Ga naar inhoud

Incredibar (45)


Aanbevolen berichten

Bij deze de combofix log

ComboFix 12-07-10.01 - Gebruiker 10-07-2012 22:00:07.2.2 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3037.2005 [GMT 2:00]

Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\erdnt\cache\userinit.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-10 to 2012-07-10 ))))))))))))))))))))))))))))))

.

.

2012-07-10 20:08 . 2012-07-10 20:08 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-10 19:13 . 2012-07-10 19:13 -------- d-----w- c:\programdata\AVG Secure Search

2012-07-10 10:36 . 2012-07-10 10:36 -------- d-----w- c:\programdata\GFI Software

2012-07-09 20:50 . 2012-07-09 20:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-07-09 20:50 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-09 10:20 . 2012-07-09 10:20 -------- d-----w- c:\program files\Microsoft Silverlight

2012-07-08 01:00 . 2012-07-08 01:00 -------- d-----w- c:\program files\MSXML 4.0

2012-07-08 00:19 . 2012-07-10 20:10 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp

2012-07-07 00:51 . 2012-07-07 00:51 -------- d-----w- c:\users\Gebruiker\AppData\Local\Macromedia

2012-07-07 00:51 . 2012-07-07 00:51 -------- d-----w- c:\users\Gebruiker\AppData\Local\Mozilla

2012-07-07 00:50 . 2012-07-07 00:50 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-07-07 00:29 . 2012-07-07 00:29 -------- d-----w- C:\STOPzilla!

2012-07-07 00:25 . 2012-07-07 00:28 -------- d-----w- c:\users\TEMP

2012-07-07 00:13 . 2012-07-07 00:13 -------- d-----w- c:\program files\Safer Networking

2012-07-06 23:45 . 2012-07-06 23:45 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\SpeedyPC Software

2012-07-06 23:45 . 2012-07-06 23:45 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\DriverCure

2012-07-06 23:45 . 2012-07-06 23:45 -------- d-----w- c:\program files\SpeedyPC Software

2012-07-06 23:45 . 2012-07-06 23:45 -------- d-----w- c:\program files\Common Files\SpeedyPC Software

2012-07-06 23:45 . 2012-07-06 23:45 -------- d-----w- c:\programdata\SpeedyPC Software

2012-07-06 22:53 . 2012-07-06 22:53 -------- d-----w- c:\users\Gebruiker\AppData\Local\VS Revo Group

2012-07-06 22:53 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys

2012-07-06 22:53 . 2012-07-06 22:53 -------- d-----w- c:\program files\VS Revo Group

2012-07-06 19:09 . 2012-07-10 10:37 -------- d-----w- c:\program files\Ad-Aware Antivirus

2012-07-06 19:06 . 2012-07-06 19:06 -------- d-----w- c:\users\Gebruiker\AppData\Local\adawarebp

2012-07-06 18:56 . 2012-07-06 18:56 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes

2012-07-06 18:56 . 2012-07-06 18:56 -------- d-----w- c:\programdata\Malwarebytes

2012-07-06 16:43 . 2012-07-06 17:13 -------- d-----w- c:\programdata\clp

2012-07-06 16:22 . 2012-07-06 22:08 -------- d-----w- c:\program files\PC Tools Security

2012-07-06 16:18 . 2012-07-06 16:22 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\GetRightToGo

2012-07-05 14:05 . 2012-07-05 14:05 -------- d-----w- c:\program files\Perion

2012-07-04 18:57 . 2012-07-04 18:57 -------- d-----w- c:\users\Gebruiker\AppData\Local\Facebook

2012-07-04 00:53 . 2007-10-01 12:59 1769984 ----a-w- c:\windows\system32\drivers\snp2uvc.sys

2012-07-04 00:53 . 2007-09-15 07:22 371 ----a-w- c:\windows\Uninstvga.bat

2012-07-04 00:53 . 2007-09-15 07:22 372 ----a-w- c:\windows\Uninstsxga.bat

2012-07-04 00:53 . 2007-09-15 07:01 386 ----a-w- c:\windows\Uninstsxga.reg

2012-07-04 00:53 . 2007-09-15 07:01 384 ----a-w- c:\windows\Uninstvga.reg

2012-07-04 00:53 . 2007-05-09 13:16 28160 ----a-w- c:\windows\system32\drivers\sncduvc.sys

2012-07-04 00:53 . 2006-11-23 20:20 11776 ----a-w- c:\windows\DrvInst.exe

2012-07-04 00:16 . 2012-07-04 00:16 -------- d-----w- c:\windows\system32\RTCOM

2012-07-04 00:16 . 2012-07-04 00:16 -------- d-----w- c:\program files\Realtek

2012-07-04 00:16 . 2011-05-02 12:27 3296600 ----a-w- c:\windows\system32\R4EEP32A.dll

2012-07-04 00:16 . 2011-05-02 12:27 103256 ----a-w- c:\windows\system32\R4EEL32A.dll

2012-07-04 00:16 . 2011-05-02 12:27 88408 ----a-w- c:\windows\system32\R4EEA32A.dll

2012-07-04 00:16 . 2011-05-02 12:27 61272 ----a-w- c:\windows\system32\R4EEG32A.dll

2012-07-04 00:16 . 2011-05-02 12:27 345944 ----a-w- c:\windows\system32\R4EED32A.dll

2012-07-04 00:15 . 2012-07-04 00:15 -------- d-----w- c:\program files\Intel

2012-07-03 20:43 . 2012-07-03 20:43 -------- d-----w- c:\program files\FLV Toolbar

2012-07-02 23:50 . 2012-07-02 23:50 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\cookies

2012-07-02 20:49 . 2012-07-02 20:49 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Reviversoft

2012-07-02 20:49 . 2012-07-02 20:49 -------- d-----w- c:\program files\Reviversoft

2012-07-02 18:43 . 2012-06-18 01:14 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{66236F71-99BB-46D5-8066-67061D8B091B}\mpengine.dll

2012-07-02 14:40 . 2012-07-04 15:37 -------- d-----w- c:\programdata\Norton

2012-07-02 11:05 . 2012-07-02 11:08 -------- d-----w- c:\program files\YourFileDownloader

2012-07-02 11:05 . 2012-07-02 11:05 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\YourFileDownloader

2012-07-02 09:34 . 2012-07-04 15:43 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Systweak

2012-07-02 09:21 . 2012-07-04 00:47 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\RadarSync

2012-07-02 09:21 . 2012-07-02 23:57 -------- d-----w- c:\program files\RadarSync

2012-07-02 09:13 . 2012-07-02 09:13 80488 ----a-w- c:\windows\system32\RtNicProp32.dll

2012-07-02 09:13 . 2012-07-02 09:13 514152 ----a-w- c:\windows\system32\drivers\Rt86win7.sys

2012-07-02 09:13 . 2012-07-02 09:13 100968 ----a-w- c:\windows\system32\RTNUninst32.dll

2012-07-02 09:06 . 2012-07-02 09:06 14344 ----a-w- c:\windows\system32\drivers\PuAcpi32.sys

2012-07-02 09:05 . 2012-07-02 09:06 -------- d-----w- c:\windows\system32\sda

2012-07-02 09:05 . 2012-07-02 09:05 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll

2012-07-02 09:05 . 2012-07-02 09:05 313960 ----a-w- c:\windows\system32\RtsUStor.dll

2012-07-02 09:05 . 2012-07-02 09:05 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys

2012-07-02 08:52 . 2012-07-02 08:52 -------- d-----w- c:\programdata\Uniblue

2012-07-02 08:44 . 2012-07-03 23:25 -------- d-----w- c:\program files\DownloadManager

2012-07-02 06:42 . 2012-07-02 06:42 -------- d-----w- c:\users\Gebruiker\AppData\Local\Messenger_Plus_Live

2012-07-02 06:34 . 2012-07-10 18:22 -------- d-----w- c:\programdata\Messenger Plus! for Skype

2012-07-02 04:58 . 2012-07-04 01:29 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Audacity

2012-07-02 04:58 . 2012-07-02 04:58 -------- d-----w- c:\program files\Audacity

2012-07-01 23:22 . 2012-07-01 23:22 -------- d-----w- c:\program files\iPod

2012-07-01 23:22 . 2012-07-01 23:23 -------- d-----w- c:\program files\iTunes

2012-07-01 23:15 . 2012-07-01 23:15 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll

2012-07-01 23:15 . 2012-07-01 23:15 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll

2012-07-01 23:15 . 2012-07-01 23:15 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll

2012-07-01 23:15 . 2012-07-01 23:15 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll

2012-07-01 23:15 . 2012-07-01 23:15 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll

2012-07-01 23:15 . 2012-07-01 23:15 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll

2012-07-01 23:15 . 2012-07-01 23:15 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll

2012-07-01 23:15 . 2012-07-01 23:15 -------- d-----w- c:\program files\QuickTime

2012-07-01 23:09 . 2012-07-01 23:14 -------- d-----w- c:\users\Gebruiker\AppData\Local\Apple Computer

2012-07-01 23:07 . 2012-07-01 23:07 -------- d-----w- c:\users\Gebruiker\AppData\Local\Apple

2012-07-01 23:07 . 2012-07-01 23:07 -------- d-----w- c:\program files\Apple Software Update

2012-06-28 22:28 . 2012-07-05 14:14 -------- d-----w- c:\program files\1ClickDownload

2012-06-28 01:06 . 2012-07-02 11:11 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\ApplicationData

2012-06-28 00:07 . 2012-06-28 16:16 -------- d-----w- c:\windows\system32\C2MP

2012-06-27 22:24 . 2012-06-27 22:24 -------- d-----w- c:\program files\FireArc Arcade

2012-06-26 07:08 . 2012-07-02 12:31 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\vlc

2012-06-26 07:05 . 2012-06-26 07:05 -------- d-----w- c:\program files\VideoLAN

2012-06-26 01:50 . 2012-07-06 18:19 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Windows Live Writer

2012-06-26 01:50 . 2012-06-26 01:51 -------- d-----w- c:\users\Gebruiker\AppData\Local\Windows Live Writer

2012-06-25 20:33 . 2012-06-25 20:33 -------- d-----w- c:\program files\Common Files\SNP2UVC

2012-06-25 20:33 . 2008-08-21 11:46 184320 ----a-w- c:\windows\system32\rsnp2uvc.dll

2012-06-25 20:33 . 2008-08-21 11:19 188928 ----a-w- c:\windows\FixCamera.exe

2012-06-25 20:33 . 2008-08-20 16:04 291328 ----a-w- c:\windows\system32\vsnp2uvc.dll

2012-06-25 20:33 . 2008-08-01 14:10 675840 ----a-w- c:\windows\vsnp2uvc.exe

2012-06-25 20:33 . 2007-07-04 15:28 176128 ----a-w- c:\windows\system32\csnp2uvc.dll

2012-06-25 20:33 . 2012-07-02 11:34 -------- d--h--w- c:\program files\InstallShield Installation Information

2012-06-25 20:32 . 2012-06-25 20:32 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\InstallShield

2012-06-25 17:17 . 2012-06-25 17:17 -------- d-----w- c:\users\Gebruiker\AppData\Local\Diagnostics

2012-06-24 18:49 . 2012-06-24 18:49 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Helios

2012-06-22 21:27 . 2012-06-22 21:27 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\driveridentifier

2012-06-22 21:23 . 2012-07-05 15:24 8253 ----a-w- C:\user.js

2012-06-22 07:03 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-22 07:03 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-22 07:03 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-22 07:03 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-22 07:03 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-22 07:03 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-22 07:03 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-22 07:03 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-22 07:03 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-22 01:03 . 2012-06-22 01:03 -------- d-----w- c:\users\Gebruiker\AppData\Local\Application Data

2012-06-22 01:02 . 2012-06-22 01:03 -------- d-----w- c:\users\Gebruiker\AppData\Local\Mixxx

2012-06-22 00:46 . 2012-07-02 00:57 -------- d-----w- c:\programdata\FLV.com FLV Downloader

2012-06-22 00:45 . 2012-06-22 00:46 -------- d-----w- c:\program files\GreenTree Applications

2012-06-22 00:36 . 2012-06-22 00:36 -------- d-----w- c:\program files\TextPad 6

2012-06-21 16:56 . 2012-06-21 19:55 -------- d-----w- c:\programdata\FLEXnet

2012-06-21 16:52 . 2012-06-21 16:52 -------- d-----w- c:\program files\Adobe Media Player

2012-06-21 16:50 . 2012-06-21 16:50 -------- d-----w- c:\program files\Common Files\Adobe AIR

2012-06-21 16:49 . 2012-06-26 01:59 -------- d-----w- c:\users\Gebruiker\AppData\Local\Adobe

2012-06-21 16:46 . 2012-06-21 16:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2012-06-21 03:36 . 2012-07-02 05:32 -------- d-----w- c:\program files\uTorrent

2012-06-21 03:35 . 2012-07-06 23:35 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\uTorrent

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-23 16:27 . 2012-05-15 20:05 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-23 16:27 . 2011-09-04 10:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-21 02:56 . 2011-11-04 04:12 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-06-19 22:52 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-04-22 20:14 . 2012-04-22 20:14 3515392 ----a-w- c:\windows\system32\ffdshow.ax

2012-04-22 20:12 . 2012-04-22 20:12 4424704 ----a-w- c:\windows\system32\ffmpeg.dll

2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\system32\QuickTime.qts

2012-06-14 22:19 . 2012-07-07 00:50 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]

R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 MsgPlusService;Messenger Plus! Service;c:\program files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [x]

S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MTsensor32;PU ACPI UTILITY;c:\windows\system32\DRIVERS\PuAcpi32.sys [x]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 16:27]

.

2012-07-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1806121398-1714762283-3524785201-1000Core.job

- c:\users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-04 18:57]

.

2012-07-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1806121398-1714762283-3524785201-1000UA.job

- c:\users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-04 18:57]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1806121398-1714762283-3524785201-1000Core.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-10 10:44]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1806121398-1714762283-3524785201-1000UA.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-10 10:44]

.

2012-07-07 c:\windows\Tasks\SpeedyPC Pro.job

- c:\program files\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2012-01-30 22:17]

.

2012-07-10 c:\windows\Tasks\SpeedyPC Registration3.job

- c:\program files\Common Files\SpeedyPC Software\UUS3\UUS3.dll [2012-01-30 22:17]

.

2012-07-07 c:\windows\Tasks\SpeedyPC Update Version3.job

- c:\program files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-01-30 22:17]

.

.

------- Bijkomende Scan -------

.

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\b9wuec43.default\

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(2392)

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\AVG\AVG2012\avgnsx.exe

c:\program files\AVG\AVG2012\avgemcx.exe

c:\windows\system32\taskhost.exe

c:\windows\system32\conhost.exe

c:\windows\system32\DllHost.exe

c:\windows\system32\sppsvc.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Voltooingstijd: 2012-07-10 22:14:29 - machine werd herstart

ComboFix-quarantined-files.txt 2012-07-10 20:14

ComboFix2.txt 2012-07-08 00:28

.

Pre-Run: 117.301.940.224 bytes beschikbaar

Post-Run: 117.413.806.080 bytes beschikbaar

.

- - End Of File - - 9D2269529EF8977F937C8B986D1D1D1E

Link naar reactie
Delen op andere sites

  • Reacties 23
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Heb je topic even heropend, want de gebruikte tools en de restjes van allerlei aard moet je zeker nog verwijderen :

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In Windows 7

  • via Start -> Configuratiescherm -> Systeem & Beveiliging -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  • Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  • Klik op "Toepassen" en "OK".
  • Herstart nu de PC.

Indien dit allemaal probleemloos verlopen is, mag je hieronder definitief op "markeer als opgelost" tokkelen !

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.