Ga naar inhoud

Pieptoon & Overblijfsel virus ?


Aanbevolen berichten

Oh, ja sorry ben altijd ongeduldig .. mijn excuses hier is de log !

ComboFix 12-01-23.02 - Kiki 25-01-2012 18:01:00.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3758.1502 [GMT 1:00]

Gestart vanuit: c:\users\Kiki\Downloads\ComboFix.exe

AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\boost_interprocess\20120125124206.125599

c:\programdata\boost_interprocess\20120125124206.125599\Nobu64AgentService

c:\programdata\boost_interprocess\20120125124206.125599\Nobu64TrayIcon

c:\users\Kiki\AppData\Roaming\.#

c:\users\Kiki\AppData\Roaming\.#\MBX@107C@2B2928.###

c:\users\Kiki\AppData\Roaming\.#\MBX@107C@2B2958.###

c:\users\Kiki\AppData\Roaming\.#\MBX@107C@2B2988.###

c:\users\Kiki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore

c:\users\Kiki\Documents\~WRL0003.tmp

c:\users\Public\Documents\~WRL0003.tmp

c:\users\Public\Documents\~WRL0099.tmp

c:\users\Public\Documents\~WRL1292.tmp

c:\windows\system32\java.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-25 to 2012-01-25 ))))))))))))))))))))))))))))))

.

.

2012-01-25 17:20 . 2012-01-25 17:20 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-01-25 11:35 . 2012-01-25 11:35 -------- d-----w- c:\windows\system32\SPReview

2012-01-25 10:29 . 2010-11-20 04:35 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui

2012-01-25 10:28 . 2010-11-20 04:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui

2012-01-25 10:28 . 2010-11-20 04:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui

2012-01-25 10:17 . 2010-11-20 04:27 594432 ----a-w- c:\windows\system32\wvc.dll

2012-01-25 10:16 . 2010-11-20 04:33 94592 ----a-w- c:\windows\system32\drivers\mountmgr.sys

2012-01-25 10:15 . 2010-11-20 04:33 289664 ----a-w- c:\windows\system32\drivers\fltMgr.sys

2012-01-25 10:05 . 2012-01-25 10:05 -------- d-----w- c:\windows\system32\EventProviders

2012-01-24 15:01 . 2012-01-25 11:37 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73168F95-80E4-4347-8DA8-CD4C2A09657E}\offreg.dll

2012-01-24 08:32 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73168F95-80E4-4347-8DA8-CD4C2A09657E}\mpengine.dll

2012-01-12 13:11 . 2012-01-23 21:36 -------- d-----w- c:\users\Kiki\AppData\Local\Spotify

2012-01-12 13:10 . 2012-01-25 10:10 -------- d-----w- c:\users\Kiki\AppData\Roaming\Spotify

2012-01-12 11:54 . 2012-01-12 11:54 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll

2012-01-12 11:54 . 2012-01-12 11:54 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll

2012-01-12 11:54 . 2012-01-12 11:54 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll

2012-01-12 11:54 . 2012-01-12 11:54 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll

2012-01-11 18:31 . 2012-01-11 18:31 -------- d-----w- c:\program files\iPod

2012-01-11 18:31 . 2012-01-11 18:32 -------- d-----w- c:\program files\iTunes

2012-01-11 13:43 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll

2012-01-11 13:43 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll

2012-01-11 13:37 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll

2012-01-11 13:37 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll

2012-01-11 13:37 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll

2012-01-11 13:37 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll

2012-01-11 13:37 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-01-11 13:37 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-25 10:48 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-01-25 10:48 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-12-10 14:24 . 2010-06-10 10:59 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-24 04:52 . 2011-12-15 05:43 3145216 ----a-w- c:\windows\system32\win32k.sys

2011-11-18 07:34 . 2011-05-24 19:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-15 13:29 . 2010-05-27 16:16 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-11-05 05:41 . 2011-12-15 05:45 1188864 ----a-w- c:\windows\system32\wininet.dll

2011-11-05 05:32 . 2011-12-15 05:42 2048 ----a-w- c:\windows\system32\tzres.dll

2011-11-05 04:35 . 2011-12-15 05:45 981504 ----a-w- c:\windows\SysWow64\wininet.dll

2011-11-05 04:26 . 2011-12-15 05:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-11-05 03:32 . 2011-12-15 05:45 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-11-05 02:48 . 2011-12-15 05:45 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-11-27 639352]

"Spotify"="c:\users\Kiki\AppData\Roaming\Spotify\Spotify.exe" [2012-01-23 4027056]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]

"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-01-21 26624]

"NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000]

"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2011-02-08 63360]

"BlackBerryAutoUpdate"="c:\program files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-08-31 623960]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Desktop Manager.lnk - c:\program files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe [2009-8-31 1799512]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 133104]

R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 133104]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]

R3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\DRIVERS\s1029bus.sys [x]

R3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1029mdfl.sys [x]

R3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1029mdm.sys [x]

R3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1029mgmt.sys [x]

R3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1029nd5.sys [x]

R3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1029obex.sys [x]

R3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1029unic.sys [x]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]

R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]

R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]

S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 12:30]

.

2012-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 12:30]

.

2012-01-24 c:\windows\Tasks\Norton Security Scan for Kiki.job

- c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-09 07:48]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-12-16 166424]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-12-16 390680]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-12-16 410136]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-21 171520]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Free YouTube to MP3 Converter - c:\users\Kiki\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}\541435950274F4: NameServer = 192.168.1.254

FF - ProfilePath - c:\users\Kiki\AppData\Roaming\Mozilla\Firefox\Profiles\avud9i4o.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Secure-zoeken

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2970309558-1504878839-2098288316-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2970309558-1504878839-2098288316-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-01-25 18:35:00

ComboFix-quarantined-files.txt 2012-01-25 17:34

.

Pre-Run: 189.420.924.928 bytes beschikbaar

Post-Run: 189.986.119.680 bytes beschikbaar

.

- - End Of File - - 044037BF920003A22B112A56876EE9B0

Link naar reactie
Delen op andere sites

Even voor de zekerheid : in het logje zitten onderdelen van McAfee en Norton/Symantec. Volgens de gegevens is McAfee de actieve scanner. Is dat ook zo ? En mogen dan alle overblijfselen van Norton weg ? Zo ja, ruimen we die meteen mee op.

Link naar reactie
Delen op andere sites

Ja ik weet niet wat het was, maar McAfee schakelde zichzelf telkens weer in, heb ik het toch niet goed gedaan .. En ja die van Norton mag weg die zat zomaar ineens @ mn laptop namelijk

---------- Post toegevoegd om 21:59 ---------- Vorige post was om 21:48 ----------

Oh en ja McAfee is de actieve scanner ha !

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\Tasks\Norton Security Scan for Kiki.job

Folder::

c:\program files (x86)\Norton Security Scan

Firefox::

FF - ProfilePath - c:\users\Kiki\AppData\Roaming\Mozilla\Firefox\Profiles\avud9i4o.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine -

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

ComboFix 12-01-23.02 - Kiki 26-01-2012 12:01:13.3.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3758.2166 [GMT 1:00]

Gestart vanuit: c:\users\Kiki\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Kiki\Desktop\CFScript.txt

AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\Tasks\Norton Security Scan for Kiki.job"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Norton Security Scan

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\{2A85E335-7417-424d-AD89-31DED1689794}.dat

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\{407D1C08-B366-4aca-92FB-E04E97F6681D}.dat

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\BilBDRes.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ccL80U.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ccScanw.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ccVrTrst.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\dec_abi.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\DefLoad.exe

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\DefUtDCD.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\diLueCbk.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ecmldr32.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\HeartBt.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\help.htm

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Microsoft.VC80.CRT.manifest

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\msl.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\msvcp80.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\msvcr80.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\patch25d.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\PrdDtRes.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ReputationCacheDB.db

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\RevList.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\SAUpdt.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ScanCore.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ScanRes.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\ScanText.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\SKUCfg.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\SKURes.dll

c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\SymHTML.dll

c:\program files (x86)\Norton Security Scan\isolate.ini

c:\programdata\boost_interprocess\20120126111402.125599

c:\programdata\boost_interprocess\20120126111402.125599\Nobu64AgentService

c:\programdata\boost_interprocess\20120126111402.125599\Nobu64TrayIcon

c:\windows\Tasks\Norton Security Scan for Kiki.job

.

Besmet exemplaar van c:\windows\SysWow64\userinit.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-26 to 2012-01-26 ))))))))))))))))))))))))))))))

.

.

2012-01-26 11:10 . 2012-01-26 11:10 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-01-25 11:35 . 2012-01-25 11:35 -------- d-----w- c:\windows\system32\SPReview

2012-01-25 10:29 . 2010-11-20 04:35 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui

2012-01-25 10:28 . 2010-11-20 04:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui

2012-01-25 10:28 . 2010-11-20 04:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui

2012-01-25 10:17 . 2010-11-20 04:27 594432 ----a-w- c:\windows\system32\wvc.dll

2012-01-25 10:16 . 2010-11-20 04:33 94592 ----a-w- c:\windows\system32\drivers\mountmgr.sys

2012-01-25 10:15 . 2010-11-20 04:33 289664 ----a-w- c:\windows\system32\drivers\fltMgr.sys

2012-01-25 10:05 . 2012-01-25 10:05 -------- d-----w- c:\windows\system32\EventProviders

2012-01-24 15:01 . 2012-01-25 11:37 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73168F95-80E4-4347-8DA8-CD4C2A09657E}\offreg.dll

2012-01-24 08:32 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73168F95-80E4-4347-8DA8-CD4C2A09657E}\mpengine.dll

2012-01-12 13:11 . 2012-01-23 21:36 -------- d-----w- c:\users\Kiki\AppData\Local\Spotify

2012-01-12 13:10 . 2012-01-26 10:26 -------- d-----w- c:\users\Kiki\AppData\Roaming\Spotify

2012-01-12 11:54 . 2012-01-12 11:54 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll

2012-01-12 11:54 . 2012-01-12 11:54 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll

2012-01-12 11:54 . 2012-01-12 11:54 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll

2012-01-12 11:54 . 2012-01-12 11:54 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll

2012-01-11 18:31 . 2012-01-11 18:31 -------- d-----w- c:\program files\iPod

2012-01-11 18:31 . 2012-01-11 18:32 -------- d-----w- c:\program files\iTunes

2012-01-11 13:43 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll

2012-01-11 13:43 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll

2012-01-11 13:37 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll

2012-01-11 13:37 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll

2012-01-11 13:37 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll

2012-01-11 13:37 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll

2012-01-11 13:37 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-01-11 13:37 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-25 10:48 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-01-25 10:48 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-12-10 14:24 . 2010-06-10 10:59 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-24 04:52 . 2011-12-15 05:43 3145216 ----a-w- c:\windows\system32\win32k.sys

2011-11-18 07:34 . 2011-05-24 19:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-15 13:29 . 2010-05-27 16:16 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-11-05 05:41 . 2011-12-15 05:45 1188864 ----a-w- c:\windows\system32\wininet.dll

2011-11-05 05:32 . 2011-12-15 05:42 2048 ----a-w- c:\windows\system32\tzres.dll

2011-11-05 04:35 . 2011-12-15 05:45 981504 ----a-w- c:\windows\SysWow64\wininet.dll

2011-11-05 04:26 . 2011-12-15 05:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-11-05 03:32 . 2011-12-15 05:45 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-11-05 02:48 . 2011-12-15 05:45 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

.

.

((((((((((((((((((((((((((((( SnapShot@2012-01-25_17.22.00 )))))))))))))))))))))))))))))))))))))))))

.

- 2010-03-30 12:39 . 2012-01-25 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-03-30 12:39 . 2012-01-26 11:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-03-30 12:39 . 2012-01-25 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-03-30 12:39 . 2012-01-26 11:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-01-26 11:12 . 2012-01-26 11:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-01-25 11:43 . 2012-01-25 11:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-01-25 11:43 . 2012-01-25 11:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-01-26 11:12 . 2012-01-26 11:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 05:01 . 2012-01-26 11:11 369556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-01-25 11:41 369556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-12-25 21:38 . 2012-01-25 18:22 1989616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2010-03-29 16:10 . 2012-01-26 11:11 2252764 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2970309558-1504878839-2098288316-1000-8192.dat

- 2010-03-29 16:10 . 2012-01-25 11:41 2252764 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2970309558-1504878839-2098288316-1000-8192.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-11-27 639352]

"Spotify"="c:\users\Kiki\AppData\Roaming\Spotify\Spotify.exe" [2012-01-23 4027056]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]

"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-01-21 26624]

"NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000]

"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2011-02-08 63360]

"BlackBerryAutoUpdate"="c:\program files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-08-31 623960]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Desktop Manager.lnk - c:\program files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe [2009-8-31 1799512]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 133104]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]

R3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\DRIVERS\s1029bus.sys [x]

R3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1029mdfl.sys [x]

R3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1029mdm.sys [x]

R3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1029mgmt.sys [x]

R3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1029nd5.sys [x]

R3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1029obex.sys [x]

R3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1029unic.sys [x]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]

R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]

R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]

R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]

S2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 133104]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]

S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 12:30]

.

2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-21 12:30]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-12-16 166424]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-12-16 390680]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-12-16 410136]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]

"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [bU]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-21 171520]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Free YouTube to MP3 Converter - c:\users\Kiki\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}\541435950274F4: NameServer = 192.168.1.254

FF - ProfilePath - c:\users\Kiki\AppData\Roaming\Mozilla\Firefox\Profiles\avud9i4o.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2970309558-1504878839-2098288316-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2970309558-1504878839-2098288316-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\windows\SysWOW64\rundll32.exe

c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe

c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

c:\windows\SysWOW64\DllHost.exe

c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe

c:\windows\SysWOW64\DllHost.exe

c:\program files\Sony\VAIO Care\listener.exe

.

**************************************************************************

.

Voltooingstijd: 2012-01-26 12:22:59 - machine werd herstart

ComboFix-quarantined-files.txt 2012-01-26 11:22

ComboFix2.txt 2012-01-25 17:35

.

Pre-Run: 190.077.968.384 bytes beschikbaar

Post-Run: 189.775.118.336 bytes beschikbaar

.

- - End Of File - - 4D6C5F17ADA828B1FDA36C691E73A42D

Link naar reactie
Delen op andere sites

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit

• via Start -> Configuratiescherm -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.

• Klik nu op "verwijderen" om alle herstelpunten te verwijderen.

• Klik op "Toepassen" en "OK".

• Herstart nu de PC.

Als dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.