Ga naar inhoud

Windows 7 bedreiging ?

Velibor
 Delen

Aanbevolen berichten

Velibor Vaste Klant

Velibor

Geplaatst:
Geplaatst:

Hallo,

Na verificatie met Norton (Norton Internet Security (van Belgacom) blijkt dit een bedreiging te zijn ! rikvm 9ec60124.sys

Heb Norton P.E uitgevoerd, zogezegd werd de bedreiging verwijderd na opstart. Maar ...na terug scannen blijkt

dat de bedreiging er nog steeds is!

Kan er iemand mij helpen om deze bedreiging definitief van mijn pc te verwijderen ?

Mvg.,

Velibor.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

3. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites
Velibor Vaste Klant

Velibor

Geplaatst:
  • Auteur
Geplaatst:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:07:43, on 8/12/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16455)

Boot mode: Normal

Running processes:

C:\Program Files\QNAP\NetBak\Enclosure.exe

C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe

C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

C:\Program Files (x86)\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe

C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Users\Apollo20\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIEPlg.dll

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [MyPoi Monitor] "C:\Program Files (x86)\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe"

O4 - HKLM\..\Run: [sPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3782424358-4171770468-57530136-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3782424358-4171770468-57530136-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3782424358-4171770468-57530136-1005\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '_ocster_1clk_backup_')

O4 - HKUS\S-1-5-21-3782424358-4171770468-57530136-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '_ocster_1clk_backup_')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe (file missing)

O23 - Service: BitBoxService - (BitBoxService) - Sirrix AG - C:\Program Files (x86)\Sirrix AG\BitBox\Service\BitBoxService.exe

O23 - Service: CyberLink Product - 2012/12/08 07:39:35 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Ocster 1-Click Backup (ocster_1clk_backup) - Unknown owner - c:\Program Files\Ocster 1-Click Backup\bin\backupService-ox1c.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

O23 - Service: TwonkyProxy - Unknown owner - C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe

O23 - Service: TwonkyServer - PacketVideo - C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe

O23 - Service: TwonkyWebDav - Unknown owner - C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\WINDOWS\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Samsung - C:\Program Files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 16110 bytes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
Velibor Vaste Klant

Velibor

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-12-07.01 - Apollo20 09/12/2012 10:19:23.1.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8175.4804 [GMT 1:00]

Gestart vanuit: c:\users\Apollo20\Downloads\ComboFix.exe

AV: Norton Internet Security Online *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security Online *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security Online *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe

c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe

c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

c:\programdata\ntuser.dat

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-09 to 2012-12-09 ))))))))))))))))))))))))))))))

.

.

2012-12-09 09:21 . 2012-12-09 09:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-08 18:43 . 2012-12-08 18:43 -------- d-----w- c:\windows\SysWow64\CSP

2012-12-08 18:41 . 2012-12-08 18:41 -------- d-----w- c:\windows\Downloaded Installations

2012-12-08 18:40 . 2012-12-08 19:42 -------- d-----w- c:\program files (x86)\SAMSUNG

2012-12-08 06:41 . 2012-12-08 06:41 -------- d-----w- c:\programdata\LightScribe

2012-12-08 00:44 . 2012-12-08 00:44 -------- d-----w- c:\programdata\Sophos

2012-12-08 00:44 . 2012-12-08 00:44 -------- d-----w- c:\program files (x86)\Sophos

2012-12-08 00:05 . 2012-12-08 00:05 -------- d-----w- c:\programdata\Kaspersky Lab

2012-12-07 13:25 . 2012-12-07 13:25 -------- d-----w- c:\program files (x86)\SSD Tweaker

2012-12-06 22:51 . 2012-12-06 22:54 -------- d--h--w- c:\programdata\sysnfxo

2012-12-06 22:50 . 2012-12-06 22:50 -------- d-----w- c:\users\_ocster_1clk_backup_

2012-12-06 22:50 . 2012-12-06 22:50 -------- d-----w- c:\programdata\Ocster 1-Click Backup

2012-12-06 22:50 . 2012-12-06 22:51 -------- d-----w- c:\program files\Ocster 1-Click Backup

2012-12-05 18:48 . 2012-12-05 18:48 -------- d-----w- c:\windows\SysWow64\wbem\en-US

2012-12-05 18:48 . 2012-12-05 18:48 -------- d-----w- c:\windows\system32\wbem\en-US

2012-12-05 18:46 . 2012-12-05 18:46 995328 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll

2012-12-05 08:02 . 2012-12-05 08:02 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2012-12-05 08:02 . 2012-12-05 08:02 704136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-12-04 23:31 . 2012-12-04 23:31 -------- d-----w- c:\program files (x86)\AGEIA Technologies

2012-12-03 22:42 . 2012-12-03 22:43 -------- d-----w- c:\programdata\DVD Shrink

2012-12-03 22:42 . 2012-12-03 22:42 -------- d-----w- c:\program files (x86)\DVD Shrink

2012-12-03 20:36 . 2012-12-03 20:36 -------- d-----w- c:\programdata\Ask

2012-12-03 20:35 . 2012-12-03 20:35 -------- d-----w- c:\program files (x86)\FreeTime

2012-12-02 15:43 . 2012-12-02 15:43 -------- d-----w- c:\programdata\Freemake

2012-12-02 15:43 . 2012-12-02 15:43 -------- d-----w- c:\program files (x86)\Freemake

2012-12-02 15:15 . 2012-12-02 15:15 -------- d-----w- c:\program files\7-Zip

2012-12-01 19:46 . 2012-12-01 19:46 -------- d-----w- c:\program files\Garmin GPS Plugin

2012-12-01 18:24 . 2012-12-01 18:24 -------- d-----w- c:\program files (x86)\IrfanView

2012-12-01 08:25 . 2012-12-01 08:25 -------- d-----w- c:\program files (x86)\VideoLAN

2012-11-30 21:43 . 2012-11-30 21:43 438632 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-11-27 19:33 . 2012-11-27 19:34 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2012-11-27 18:47 . 2012-12-07 23:36 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-11-26 18:58 . 2012-11-26 18:58 -------- d-----w- c:\program files (x86)\Slideshow Creator

2012-11-25 11:30 . 2010-12-02 17:17 17152 ----a-w- c:\windows\system32\drivers\avwebcam.sys

2012-11-25 01:14 . 2012-11-25 01:31 -------- d-----w- c:\program files (x86)\FrostWire 5

2012-11-25 01:10 . 2012-11-25 01:10 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2012-11-25 01:10 . 2012-11-25 01:10 704136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-11-25 00:13 . 2012-11-25 00:13 -------- d-----w- c:\program files (x86)\Photo Notifier and Animation Creator

2012-11-24 23:26 . 2012-09-07 02:05 43680 ----a-r- c:\windows\system32\drivers\SymIMV.sys

2012-11-24 23:20 . 2012-11-24 23:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-11-24 23:20 . 2012-11-24 23:20 -------- d-----w- c:\programdata\Malwarebytes

2012-11-24 23:20 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-24 18:50 . 2012-11-24 18:50 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-11-23 23:16 . 2012-12-02 17:24 -------- d-----w- c:\program files (x86)\Google

2012-11-23 21:37 . 2012-11-23 21:37 -------- d-----w- c:\program files (x86)\Perion

2012-11-23 20:10 . 2012-11-23 20:10 -------- d-----w- c:\program files\QNAP

2012-11-23 20:07 . 2012-11-23 20:15 -------- d-----w- c:\program files (x86)\QNAP

2012-11-23 19:49 . 2012-11-23 19:49 -------- d-----w- c:\programdata\Synology

2012-11-23 19:49 . 2012-11-23 19:49 -------- d-----w- c:\program files (x86)\Synology

2012-11-23 09:29 . 2012-11-23 09:29 -------- d-----r- c:\program files (x86)\Skype

2012-11-23 09:29 . 2012-11-23 09:29 -------- d-----w- c:\program files (x86)\Common Files\Skype

2012-11-23 09:29 . 2012-11-23 09:29 -------- d-----w- c:\programdata\Skype

2012-11-23 09:16 . 2012-11-23 09:16 -------- d-----w- c:\programdata\WEBREG

2012-11-23 09:13 . 2012-11-23 09:13 -------- d-----w- c:\programdata\HP Product Assistant

2012-11-23 09:13 . 2012-11-23 09:13 -------- d-----w- c:\windows\SysWow64\spool

2012-11-23 09:12 . 2012-11-23 09:12 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard

2012-11-23 09:12 . 2012-11-23 09:12 -------- d-----w- c:\program files (x86)\Common Files\HP

2012-11-23 09:12 . 2012-11-23 09:13 -------- d-----w- c:\program files (x86)\HP

2012-11-23 09:12 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL

2012-11-23 09:12 . 2012-11-23 09:12 -------- d-----w- c:\program files\HP

2012-11-23 09:11 . 2012-11-23 09:14 -------- d-----w- c:\programdata\HP

2012-11-23 09:11 . 2009-07-08 10:51 642360 ----a-w- c:\windows\system32\hpzids40.dll

2012-11-23 08:43 . 2012-11-23 08:43 -------- d--h--w- c:\windows\Icons

2012-11-23 08:22 . 2012-11-23 08:22 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2012-11-23 08:22 . 2012-11-23 08:22 -------- d-----w- c:\program files\Symantec

2012-11-23 08:22 . 2012-11-23 08:22 -------- d-----w- c:\program files\Common Files\Symantec Shared

2012-11-23 08:22 . 2012-11-23 15:05 -------- d-----w- c:\windows\system32\drivers\NISx64

2012-11-23 08:22 . 2012-11-23 08:22 -------- d-----w- c:\program files (x86)\Norton Internet Security

2012-11-23 08:22 . 2012-11-23 08:22 -------- d-----w- c:\program files (x86)\NortonInstaller

2012-11-22 21:09 . 2012-11-22 12:32 16384 ----a-w- c:\windows\SysWow64\lgfwunis.exe

2012-11-22 21:09 . 2012-12-09 06:38 25640 ----a-w- c:\windows\gdrv.sys

2012-11-22 21:07 . 2012-11-22 21:08 -------- d-----w- c:\programdata\twonkyclient

2012-11-22 20:19 . 2012-11-23 20:51 -------- d-----w- C:\found.000

2012-11-22 02:04 . 2012-11-22 02:04 -------- d-----w- c:\program files (x86)\Maxthon3

2012-11-22 00:26 . 2011-05-10 12:37 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll

2012-11-22 00:26 . 2011-05-10 12:37 568832 ----a-w- c:\windows\SysWow64\msvcp90.dll

2012-11-22 00:26 . 2011-05-10 12:37 224768 ----a-w- c:\windows\SysWow64\msvcm90.dll

2012-11-22 00:26 . 2006-05-04 07:33 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll

2012-11-22 00:26 . 2005-10-04 00:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll

2012-11-22 00:26 . 2012-11-22 00:26 -------- d-----w- c:\programdata\LGMOBILEAX

2012-11-22 00:25 . 2012-11-22 00:29 -------- d-----w- c:\program files (x86)\LG Electronics

2012-11-21 20:46 . 2012-11-21 20:46 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin

2012-11-21 20:46 . 2012-11-21 20:46 -------- d-----w- c:\programdata\SMA

2012-11-21 20:46 . 2012-11-21 20:46 -------- d-----w- c:\program files (x86)\SMA

2012-11-21 20:41 . 2012-11-21 20:41 -------- d-----w- c:\program files (x86)\VoipBuster.com

2012-11-21 20:34 . 2012-11-21 20:34 -------- d-----w- c:\programdata\Photo Notifier and Animation Creator

2012-11-21 20:33 . 2012-11-21 20:35 -------- d-----w- c:\programdata\IM

2012-11-21 20:33 . 2012-11-21 20:33 -------- d-----w- c:\programdata\IncrediMail

2012-11-21 19:26 . 2012-11-21 19:26 -------- d-----w- c:\programdata\YoWindow

2012-11-21 19:25 . 2012-11-21 19:26 -------- d-----w- c:\program files (x86)\YoWindow

2012-11-21 18:29 . 2012-11-21 18:29 -------- d-----w- c:\program files (x86)\SSD Fresh

2012-11-21 18:20 . 2012-12-09 07:21 -------- d-----w- c:\programdata\TwonkyServer

2012-11-21 18:15 . 2012-11-21 18:15 -------- d-----w- c:\programdata\Innovative Solutions

2012-11-21 17:53 . 2012-10-08 12:24 37216 ----a-w- c:\windows\system32\uxtuneup.dll

2012-11-21 17:53 . 2012-10-08 12:24 29536 ----a-w- c:\windows\SysWow64\uxtuneup.dll

2012-11-21 17:52 . 2012-10-08 12:24 34656 ----a-w- c:\windows\system32\TURegOpt.exe

2012-11-21 17:52 . 2012-10-08 12:24 25952 ----a-w- c:\windows\system32\authuitu.dll

2012-11-21 17:52 . 2012-10-08 12:24 21344 ----a-w- c:\windows\SysWow64\authuitu.dll

2012-11-21 17:51 . 2012-11-21 17:53 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2013

2012-11-21 17:48 . 2012-11-21 17:52 -------- d-----w- c:\programdata\TuneUp Software

2012-11-21 17:48 . 2012-11-21 17:48 -------- d--h--w- c:\programdata\Common Files

2012-11-20 20:51 . 2012-11-20 20:51 -------- d-----w- c:\windows\SysWow64\data

2012-11-20 20:44 . 2007-01-04 10:02 663552 ----a-w- c:\windows\SysWow64\mgxoschk.dll

2012-11-20 20:36 . 2012-11-20 20:36 -------- d-----w- c:\windows\OvtCam

2012-11-20 20:35 . 2012-11-20 20:36 -------- d-----w- c:\windows\SysWow64\HWC HD

2012-11-20 20:35 . 2012-11-20 20:35 -------- d-----w- c:\program files (x86)\Hercules

2012-11-20 20:35 . 2008-02-01 15:43 146728 ----a-w- c:\windows\system32\drivers\camfilt2.sys

2012-11-20 20:35 . 2007-10-11 13:45 186496 ----a-w- c:\windows\system32\drivers\HDvidvx.sys

2012-11-20 20:35 . 2007-08-28 17:17 53248 ----a-w- c:\windows\SysWow64\HDEXT.dll

2012-11-20 20:35 . 2007-08-28 17:17 19456 ----a-w- c:\windows\SysWow64\HDExt.ax

2012-11-20 20:35 . 2006-08-01 11:31 3600384 ----a-w- c:\windows\ffmpeg.exe

2012-11-20 20:26 . 2009-03-26 13:48 190976 ----a-w- c:\windows\system32\APOMgr64.DLL

2012-11-20 20:26 . 2009-02-06 17:53 89088 ----a-w- c:\windows\system32\CmdRtr64.DLL

2012-11-20 20:20 . 2012-11-23 08:23 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2012-11-20 20:07 . 2010-05-22 12:24 27168 ----a-w- c:\windows\system32\drivers\disksec.sys

2012-11-20 20:07 . 2010-04-22 09:06 69152 ----a-w- c:\windows\system32\drivers\virtualdisk_u.sys

2012-11-20 19:56 . 2012-11-20 19:56 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Shared

2012-11-20 19:44 . 2012-11-20 20:07 -------- d-----w- c:\program files (x86)\MAGIX

2012-11-20 19:44 . 2012-11-20 20:07 -------- d-----w- c:\programdata\MAGIX

2012-11-20 19:44 . 2012-11-20 19:45 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services

2012-11-20 19:38 . 2012-12-07 21:44 -------- d-----w- c:\programdata\Norton

2012-11-20 19:06 . 2012-11-20 19:06 -------- d-----w- c:\programdata\Sirrix AG

2012-11-20 19:06 . 2012-11-20 19:06 -------- d-----w- c:\program files (x86)\Sirrix AG

2012-11-20 19:05 . 2011-12-21 12:15 44848 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2012-11-20 19:05 . 2011-12-21 12:15 219440 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-03 15:47 . 2012-10-10 20:23 18045968 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-12-03 15:47 . 2012-10-10 20:23 1504104 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-12-03 15:47 . 2012-10-10 20:23 983936 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-12-03 15:47 . 2012-10-10 20:23 12603960 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-12-03 15:47 . 2012-10-10 20:22 2496976 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-12-03 15:47 . 2012-10-10 20:22 15122280 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-11-05 07:29 . 2012-11-05 07:29 853896 ----a-w- c:\windows\yowindow.scr

2012-10-16 08:38 . 2012-11-28 06:30 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-28 06:30 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-28 06:30 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"VoipBuster"="c:\program files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" [2012-09-06 23069600]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"MDS_Menu"="c:\program files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]

"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-04-17 184320]

"MyPoi Monitor"="c:\program files (x86)\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe" [2010-03-26 2114808]

"SPIRunE"="SPIRunE.dll" [2009-03-05 18432]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"Garmin Lifetime Updater"="c:\program files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-06-04 1466760]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe

"B2C_AGENT"=c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"BDRegion"=c:\program files (x86)\Cyberlink\Shared files\brs.exe

"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"hpqSRMon"=c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

.

R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/12/08 07:39;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-11-23 240112]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2012-03-02 19456]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2012-03-02 27648]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2012-03-02 27136]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2012-03-02 34304]

R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-11-20 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-11-20 79360]

R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2012-11-20 79360]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-11-20 30528]

R3 QDrive;QDrive;c:\users\Apollo20\AppData\Local\Temp\QDrive.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-20 1255736]

S0 DiskSec;Magix Volume Filter Driver; [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1402000.013\SYMDS64.SYS [2012-10-04 493216]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216]

S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20121130.005\BHDrvx64.sys [2012-11-06 1384608]

S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys [2012-10-04 168096]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20121205.001\IDSvia64.sys [2012-11-22 513184]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS [2012-09-07 224416]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1402000.013\SYMNETS.SYS [2012-09-07 432800]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-21 219440]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-21 44848]

S1 VirtualDisk_U;VirtualDisk driver;c:\windows\system32\drivers\virtualdisk_u.sys [2010-04-22 69152]

S2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\DRIVERS\avwebcam.sys [2010-12-02 17152]

S2 BitBoxService;BitBoxService - ;c:\program files (x86)\Sirrix AG\BitBox\Service\BitBoxService.exe [2012-10-23 718848]

S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928]

S2 ocster_1clk_backup;Ocster 1-Click Backup;c:\program files\Ocster 1-Click Backup\bin\backupService-ox1c.exe [2012-11-28 22480]

S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-10-08 2365792]

S2 TwonkyProxy;TwonkyProxy;c:\program files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [2012-07-09 545608]

S2 TwonkyServer;TwonkyServer;c:\program files (x86)\Twonky\TwonkyServer\twonkystarter.exe [2012-07-09 549704]

S2 TwonkyWebDav;TwonkyWebDav;c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [2012-07-09 271176]

S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [2012-09-18 248704]

S2 WiselinkPro;SAMSUNG WiselinkPro Service;c:\program files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe [2012-01-18 7262263]

S3 AKDWC20ET;Hercules Dualpix HD Webcam;c:\windows\system32\Drivers\HDVidvx.sys [2007-10-11 186496]

S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]

S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [2008-02-01 146728]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-29 138912]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]

S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-05-06 639512]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-07-20 11880]

S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-21 164656]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - CLKMDRV10_9EC60124

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-08-16 12:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-21 18:44]

.

2012-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 23:16]

.

2012-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 23:16]

.

2012-12-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3782424358-4171770468-57530136-1000Core.job

- c:\users\Apollo20\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-20 19:01]

.

2012-12-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3782424358-4171770468-57530136-1000UA.job

- c:\users\Apollo20\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-20 19:01]

.

2012-12-04 c:\windows\Tasks\MAGIX Autobackup.job

- c:\program files (x86)\MAGIX\Red_uw_Digitale_Data_Download-versie\tools\rsind_mxcdr\Datasaver.exe [2010-10-08 09:48]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]

2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]

.

[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-04 11772520]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2010-08-23 2552320]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://msn.be/

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.1.1

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

FF - ProfilePath - c:\users\Apollo20\AppData\Roaming\Mozilla\Firefox\Profiles\mawkrbco.default\

FF - ExtSQL: 2012-11-20 20:40; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn

FF - ExtSQL: 2012-11-20 20:40; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn

FF - ExtSQL: 2012-11-20 23:57; client@anonymox.net; c:\users\Apollo20\AppData\Roaming\Mozilla\Firefox\Profiles\mawkrbco.default\extensions\client@anonymox.net.xpi

FF - ExtSQL: 2012-11-23 10:13; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - ExtSQL: 2012-11-23 10:29; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF - ExtSQL: 2012-11-24 00:36; gmailwatcher@sonthakit; c:\users\Apollo20\AppData\Roaming\Mozilla\Firefox\Profiles\mawkrbco.default\extensions\gmailwatcher@sonthakit.xpi

FF - ExtSQL: 2012-12-01 19:09; {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}; c:\users\Apollo20\AppData\Roaming\Mozilla\Firefox\Profiles\mawkrbco.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

FF - ExtSQL: !HIDDEN! 2012-11-23 10:13; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe

Wow6432Node-HKLM-Run-UpdateLBPShortCut - c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

Wow6432Node-HKLM-Run-UpdateP2GoShortCut - c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

Wow6432Node-HKLM-Run-UpdatePPShortCut - c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe

Wow6432Node-HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

Wow6432Node-HKLM-Run-UpdatePSTShortCut - c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FotoManager10Deluxe.8.alb"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-12-09 10:23:03

ComboFix-quarantined-files.txt 2012-12-09 09:23

.

Pre-Run: 75.252.793.344 bytes beschikbaar

Post-Run: 75.128.496.128 bytes beschikbaar

.

- - End Of File - - 180F535094891A4B343B945A0E745F6F

Link naar reactie
Delen op andere sites
Velibor Vaste Klant

Velibor

Geplaatst:
  • Auteur
Geplaatst:

-Zoals gevraagd ' scan gedaan door Jotti" resultaat niets gevonden in Windows C:\WINDOWS\system32\Drivers\rikvm_9EC60124.sys

-Terug een scan uitgevoerd met Norton PE : met als resultaat...terug diezelfde bedreiging + combofix.ex en als als ...status : bad - action : remove ?!

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst: (aangepast)

Er zijn sterke twijfels rond het resultaat van Norton Power Eraser. Symantec zegt zelf

Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully. If you accidently remove a legitimate program, you can run Norton Power Eraser to review past repair sessions and undo them.
Vermits geen enkele andere scanner in Jotti dit als een probleem ziet, vrees ik dat dit hier het geval is. Je kan ook nog eens "]Virustotal [/b]laten controleren voor de zekerheid. aangepast door kape
Link naar reactie
Delen op andere sites
Velibor Vaste Klant

Velibor

Geplaatst:
  • Auteur
Geplaatst:

Zoals gevraagd werd een scan met Virustotal uitgevoerd ! Niets positief gevonden !

Uw opmerking i v m Norton P.E. is ook, na opzoeking(en) in forums Symantec - Norton lijkt

mij ook dat het hier 'zou kunnen' gaan om een 'False Positive'. Maar ja, echt 100 percent zeker is

het ook niet ! Heb er al aan gedacht om het systeem te herstellen via een eerder gedane back-up (Macrium Reflect Free)?. Mag ik vragen wat uw mening daaromtrent is ?

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst: (aangepast)

Vermits ik er ook van uitga dat het bestand correct is - en geen besmetting zoals aangegeven door NPE - zou dit tot hetzelfde resultaat moeten leiden. Ook na terugzetten van backup zit dit correcte bestand vermoedelijk terug op je PC en zal NPE dit blijven aangeven als "gevaarlijk". De "false positive" blijft dan ook bestaan.

Deze fout van NPE wordt vaak in verband gebracht met Cyberlink ... en blijkbaar heb je dat ook op jouw installatie. Dat zou alleen het gegeven van "false positive" nog maar kunnen versterken.

Verwijder ondertussen Combofix van je PC: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall (met spatie voor de /).

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

En laat dan NPE nog eens scannen. Benieuwd naar het nieuwe resultaat ?

aangepast door kape
Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.