Ga naar inhoud

kan niet op internet, geen enkele browser wel msn

wieweetda99
 Delen

Aanbevolen berichten

wieweetda99 Groentje

wieweetda99

Geplaatst:
  • Auteur
Geplaatst:

log combofix

ComboFix 12-04-14.02 - Mama 14/04/2012 21:27:57.1.2 - x86

Microsoft Windows 7 Starter 6.1.7601.1.1252.32.1043.18.1015.261 [GMT 2:00]

Gestart vanuit: c:\users\Mama\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\HP\HPBTWD.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-03-14 to 2012-04-14 ))))))))))))))))))))))))))))))

.

.

2012-04-14 19:52 . 2012-04-14 19:52 -------- d-----w- c:\users\Luna\AppData\Local\temp

2012-04-14 19:51 . 2012-04-14 19:55 -------- d-----w- c:\users\Mama\AppData\Local\temp

2012-04-14 19:51 . 2012-04-14 19:51 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-14 19:33 . 2012-04-14 19:33 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CBFF2EB-5536-4123-9679-C891FA78CC61}\offreg.dll

2012-04-14 19:11 . 2012-04-14 19:11 -------- d-----w- c:\program files\COMODO

2012-04-14 14:19 . 2012-04-14 14:19 -------- d-----w- c:\programdata\CPA_VA

2012-04-14 13:36 . 2012-04-14 13:36 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2012-04-14 13:36 . 2012-04-14 13:36 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-04-14 12:28 . 2012-04-14 12:28 388096 ----a-r- c:\users\Mama\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-04-14 12:28 . 2012-04-14 12:28 -------- d-----w- c:\program files\Trend Micro

2012-04-14 08:32 . 2012-04-14 08:32 -------- d-----w- c:\users\Luna\AppData\Local\Opera

2012-04-14 08:29 . 2012-04-14 08:29 -------- d-----w- c:\users\Mama\AppData\Roaming\IObit

2012-04-13 21:31 . 2012-03-20 01:53 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CBFF2EB-5536-4123-9679-C891FA78CC61}\mpengine.dll

2012-04-13 14:15 . 2012-04-13 21:49 -------- d-----w- c:\users\Mama\AppData\Local\Diagnostics

2012-04-13 14:12 . 2012-04-13 14:12 -------- d-----w- c:\users\Mama\AppData\Local\Opera

2012-04-13 11:11 . 2012-04-13 14:12 -------- d-----w- c:\program files\Opera

2012-04-13 10:57 . 2012-04-13 10:57 -------- d-----w- c:\windows\system32\wbem\en-US

2012-04-13 08:13 . 2012-02-28 01:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-04-13 07:50 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-13 07:50 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-04-13 07:50 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-13 07:50 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-13 07:47 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-04-13 07:47 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-12 10:37 . 2012-04-13 21:08 -------- d-----w- c:\users\Mama\AppData\Local\ElevatedDiagnostics

2012-04-12 10:36 . 2012-04-14 16:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-04-12 10:36 . 2012-04-12 10:38 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-04-12 10:26 . 2012-03-11 21:13 33984 ----a-w- c:\windows\system32\cmdcsr.dll

2012-04-12 10:14 . 2012-04-12 10:14 -------- d-----w- c:\users\Mama\AppData\Roaming\Malwarebytes

2012-04-12 09:39 . 2012-04-12 09:39 -------- d-----w- c:\users\Mama\AppData\Roaming\DVDVideoSoft

2012-04-12 09:34 . 2012-04-12 09:34 -------- d-----w- c:\programdata\boost_interprocess

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-04 13:56 . 2011-06-22 13:25 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-11 21:13 . 2011-05-02 18:36 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2012-03-11 21:13 . 2011-05-02 18:36 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2012-03-11 21:13 . 2011-05-02 18:36 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys

2012-03-11 21:13 . 2011-05-02 18:36 301224 ----a-w- c:\windows\system32\guard32.dll

2012-02-23 08:18 . 2010-01-02 19:56 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-02-17 05:34 . 2012-03-13 18:06 826880 ----a-w- c:\windows\system32\rdpcore.dll

2012-02-17 04:14 . 2012-03-13 18:06 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-02-17 04:13 . 2012-03-13 18:06 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-02-10 05:38 . 2012-03-13 20:08 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-02-07 09:02 . 2012-02-07 09:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-02-03 19:27 . 2011-05-07 14:17 82400 ----a-w- c:\windows\system32\drivers\inspect.sys

2012-02-03 03:54 . 2012-03-13 20:09 2343424 ----a-w- c:\windows\system32\win32k.sys

2012-01-25 05:32 . 2012-03-13 18:06 58880 ----a-w- c:\windows\system32\rdpwsx.dll

2012-01-25 05:32 . 2012-03-13 18:06 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-01-25 05:27 . 2012-03-13 18:06 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-12 1533224]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]

"WallpaperStyle"= 2

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\guard32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP]

2009-07-14 01:54 589104 ----a-w- c:\program files\Hewlett-Packard\HP QuickSync\QuickSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

2009-06-29 20:44 458844 ----a-w- c:\program files\IDT\WDM\sttray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2008-12-03 21:15 218408 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePRCShortCut]

2009-05-19 20:16 222504 ------w- c:\program files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe"

"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" blrun

"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe

"HotKeysCmds"=c:\windows\system32\hkcmd.exe

"Persistence"=c:\windows\system32\igfxpers.exe

"IgfxTray"=c:\windows\system32\igfxtray.exe

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"

"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]

S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2012-03-11 19600]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 491816]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 39640]

S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-07-27 16984]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\aestsrv.exe [2009-03-02 81920]

S2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-08 323584]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-06-10 1524544]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-04-28 50688]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - TUNEUPUTILITIESDRV

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

wscsvc

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_BE&c=94&bd=Pavilion&pf=cnnb

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

Toolbar-Locked - (no file)

HKLM-Run-HP BTW Detect Program - c:\program files\HP\HPBTWD.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(536)

c:\windows\system32\guard32.dll

.

- - - - - - - > 'lsass.exe'(612)

c:\windows\system32\guard32.dll

.

Voltooingstijd: 2012-04-14 22:03:58

ComboFix-quarantined-files.txt 2012-04-14 20:03

.

Pre-Run: 185.587.212.288 bytes beschikbaar

Post-Run: 185.722.540.032 bytes beschikbaar

.

- - End Of File - - 2D9DFD19622AECDBD3EF6E482DC62CB9

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\DRIVERS\cmderd.sys

c:\windows\system32\DRIVERS\cmdguard.sys

c:\windows\system32\DRIVERS\cmdhlp.sys

c:\windows\system32\guard32.dll

Folder::

c:\program files\COMODO

Registry::

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=-

Driver::

cmderd

cmdGuard

cmdHlp

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht … en probeer dan of Comodo installeren wél lukt.

Link naar reactie
Delen op andere sites
wieweetda99 Groentje

wieweetda99

Geplaatst:
  • Auteur
Geplaatst:

Kan nog steeds niet comodo installeren.

Hier de log van combofix

ComboFix 12-04-14.02 - Mama 14/04/2012 22:54:29.2.2 - x86

Microsoft Windows 7 Starter 6.1.7601.1.1252.32.1043.18.1015.438 [GMT 2:00]

Gestart vanuit: c:\users\Mama\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Mama\Desktop\CFScript.txt

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\system32\DRIVERS\cmderd.sys"

"c:\windows\system32\DRIVERS\cmdguard.sys"

"c:\windows\system32\DRIVERS\cmdhlp.sys"

"c:\windows\system32\guard32.dll"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\DRIVERS\cmderd.sys

c:\windows\system32\DRIVERS\cmdguard.sys

c:\windows\system32\DRIVERS\cmdhlp.sys

c:\windows\system32\guard32.dll

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_CMDERD

-------\Legacy_CMDGUARD

-------\Legacy_CMDHLP

-------\Service_cmderd

-------\Service_cmdGuard

-------\Service_cmdHlp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-03-14 to 2012-04-14 ))))))))))))))))))))))))))))))

.

.

2012-04-14 21:17 . 2012-04-14 21:19 -------- d-----w- c:\users\Mama\AppData\Local\temp

2012-04-14 21:17 . 2012-04-14 21:17 -------- d-----w- c:\users\Luna\AppData\Local\temp

2012-04-14 19:11 . 2012-04-14 19:11 -------- d-----w- c:\program files\COMODO

2012-04-14 14:19 . 2012-04-14 14:19 -------- d-----w- c:\programdata\CPA_VA

2012-04-14 13:36 . 2012-04-14 13:36 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2012-04-14 13:36 . 2012-04-14 13:36 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-04-14 12:28 . 2012-04-14 12:28 388096 ----a-r- c:\users\Mama\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-04-14 12:28 . 2012-04-14 12:28 -------- d-----w- c:\program files\Trend Micro

2012-04-14 08:32 . 2012-04-14 08:32 -------- d-----w- c:\users\Luna\AppData\Local\Opera

2012-04-14 08:29 . 2012-04-14 08:29 -------- d-----w- c:\users\Mama\AppData\Roaming\IObit

2012-04-13 21:31 . 2012-03-20 01:53 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CBFF2EB-5536-4123-9679-C891FA78CC61}\mpengine.dll

2012-04-13 14:15 . 2012-04-13 21:49 -------- d-----w- c:\users\Mama\AppData\Local\Diagnostics

2012-04-13 14:12 . 2012-04-13 14:12 -------- d-----w- c:\users\Mama\AppData\Local\Opera

2012-04-13 11:11 . 2012-04-13 14:12 -------- d-----w- c:\program files\Opera

2012-04-13 10:57 . 2012-04-13 10:57 -------- d-----w- c:\windows\system32\wbem\en-US

2012-04-13 08:13 . 2012-02-28 01:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-04-13 07:50 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-13 07:50 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-04-13 07:50 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-13 07:50 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-13 07:47 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-04-13 07:47 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-12 10:37 . 2012-04-13 21:08 -------- d-----w- c:\users\Mama\AppData\Local\ElevatedDiagnostics

2012-04-12 10:36 . 2012-04-14 16:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-04-12 10:36 . 2012-04-12 10:38 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-04-12 10:26 . 2012-03-11 21:13 33984 ----a-w- c:\windows\system32\cmdcsr.dll

2012-04-12 10:14 . 2012-04-12 10:14 -------- d-----w- c:\users\Mama\AppData\Roaming\Malwarebytes

2012-04-12 09:39 . 2012-04-12 09:39 -------- d-----w- c:\users\Mama\AppData\Roaming\DVDVideoSoft

2012-04-12 09:34 . 2012-04-12 09:34 -------- d-----w- c:\programdata\boost_interprocess

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-04 13:56 . 2011-06-22 13:25 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-23 08:18 . 2010-01-02 19:56 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-02-17 05:34 . 2012-03-13 18:06 826880 ----a-w- c:\windows\system32\rdpcore.dll

2012-02-17 04:14 . 2012-03-13 18:06 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-02-17 04:13 . 2012-03-13 18:06 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-02-10 05:38 . 2012-03-13 20:08 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-02-07 09:02 . 2012-02-07 09:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-02-03 19:27 . 2011-05-07 14:17 82400 ----a-w- c:\windows\system32\drivers\inspect.sys

2012-02-03 03:54 . 2012-03-13 20:09 2343424 ----a-w- c:\windows\system32\win32k.sys

2012-01-25 05:32 . 2012-03-13 18:06 58880 ----a-w- c:\windows\system32\rdpwsx.dll

2012-01-25 05:32 . 2012-03-13 18:06 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-01-25 05:27 . 2012-03-13 18:06 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-12 1533224]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]

"WallpaperStyle"= 2

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP]

2009-07-14 01:54 589104 ----a-w- c:\program files\Hewlett-Packard\HP QuickSync\QuickSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

2009-06-29 20:44 458844 ----a-w- c:\program files\IDT\WDM\sttray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2008-12-03 21:15 218408 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePRCShortCut]

2009-05-19 20:16 222504 ------w- c:\program files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe"

"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" blrun

"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe

"HotKeysCmds"=c:\windows\system32\hkcmd.exe

"Persistence"=c:\windows\system32\igfxpers.exe

"IgfxTray"=c:\windows\system32\igfxtray.exe

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"

"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]

S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-07-27 16984]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\aestsrv.exe [2009-03-02 81920]

S2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-08 323584]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-06-10 1524544]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-04-28 50688]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

wscsvc

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_BE&c=94&bd=Pavilion&pf=cnnb

TCP: DhcpNameServer = 192.168.1.1

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(2144)

c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\STacSV.exe

c:\windows\system32\WLANExt.exe

c:\windows\system32\conhost.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe

c:\program files\CyberLink\Shared files\RichVideo.exe

c:\windows\servicing\TrustedInstaller.exe

c:\windows\system32\taskhost.exe

c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

c:\windows\system32\conhost.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\program files\Hewlett-Packard\Shared\hpqToaster.exe

c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe

c:\windows\system32\sppsvc.exe

c:\program files\Internet Explorer\IELowutil.exe

.

**************************************************************************

.

Voltooingstijd: 2012-04-14 23:28:13 - machine werd herstart

ComboFix-quarantined-files.txt 2012-04-14 21:28

ComboFix2.txt 2012-04-14 20:04

.

Pre-Run: 185.769.955.328 bytes beschikbaar

Post-Run: 185.587.974.144 bytes beschikbaar

.

- - End Of File - - DF3E1331488E37166A91924B91A03869

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.