Ga naar inhoud

Help computer na 2 maanden weer ontzettend traag!


Aanbevolen berichten

Gast thesnubworld
Geplaatst:

ComboFix 12-04-12.03 - Gebruiker 13/04/2012 11:31:12.2.2 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3037.1491 [GMT 2:00]

Gestart vanuit: c:\users\Gebruiker\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\SwSys1.bmp

c:\windows\SwSys2.bmp

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\system32\roboot.exe

.

Besmet exemplaar van c:\windows\system32\user32.dll werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\ERDNT\cache\user32.dll

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-03-13 to 2012-04-13 ))))))))))))))))))))))))))))))

.

.

2012-04-13 09:51 . 2012-03-13 17:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{377B97AB-860D-42EF-A28B-B18676A7DB6D}\mpengine.dll

2012-04-13 09:39 . 2012-04-13 09:39 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-04-13 09:39 . 2012-04-13 09:39 -------- d-----w- c:\users\Gast\AppData\Local\temp

2012-04-13 09:39 . 2012-04-13 09:39 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-13 09:39 . 2012-04-13 09:39 -------- d-----w- c:\users\Andere gebruiker\AppData\Local\temp

2012-04-12 13:05 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-04-12 13:05 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-04-12 13:05 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-04-12 13:05 . 2012-03-06 23:02 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-04-12 13:05 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-04-12 13:05 . 2012-03-06 23:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-04-12 13:04 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr

2012-04-12 13:04 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe

2012-04-11 17:39 . 2012-04-11 18:10 -------- d-----w- C:\RecklessPk

2012-04-11 13:40 . 2012-04-11 13:42 -------- d-----w- c:\users\Gebruiker\matrixCache10

2012-04-11 12:10 . 2012-04-11 12:10 188824 ----a-w- c:\program files\Microsoft Games\Age of Empires Online\expapply.dll

2012-04-11 12:10 . 2012-04-11 12:10 429864 ----a-w- c:\program files\Microsoft Games\Age of Empires Online\AoeOnlinePatch.dll

2012-04-11 12:10 . 2012-04-11 12:10 2629928 ----a-w- c:\program files\Microsoft Games\Age of Empires Online\AoeOnlineDlg.dll

2012-04-11 12:10 . 2012-04-11 12:10 188824 ----a-w- c:\program files\Microsoft Games\Age of Empires Online\patchTemp\expapply.dll

2012-04-11 12:10 . 2012-04-11 12:10 152872 ----a-w- c:\program files\Microsoft Games\Age of Empires Online\patchTemp\AOEOnlineReplace.exe

2012-04-11 12:10 . 2012-04-11 12:10 429864 ----a-w- c:\program files\Microsoft Games\Age of Empires Online\patchTemp\AoeOnlinePatch.dll

2012-04-11 12:10 . 2012-04-11 12:10 2629928 ----a-w- c:\program files\Microsoft Games\Age of Empires Online\patchTemp\AoeOnlineDlg.dll

2012-04-10 12:13 . 2012-04-10 12:13 -------- d-----w- c:\users\Gebruiker\cx_cache

2012-04-10 09:22 . 2012-04-10 09:23 -------- d-----w- c:\program files\Audacity

2012-04-09 21:23 . 2012-04-09 21:42 -------- d-----w- c:\users\Gebruiker\.gimp-2.6

2012-04-09 21:22 . 2012-04-09 21:22 -------- d-----w- c:\program files\GIMP-2.0

2012-04-09 18:21 . 2012-04-09 18:21 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\EpicBot

2012-04-09 18:17 . 2012-04-09 18:17 -------- d-----w- c:\program files\EpicBot

2012-03-29 17:43 . 2012-03-13 17:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-03-28 10:56 . 2012-03-28 10:56 -------- d-----w- c:\windows\.jagex_cache_32

2012-03-28 08:10 . 2012-03-28 08:10 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{943510D5-44B2-4C4F-BFC2-751928CAAC4A}\gapaengine.dll

2012-03-28 06:56 . 2012-03-28 13:10 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\FOG Downloader

2012-03-28 06:26 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2E27248E-288D-4764-8510-55D7F2D1B666}\mpengine.dll

2012-03-20 12:28 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys

2012-03-20 12:28 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-03-20 12:28 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl

2012-03-19 19:29 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-03-19 19:29 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-03-19 18:37 . 2012-03-28 09:24 -------- d-----w- c:\users\Gebruiker\AppData\Local\Vitalwerks

2012-03-19 16:54 . 2012-03-19 16:54 -------- d-----w- c:\users\Gebruiker\.jagex_cache_32

2012-03-19 16:53 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll

2012-03-19 16:53 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll

2012-03-19 16:40 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-19 16:40 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-19 16:40 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-03-19 16:40 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-19 16:40 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-19 16:40 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-19 16:36 . 2012-04-10 12:01 -------- d-----w- C:\.jagex_cache_32

2012-03-19 16:33 . 2012-03-19 16:36 -------- d-----w- c:\users\Gebruiker\jagexcache

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-04 13:56 . 2011-03-09 16:26 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-16 15:35 . 2011-05-23 19:56 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-03 09:19 . 2010-06-25 07:24 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-02-23 08:18 . 2010-06-29 09:56 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-02-02 12:57 . 2012-02-02 12:57 808440 ----a-w- c:\windows\system32\CDDBUI.dll

2012-02-02 12:57 . 2012-02-02 12:57 796152 ----a-w- c:\windows\system32\CDDBControl.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Akamai NetSession Interface"="c:\users\Gebruiker\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Boot"="c:\users\Gebruiker\AppData\Roaming\Apple Computer\loader.jar" [2012-04-12 81049]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-14 8120864]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]

"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]

"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]

"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]

"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]

"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]

"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]

"APLangApp"="c:\program files\AnyPC Client\APLangApp.exe" [2009-10-20 13312]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-10 13834856]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"QuickTime Plugin Install"="c:\program files\QuickTime\Plugins\DeleteMe1.exe" [2011-09-24 86016]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-06-11 358472]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-06-11 1809992]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-06-11 3649096]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]

.

c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [N/A]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-8-16 2589808]

Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [x]

R0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [x]

R0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 135664]

R2 NEWDRIVER;NEWDRIVER;c:\windows\system32\WinVDEdrv6.sys [x]

R3 cpuz134;cpuz134;c:\users\GEBRUI~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 135664]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2011-09-29 21632]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-01-19 3595660]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1343400]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-06 57688]

S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]

S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]

S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-06-27 66080]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

Inhoud van de 'Gedeelde Taken' map

.

2012-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 12:16]

.

2012-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 12:16]

.

2012-04-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1918549753-1553974762-1166484144-1000Core.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-23 12:15]

.

2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1918549753-1553974762-1166484144-1000UA.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-23 12:15]

.

.

------- Bijkomende Scan -------

.

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKCU-Run-Spotify - c:\users\Gebruiker\AppData\Roaming\Spotify\spotify.exe

SafeBoot-WinFLAdrv.sys

AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]

"ServiceDll"="c:\program files\common files\akamai/netsession_win_6c825ce.dll"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"=hex:51,66,7a,6c,4c,1d,38,12,70,b9,67,

0d,de,2a,b0,54,cd,b3,a7,77,53,86,d1,87

"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,

8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:ac,f3,ae,49,fc,20,cc,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,23,2f,7d,10,d2,6a,4d,9c,82,93,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,23,2f,7d,10,d2,6a,4d,9c,82,93,\

.

[HKEY_USERS\S-1-5-21-1918549753-1553974762-1166484144-1000\Software\SecuROM\License information*]

"datasecu"=hex:cc,21,88,ee,f4,cd,fb,14,24,4c,b2,a3,03,8b,3f,ca,00,db,5a,d7,15,

0d,fd,da,7d,8e,31,27,8c,ce,86,0d,39,15,a7,c7,82,08,da,55,82,e3,70,bf,98,9a,\

"rkeysecu"=hex:23,77,f6,77,a6,f4,aa,19,ca,b1,3b,4c,bc,73,6a,9f

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe

c:\windows\system32\WUDFHost.exe

c:\windows\system32\nvvsvc.exe

c:\windows\system32\WUDFHost.exe

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe

c:\program files\CyberLink\Shared files\RichVideo.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\servicing\TrustedInstaller.exe

c:\windows\system32\taskhost.exe

c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe

c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe

c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe

c:\windows\system32\conhost.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

c:\program files\Windows Media Player\WMPSideShowGadget.exe

c:\program files\Windows Media Player\wmplayer.exe

c:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe

c:\program files\Logitech\GamePanel Software\Applets\LCDMedia.exe

c:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Logitech\GamePanel Software\Applets\LCDPop3.exe

c:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe

c:\program files\Java\jre6\bin\javaw.exe

c:\windows\system32\taskhost.exe

c:\program files\Java\jre6\bin\javaw.exe

.

**************************************************************************

.

Voltooingstijd: 2012-04-13 12:35:35 - machine werd herstart

ComboFix-quarantined-files.txt 2012-04-13 10:35

.

Pre-Run: 188.520.370.176 bytes beschikbaar

Post-Run: 183.957.090.304 bytes beschikbaar

.

- - End Of File - - 9B5E17632E1BEA329BE24584F858F539

Gast thesnubworld
Geplaatst:

Goed tot daarstraks microsoft essentials weer een teken gaf dat er een mogelijk bedreigende item was binnengedrongen :s maar tot nu toe nog geen schade gericht

Merci!

Geplaatst:

Indien je virusscanner de indringer tegenhoudt, doet hij alleen zijn werk. Dus dat is perfect. Wil niet zeggen dat er verder iets mis is met de PC. Indien MSE echter meldt dat er een besmet bestand OP de PC zit, is er natuurlijk wél een probleem.

Verwijder ondertussen Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien je geen problemen of vragen meer hebt, mag je dan hieronder op "markeer als opgelost" tokkelen !

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.