Ga naar inhoud

Vista Antimalware

chermoline
 Delen

Aanbevolen berichten

kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:
Internet explorer wordt geblokkeerd door het virus, dus heb ik Firefox proberen gebruiken, als ik echter op uitvoeren klik om AVG te instaleren doet hij niets...

Dergelijk installaties moet je nooit online doen.

Je download het installatiebestand naar je harde schijf, sluit je browser en start de installatie op vanaf de harde schijf.

Link naar reactie
Delen op andere sites
chermoline Groentje

chermoline

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 10-04-26.04 - Caroline 27/04/2010 13:55:01.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.32.1043.18.1791.887 [GMT 2:00]

Gestart vanuit: E:\COMBOFIX.EXE

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\$recycle.bin\S-1-5-21-1943773145-3963604982-1269463760-500

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500

c:\users\Caroline\AppData\Local\ave.exe

c:\users\Caroline\AppData\Local\browserpcGlade\browserpcGlade.dll

c:\users\Caroline\AppData\Local\Microsoft\Windows\Temporary Internet Files\1y55k.jpg

c:\users\Caroline\AppData\Local\Microsoft\Windows\Temporary Internet Files\2lwsF.jpg

c:\users\Caroline\AppData\Local\Microsoft\Windows\Temporary Internet Files\eM3NB.jpg

c:\users\Caroline\AppData\Local\Microsoft\Windows\Temporary Internet Files\N1544uf4.jpg

c:\users\Caroline\AppData\Roaming\avdrn.dat

c:\users\Caroline\wuaucldt.exe

c:\windows\system\olepro32.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-03-27 to 2010-04-27 ))))))))))))))))))))))))))))))

.

2010-04-27 12:05 . 2010-04-27 12:05 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-04-27 10:30 . 2010-04-27 12:04 -------- d-----w- c:\users\Caroline\AppData\Local\browserpcGlade

2010-04-26 19:49 . 2010-04-26 19:49 -------- d-----w- c:\program files\Trend Micro

2010-04-26 19:04 . 2010-04-26 19:04 -------- d-----w- c:\program files\Enigma Software Group

2010-04-26 19:03 . 2010-04-27 08:16 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP

2010-04-26 19:03 . 2010-04-26 19:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-04-14 08:17 . 2010-02-23 13:14 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2010-04-14 08:17 . 2010-02-23 13:14 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2010-04-14 08:17 . 2010-02-23 13:14 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2010-04-14 08:17 . 2010-02-18 14:54 3502480 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-04-14 08:17 . 2010-02-18 14:54 3468168 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-04-14 08:17 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll

2010-04-14 08:17 . 2010-02-18 14:22 167424 ----a-w- c:\windows\system32\tcpipcfg.dll

2010-04-14 08:17 . 2010-02-18 14:19 179712 ----a-w- c:\windows\system32\iphlpsvc.dll

2010-04-14 08:17 . 2010-02-18 12:05 815104 ----a-w- c:\windows\system32\drivers\tcpip.sys

2010-04-14 08:17 . 2010-02-18 12:04 22016 ----a-w- c:\windows\system32\netiougc.exe

2010-04-14 08:17 . 2010-02-18 12:04 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys

2010-04-14 08:17 . 2010-02-18 12:04 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS

2010-04-14 08:15 . 2009-12-23 12:45 171520 ----a-w- c:\windows\system32\wintrust.dll

2010-04-14 08:14 . 2010-01-13 18:23 97792 ----a-w- c:\windows\system32\cabview.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-04-27 10:42 . 2010-01-23 19:04 -------- d-----w- c:\programdata\Norton

2010-04-27 10:40 . 2007-07-16 10:07 -------- d-----w- c:\program files\Common Files\Symantec Shared

2010-04-27 10:06 . 2007-12-04 15:22 -------- d-----w- c:\programdata\Google Updater

2010-04-26 20:12 . 2007-07-16 19:12 699276 ----a-w- c:\windows\system32\perfh013.dat

2010-04-26 20:12 . 2007-07-16 19:12 127416 ----a-w- c:\windows\system32\perfc013.dat

2010-04-26 19:36 . 2010-01-23 19:03 -------- d-----w- c:\programdata\NortonInstaller

2010-04-26 17:51 . 2007-09-09 09:49 -------- d-----w- c:\users\Caroline\AppData\Roaming\Apple Computer

2010-04-26 16:39 . 2010-04-26 16:39 16 ----a-w- c:\users\Caroline\AppData\Roaming\kcmdte.dat

2010-04-16 20:37 . 2008-07-03 17:51 -------- d-----w- c:\users\Caroline\AppData\Roaming\FrostWire

2010-04-15 08:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-04-15 08:25 . 2007-11-02 21:02 -------- d-----w- c:\programdata\Microsoft Help

2010-03-13 17:41 . 2010-03-13 17:41 -------- d-----w- c:\programdata\McAfee

2010-02-25 09:49 . 2007-09-07 21:07 103848 ----a-w- c:\users\Caroline\AppData\Local\GDIPFONTCACHEV1.DAT

2010-02-24 08:16 . 2010-03-25 09:27 181632 ------w- c:\windows\system32\MpSigStub.exe

2010-02-23 06:39 . 2010-03-31 19:06 916480 ----a-w- c:\windows\system32\wininet.dll

2010-02-23 06:33 . 2010-03-31 19:06 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-02-23 06:33 . 2010-03-31 19:06 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-02-23 04:55 . 2010-03-31 19:06 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-02-20 23:54 . 2010-03-11 02:18 24064 ----a-w- c:\windows\system32\nshhttp.dll

2010-02-20 23:51 . 2010-03-11 02:18 31232 ----a-w- c:\windows\system32\httpapi.dll

2010-02-20 21:30 . 2010-03-11 02:18 396800 ----a-w- c:\windows\system32\drivers\http.sys

2010-02-12 10:49 . 2010-03-15 13:36 293376 ----a-w- c:\windows\system32\browserchoice.exe

2009-11-19 13:04 . 2009-11-19 13:05 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

2007-07-16 19:07 . 2007-07-16 19:31 65536 --sha-w- c:\windows\oem\mp\boot\bootstat.dat

2007-07-16 19:22 . 2007-07-16 19:22 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmpcSys"="c:\program files\PACKARD BELL\SETUPMYPC\SMPSYS.EXE" [2007-05-03 1116728]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-04 68856]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.EXE" [2006-09-11 218032]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-07-16 1006264]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 815104]

"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-19 30192]

"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-21 136600]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 63712]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]

c:\users\Caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]

R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-19 30192]

S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976]

.

Inhoud van de 'Gedeelde Taken' map

2010-04-27 c:\windows\Tasks\AWC Startup.job

- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-08-01 14:33]

2010-04-27 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-16 10:55]

2010-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 20:59]

2010-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 20:59]

2007-09-07 c:\windows\Tasks\PBReg.job

- c:\program files\HDReg\HDRegDel.exe [2005-06-21 12:20]

2007-09-07 c:\windows\Tasks\PBRegbk.job

- c:\program files\HDReg\HDRegDel.exe [2005-06-21 12:20]

2010-04-27 c:\windows\Tasks\Uitgebreide garantie.job

- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-07-16 16:38]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

mStart Page = hxxp://breedband.telenet.be

mWindow Title = Telenet Internet

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game11.zylom.com/activex/zylomgamesplayer.cab

FF - ProfilePath - c:\users\Caroline\AppData\Roaming\Mozilla\Firefox\Profiles\dijb3gry.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll

FF - component: c:\users\Caroline\AppData\Roaming\Mozilla\Firefox\Profiles\dijb3gry.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-Regedit32 - c:\windows\system32\regedit.exe

HKCU-Run-browserpcGlade - c:\users\Caroline\AppData\Local\browserpcGlade\browserpcGlade.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-04-27 14:07

Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\ATK Hotkey\ASLDRSrv.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\progra~1\COMMON~1\X10\Common\x10nets.exe

c:\windows\system32\conime.exe

c:\program files\ATK Hotkey\Hcontrol.exe

c:\windows\system32\WerCon.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\servicing\TrustedInstaller.exe

c:\windows\system32\DllHost.exe

.

**************************************************************************

.

Voltooingstijd: 2010-04-27 14:19:02 - machine werd herstart

ComboFix-quarantined-files.txt 2010-04-27 12:18

Pre-Run: 41.062.453.248 bytes beschikbaar

Post-Run: 40.747.556.864 bytes beschikbaar

- - End Of File - - 15E71BC59028C5E9A174082AD2286ACE

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.