Ga naar inhoud

online streamen


kascas

Aanbevolen berichten

ComboFix 12-06-28.01 - Kascas 29-06-2012 15:33:36.3.2 - x86 MINIMAL

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.31.1043.18.3039.2207 [GMT 2:00]

Gestart vanuit: c:\users\Kascas\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Kascas\Desktop\CFScript.txt

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-05-28 to 2012-06-29 ))))))))))))))))))))))))))))))

.

.

2012-06-29 13:40 . 2012-06-29 13:40 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-29 13:40 . 2012-06-29 13:40 -------- d-----w- c:\users\DCstyle\AppData\Local\temp

2012-06-25 16:57 . 2012-06-25 16:57 -------- d-----w- c:\users\Kascas\AppData\Roaming\Malwarebytes

2012-06-25 16:57 . 2012-06-25 16:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-25 16:57 . 2012-06-25 16:57 -------- d-----w- c:\programdata\Malwarebytes

2012-06-25 16:57 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-25 14:58 . 2012-06-25 14:58 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-25 14:58 . 2012-06-25 14:58 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-25 14:57 . 2012-06-25 14:57 -------- d-----w- c:\program files\Common Files\Java

2012-06-25 14:57 . 2012-06-25 14:57 -------- d-----w- c:\program files\Oracle

2012-06-25 14:50 . 2012-06-25 14:50 -------- d-----w- c:\program files\CCleaner

2012-06-24 21:14 . 2012-06-24 21:14 -------- d-----w- c:\users\DCstyle\AppData\Roaming\ManyCam

2012-06-24 21:14 . 2012-06-24 21:14 -------- d-----w- c:\users\DCstyle\AppData\Local\ManyCam

2012-06-24 20:22 . 2012-06-24 20:22 -------- d-----w- c:\users\DCstyle\AppData\Local\Macromedia

2012-06-24 11:34 . 2012-06-18 01:14 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{111ECC41-750B-4AAA-A90D-39A8BF834D7E}\mpengine.dll

2012-06-24 11:32 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-06-24 10:14 . 2012-06-24 10:14 -------- d-----w- c:\programdata\McAfee

2012-06-24 10:13 . 2012-06-24 10:13 -------- d-----w- c:\users\Kascas\AppData\Roaming\Babylon

2012-06-23 20:52 . 2012-06-23 20:52 -------- d-----w- c:\users\Kascas\AppData\Local\Macromedia

2012-06-21 09:53 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-21 09:53 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-21 09:53 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-21 09:53 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-21 09:53 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-21 09:53 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-21 09:53 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-21 09:53 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-21 09:53 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-18 20:41 . 2012-06-18 20:41 -------- d-----w- c:\programdata\ManyCam

2012-06-18 20:40 . 2012-06-18 20:40 -------- d-----w- c:\users\Kascas\AppData\Local\APN

2012-06-18 20:40 . 2012-06-18 20:41 -------- d-----w- c:\program files\ManyCam

2012-06-18 14:23 . 2012-06-27 18:38 -------- d-----w- c:\users\Kascas\AppData\Roaming\Mumble

2012-06-18 14:23 . 2012-06-18 14:23 -------- d-----w- c:\program files\Mumble

2012-06-13 20:46 . 2012-06-13 20:46 -------- d-----w- c:\program files\Skype

2012-06-13 20:45 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-06-13 20:45 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys

2012-06-13 20:45 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll

2012-06-13 20:45 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-06-13 20:45 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-06-07 23:22 . 2012-06-07 23:22 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll

2012-06-07 23:22 . 2012-06-07 23:22 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll

2012-06-01 20:26 . 2012-06-01 20:26 -------- d-----w- c:\users\Kascas\AppData\Roaming\PowerISO

2012-06-01 19:37 . 2012-06-01 19:37 -------- d-----w- c:\programdata\Premium

2012-06-01 19:37 . 2012-06-01 19:37 -------- d-----w- c:\programdata\InstallMate

2012-06-01 18:43 . 2012-06-01 18:43 -------- d-----w- c:\users\Kascas\AppData\Local\Apps

2012-05-31 04:10 . 2012-05-31 04:10 113104 ----a-w- c:\windows\system32\drivers\scdemu.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-04 17:29 . 2011-08-20 19:49 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-04-02 21:13 . 2012-04-02 21:13 40960 ----a-r- c:\users\Kascas\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe

2012-04-02 21:13 . 2012-04-02 21:13 40960 ----a-r- c:\users\Kascas\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe

2012-06-17 10:02 . 2011-08-20 20:03 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2011-08-17 4527424]

"Steam"="c:\program files\Steam\Steam.exe" [2012-02-18 1242448]

"ManyCam"="c:\program files\ManyCam\Bin\ManyCam.exe" [2012-06-06 2160536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]

"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-13 357384]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-08-13 1573384]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-13 3161608]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-11-10 273528]

"ExpressFiles"="c:\program files\ExpressFiles\ExpressFiles.exe" [2012-03-18 453240]

"PWRISOVM.EXE"="e:\skype\PowerISO\PWRISOVM.EXE" [2012-05-31 336992]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\users\DCstyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CurseClientStartup.ccip [2011-12-16 0]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [x]

R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [x]

R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]

R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [x]

R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]

R3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-06-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 14:58]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-02 08:12]

.

2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-02 08:12]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

TCP: DhcpNameServer = 212.54.40.25 212.54.35.25

FF - ProfilePath - c:\users\Kascas\AppData\Roaming\Mozilla\Firefox\Profiles\cx5h7tny.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/

FF - prefs.js: network.proxy.type - 0

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-06-29 15:41:50

ComboFix-quarantined-files.txt 2012-06-29 13:41

ComboFix2.txt 2012-06-28 10:47

ComboFix3.txt 2012-06-27 17:34

.

Pre-Run: 6.483.640.320 bytes beschikbaar

Post-Run: 6.342.348.800 bytes beschikbaar

.

- - End Of File - - B18BB48E64C0FEED927CED34A2284AF4

Link naar reactie
Delen op andere sites

  • Reacties 24
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

zo na een week tijd, is het me eindelijk gelukt!

ik kan eindelijk weer videos bekijken alles lijkt weer te werken

dit omdat ik een oudere versie van flash heb geinstalleerd, die blijkbaar wel werkt

de laatste versie zal wel ergens mee aan het vervelen zijn, geen idee wat en hoe

maar zolang de oudere versie het doet, heb ik verder geen problemen

bedankt voor de pogingen tot dus ver!

Link naar reactie
Delen op andere sites

Verwijder zeker Combofix nog van je PC via Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.