Ga naar inhoud

nation zoom


Aanbevolen berichten

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Link naar reactie
Delen op andere sites

Misschien heeft er iets mee te maken, al een tijdje wil bij op starten het automatiche update van windows uit staan krijg dan een melding onderzoek centrum.

Ook starte de pc heel traag op voor dat ik combofix deed, het bureaublad stond er al met alle snelkoppelingen maar op achter grond draaide nog iets kon ook niks aan klikken want het zand lopertje draaide steeds paar minuten later werd scherm wit toen ik er op klikte en een minuut later deed alles het weer.

Logje combofix:

ComboFix 13-12-26.01 - Henk 29-12-2013 12:28:29.4.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2436 [GMT 1:00]

Gestart vanuit: d:\henk\Desktop\FF bewaren\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Herofy

c:\programdata\Herofy\save.aps

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-11-28 to 2013-12-29 ))))))))))))))))))))))))))))))

.

.

2013-12-28 14:03 . 2013-12-28 14:04 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys

2013-12-28 13:15 . 2013-12-28 13:15 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2013-12-28 12:01 . 2013-12-28 11:41 24064 ----a-w- c:\windows\zoek-delete.exe

2013-12-28 11:42 . 2013-12-28 11:59 -------- d-----w- C:\zoek_backup

2013-12-28 00:00 . 2013-12-28 00:08 -------- d-----w- c:\program files\trend micro

2013-12-28 00:00 . 2013-12-28 00:00 -------- d-----w- C:\rsit

2013-12-27 21:33 . 2013-12-27 21:33 -------- d-----w- d:\henk\.android

2013-12-27 13:28 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9145EB5-CC75-4538-B728-A685DF2FCA08}\mpengine.dll

2013-12-15 11:52 . 2013-05-22 17:49 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2013-12-12 19:59 . 2013-12-12 19:59 -------- d-----w- c:\program files (x86)\FotoSketcher

2013-12-11 16:06 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe

2013-12-11 16:06 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe

2013-12-11 16:06 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL

2013-12-11 16:06 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL

2013-12-11 16:06 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll

2013-12-11 12:27 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll

2013-12-08 13:44 . 2013-12-08 13:44 -------- d-----w- d:\loekie\AppData\Roaming\AVAST Software

2013-12-03 22:42 . 2013-12-03 22:42 -------- d-----w- c:\windows\Migration

2013-12-03 19:13 . 2013-12-03 19:13 -------- d-----w- d:\henk\AppData\Roaming\AVAST Software

2013-12-03 16:09 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE

2013-12-03 12:01 . 2013-12-03 12:01 -------- d-----w- c:\programdata\AVAST Software

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-28 14:03 . 2013-03-19 16:05 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-12-28 14:03 . 2011-04-10 14:41 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-12-28 14:03 . 2011-01-19 19:17 334136 ----a-w- c:\windows\system32\aswBoot.exe

2013-12-28 14:03 . 2010-10-16 10:40 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-12-28 14:03 . 2010-10-16 10:40 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-12-28 14:03 . 2010-10-16 10:39 43152 ----a-w- c:\windows\avastSS.scr

2013-12-27 21:32 . 2011-06-11 00:58 773712 ----a-w- c:\windows\SysWow64\msvcr100.dll

2013-12-27 21:32 . 2011-06-11 00:58 420944 ----a-w- c:\windows\SysWow64\msvcp100.dll

2013-12-15 23:18 . 2010-11-15 14:23 90708896 ----a-w- c:\windows\system32\MRT.exe

2013-12-10 21:36 . 2012-04-03 13:53 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-12-10 21:36 . 2011-05-20 10:21 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-03 12:03 . 2013-03-19 16:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-12-03 12:03 . 2012-02-26 14:17 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-11-19 02:33 . 2010-10-16 10:32 267936 ------w- c:\windows\system32\MpSigStub.exe

2013-11-02 09:46 . 2013-11-02 09:46 98816 ----a-w- c:\windows\system32\OpenVideo64.dll

2013-11-02 09:46 . 2013-11-02 09:46 86528 ----a-w- c:\windows\system32\OVDecode64.dll

2013-11-02 09:46 . 2013-11-02 09:46 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2013-11-02 09:46 . 2013-11-02 09:46 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll

2013-11-02 09:46 . 2013-11-02 09:46 6189416 ----a-w- c:\windows\SysWow64\atiumdag.dll

2013-11-02 09:46 . 2013-11-02 09:46 6176008 ----a-w- c:\windows\SysWow64\atiumdva.dll

2013-11-02 09:46 . 2013-11-02 09:46 229376 ----a-w- c:\windows\system32\clinfo.exe

2013-11-02 09:46 . 2013-11-02 09:46 127488 ----a-w- c:\windows\system32\coinst_13.152.dll

2013-11-02 09:46 . 2013-11-02 09:46 125824 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2013-11-02 09:46 . 2010-04-07 01:22 142792 ----a-w- c:\windows\system32\atiuxp64.dll

2013-11-02 09:46 . 2013-11-02 09:46 97984 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2013-11-02 09:46 . 2013-11-02 09:46 7256496 ----a-w- c:\windows\system32\atiumd64.dll

2013-11-02 09:46 . 2013-11-02 09:46 6767240 ----a-w- c:\windows\system32\atiumd6a.dll

2013-11-02 09:46 . 2013-11-02 09:46 190976 ----a-w- c:\windows\system32\atitmm64.dll

2013-11-02 09:46 . 2013-11-02 09:46 114488 ----a-w- c:\windows\system32\atiu9p64.dll

2013-11-02 09:46 . 2013-11-02 09:46 21400064 ----a-w- c:\windows\SysWow64\atioglxx.dll

2013-11-02 09:46 . 2013-11-02 09:46 78432 ----a-w- c:\windows\system32\atimpc64.dll

2013-11-02 09:46 . 2013-11-02 09:46 78432 ----a-w- c:\windows\system32\amdpcom64.dll

2013-11-02 09:46 . 2013-11-02 09:46 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll

2013-11-02 09:46 . 2013-11-02 09:46 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2013-11-02 09:46 . 2013-11-02 09:46 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2013-11-02 09:46 . 2013-11-02 09:46 69632 ----a-w- c:\windows\system32\atiglpxx.dll

2013-11-02 09:46 . 2013-11-02 09:46 618496 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2013-11-02 09:46 . 2013-11-02 09:46 51200 ----a-w- c:\windows\system32\ATIODCLI.exe

2013-11-02 09:46 . 2013-11-02 09:46 332800 ----a-w- c:\windows\system32\ATIODE.exe

2013-11-02 09:46 . 2013-11-02 09:46 26112 ----a-w- c:\windows\system32\atimuixx.dll

2013-11-02 09:46 . 2013-11-02 09:46 25387520 ----a-w- c:\windows\system32\atio6axx.dll

2013-11-02 09:46 . 2013-11-02 09:46 12528640 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2013-11-02 09:46 . 2013-11-02 09:46 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll

2013-11-02 09:46 . 2013-11-02 09:46 8215992 ----a-w- c:\windows\SysWow64\atidxx32.dll

2013-11-02 09:46 . 2013-11-02 09:46 75264 ----a-w- c:\windows\system32\atig6pxx.dll

2013-11-02 09:46 . 2013-11-02 09:46 62464 ----a-w- c:\windows\system32\aticalrt64.dll

2013-11-02 09:46 . 2013-11-02 09:46 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll

2013-11-02 09:46 . 2013-11-02 09:46 442368 ----a-w- c:\windows\system32\atidemgy.dll

2013-11-02 09:46 . 2013-11-02 09:46 1027544 ----a-w- c:\windows\SysWow64\aticfx32.dll

2013-11-02 09:46 . 2013-11-02 09:46 100352 ----a-w- c:\windows\system32\atig6txx.dll

2013-11-02 09:46 . 2013-11-02 09:46 15716352 ----a-w- c:\windows\system32\aticaldd64.dll

2013-11-02 09:46 . 2010-04-07 02:15 1233080 ----a-w- c:\windows\system32\aticfx64.dll

2013-11-02 09:46 . 2010-04-07 02:13 571904 ----a-w- c:\windows\system32\atieclxx.exe

2013-11-02 09:46 . 2010-04-07 02:12 239616 ----a-w- c:\windows\system32\atiesrxx.exe

2013-11-02 09:46 . 2010-04-07 01:54 9464840 ----a-w- c:\windows\system32\atidxx64.dll

2013-11-02 09:46 . 2013-11-02 09:46 63488 ----a-w- c:\windows\system32\OpenCL.dll

2013-11-02 09:46 . 2013-11-02 09:46 594944 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2013-11-02 09:46 . 2013-11-02 09:46 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll

2013-11-02 09:46 . 2013-11-02 09:46 55808 ----a-w- c:\windows\system32\aticalcl64.dll

2013-11-02 09:46 . 2013-11-02 09:46 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll

2013-11-02 09:46 . 2013-11-02 09:46 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2013-11-02 09:46 . 2013-11-02 09:46 368640 ----a-w- c:\windows\system32\atiapfxx.exe

2013-11-02 09:46 . 2013-11-02 09:46 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll

2013-11-02 09:46 . 2013-11-02 09:46 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe

2013-11-02 09:46 . 2013-11-02 09:46 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe

2013-11-02 09:46 . 2010-04-07 01:24 784384 ----a-w- c:\windows\system32\atiadlxx.dll

2013-11-02 09:46 . 2013-11-02 09:46 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe

2013-11-02 09:46 . 2013-11-02 09:46 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe

2013-11-02 09:46 . 2013-11-02 09:46 28192256 ----a-w- c:\windows\system32\amdocl64.dll

2013-11-02 09:46 . 2013-11-02 09:46 23760896 ----a-w- c:\windows\SysWow64\amdocl.dll

2013-10-14 19:36 . 2013-10-14 19:36 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-10-14 19:36 . 2013-10-14 19:36 7808 ----a-w- c:\windows\system32\drivers\usbd.sys

2013-10-14 19:36 . 2013-10-14 19:36 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-10-14 19:36 . 2013-10-14 19:36 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys

2013-10-14 19:36 . 2013-10-14 19:36 325120 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-10-14 19:36 . 2013-10-14 19:36 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2013-10-14 19:36 . 2013-10-14 19:36 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys

2013-10-12 02:30 . 2013-11-13 22:59 830464 ----a-w- c:\windows\system32\nshwfp.dll

2013-10-12 02:29 . 2013-11-13 22:59 859648 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-10-12 02:29 . 2013-11-13 22:59 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL

2013-10-12 02:03 . 2013-11-13 22:59 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll

2013-10-12 02:01 . 2013-11-13 22:59 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL

2013-10-08 05:50 . 2013-10-18 10:31 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-05 20:25 . 2013-11-13 22:59 1474048 ----a-w- c:\windows\system32\crypt32.dll

2013-10-05 19:57 . 2013-11-13 22:59 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-10-04 02:28 . 2013-11-13 22:59 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll

2013-10-04 02:25 . 2013-11-13 22:59 197120 ----a-w- c:\windows\system32\credui.dll

2013-10-04 02:24 . 2013-11-13 22:59 1930752 ----a-w- c:\windows\system32\authui.dll

2013-10-04 01:58 . 2013-11-13 22:59 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56 . 2013-11-13 22:59 168960 ----a-w- c:\windows\SysWow64\credui.dll

2013-10-04 01:56 . 2013-11-13 22:59 1796096 ----a-w- c:\windows\SysWow64\authui.dll

2013-10-03 02:23 . 2013-11-13 22:59 404480 ----a-w- c:\windows\system32\gdi32.dll

2013-10-03 02:00 . 2013-11-13 22:59 311808 ----a-w- c:\windows\SysWow64\gdi32.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"= "c:\program files\Alwil Software\Avast5\aswWebRepIE.dll" [2013-12-28 1138536]

.

[HKEY_CLASSES_ROOT\clsid\{cc1a175a-e45b-41ed-a30c-c9b1d7a0c02f}]

[HKEY_CLASSES_ROOT\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-01-18 22:56 222712 ----a-w- d:\henk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-01-18 22:56 222712 ----a-w- d:\henk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-01-18 22:56 222712 ----a-w- d:\henk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Wisdom-soft ScreenHunter 5.1 Free"="c:\program files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe" [2010-08-07 5324800]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-24 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]

"StartCCC"="c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe" [2010-04-06 102400]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-12-28 3764024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux4"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]

R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]

R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]

R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt64.sys;c:\windows\SYSNATIVE\DRIVERS\KeyCrypt64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]

R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys;c:\windows\SYSNATIVE\drivers\TfNetMon.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]

R4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]

R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]

R4 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys;c:\windows\SYSNATIVE\drivers\TfFsMon.sys [x]

S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys;c:\windows\SYSNATIVE\drivers\TfSysMon.sys [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [x]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]

S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]

S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys;c:\windows\SYSNATIVE\Drivers\VMUVC.sys [x]

S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys;c:\windows\SYSNATIVE\drivers\vvftUVC.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-06-11 14:55 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 21:36]

.

2013-11-24 c:\windows\Tasks\Driver Booster Update.job

- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-02 10:12]

.

2013-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core.job

- d:\henk\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 20:35]

.

2013-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA.job

- d:\henk\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 20:35]

.

2012-11-08 c:\windows\Tasks\GlaryInitialize.job

- c:\program files (x86)\Glary Utilities\initialize.exe [2012-09-28 19:59]

.

2012-04-28 c:\windows\Tasks\Google Software Updater.job

- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-11-24 17:49]

.

2012-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 23:00]

.

2012-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 23:00]

.

2013-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core.job

- d:\henk\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-13 22:36]

.

2013-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA.job

- d:\henk\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-13 22:36]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

2013-11-23 19:44 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"= "c:\program files\Alwil Software\Avast5\aswWebRepIE64.dll" [2013-12-28 1372864]

.

[HKEY_CLASSES_ROOT\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-01-18 22:56 261624 ----a-w- d:\henk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-01-18 22:56 261624 ----a-w- d:\henk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-01-18 22:56 261624 ----a-w- d:\henk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-12-28 14:03 287280 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelliPoint"="c:\program files\microsoft intellipoint\ipoint.exe" [2010-07-06 2327952]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.nl/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

TCP: DhcpNameServer = 212.54.35.25 212.54.40.25

FF - ProfilePath - d:\henk\AppData\Roaming\Mozilla\Firefox\Profiles\spnf0wg6.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=

FF - ExtSQL: 2013-11-23 21:44; ascsurfingprotection@iobit.com; d:\henk\AppData\Roaming\Mozilla\Firefox\Profiles\spnf0wg6.default\extensions\ascsurfingprotection@iobit.com

FF - ExtSQL: 2013-12-16 23:03; adsremoval@adsremoval.net; d:\henk\AppData\Roaming\Mozilla\Firefox\Profiles\spnf0wg6.default\extensions\adsremoval@adsremoval.net

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKU-Default-Run-Advanced SystemCare 6 - c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-{E2883E8F-472F-4fb0-9522-AC9BF37916A7} - c:\program files (x86)\NOS\bin\getPlus_Helper_3004.dll

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,67,f5,ad,ed,7c,3a,42,83,b9,73,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,67,f5,ad,ed,7c,3a,42,83,b9,73,\

.

[HKEY_USERS\S-1-5-21-2771351034-1752285704-1091563883-1008\Software\SecuROM\License information*]

"datasecu"=hex:e6,21,3f,75,5d,34,c4,45,ee,16,73,29,a9,e4,1d,a6,0a,cc,fe,38,e4,

23,71,b6,87,7d,ad,cf,72,43,df,42,36,7e,15,ff,8f,b4,f0,a6,a7,9b,95,6f,46,55,\

"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

.

[HKEY_LOCAL_MACHINE\software\BlueStacks]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\windows\SysWOW64\PnkBstrB.exe

c:\windows\SysWOW64\rundll32.exe

.

**************************************************************************

.

Voltooingstijd: 2013-12-29 12:44:17 - machine werd herstart

ComboFix-quarantined-files.txt 2013-12-29 11:44

.

Pre-Run: 134.256.316.416 bytes beschikbaar

Post-Run: 133.629.386.752 bytes beschikbaar

.

- - End Of File - - 0776BC6F2D95C222A15A4CD12653BFC5

A36C5E4F47E84449FF07ED3517B43A31

wel steeds vreemd je denkt dat je aardig goed bent beveiligd maar steeds krijg je dingen binnen in je pc.

Link naar reactie
Delen op andere sites

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

Schakel alle antivirus- en antispywareprogramma's uit, want deze kunnen namelijk conflicteren met ComboFix.

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Open een nieuw leeg Kladblok scherm, kopieer en plak hierin de volgende code.

 
 Registry::
 [HKEY_CLASSES_ROOT\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}]

 File::
 d:\henk\AppData\Roaming\Mozilla\Firefox\Profiles\spnf0wg6.default\extensions\ascsurfingprotection@io bit.com
 d:\henk\AppData\Roaming\Mozilla\Firefox\Profiles\spnf0wg6.default\extensions\adsremoval@adsremoval.net

Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld:

CFScript.gif

Nu zal ComboFix vanzelf worden gestart.

Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de Combofix.txt in je volgende antwoord.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.