Ga naar inhoud

Trojaans Paard bij opstarten AVG proibleem


Aanbevolen berichten

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

  • Reacties 22
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Jullie hebben een goed hard, en als dit is opgelost krijgen jullie een flinke donatie!

Maar even over die paardjes, is dit niet nu niet gevaarlijk als ik op internet zit, of blijft het gewwon een slechte fout van AVG

??????

Link naar reactie
Delen op andere sites

Maar even over die paardjes, is dit niet nu niet gevaarlijk als ik op internet zit, of blijft het gewwon een slechte fout van AVG
Vermits de paardjes er al opzitten, heb je natuurlijk nu al problemen. Maar indien Combofix duidelijke aanduidingen geeft, zouden we alles er moeten kunnen afhalen. En daarna zit je weer safe. Maar veel hangt af van je logje van Combofix ... en daarna van de reactie van AVG.
Link naar reactie
Delen op andere sites

here we go,

ComboFix 12-07-10.01 - Thomas 10-07-2012 22:14:41.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3950.2627 [GMT 2:00]

Gestart vanuit: c:\users\Thomas\Documents\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\pkgfurotmvn

c:\programdata\Windows

c:\programdata\Windows\ccdxmmde.dat

c:\programdata\windows\drss.dat

c:\programdata\Windows\msseedir.dll

c:\programdata\Windows\xessmsxe.dat

c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato

c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk

c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk

c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-10 to 2012-07-10 ))))))))))))))))))))))))))))))

.

.

2012-07-10 20:20 . 2012-07-10 20:20 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-08 23:15 . 2012-07-08 23:15 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-07-08 23:15 . 2012-07-08 23:15 -------- d-----w- c:\program files (x86)\Oracle

2012-07-08 23:14 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-07-08 14:34 . 2012-07-08 14:34 -------- d-----w- c:\users\Thomas\AppData\Local\Macromedia

2012-07-06 09:09 . 2012-06-22 14:32 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll

2012-07-06 09:08 . 2012-07-06 09:09 -------- d-----w- c:\users\Thomas\AppData\Roaming\DVDVideoSoft

2012-06-22 22:19 . 2012-06-22 22:52 -------- d-----w- c:\programdata\MGS

2012-06-22 22:19 . 2012-06-22 22:19 -------- d-----w- C:\Microgaming

2012-06-22 21:16 . 2012-06-22 22:42 -------- d-----w- C:\Poker

2012-06-21 20:14 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-21 20:14 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-21 20:14 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-21 20:14 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-21 20:14 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-21 20:14 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-21 20:14 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-21 20:14 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-21 20:14 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-13 17:16 . 2012-05-18 02:02 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll

2012-06-13 17:16 . 2012-05-18 02:01 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll

2012-06-13 17:16 . 2012-05-17 22:38 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll

2012-06-13 17:16 . 2012-05-17 22:37 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll

2012-06-13 14:53 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll

2012-06-13 14:53 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-06-13 14:53 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-06-13 14:53 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-06-13 14:53 . 2012-05-15 01:32 3144192 ----a-w- c:\windows\system32\win32k.sys

2012-06-13 14:53 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-06-13 14:53 . 2012-05-04 10:08 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-06-13 14:53 . 2012-05-04 10:08 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-24 01:57 . 2012-04-21 14:07 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-06-24 01:57 . 2011-08-18 17:43 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-04 17:29 . 2010-08-04 13:44 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-04-22 14:40 . 2012-04-22 14:40 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-04-22 14:40 . 2012-04-22 14:40 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-04-22 14:40 . 2012-04-22 14:40 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-04-22 14:40 . 2012-04-22 14:40 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-04-22 14:40 . 2012-04-22 14:40 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-04-22 14:40 . 2012-04-22 14:40 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-04-22 14:40 . 2012-04-22 14:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-04-22 14:40 . 2012-04-22 14:40 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-04-22 14:40 . 2012-04-22 14:40 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-04-22 14:40 . 2012-04-22 14:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-04-22 14:40 . 2012-04-22 14:40 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-04-22 14:40 . 2012-04-22 14:40 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-04-22 14:40 . 2012-04-22 14:40 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-04-22 14:40 . 2012-04-22 14:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-04-22 14:40 . 2012-04-22 14:40 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-04-22 14:40 . 2012-04-22 14:40 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-04-22 14:40 . 2012-04-22 14:40 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-04-22 14:40 . 2012-04-22 14:40 222208 ----a-w- c:\windows\system32\msls31.dll

2012-04-22 14:40 . 2012-04-22 14:40 12288 ----a-w- c:\windows\system32\mshta.exe

2012-04-22 14:40 . 2012-04-22 14:40 114176 ----a-w- c:\windows\system32\admparse.dll

2012-04-22 14:40 . 2012-04-22 14:40 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-04-22 14:40 . 2012-04-22 14:40 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-04-22 14:40 . 2012-04-22 14:40 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-04-22 14:40 . 2012-04-22 14:40 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-04-22 14:40 . 2012-04-22 14:40 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-04-22 14:40 . 2012-04-22 14:40 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-04-22 14:40 . 2012-04-22 14:40 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-04-22 14:40 . 2012-04-22 14:40 603648 ----a-w- c:\windows\system32\vbscript.dll

2012-04-22 14:40 . 2012-04-22 14:40 448512 ----a-w- c:\windows\system32\html.iec

2012-04-22 14:40 . 2012-04-22 14:40 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-04-22 14:40 . 2012-04-22 14:40 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-04-22 14:40 . 2012-04-22 14:40 160256 ----a-w- c:\windows\system32\wextract.exe

2012-04-22 14:38 . 2012-04-22 14:38 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL

2012-04-22 14:38 . 2012-04-22 14:38 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2012-04-22 14:38 . 2012-04-22 14:38 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-04-22 14:38 . 2012-04-22 14:38 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2012-04-22 14:38 . 2012-04-22 14:38 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll

2012-04-22 14:38 . 2012-04-22 14:38 144384 ----a-w- c:\windows\system32\cdd.dll

2012-04-22 14:38 . 2012-04-22 14:38 1133568 ----a-w- c:\windows\system32\FntCache.dll

2012-04-22 14:38 . 2012-04-22 14:38 1863680 ----a-w- c:\windows\system32\ExplorerFrame.dll

2012-04-22 14:38 . 2012-04-22 14:38 4068864 ----a-w- c:\windows\system32\mf.dll

2012-04-22 14:38 . 2012-04-22 14:38 3181568 ----a-w- c:\windows\SysWow64\mf.dll

2012-04-22 14:38 . 2012-04-22 14:38 229888 ----a-w- c:\windows\system32\XpsRasterService.dll

2012-04-22 14:38 . 2012-04-22 14:38 206848 ----a-w- c:\windows\system32\mfps.dll

2012-04-22 14:38 . 2012-04-22 14:38 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll

2012-04-22 14:38 . 2012-04-22 14:38 135168 ----a-w- c:\windows\SysWow64\XpsRasterService.dll

2012-04-22 14:38 . 2012-04-22 14:38 257024 ----a-w- c:\windows\system32\mfreadwrite.dll

2012-04-18 01:03 . 2012-05-08 13:49 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B1A59211-F058-49E8-ADA7-5DF4D3B4EF8D}\mpengine.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]

"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-08 98304]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]

"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"ConnectionCenter"="c:\users\Thomas\AppData\Local\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

R1 imhepdwa;imhepdwa;c:\windows\system32\drivers\imhepdwa.sys [x]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 136176]

R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]

R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-24 250056]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 62800]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 136176]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-05-28 158976]

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]

R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-22 1255736]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376]

S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 87600]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-25 283200]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-06-24 202752]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-13 149032]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-23 94208]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776]

S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-23 342056]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-05-28 56344]

S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-05-31 402720]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 01:57]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 13:26]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 13:26]

.

2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3554109576-521710360-3852539908-1000Core.job

- c:\users\Thomas\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-09 18:56]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3554109576-521710360-3852539908-1000UA.job

- c:\users\Thomas\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-09 18:56]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.nl/

uInternet Settings,ProxyOverride = <local>;*.local

IE: Free YouTube to MP3 Converter - c:\users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.2.254

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]

@Denied: (A) (Everyone)

"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]

"Key"="ActionsPane"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-07-10 22:22:33

ComboFix-quarantined-files.txt 2012-07-10 20:22

.

Pre-Run: 237.161.000.960 bytes beschikbaar

Post-Run: 237.021.978.624 bytes beschikbaar

.

- - End Of File - - 34A57CDAABA15C7045C335314E0DB470

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.