Ga naar inhoud

Graag even controle na besmetting spyware

Sarah
 Delen

Aanbevolen berichten

Sarah Grootmeester

Sarah

Geplaatst:
Geplaatst:

Hoi Collegas,

kunnen jullie even volgend HJT Logje analyseren aub? Het gaat om een pc van een kennis waar waarschijnlijk door spyware niet meer gesurft kon worden. Ik heb even basisschoonmaak gehouden, maar graag even jullie uitgebreid advies om deze pc wat schoon te maken

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:29:50, on 22/03/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\user\Downloads\HijackThis (1).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://breedband.telenet.be
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldnl-be.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8819 bytes

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Deze regel kan je fixen, voor de rest is er niks bijzonders te zien in dit logje.

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    startupall;
filesrcm;


  • Klik op de knop "Options" en vink nu de onderstaande opties aan.


    • Running processes
    • Recently Created
    • Startup Information
    • Installed Programs
    • IE Defaults
    • Auto Clean

    [*] Klik daarna op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites
Sarah Grootmeester

Sarah

Geplaatst:
  • Auteur
Geplaatst:

Hierbij het logje van zoek:


Zoek.exe Version 4.0.0.2 Updated 20-03-2013
Tool run by user on za 23/03/2013 at 13:12:33,05.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected


==== Running Processes ======================


C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\System32\svchost.exe -k Cognizance
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wuauclt.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\RacAgent.exe
C:\Users\user\Downloads\zoek (1).exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe


==== Deleting CLSID Registry Keys ======================




==== Deleting CLSID Registry Values ======================




==== Installed Programs ======================


Update for Microsoft Office 2007 (KB2508958)  
Adobe Flash Player 11 ActiveX  
Adobe Reader X (10.1.0) - Nederlands  
Apple Application Support  
Apple Software Update  
AuthenTec Fingerprint Sensor Minimum Install  
Belgium e-ID middleware 3.5.2 (build 5775)  
CCleaner  
D3DX10  
ePainter  
ESU for Microsoft Vista  
Google Chrome  
Google Toolbar for Internet Explorer  
Hewlett-Packard Active Check  
Hewlett-Packard Asset Agent  
Home'Bank Light 3.3.3  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)  
HP Active Support Library  
HP Active Support Library 32 bit components  
HP Customer Experience Enhancements  
HP Doc Viewer  
HP Easy Setup - Frontend  
HP Help and Support  
HP Photosmart Essential 2.0  
HP Photosmart Essential2.5  
HP Product Detection  
HP Quick Launch Buttons  
HP QuickPlay 3.2  
HP Update  
HP User Guides 0057  
HP Wireless Assistant  
Intel Matrix Storage Manager  
Java 7 Update 17  
Java Auto Updater  
Java(TM) 6 Update 24  
Java(TM) 6 Update 5  
Java(TM) SE Runtime Environment 6  
Kruidvat fotoservice  
LightScribe  1.4.136.1  
Microsoft .NET Framework 3.5 Language Pack SP1 - nld  
Microsoft .NET Framework 3.5 SP1  
Microsoft .NET Framework 4 Client Profile  
Microsoft Office 2007 Service Pack 3 (SP3)  
Microsoft Office Excel MUI (Dutch) 2007  
Microsoft Office File Validation Add-In  
Microsoft Office Home and Student 2007  
Microsoft Office OneNote MUI (Dutch) 2007  
Microsoft Office PowerPoint MUI (Dutch) 2007  
Microsoft Office Proof (Dutch) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (German) 2007  
Microsoft Office Proofing (Dutch) 2007  
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  
Microsoft Office Shared MUI (Dutch) 2007  
Microsoft Office Word MUI (Dutch) 2007  
Microsoft Silverlight  
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Works  
Motorola SM56 Data Fax Modem  
MSCU for Microsoft Vista  
MSXML 4.0 SP2 (KB936181)  
MSXML 4.0 SP2 (KB941833)  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
Norton 360  
NVIDIA Drivers  
Off-linediensten van Home'Bank 4.55  
OGA Notifier 2.0.0048.0  
OMNIKEY 3x21 PC/SC Driver  
PHOTOfunSTUDIO  
Picasa 3  
PSSWCORE  
PVSonyDll  
QLBCASL  
QuickTime  
Realtek High Definition Audio Driver  
Roxio Activation Module  
Roxio Creator Audio  
Roxio Creator Basic v9  
Roxio Creator Copy  
Roxio Creator Data  
Roxio Creator EasyArchive  
Roxio Creator Tools  
Roxio Express Labeler 3  
Roxio MyDVD Basic v9  
Security Update for CAPICOM (KB931906)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)  
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition   
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition   
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition  
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition   
Segoe UI  
Spelling Dictionaries Support For Adobe Reader 8  
Synaptics Pointing Device Driver  
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL  
Update for 2007 Microsoft Office System (KB967642)  
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)  
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  
Update voor Microsoft Office Excel 2007 Help (KB963678)  
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)  
Update voor Microsoft Office Word 2007 Help (KB963665)  
VeriSoft Access Manager  
Windows Live Essentials  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Messenger  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Yahoo Install Manager  


==== Files Recently Created / Modified ======================


====== C:\Windows ====
2013-03-22 14:51:19	E185BDA84E5F03F4E1D8DCA30E209277	1912	----a-w-	C:\Windows\epplauncher.mif
====== C:\Users\user\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-03-22 14:15:21	350C713C2D9B9F5549C50A8D3924E789	94112	----a-w-	C:\Windows\System32\WindowsAccessBridge.dll
====== C:\Windows\system32\drivers =====
2013-03-22 17:42:26	C940F10C31E2C60CC967FFD6A370720C	142496	----a-w-	C:\Windows\System32\drivers\SYMEVENT.SYS
2013-03-22 17:42:26	8378774ABC9CAA2C60B298AE0C084FB7	7446	----a-w-	C:\Windows\System32\drivers\SYMEVENT.CAT
2013-03-22 17:42:26	2A8DCC2EC2AC5C0588F818B16E606CED	806	----a-w-	C:\Windows\System32\drivers\SYMEVENT.INF
2013-03-22 14:58:27	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
2013-03-22 14:58:21	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2013-03-22 14:54:23	1210960FF8928950D2A786895B0C424A	15872	----a-w-	C:\Windows\System32\drivers\HpqKbFiltr.sys
2013-03-22 14:54:18	F9CF2DB8B99DC50EAB538C4D860AC1A4	1419232	----a-w-	C:\Windows\System32\drivers\wdfcoinstaller01005.dll
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-03-22 15:03:00	--------	d-----w-	C:\Program Files\Windows Live
2013-03-22 15:01:08	--------	d-----w-	C:\Program Files\Common Files\Windows Live
2013-03-22 14:58:39	--------	d-----w-	C:\Program Files\Microsoft Silverlight
2013-03-22 14:27:30	--------	d-----w-	C:\Program Files\Common Files\Adobe
======= C: =====
====== C:\Users\user\AppData\Roaming ======
2013-03-22 15:01:08	--------	d-----w-	C:\users\user\AppData\Local\Windows Live
2013-03-22 14:36:41	--------	d-----w-	C:\users\user\AppData\Roaming\Apple Computer
2013-03-06 19:40:27	--------	d-----w-	C:\users\Public\AppData\Local\temp
2013-03-06 19:40:27	--------	d-----w-	C:\users\Default\AppData\Local\temp
2013-03-06 19:40:27	--------	d-----w-	C:\users\Default User\AppData\Local\temp
====== C:\Users\user ======
2013-03-06 19:40:27	--------	d-----w-	C:\Users\Public\AppData


====== C: exe-files ==
2013-03-22 17:32:23	FF37C6486D870F62C47DEBFF5C1A604D	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IZGFDFM.exe
2013-03-22 17:32:23	F988358FC173A31B447275B6EA71F009	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$ITLT8XP.exe
2013-03-22 17:32:23	EB6C54AC4A7594D14A546680EDA77657	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$INSGQ5E.exe
2013-03-22 17:32:23	BAD4847476B1252B6EF443BE0F59F68F	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IVO3O64.exe
2013-03-22 17:32:23	A90535139410BCC7197DD9713EE4E1A8	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IM9K1PZ.exe
2013-03-22 17:32:23	905879806FD954F6E40E58FCEF829A09	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IXFP653.exe
2013-03-22 17:32:23	7F4C5D39FB3BBEAC8B6B39D5ABBBE431	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IRG4F1W.exe
2013-03-22 17:32:23	7DEEFEE2188D2506E41B746F7E538786	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IR6H5LP.exe
2013-03-22 17:32:23	61F9C1FAD5EC028FEE355B66AF6F3727	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IYJDL4P.exe
2013-03-22 17:32:23	612CDE3D4FC9837D8C504DFA839B6318	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$I8AMCPJ.exe
2013-03-22 17:32:23	33BAC8260300E6BF0EC6EF172BD01D4F	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$I49ZVUQ.exe
2013-03-22 17:29:33	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$R8AMCPJ.exe
2013-03-22 17:29:04	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$RYJDL4P.exe
2013-03-22 16:59:03	4A12C07706198CE458A3058365BC1F23	25440552	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$RR6H5LP.exe
2013-03-22 14:09:13	4FFA3B1326379078CEB4AD000F9CBD95	896928	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$RVO3O64.exe
2013-03-22 14:09:13	4FFA3B1326379078CEB4AD000F9CBD95	896928	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$RRG4F1W.exe
2013-03-22 14:07:31	4FFA3B1326379078CEB4AD000F9CBD95	896928	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$RZGFDFM.exe
=== C: other files ==
2013-03-22 17:32:23	E345C349CF6686208349637AD98A9929	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$I5CQW15.zip
2013-03-22 17:32:23	2FA4917CBBFAAEC9FD151F10260D5518	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-629475202-1314957950-352360048-1000\$IHCDTMO.zip
2013-03-22 14:54:23	9AF482D058BE59CC28BCE52E7C4B747C	18432	----a-w-	C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqkbDrivers\HpqKbFiltr64.sys
2013-03-22 14:54:23	1210960FF8928950D2A786895B0C424A	15872	----a-w-	C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqkbDrivers\HpqKbFiltr.sys
2013-03-22 14:54:18	7DAD592A4D28092D584CFB4DEEF1373D	9344	----a-w-	C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\BtnDriver\CPQBttn.sys
2013-03-22 14:54:17	E53D53D66D61794AF8160741946D0B43	9088	----a-w-	C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\RemoteDriver\amd64\HpqRemHid.sys
2013-03-22 14:54:17	115C0933B3ED51DFBEC4449348C8065B	7168	----a-w-	C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\RemoteDriver\i386\HpqRemHid.sys


==== Startup Registry Enabled ======================


[HKEY_USERS\S-1-5-21-629475202-1314957950-352360048-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe"
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
"CognizanceTS"="rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule"
"beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"hpWirelessAssistant"="%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"WAWifiMessage"="%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"


==== Startup Folders ======================


2010-07-10 09:06:32	1115	----a-w-	C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
2009-05-25 20:59:23	1819	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO.lnk


==== Task Scheduler Jobs ======================


C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [22/03/2013 14:56]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-629475202-1314957950-352360048-1000Core.job --a------ C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [11/11/2011 13:34]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-629475202-1314957950-352360048-1000UA.job --a------ C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [11/11/2011 13:34]


==== Firefox Extensions ======================


==== Firefox Plugins ======================




==== Chrome Look ======================


HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\20.3.0.36\Exts\Chrome.crx[13/02/2013 20:02]


HP Product Detection Plugin - user - Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp
Norton Identity Protection - user - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk


==== Set IE to Default ======================


Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://breedband.telenet.be"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found


New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"


==== All HKCU SearchScopes ======================


HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"


==== Empty IE Cache ======================


C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\user\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot


==== Empty FireFox Cache ======================


No FireFox Cache found


==== Empty Chrome Cache ======================


C:\users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully


==== Empty All Flash Cache ======================


Flash Cache Emptied Successfully


==== Empty All Java Cache ======================


Java Cache cleared successfully


After Reboot


==== Empty Temp Folders ======================


C:\Windows\Temp successfully emptied
C:\Users\user\AppData\Local\Temp successfully emptied


==== Empty Recycle Bin ======================


C:\$RECYCLE.BIN successfully emptied


==== Deleting Files / Folders ======================


"C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

Wat werkt er nog niet:

- Internet Explorer: ganse pc freezed hierna en is onhandelbaar

- windows update, geeft bij elke reboot melding dat er foutieve updates zijn en hersteld deze

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Toch maar naar combofix.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
Sarah Grootmeester

Sarah

Geplaatst:
  • Auteur
Geplaatst:

hierbij het logje van combofix:

ComboFix 13-03-21.02 - user 23/03/2013 17:04:53.2.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.875 [GMT 1:00]

Gestart vanuit: c:\users\user\Downloads\ComboFix.exe

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-02-23 to 2013-03-23 ))))))))))))))))))))))))))))))

.

.

2013-03-23 16:19 . 2013-03-23 16:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-23 14:30 . 2012-11-03 01:41 53248 ----a-w- c:\windows\system32\CSVer.dll

2013-03-23 14:21 . 2013-03-23 14:21 -------- d-----w- c:\windows\system32\RTCOM

2013-03-23 14:19 . 2009-11-24 15:55 140528 ----a-w- c:\windows\system32\SRSWOW.dll

2013-03-23 14:19 . 2009-11-24 15:55 345328 ----a-w- c:\windows\system32\SRSTSXT.dll

2013-03-23 14:19 . 2012-12-26 02:37 2568800 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys

2013-03-23 14:19 . 2012-12-13 00:50 1592544 ----a-w- c:\windows\system32\RTSndMgr.cpl

2013-03-23 14:19 . 2012-12-06 16:24 2486928 ----a-w- c:\windows\system32\RtkPgExt.dll

2013-03-23 14:17 . 2013-03-23 14:31 -------- d-----w- c:\windows\LastGood

2013-03-23 14:16 . 2006-02-07 14:45 757760 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll

2013-03-23 14:16 . 2006-02-07 14:40 204800 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll

2013-03-23 14:16 . 2006-02-07 14:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll

2013-03-23 14:16 . 2006-02-07 14:40 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll

2013-03-23 14:16 . 2005-11-13 22:19 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe

2013-03-23 14:16 . 2013-03-23 14:16 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll

2013-03-23 14:16 . 2013-03-23 14:16 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll

2013-03-23 13:59 . 2009-12-17 08:15 114688 ----a-w- c:\windows\system32\RicohMediadriverVer.dll

2013-03-23 13:59 . 2009-06-25 15:58 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys

2013-03-23 13:59 . 2009-06-25 15:25 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys

2013-03-23 13:59 . 2009-06-25 15:10 44544 ----a-w- c:\windows\system32\drivers\rimsptsk.sys

2013-03-23 13:59 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll

2013-03-23 13:50 . 2012-11-09 20:25 80488 ----a-w- c:\windows\system32\RtNicProp32.dll

2013-03-23 13:50 . 2012-11-09 20:25 454288 ----a-w- c:\windows\system32\drivers\Rtlh86.sys

2013-03-23 13:50 . 2012-11-09 20:25 100896 ----a-w- c:\windows\system32\RTNUninst32.dll

2013-03-23 13:47 . 2013-03-23 13:47 -------- d-----w- c:\program files\AGEIA Technologies

2013-03-23 13:46 . 2013-03-23 13:46 -------- d-----w- c:\users\UpdatusUser

2013-03-23 13:45 . 2013-02-10 00:35 2555168 ----a-w- c:\windows\system32\nvsvcr.dll

2013-03-23 13:44 . 2013-02-10 03:20 53024 ----a-w- c:\windows\system32\OpenCL.dll

2013-03-23 13:43 . 2013-03-23 13:43 -------- d-----w- c:\programdata\NVIDIA Corporation

2013-03-23 13:41 . 2013-02-10 03:20 12862400 ----a-w- c:\windows\system32\nvwgf2um.dll

2013-03-23 13:41 . 2013-02-10 03:20 6267240 ----a-w- c:\windows\system32\nvopencl.dll

2013-03-23 13:41 . 2013-02-10 03:20 8944416 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2013-03-23 13:41 . 2013-02-10 03:20 20534560 ----a-w- c:\windows\system32\nvoglv32.dll

2013-03-23 13:41 . 2013-02-10 03:20 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll

2013-03-23 13:41 . 2013-02-10 03:20 7964680 ----a-w- c:\windows\system32\nvcuda.dll

2013-03-23 13:41 . 2013-02-10 03:20 2726176 ----a-w- c:\windows\system32\nvcuvid.dll

2013-03-23 13:41 . 2013-02-10 03:20 1990944 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-03-23 13:41 . 2013-02-10 03:20 17560352 ----a-w- c:\windows\system32\nvcompiler.dll

2013-03-23 13:41 . 2013-02-10 03:20 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll

2013-03-23 13:40 . 2013-03-23 13:47 -------- d-----w- c:\program files\NVIDIA Corporation

2013-03-23 13:39 . 2013-03-23 13:39 -------- d-----w- C:\NVIDIA

2013-03-23 13:37 . 2013-03-23 13:37 -------- d-----w- c:\program files\Common Files\LogiShrd

2013-03-23 13:36 . 2013-03-23 13:37 -------- d-----w- c:\users\user\AppData\Roaming\Logishrd

2013-03-23 13:36 . 2013-03-23 13:36 -------- d-----w- c:\users\user\AppData\Roaming\Logitech

2013-03-23 13:32 . 2013-03-23 13:50 -------- d-----w- c:\program files\Realtek

2013-03-23 13:31 . 2013-03-23 14:24 -------- d--h--w- c:\program files\Temp

2013-03-23 13:26 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-03-23 13:26 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2013-03-23 13:17 . 2013-03-19 04:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{086A54D8-F278-4E92-A95D-9E1BAC91E87E}\mpengine.dll

2013-03-23 13:13 . 2013-03-23 13:22 -------- d-----w- c:\programdata\DriverGenius

2013-03-23 12:25 . 2013-03-23 12:12 24064 ----a-w- c:\windows\zoek-delete.exe

2013-03-23 12:25 . 2013-03-23 16:19 -------- d-----w- c:\users\user\AppData\Local\Temp

2013-03-22 17:42 . 2013-03-22 17:42 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2013-03-22 17:42 . 2013-03-22 17:42 -------- d-----w- c:\program files\Symantec

2013-03-22 17:40 . 2013-03-22 17:40 -------- d-----w- c:\windows\system32\drivers\N360

2013-03-22 17:40 . 2013-03-22 17:40 -------- d-----w- c:\program files\Norton 360

2013-03-22 17:40 . 2013-03-22 17:40 -------- d-----w- c:\program files\NortonInstaller

2013-03-22 15:03 . 2013-03-22 15:18 -------- d-----w- c:\program files\Windows Live

2013-03-22 15:01 . 2013-03-22 15:01 -------- d-----w- c:\users\user\AppData\Local\Windows Live

2013-03-22 15:01 . 2013-03-22 15:01 -------- d-----w- c:\program files\Common Files\Windows Live

2013-03-22 14:58 . 2013-03-22 14:58 -------- d-----w- c:\program files\Microsoft Silverlight

2013-03-22 14:55 . 2013-03-22 14:55 -------- d-----w- c:\users\Default\AppData\Roaming\hpqLog

2013-03-22 14:54 . 2009-04-29 06:46 15872 ----a-w- c:\windows\system32\drivers\HpqKbFiltr.sys

2013-03-22 14:54 . 2006-11-02 05:09 1419232 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01005.dll

2013-03-22 14:52 . 2013-03-22 14:53 -------- d-----w- c:\windows\QLB

2013-03-22 14:36 . 2013-03-22 14:36 -------- d-----w- c:\users\user\AppData\Roaming\Apple Computer

2013-03-22 14:27 . 2013-03-22 14:27 -------- d-----w- c:\program files\Common Files\Adobe

2013-03-22 14:15 . 2013-03-22 14:14 861088 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-03-22 14:15 . 2013-03-22 14:14 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-17 08:48 . 2013-03-17 08:48 658512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-03-16 06:30 . 2013-03-16 06:30 4546560 ----a-w- c:\windows\system32\GPhotos.scr

2013-03-06 19:01 . 2013-03-06 19:01 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes

2013-03-06 19:01 . 2013-03-06 19:01 -------- d-----w- c:\programdata\Malwarebytes

2013-03-06 18:53 . 2013-03-06 18:53 -------- d-----w- c:\program files\CCleaner

2013-03-06 17:52 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-23 14:19 . 2007-05-20 02:24 319456 ----a-w- c:\windows\DIFxAPI.dll

2013-03-22 15:03 . 2011-03-28 17:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-03-22 14:14 . 2010-10-21 18:27 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-22 13:56 . 2013-01-04 07:45 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-22 13:56 . 2012-01-10 15:35 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-10 03:20 . 2007-05-01 10:27 2528840 ----a-w- c:\windows\system32\nvapi.dll

2013-02-10 03:20 . 2007-05-01 10:27 15038296 ----a-w- c:\windows\system32\nvd3dum.dll

2013-02-10 00:35 . 2009-10-03 09:40 4115232 ----a-w- c:\windows\system32\nvcpl.dll

2013-02-10 00:35 . 2009-10-03 09:40 3010336 ----a-w- c:\windows\system32\nvsvc.dll

2013-02-10 00:35 . 2009-10-03 09:40 634144 ----a-w- c:\windows\system32\nvvsvc.exe

2013-02-10 00:35 . 2009-10-03 09:40 62752 ----a-w- c:\windows\system32\nvshext.dll

2013-02-10 00:35 . 2009-10-03 09:40 223008 ----a-w- c:\windows\system32\nvmctray.dll

2013-01-17 00:28 . 2009-10-02 15:53 232336 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-18 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-19 1697064]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-12-13 11734240]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]

"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-23 176128]

"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]

"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]

"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]

"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-14 102400]

.

c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2009-5-25 44176]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\APSHook.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASBroker ASChannel

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

.

2013-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 13:56]

.

2013-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-629475202-1314957950-352360048-1000Core.job

- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 12:34]

.

2013-03-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-629475202-1314957950-352360048-1000UA.job

- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 12:34]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop

mWindow Title = Telenet Internet

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 192.168.1.1

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-03-23 17:19

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]

"ImagePath"="\"c:\program files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.3.0.36\diMaster.dll\" /prefetch:1"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'lsass.exe'(640)

c:\program files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll

c:\program files\Bioscrypt\VeriSoft\Bin\ItMsg.dll

.

Voltooingstijd: 2013-03-23 17:23:04

ComboFix-quarantined-files.txt 2013-03-23 16:23

.

Pre-Run: 66.129.985.536 bytes beschikbaar

Post-Run: 65.814.659.072 bytes beschikbaar

.

- - End Of File - - 683C6C2BFDD56FC72799655B2696897C

Link naar reactie
Delen op andere sites
Sarah Grootmeester

Sarah

Geplaatst:
  • Auteur
Geplaatst:

Oeps, te snel gelezen; Hierbij de correcte log

ComboFix 13-03-23.01 - user 24/03/2013   9:29.3.2 - x86Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.32.1043.18.2046.875 [GMT 1:00]
Gestart vanuit: c:\users\user\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2013-02-24 to 2013-03-24  ))))))))))))))))))))))))))))))
.
.
2013-03-24 08:48 . 2013-03-24 08:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-23 14:30 . 2012-11-03 01:41	53248	----a-w-	c:\windows\system32\CSVer.dll
2013-03-23 14:21 . 2013-03-23 14:21	--------	d-----w-	c:\windows\system32\RTCOM
2013-03-23 14:19 . 2009-11-24 15:55	140528	----a-w-	c:\windows\system32\SRSWOW.dll
2013-03-23 14:19 . 2009-11-24 15:55	345328	----a-w-	c:\windows\system32\SRSTSXT.dll
2013-03-23 14:19 . 2012-12-26 02:37	2568800	----a-w-	c:\windows\system32\drivers\RTKVHDA.sys
2013-03-23 14:19 . 2012-12-13 00:50	1592544	----a-w-	c:\windows\system32\RTSndMgr.cpl
2013-03-23 14:19 . 2012-12-06 16:24	2486928	----a-w-	c:\windows\system32\RtkPgExt.dll
2013-03-23 14:16 . 2006-02-07 14:45	757760	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2013-03-23 14:16 . 2006-02-07 14:40	204800	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2013-03-23 14:16 . 2006-02-07 14:40	69715	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2013-03-23 14:16 . 2006-02-07 14:40	274432	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2013-03-23 14:16 . 2005-11-13 22:19	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2013-03-23 14:16 . 2013-03-23 14:16	331908	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2013-03-23 14:16 . 2013-03-23 14:16	200836	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2013-03-23 13:59 . 2009-12-17 08:15	114688	----a-w-	c:\windows\system32\RicohMediadriverVer.dll
2013-03-23 13:59 . 2009-06-25 15:58	48128	----a-w-	c:\windows\system32\drivers\rimmptsk.sys
2013-03-23 13:59 . 2009-06-25 15:25	38400	----a-w-	c:\windows\system32\drivers\rixdptsk.sys
2013-03-23 13:59 . 2009-06-25 15:10	44544	----a-w-	c:\windows\system32\drivers\rimsptsk.sys
2013-03-23 13:59 . 2007-07-25 11:48	172032	----a-w-	c:\windows\system32\rixdicon.dll
2013-03-23 13:50 . 2012-11-09 20:25	80488	----a-w-	c:\windows\system32\RtNicProp32.dll
2013-03-23 13:50 . 2012-11-09 20:25	454288	----a-w-	c:\windows\system32\drivers\Rtlh86.sys
2013-03-23 13:50 . 2012-11-09 20:25	100896	----a-w-	c:\windows\system32\RTNUninst32.dll
2013-03-23 13:47 . 2013-03-23 13:47	--------	d-----w-	c:\program files\AGEIA Technologies
2013-03-23 13:46 . 2013-03-23 13:46	--------	d-----w-	c:\users\UpdatusUser
2013-03-23 13:45 . 2013-02-10 00:35	2555168	----a-w-	c:\windows\system32\nvsvcr.dll
2013-03-23 13:44 . 2013-02-10 03:20	53024	----a-w-	c:\windows\system32\OpenCL.dll
2013-03-23 13:43 . 2013-03-23 13:43	--------	d-----w-	c:\programdata\NVIDIA Corporation
2013-03-23 13:41 . 2013-02-10 03:20	12862400	----a-w-	c:\windows\system32\nvwgf2um.dll
2013-03-23 13:41 . 2013-02-10 03:20	6267240	----a-w-	c:\windows\system32\nvopencl.dll
2013-03-23 13:41 . 2013-02-10 03:20	8944416	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2013-03-23 13:41 . 2013-02-10 03:20	20534560	----a-w-	c:\windows\system32\nvoglv32.dll
2013-03-23 13:41 . 2013-02-10 03:20	892704	----a-w-	c:\windows\system32\nvdispgenco3220162.dll
2013-03-23 13:41 . 2013-02-10 03:20	7964680	----a-w-	c:\windows\system32\nvcuda.dll
2013-03-23 13:41 . 2013-02-10 03:20	2726176	----a-w-	c:\windows\system32\nvcuvid.dll
2013-03-23 13:41 . 2013-02-10 03:20	1990944	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-03-23 13:41 . 2013-02-10 03:20	17560352	----a-w-	c:\windows\system32\nvcompiler.dll
2013-03-23 13:41 . 2013-02-10 03:20	1012512	----a-w-	c:\windows\system32\nvdispco3220294.dll
2013-03-23 13:40 . 2013-03-23 13:47	--------	d-----w-	c:\program files\NVIDIA Corporation
2013-03-23 13:39 . 2013-03-23 13:39	--------	d-----w-	C:\NVIDIA
2013-03-23 13:37 . 2013-03-23 13:37	--------	d-----w-	c:\program files\Common Files\LogiShrd
2013-03-23 13:36 . 2013-03-23 13:37	--------	d-----w-	c:\users\user\AppData\Roaming\Logishrd
2013-03-23 13:36 . 2013-03-23 13:36	--------	d-----w-	c:\users\user\AppData\Roaming\Logitech
2013-03-23 13:32 . 2013-03-23 13:50	--------	d-----w-	c:\program files\Realtek
2013-03-23 13:31 . 2013-03-23 14:24	--------	d--h--w-	c:\program files\Temp
2013-03-23 13:26 . 2009-07-14 17:45	445008	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2013-03-23 13:26 . 2009-07-14 17:45	38480	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2013-03-23 13:17 . 2013-03-19 04:50	7108640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{086A54D8-F278-4E92-A95D-9E1BAC91E87E}\mpengine.dll
2013-03-23 13:13 . 2013-03-23 13:22	--------	d-----w-	c:\programdata\DriverGenius
2013-03-23 12:25 . 2013-03-23 12:12	24064	----a-w-	c:\windows\zoek-delete.exe
2013-03-23 12:25 . 2013-03-24 08:48	--------	d-----w-	c:\users\user\AppData\Local\Temp
2013-03-22 17:42 . 2013-03-22 17:42	142496	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS
2013-03-22 17:42 . 2013-03-22 17:42	--------	d-----w-	c:\program files\Symantec
2013-03-22 17:40 . 2013-03-22 17:40	--------	d-----w-	c:\windows\system32\drivers\N360
2013-03-22 17:40 . 2013-03-22 17:40	--------	d-----w-	c:\program files\Norton 360
2013-03-22 17:40 . 2013-03-22 17:40	--------	d-----w-	c:\program files\NortonInstaller
2013-03-22 15:03 . 2013-03-22 15:18	--------	d-----w-	c:\program files\Windows Live
2013-03-22 15:01 . 2013-03-22 15:01	--------	d-----w-	c:\users\user\AppData\Local\Windows Live
2013-03-22 15:01 . 2013-03-22 15:01	--------	d-----w-	c:\program files\Common Files\Windows Live
2013-03-22 14:58 . 2013-03-22 14:58	--------	d-----w-	c:\program files\Microsoft Silverlight
2013-03-22 14:55 . 2013-03-22 14:55	--------	d-----w-	c:\users\Default\AppData\Roaming\hpqLog
2013-03-22 14:54 . 2009-04-29 06:46	15872	----a-w-	c:\windows\system32\drivers\HpqKbFiltr.sys
2013-03-22 14:54 . 2006-11-02 05:09	1419232	----a-w-	c:\windows\system32\drivers\wdfcoinstaller01005.dll
2013-03-22 14:52 . 2013-03-22 14:53	--------	d-----w-	c:\windows\QLB
2013-03-22 14:36 . 2013-03-22 14:36	--------	d-----w-	c:\users\user\AppData\Roaming\Apple Computer
2013-03-22 14:27 . 2013-03-22 14:27	--------	d-----w-	c:\program files\Common Files\Adobe
2013-03-22 14:15 . 2013-03-22 14:14	861088	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-03-22 14:15 . 2013-03-22 14:14	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-03-17 08:48 . 2013-03-17 08:48	658512	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-16 06:30 . 2013-03-16 06:30	4546560	----a-w-	c:\windows\system32\GPhotos.scr
2013-03-06 19:01 . 2013-03-06 19:01	--------	d-----w-	c:\users\user\AppData\Roaming\Malwarebytes
2013-03-06 19:01 . 2013-03-06 19:01	--------	d-----w-	c:\programdata\Malwarebytes
2013-03-06 18:53 . 2013-03-06 18:53	--------	d-----w-	c:\program files\CCleaner
2013-03-06 17:52 . 2013-01-04 01:38	2048512	----a-w-	c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-23 14:19 . 2007-05-20 02:24	319456	----a-w-	c:\windows\DIFxAPI.dll
2013-03-22 15:03 . 2011-03-28 17:36	19696	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-03-22 14:14 . 2010-10-21 18:27	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-03-22 13:56 . 2013-01-04 07:45	693976	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-03-22 13:56 . 2012-01-10 15:35	73432	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-10 03:20 . 2007-05-01 10:27	2528840	----a-w-	c:\windows\system32\nvapi.dll
2013-02-10 03:20 . 2007-05-01 10:27	15038296	----a-w-	c:\windows\system32\nvd3dum.dll
2013-02-10 00:35 . 2009-10-03 09:40	4115232	----a-w-	c:\windows\system32\nvcpl.dll
2013-02-10 00:35 . 2009-10-03 09:40	3010336	----a-w-	c:\windows\system32\nvsvc.dll
2013-02-10 00:35 . 2009-10-03 09:40	634144	----a-w-	c:\windows\system32\nvvsvc.exe
2013-02-10 00:35 . 2009-10-03 09:40	62752	----a-w-	c:\windows\system32\nvshext.dll
2013-02-10 00:35 . 2009-10-03 09:40	223008	----a-w-	c:\windows\system32\nvmctray.dll
2013-01-17 00:28 . 2009-10-02 15:53	232336	------w-	c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-19 1697064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-12-13 11734240]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-23 176128]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]
"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-14 102400]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2009-5-25 44176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhoud van de 'Gedeelde Taken' map
.
2013-03-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 13:56]
.
2013-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-629475202-1314957950-352360048-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 12:34]
.
2013-03-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-629475202-1314957950-352360048-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 12:34]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=laptop
mWindow Title = Telenet Internet
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-24 09:48
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.3.0.36\diMaster.dll\" /prefetch:1"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'lsass.exe'(788)
c:\program files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItMsg.dll
.
- - - - - - - > 'Explorer.exe'(1848)
c:\windows\system32\ieframe.dll
.
Voltooingstijd: 2013-03-24  09:54:52
ComboFix-quarantined-files.txt  2013-03-24 08:54
ComboFix2.txt  2013-03-23 16:23
.
Pre-Run: 65.117.024.256 bytes beschikbaar
Post-Run: 64.566.976.512 bytes beschikbaar
.
- - End Of File - - 1F91DE8F2D5C2CD4613BE737BF2C189E

Link naar reactie
Delen op andere sites
Sarah Grootmeester

Sarah

Geplaatst:
  • Auteur
Geplaatst:
Een beroemd analist (fakemail) heeft eens gezegd, "lezen is een kunst".

Ik neem aan dat er nog geen verbetering merkbaar is? Logje ziet er iig goed uit.!

Helaas niet, windows update doet nog steeds wat vreemd, ben nu 1 per 1 de updates aan het uitvoeren om na te gaan welke problemen geeft

PC werkt heel goed en vlot met uitzondering van IE waarbij de pc nog steeds compleet vastloopt na het openen.

Alle andere programma's werken prima... Vreemd

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.