 08:55 . 2011-11-14 14:49 249856 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2011-10-04 09:02 . 2011-10-20 11:03 794624 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2011-10-04 09:02 . 2011-11-14 14:49 794624 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2011-08-16 08:55 . 2011-10-20 11:02 135168 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2011-08-16 08:55 . 2011-11-14 14:49 135168 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2011-08-16 08:55 . 2011-10-20 11:02 593920 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2011-08-16 08:55 . 2011-11-14 14:49 593920 c:\winnt\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SigmatelSysTrayApp"="stsystra.exe" [2007-02-19 303104]

"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-02-04 124224]

"Dell QuickSet"="c:\program files\Dell\QuickSet\Quickset.exe" [2007-02-20 1191936]

"Logon"="c:\winnt\system32\loglogon.exe" [2008-07-23 199989]

"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-06-08 333120]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\winnt\system32\CTFMON.EXE" [2008-04-14 15360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="c:\winnt\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe" [2010-10-12 232912]

.

d:\documents and settings\pgadebac\Menu Start\Programma's\Opstarten\

Stickies.lnk - c:\program files\Stickies\stickies.exe [2008-8-28 765952]

.

d:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Acrobat Snelle start.lnk - c:\winnt\Installer\{AC76BA86-1030-D700-7760-100000000002}\SC_Acrobat.exe [2008-10-22 25214]

Taakbalkpictogram van Connected.LNK - c:\program files\Connected\CBSysTray.exe [2008-9-30 114688]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"SoftwareSASGeneration"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoFileAssociate"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]

"NoAutoUpdate"= 1 (0x1)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pcsinst]

2008-02-20 14:13 49152 ----a-w- c:\winnt\system32\pcsinst.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-667808998-3646381641-2365837644-12977\Scripts\Logon\0\0]

"Script"=\\10.20.129.10\backuppc\Installpcbackup.vbs

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-667808998-3646381641-2365837644-28925\Scripts\Logon\0\0]

"Script"=\\10.20.129.10\backuppc\Installpcbackup.vbs

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-667808998-3646381641-2365837644-6869\Scripts\Logon\0\0]

"Script"=deontologieLaunch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-667808998-3646381641-2365837644-6869\Scripts\Logon\1\0]

"Script"=\\finbel\findata\minfin\Deployment\BackupPC\Installpcbackup.vbs

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-667808998-3646381641-2365837644-83173\Scripts\Logon\0\0]

"Script"=\\10.20.129.10\backuppc\Installpcbackup.vbs

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-667808998-3646381641-2365837644-83611\Scripts\Logon\0\0]

"Script"=\\finbel\findata\minfin\Deployment\BackupPC\Installpcbackup.vbs

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

@="Service"

.

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

backup=c:\winnt\pss\Adobe Gamma Loader.lnkCommon Startup

.

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk]

backup=c:\winnt\pss\Bluetooth Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]

backup=c:\winnt\pss\Windows Search.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]

2004-12-14 00:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]

2010-02-05 11:29 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]

2007-02-20 10:29 1191936 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2008-12-01 05:12 133104 ----atw- d:\documents and settings\pgadebac\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intoan]

2005-09-29 17:34 4549632 ----a-w- c:\program files\Intoan\Agent\IntoanAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]

2006-09-11 02:40 218032 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch SilverCrest OMC807]

2010-06-28 07:01 860160 ----a-w- c:\program files\SilverCrest OMC807 Driver\MouClient_FD2_9063RL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

2011-08-31 16:00 449608 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NOTESMON]

2006-12-12 15:39 80896 ----a-w- c:\program files\AddInForLotusNotes\notesmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]

2011-02-04 18:07 124224 ----a-w- c:\program files\McAfee\VirusScan Enterprise\shstat.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=

"c:\\Program Files\\Cisco Systems\\Cisco IP Communicator\\communicatork9.exe"=

"c:\\WINNT\\system32\\mmc.exe"=

"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=

"d:\\Data\\Mijn documenten\\PATRICK NIOD\\ONDERHOUD PC\\uTorrent.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

.

R0 sptd;sptd;c:\winnt\system32\drivers\sptd.sys [26/08/2010 17:37 691696]

R1 HttpDisk;HttpDisk;c:\winnt\system32\drivers\httpdisk.sys [17/07/2008 8:54 14592]

R2 CdpPacket;Cisco Discovery Protocol Packet Driver;c:\winnt\system32\drivers\CdpPacket.sys [24/01/2008 17:47 35692]

R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [19/03/2009 18:10 712048]

R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [19/03/2009 18:10 712048]

R2 pdlndldl6;IBM Enterprise Extender (HPR/IPv6);c:\winnt\system32\drivers\pdlndldl6.sys [20/02/2008 15:13 70656]

R2 vnccom;vnccom;c:\winnt\system32\drivers\vnccom.SYS [17/07/2008 8:12 6016]

R3 bbcap;bbcap;c:\winnt\system32\drivers\bbcap.sys [15/01/2009 20:11 4096]

R3 MBAMProtector;MBAMProtector;c:\winnt\system32\drivers\mbam.sys [8/02/2009 15:16 22216]

S0 crpf;crpf;c:\winnt\system32\drivers\crpf.sys --> c:\winnt\system32\drivers\crpf.sys [?]

S0 csdf;cdsf;c:\winnt\system32\drivers\csdf.sys --> c:\winnt\system32\drivers\csdf.sys [?]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/01/2010 6:39 135664]

S2 gupdate1c9c883e3eb492;Google Updateservice (gupdate1c9c883e3eb492);c:\program files\Google\Update\GoogleUpdate.exe [15/01/2010 6:39 135664]

S2 SSPORT;SSPORT;\??\c:\winnt\system32\Drivers\SSPORT.sys --> c:\winnt\system32\Drivers\SSPORT.sys [?]

S3 ACSSCR;ACR38 Smart Card Reader;c:\winnt\system32\drivers\a38usb.sys [29/09/2008 19:55 33536]

S3 GTUQBUS;GT UQ BUS;c:\winnt\system32\drivers\gtuqbus.sys [13/02/2009 14:32 37120]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15/01/2010 6:39 135664]

S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;c:\winnt\system32\drivers\ewusbmdm.sys [12/02/2009 13:47 65152]

S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface;c:\winnt\system32\drivers\ewusbapp.sys [12/02/2009 13:47 65152]

S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;c:\winnt\system32\drivers\ewusbser.sys [12/02/2009 13:47 65152]

S3 ImDisk;ImDisk Virtual Disk Driver;c:\winnt\system32\drivers\imdisk.sys [17/03/2008 18:50 19840]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\winnt\system32\drivers\massfilter.sys --> c:\winnt\system32\drivers\massfilter.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;c:\winnt\system32\drivers\mferkdet.sys [18/06/2010 17:02 67240]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Inhoud van de 'Gedeelde Taken' map

.

2011-11-15 c:\winnt\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2010-11-21 09:47]

.

2011-11-15 c:\winnt\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 05:39]

.

2011-11-15 c:\winnt\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 05:39]

.

2011-11-14 c:\winnt\Tasks\GoogleUpdateTaskUserS-1-5-21-3712614485-1044013603-244294945-1006Core.job

- d:\documents and settings\debacker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-01 20:08]

.

2011-11-14 c:\winnt\Tasks\GoogleUpdateTaskUserS-1-5-21-3712614485-1044013603-244294945-1006UA.job

- d:\documents and settings\debacker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-01 20:08]

.

2011-11-10 c:\winnt\Tasks\GoogleUpdateTaskUserS-1-5-21-667808998-3646381641-2365837644-6869Core.job

- d:\documents and settings\pgadebac\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-01 05:12]

.

2011-11-14 c:\winnt\Tasks\GoogleUpdateTaskUserS-1-5-21-667808998-3646381641-2365837644-6869UA.job

- d:\documents and settings\pgadebac\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-01 05:12]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://intranet/index.php?page=&langue=nl

uInternet Connection Wizard,ShellNext = hxxp://10.2.31.212/homenl

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

IE: Add to Google Photos Screensa&ver - c:\winnt\system32\GPhotos.scr/200

IE: Converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Geselecteerde koppelingen converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Selectie converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Selectie converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: { - c:\program files\Messenger\msmsgs.exe

Trusted Zone: intranet

TCP: DhcpNameServer = 192.168.2.1

DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://mail07-57.finbel.intra/dwa85W.cab

FF - ProfilePath - d:\documents and settings\pgadebac\Application Data\Mozilla\Firefox\Profiles\mn9m13ub.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be

FF - prefs.js: network.proxy.http - http://intranet/proxy.pac

FF - prefs.js: network.proxy.http_port - 80

FF - prefs.js: network.proxy.type - 2

FF - user.js: browser.blink_allowed - true

FF - user.js: network.prefetch-next - true

FF - user.js: layout.spellcheckDefault - 1

FF - user.js: browser.urlbar.autoFill - false

FF - user.js: browser.search.openintab - false

FF - user.js: browser.tabs.closeButtons - 1

FF - user.js: browser.tabs.opentabfor.middleclick - true

FF - user.js: browser.tabs.tabMinWidth - 100

FF - user.js: browser.urlbar.hideGoButton - true

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-11-15 07:58

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,56,2c,24,e9,d7,d5,43,9c,d4,1b,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,56,2c,24,e9,d7,d5,43,9c,d4,1b,\

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINNT\\system32\\FM20ENU.DLL"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINNT\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1288)

c:\winnt\system32\Ati2evxx.dll

c:\winnt\system32\pcsinst.dll

.

Voltooingstijd: 2011-11-15 08:01:03

ComboFix-quarantined-files.txt 2011-11-15 07:00

ComboFix2.txt 2011-10-24 16:53

ComboFix3.txt 2011-10-21 06:09

.

Pre-Run: 19.404.394.496 bytes beschikbaar

Post-Run: 19.380.170.752 bytes beschikbaar

.

- - End Of File - - 499170EFC5625BD9A790532E78EE7F02

aangepast door kweezie wabbit
smileys uitgeschakeld
Link naar reactie
Delen op andere sites
  • Reacties 23
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Mooi zo.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Dan gaan we nu het register eesn opruimen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.