Pc valt soms uit, en programma's starten niet meer

[geoffke001]

Beste

Sinds kort valt de pc geregeld uit. En werken sommige programma's niet.

Hier een hijackthis logje en eentje van mbam

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:06:23, on 20/08/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16448)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Internet Download Manager\IDMan.exe

C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

C:\Users\geoffrey\Downloads\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2946019606-1687847041-2404596117-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2946019606-1687847041-2404596117-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: Download alle links met IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download met IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10821 bytes

Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2012.08.20.07

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

geoffrey :: GEOFFREY-PC [administrator]

Realtime bescherming: Ingeschakeld

20/08/2012 18:05:38

mbam-log-2012-08-20 (18-05-38).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 215675

Verstreken tijd: 1 minuut/minuten, 37 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

[Dasle]

Hoi geoffke001,

Heb je topic verplaatst naar "Bestrijding spyware, virussen"

Zodra de experts (Kape & Kweezie Wabbit) online komen analyseren ze je logje en helpen ze je verder. ;-)

[kape]

Logje ziet er probleemloos uit. Doe even het volgende :

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[geoffke001]

wat ik er ook nog even wil bij vermelden. Firefox cracht de hele tijd, als ik naar een filmpje kijk op youtube, dan cracht hij.

Ik zal vanavond die combofix doen. Zit momenteel op het werk.

[geoffke001]

ComboFix 12-08-20.02 - geoffrey 21/08/2012 18:33:26.1.6 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.16381.14269 [GMT 2:00]

Gestart vanuit: c:\users\geoffrey\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\SysWow64\FlashPlayerInstaller.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-21 to 2012-08-21 ))))))))))))))))))))))))))))))

.

.

2012-08-20 16:03 . 2012-08-20 16:17 -------- d-----w- c:\users\geoffrey\AppData\Roaming\AVG

2012-08-19 14:24 . 2012-08-19 14:25 -------- d-----w- c:\programdata\Spotnet

2012-08-19 14:24 . 2012-08-19 14:24 -------- d-----w- c:\program files (x86)\Spotnet

2012-08-16 19:02 . 2012-08-16 19:02 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared

2012-08-16 18:22 . 2012-08-16 18:22 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-08-16 18:21 . 2012-08-21 16:27 -------- d-----w- c:\windows\system32\drivers\AVG

2012-08-16 18:21 . 2012-08-16 18:32 -------- d-----w- c:\programdata\AVG2012

2012-08-16 18:21 . 2012-08-16 18:21 -------- d-----w- C:\$AVG

2012-08-16 18:21 . 2012-08-20 15:55 -------- d-----w- c:\program files (x86)\AVG

2012-08-16 18:18 . 2012-08-20 16:21 -------- d-----w- c:\programdata\MFAData

2012-08-16 18:18 . 2012-08-16 18:18 -------- d--h--w- c:\programdata\Common Files

2012-08-16 16:40 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-08-16 16:40 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-08-16 16:40 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll

2012-08-16 16:40 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll

2012-08-16 16:40 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-08-16 15:18 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5A0668C8-8EDD-4302-A819-F4808E42F23A}\mpengine.dll

2012-08-16 15:18 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll

2012-08-16 15:18 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2012-08-16 15:18 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll

2012-08-16 15:18 . 2012-02-11 06:39 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-16 15:18 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-16 15:18 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe

2012-08-16 15:18 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll

2012-08-13 17:08 . 2012-08-13 17:08 -------- d-----w- c:\users\geoffrey\AppData\Roaming\Malwarebytes

2012-08-13 17:08 . 2012-08-13 17:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-13 17:08 . 2012-08-13 17:08 -------- d-----w- c:\programdata\Malwarebytes

2012-08-13 17:08 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-10 15:19 . 2012-08-19 14:41 -------- d-----w- c:\users\geoffrey\AppData\Local\QuickPar

2012-08-10 15:18 . 2012-08-10 15:18 -------- d-----w- c:\program files (x86)\QuickPar

2012-08-10 15:15 . 2012-08-10 15:15 -------- d-----w- c:\program files (x86)\Rar Repair Tool

2012-08-07 18:57 . 2012-08-20 18:43 -------- d-----w- c:\users\geoffrey\AppData\Roaming\Skype

2012-08-07 18:57 . 2012-08-07 18:57 -------- d-----w- c:\program files (x86)\Common Files\Skype

2012-08-07 18:57 . 2012-08-07 18:57 -------- d-----r- c:\program files (x86)\Skype

2012-08-07 18:57 . 2012-08-07 18:57 -------- d-----w- c:\programdata\Skype

2012-08-07 16:13 . 2012-08-07 16:13 -------- d-----w- c:\programdata\FLEXnet

2012-08-07 16:10 . 2012-08-07 16:10 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2012-08-07 16:08 . 2012-08-16 19:07 -------- d-----w- c:\program files\AutoCAD 2010

2012-08-07 16:08 . 2012-08-16 19:02 -------- d-----w- c:\program files\Common Files\Autodesk Shared

2012-08-07 16:08 . 2012-08-16 19:01 -------- d-----w- c:\programdata\Autodesk

2012-08-07 16:08 . 2012-08-16 16:36 -------- d-----w- c:\users\geoffrey\AppData\Roaming\Autodesk

2012-08-07 16:08 . 2012-08-07 16:08 -------- d-----w- c:\users\geoffrey\AppData\Local\Autodesk

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-20 16:04 . 2012-07-04 17:53 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-20 16:04 . 2012-07-04 17:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-05 19:53 . 2012-07-05 16:08 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2012-08-05 19:53 . 2012-07-05 16:08 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2012-08-05 19:52 . 2012-07-04 19:43 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2012-07-13 08:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-07-13 08:25 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-07-12 19:43 . 2012-07-05 15:39 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-07-08 15:44 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-07-05 20:06 . 2012-07-13 15:08 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-07-05 20:06 . 2012-07-13 15:08 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-05 16:12 . 2012-07-04 19:43 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-07-05 15:32 . 2012-07-05 15:32 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-07-05 15:32 . 2012-07-05 15:32 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-07-05 15:32 . 2012-07-05 15:32 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-07-05 15:32 . 2012-07-05 15:32 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-07-05 15:32 . 2012-07-05 15:32 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-07-05 15:32 . 2012-07-05 15:32 82432 ----a-w- c:\windows\system32\icardie.dll

2012-07-05 15:32 . 2012-07-05 15:32 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-07-05 15:32 . 2012-07-05 15:32 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-07-05 15:32 . 2012-07-05 15:32 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-07-05 15:32 . 2012-07-05 15:32 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-07-05 15:32 . 2012-07-05 15:32 697344 ----a-w- c:\windows\system32\msfeeds.dll

2012-07-05 15:32 . 2012-07-05 15:32 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-07-05 15:32 . 2012-07-05 15:32 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-07-05 15:32 . 2012-07-05 15:32 603648 ----a-w- c:\windows\system32\vbscript.dll

2012-07-05 15:32 . 2012-07-05 15:32 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-07-05 15:32 . 2012-07-05 15:32 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-07-05 15:32 . 2012-07-05 15:32 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-07-05 15:32 . 2012-07-05 15:32 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-07-05 15:32 . 2012-07-05 15:32 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-07-05 15:32 . 2012-07-05 15:32 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-07-05 15:32 . 2012-07-05 15:32 448512 ----a-w- c:\windows\system32\html.iec

2012-07-05 15:32 . 2012-07-05 15:32 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-07-05 15:32 . 2012-07-05 15:32 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-07-05 15:32 . 2012-07-05 15:32 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-07-05 15:32 . 2012-07-05 15:32 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-07-05 15:32 . 2012-07-05 15:32 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-07-05 15:32 . 2012-07-05 15:32 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-07-05 15:32 . 2012-07-05 15:32 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-07-05 15:32 . 2012-07-05 15:32 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-07-05 15:32 . 2012-07-05 15:32 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-07-05 15:32 . 2012-07-05 15:32 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-07-05 15:32 . 2012-07-05 15:32 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-07-05 15:32 . 2012-07-05 15:32 222208 ----a-w- c:\windows\system32\msls31.dll

2012-07-05 15:32 . 2012-07-05 15:32 197120 ----a-w- c:\windows\system32\msrating.dll

2012-07-05 15:32 . 2012-07-05 15:32 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-07-05 15:32 . 2012-07-05 15:32 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-07-05 15:32 . 2012-07-05 15:32 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-07-05 15:32 . 2012-07-05 15:32 160256 ----a-w- c:\windows\system32\wextract.exe

2012-07-05 15:32 . 2012-07-05 15:32 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-07-05 15:32 . 2012-07-05 15:32 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-07-05 15:32 . 2012-07-05 15:32 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-07-05 15:32 . 2012-07-05 15:32 149504 ----a-w- c:\windows\system32\occache.dll

2012-07-05 15:32 . 2012-07-05 15:32 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-07-05 15:32 . 2012-07-05 15:32 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-07-05 15:32 . 2012-07-05 15:32 12288 ----a-w- c:\windows\system32\mshta.exe

2012-07-05 15:32 . 2012-07-05 15:32 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-07-05 15:32 . 2012-07-05 15:32 114176 ----a-w- c:\windows\system32\admparse.dll

2012-07-05 15:32 . 2012-07-05 15:32 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-07-05 15:32 . 2012-07-05 15:32 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-07-05 15:32 . 2012-07-05 15:32 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-07-05 15:32 . 2012-07-05 15:32 103936 ----a-w- c:\windows\system32\inseng.dll

2012-07-05 15:32 . 2012-07-05 15:32 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-06-13 01:59 . 2012-07-08 09:09 65152 ----a-w- c:\windows\system32\drivers\EtronHub3.sys

2012-06-13 01:59 . 2012-07-08 09:09 88576 ----a-w- c:\windows\system32\drivers\EtronXHCI.sys

2012-06-09 05:43 . 2012-07-12 17:05 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-12 17:05 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-12 17:05 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-12 17:05 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-12 17:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-12 17:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-12 17:05 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-07-04 17:13 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-07-04 17:13 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-07-04 17:13 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-07-04 17:13 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-07-04 17:13 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-07-04 17:13 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-07-04 17:13 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-07-04 17:13 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-07-04 17:13 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-12 17:05 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-12 17:05 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:48 . 2012-07-12 17:05 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:45 . 2012-07-12 17:05 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-12 17:05 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-12 17:05 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-12 17:05 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-12 17:05 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-12 17:05 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 10:25 . 2012-07-04 17:37 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-06-07 3491264]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712]

"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-20 250056]

R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-08-07 1030600]

R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2012-07-04 427672]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]

R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-05 1255736]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]

S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2012-06-13 65152]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2012-06-13 88576]

S3 LVUVC64;Logitech Webcam C100(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-04 16:04]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-16 12445288]

"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://google.be/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Download alle links met IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm

IE: Download met IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm

TCP: DhcpNameServer = 195.130.131.5 195.130.130.133

FF - ProfilePath - c:\users\geoffrey\AppData\Roaming\Mozilla\Firefox\Profiles\pp1ofceu.default\

FF - prefs.js: browser.startup.homepage - hxxp://google.be/

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2946019606-1687847041-2404596117-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2946019606-1687847041-2404596117-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-2946019606-1687847041-2404596117-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{43C7AA6E-463D-8D9A-7F17-1BE41B3FA8C1}*]

"makagpcbknkjnfeejifhlokkfn"=hex:6f,61,6a,6f,64,6c,6d,64,62,68,65,6a,6b,64,61,

69,65,6e,70,61,6e,6f,6d,61,6f,6c,6a,68,67,70,00,66

"abjanpchignfpikbmcgeocjmokfagnlajk"=hex:70,61,70,61,6f,65,6a,61,68,68,69,67,

6e,6c,6d,64,6a,6b,6f,6a,6a,63,62,69,6b,6a,68,65,61,6f,62,66,00,00

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SysWOW64\PnkBstrA.exe

.

**************************************************************************

.

Voltooingstijd: 2012-08-21 18:39:05 - machine werd herstart

ComboFix-quarantined-files.txt 2012-08-21 16:39

.

Pre-Run: 6.796.972.032 bytes beschikbaar

Post-Run: 7.079.591.936 bytes beschikbaar

.

- - End Of File - - 7655A418013BA4544A91F6DBD6707DDA

[kape]

Dit ziet er nochtans helemaal niet slecht uit. Verwijder de huidige versie van Firefox eens en download een nieuwe cleane versie. Dan kan je bekijken of je daarmee eveneens de You Tube-problemen hebt of niet ?

[geoffke001]

Beste Kape

Ik kreeg een melding gisteren tijdens het opstarten van combofix.

"polymorfisch 'virut' virus combofix"

Ik heb dan op een andere site combofix gedownload en toen starte het wel. (op bleeping computer heb ik de andere combofix gedownload)

Zou dit miscchien de oorzaak zijn dat sommige programmas vastliepen en firefox crachte?

Mvg Geoffrey

Het is precies deze melding.

!! OPGELET !! Het is NIET VEILIG om verder te gaan!

De inhoud van het ComboFix pakket werd gewijzigd. Gelieve een

nieuwe kopie te downloaden via: Begeleiding en Tutorial voor het gebruik van ComboFix.

Nota: Jouw systeem is mogelijk besmet met het polymorfisch 'Virut' virus.

[kape]

Indien je een Virut-infectie zou hebben, is dat slecht nieuws

Maar kan je eerst de nieuwe Combofix dan nog eens laten scannen ?

[geoffke001]

Kan de pc zelfs niet meet opstarten. Ik heb al geprobeerd om een nieuwe versie van windows 7 erop te zetten maar kreeg een schrijffout. Denk dat de dvd verkeerd gebrand is. Zal vanavond eens opnieuw branden met mijn laptop.

[kape]

Je kan ook dit eens proberen :

Download het Avira AntiVir Rescue System (via een niet besmette PC) en sla dit op je bureaublad op.

• Stop een lege CD/DVD in je computer.
  
• Dubbelklik op rescue_system-common-en.exe.
  
• Selecteer het station waar de lege CD/DVD in zit.
  
• Klik op de knop Burn CD om het Avira AntiVir Rescue System op die lege CD/DVD te branden.
  

Voer deze stappen uit op de geïnfecteerde pc:

• Stop de CD/DVD, met daarop het Avira AntiVir Rescue System, in je geïnfecteerde PC.
  
• Start die PC opnieuw op.
  
• Druk op de toets 1 om je computer vanaf de CD/DVD op te starten.
  
• Het Avira AntiVir Rescue System zal automatisch worden geopend.
  
• Klik linksonder op de Engelse vlag als je alles in het Duits ziet. Zo wordt de taal Engels.
  
• Klik links op de knop Configuration.
  
• Zorg ervoor dat Scan all files onder Scan Mode is geselecteerd.
  
• Zorg ervoor dat Try to repair infected files en Rename files, if they cannot be removed? onder Action at malware discovery is geselecteerd.
  
• Klik links op de knop Virus Scanner en klik vervolgens op Start Scanner.
  
• Het Avira AntiVir Rescue System zal je computer nu gaan scannen. De scan kan veel tijd in beslag nemen.
  
• Haal de CD/DVD uit je computer als het scannen klaar is en start je computer daarna opnieuw op.