Ga naar inhoud

Norton Security Scan Virus

Olivier2011
 Delen

Aanbevolen berichten

Olivier2011 Groentje

Olivier2011

Geplaatst:
Geplaatst:

hallo,

ben ik weer nu heb ik Norton Security Scan virus.. Ik heb hier een logje, misschien helpt het. alvast bedankt

groeten

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 0:46:04, on 30-8-2010

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18498)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Sweex\Installer\Win2k\SWU.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\System32\notepad.exe

C:\Users\Olivier\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Windows\system32\conime.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Users\Olivier\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Users\Olivier\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Users\Olivier\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe

C:\Windows\system32\taskeng.exe

C:\Users\Olivier\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Norton Security Scan\Engine\2.7.3.34\NSS.exe

C:\Users\Olivier\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [Google Update] "C:\Users\Olivier\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: Sweex WiFi Utility.lnk = C:\Program Files\Sweex\Installer\Win2k\SWU.exe

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--

End of file - 6717 bytes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Naar ik aanneem heb je geen Norton/Symantec-programma actief als antivirusscanner, maar wel Antivir. Of heb je eerder een programma van Norton gehad ? Laat even weten of deze veronderstelling klopt.

Doe in elk geval al dit :

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Lees hier meer over correct gebruik van Combofix.

  • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: Klik hier Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
  • Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
  • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd. Als deze Recovery Console al is geïnstalleerd zal ComboFix automatisch verder gaan met het scannen naar malware
  • Volg anders de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren. Wanneer de Recovery Console succesvol is geïnstalleerd, klik je op “JA” om verder te gaan met het scannen naar malware.

NOTA: Wanneer ComboFix start, kan het zijn dat je een foutmelding krijgt dat “De inhoud van het ComboFix pakket werd gewijzigd”. Ga dan niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer. Blijf je die melding krijgen dan meld je dit.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
Olivier2011 Groentje

Olivier2011

Geplaatst:
  • Auteur
Geplaatst:

Hallo,

Ik weet niet zeker of ik norton op deze pc heb gehad, en anders heb ik die eraf gehaald. Toen ben ik overgestapt naar AVG maar ik hoorde dat je pc na een tijdje daarvan crasht dus toen heb ik besloten om Antivira te downloaden en dat werkte prima totdat er uit niets die norton security scan opdook, en niet weg wilden.

Dit is het logje van de ComboFix.

ComboFix 10-09-01.04 - Olivier 02-09-2010 16:12:48.1.4 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.2045.1241 [GMT 2:00]

Gestart vanuit: c:\users\Olivier\Desktop\ComboFix.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-08-02 to 2010-09-02 ))))))))))))))))))))))))))))))

.

2010-09-02 14:18 . 2010-09-02 14:18 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-08-29 22:28 . 2010-08-29 22:28 -------- d-----w- c:\programdata\Norton

2010-08-29 22:28 . 2010-08-29 22:28 -------- d-----w- c:\windows\system32\drivers\NSS

2010-08-29 22:28 . 2010-08-29 22:28 -------- d-----w- c:\programdata\Symantec

2010-08-29 22:28 . 2010-08-29 22:28 -------- d-----w- c:\program files\Norton Security Scan

2010-08-29 22:28 . 2010-08-29 22:28 -------- d-----w- c:\programdata\NortonInstaller

2010-08-29 22:28 . 2010-08-29 22:28 -------- d-----w- c:\program files\NortonInstaller

2010-08-29 19:52 . 2010-09-02 13:50 -------- d-----w- c:\program files\Common Files\Steam

2010-08-29 19:52 . 2010-09-02 13:53 -------- d-----w- c:\program files\Steam

2010-08-29 19:32 . 2010-08-29 19:32 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll

2010-08-29 19:29 . 2010-08-29 19:29 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe

2010-08-29 19:29 . 2010-08-29 19:29 -------- d-----w- c:\program files\Common Files\DivX Shared

2010-08-29 19:29 . 2010-08-29 19:29 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe

2010-08-29 19:28 . 2010-08-29 19:30 -------- d-----w- c:\program files\DivX

2010-08-29 19:27 . 2010-08-29 19:27 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe

2010-08-29 19:27 . 2010-08-29 19:30 -------- d-----w- c:\programdata\DivX

2010-08-29 17:25 . 2010-08-29 17:25 -------- d-----w- c:\program files\Common Files\Java

2010-08-29 17:24 . 2010-08-29 17:24 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-08-29 17:24 . 2010-08-29 17:24 -------- d-----w- c:\program files\Java

2010-08-22 20:13 . 2010-09-02 14:00 -------- d-----w- c:\users\Olivier\AppData\Roaming\skypePM

2010-08-22 20:13 . 2010-09-02 14:09 -------- d-----w- c:\users\Olivier\AppData\Roaming\Skype

2010-08-22 20:12 . 2010-08-22 20:12 -------- d-----w- c:\program files\Common Files\Skype

2010-08-22 20:12 . 2010-08-22 20:13 -------- d-----r- c:\program files\Skype

2010-08-22 20:12 . 2010-08-22 20:12 -------- d-----w- c:\programdata\Skype

2010-08-20 18:43 . 2010-08-20 18:43 -------- d-----w- c:\program files\City Interactive

2010-08-19 13:24 . 2010-08-19 13:24 -------- d-----w- c:\program files\Paradox Interactive

2010-08-19 01:02 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll

2010-08-19 01:02 . 2010-04-14 17:46 428544 ----a-w- c:\windows\system32\EncDec.dll

2010-08-19 01:02 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-08-19 01:02 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-08-19 01:02 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-08-19 01:02 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-08-19 01:02 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-08-18 16:17 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll

2010-08-18 15:58 . 2010-08-18 15:58 -------- d-----w- c:\program files\PowerISO

2010-08-18 01:49 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2010-08-18 01:49 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2010-08-18 01:49 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2010-08-18 01:49 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2010-08-18 01:49 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2010-08-18 01:41 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2010-08-18 01:41 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2010-08-16 22:39 . 2010-08-16 22:39 -------- d-----w- c:\program files\Microsoft Silverlight

2010-08-16 22:29 . 2010-09-02 13:49 -------- d-----w- c:\program files\uTorrent

2010-08-16 22:28 . 2010-08-29 22:57 -------- d-----w- c:\users\Olivier\AppData\Roaming\uTorrent

2010-08-16 22:08 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll

2010-08-16 22:01 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll

2010-08-16 22:01 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll

2010-08-16 22:01 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-02 13:54 . 2008-01-21 06:47 667114 ----a-w- c:\windows\system32\perfh013.dat

2010-09-02 13:54 . 2008-01-21 06:47 126648 ----a-w- c:\windows\system32\perfc013.dat

2010-09-02 13:50 . 2010-08-01 22:35 35093 ----a-w- c:\programdata\nvModes.dat

2010-08-29 19:33 . 2010-08-29 19:30 -------- d-----w- c:\users\Olivier\AppData\Roaming\DivX

2010-08-22 20:13 . 2010-08-22 20:13 56 ---ha-w- c:\programdata\ezsidmv.dat

2010-08-19 13:24 . 2010-07-27 20:52 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-08-19 13:24 . 2010-07-27 20:52 -------- d-----w- c:\program files\Common Files\InstallShield

2010-08-18 01:39 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-08-16 21:43 . 2010-07-27 20:49 49168 ----a-w- c:\users\Olivier\AppData\Local\GDIPFONTCACHEV1.DAT

2010-08-03 01:27 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2010-08-01 22:33 . 2010-08-01 22:33 -------- d-----w- c:\programdata\NVIDIA

2010-08-01 21:44 . 2010-07-27 20:49 680 ----a-w- c:\users\Olivier\AppData\Local\d3d9caps.dat

2010-08-01 20:11 . 2010-07-27 21:31 -------- d-----w- c:\users\Olivier\AppData\Roaming\Apple Computer

2010-08-01 20:11 . 2010-08-01 20:11 -------- d-----w- c:\program files\NVIDIA Corporation

2010-07-27 21:30 . 2010-07-27 21:30 -------- d-----w- c:\program files\iTunes

2010-07-27 21:30 . 2010-07-27 21:30 -------- d-----w- c:\program files\iPod

2010-07-27 21:30 . 2010-07-27 21:24 -------- d-----w- c:\programdata\Apple Computer

2010-07-27 21:30 . 2010-07-27 21:23 -------- d-----w- c:\program files\Common Files\Apple

2010-07-27 21:27 . 2010-07-27 21:23 -------- d-----w- c:\program files\Windows Live

2010-07-27 21:26 . 2010-07-27 21:25 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-07-27 21:25 . 2010-07-27 21:24 -------- d-----w- c:\program files\QuickTime

2010-07-27 21:24 . 2010-07-27 21:24 -------- d-----w- c:\program files\Apple Software Update

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\programdata\Apple

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\program files\Bonjour

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\program files\Microsoft

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\program files\Windows Live SkyDrive

2010-07-27 21:18 . 2010-07-27 21:18 -------- d-----w- c:\program files\Common Files\Windows Live

2010-07-27 21:11 . 2010-07-27 21:11 552 ----a-w- c:\users\Olivier\AppData\Local\d3d8caps.dat

2010-07-27 21:04 . 2010-07-27 21:04 -------- d-----w- c:\users\Olivier\AppData\Roaming\Avira

2010-07-27 21:01 . 2010-07-27 21:01 -------- d-----w- c:\programdata\Avira

2010-07-27 21:01 . 2010-07-27 21:01 -------- d-----w- c:\program files\Avira

2010-07-27 20:53 . 2010-07-27 20:52 -------- d-----w- c:\program files\Sweex

2010-07-27 20:53 . 2010-07-27 20:53 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Sjablonen

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Menu Start

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Favorieten

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Documenten

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Bureaublad

2010-07-27 20:38 . 2010-07-27 20:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2010-07-26 20:21 . 2009-04-10 16:39 318 ----a-w- C:\sccfg.sys

2010-07-21 14:30 . 2010-07-21 14:30 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe

2010-06-28 16:17 . 2010-08-16 22:07 833024 ----a-w- c:\windows\system32\wininet.dll

2010-06-28 16:13 . 2010-08-16 22:07 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-06-21 13:18 . 2010-08-16 22:07 2036736 ----a-w- c:\windows\system32\win32k.sys

2010-06-18 16:43 . 2010-08-16 22:07 36352 ----a-w- c:\windows\system32\rtutils.dll

2010-06-18 14:43 . 2010-08-16 22:07 302080 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-18 14:43 . 2010-08-16 22:07 144896 ----a-w- c:\windows\system32\drivers\srv2.sys

2010-06-16 15:59 . 2010-08-16 22:07 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2010-06-11 15:31 . 2010-08-16 22:07 274432 ----a-w- c:\windows\system32\schannel.dll

2010-06-11 15:30 . 2010-08-16 22:07 1257472 ----a-w- c:\windows\system32\msxml3.dll

2010-06-08 17:00 . 2010-08-16 22:07 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-06-08 17:00 . 2010-08-16 22:07 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]

"Google Update"="c:\users\Olivier\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-07-27 136176]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

"Steam"="c:\program files\Steam\Steam.exe" [2010-08-29 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Sweex WiFi Utility.lnk - c:\program files\Sweex\Installer\Win2k\SWU.exe [2010-7-27 598016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]

.

Inhoud van de 'Gedeelde Taken' map

2010-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1644316262-2045291656-1657216562-1000Core.job

- c:\users\Olivier\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 21:07]

2010-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1644316262-2045291656-1657216562-1000UA.job

- c:\users\Olivier\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 21:07]

2010-09-02 c:\windows\Tasks\Norton Security Scan for Olivier.job

- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-08-29 07:48]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-09-02 16:18

Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2010-09-02 16:20:21

ComboFix-quarantined-files.txt 2010-09-02 14:20

Pre-Run: 59.963.392.000 bytes beschikbaar

Post-Run: 59.576.356.864 bytes beschikbaar

- - End Of File - - ECEBBEFB7F26B0E500F36C341E33C286

MVG

Olivier2011

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\sccfg.sys

c:\windows\Tasks\Norton Security Scan for Olivier.job

c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

Folder::

c:\programdata\Norton

c:\windows\system32\drivers\NSS

c:\programdata\Symantec

c:\program files\Norton Security Scan

c:\programdata\NortonInstaller

c:\program files\NortonInstaller

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht ... en laat eens weten of je nog iets van Norton ontdekt ?

Link naar reactie
Delen op andere sites
Olivier2011 Groentje

Olivier2011

Geplaatst:
  • Auteur
Geplaatst:

ik zie norton niet meer bij mijn programma's staan dus in principe zou hij weg moeten zijn.

Dit is het logje:

ComboFix 10-09-01.04 - Olivier 02-09-2010 20:11:09.2.4 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.2045.1334 [GMT 2:00]

Gestart vanuit: c:\users\Olivier\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Olivier\Desktop\CFScript.txt

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::

"c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe"

"C:\sccfg.sys"

"c:\windows\Tasks\Norton Security Scan for Olivier.job"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Norton Security Scan

c:\program files\Norton Security Scan\Engine\2.7.3.34\{2A85E335-7417-424d-AD89-31DED1689794}.dat

c:\program files\Norton Security Scan\Engine\2.7.3.34\{407D1C08-B366-4aca-92FB-E04E97F6681D}.dat

c:\program files\Norton Security Scan\Engine\2.7.3.34\BilBDRes.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ccL80U.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ccScanw.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ccVrTrst.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\dec_abi.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\DefLoad.exe

c:\program files\Norton Security Scan\Engine\2.7.3.34\DefUtDCD.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\diLueCbk.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ecmldr32.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\HeartBt.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\help.htm

c:\program files\Norton Security Scan\Engine\2.7.3.34\Microsoft.VC80.CRT.manifest

c:\program files\Norton Security Scan\Engine\2.7.3.34\msl.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\msvcp80.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\msvcr80.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

c:\program files\Norton Security Scan\Engine\2.7.3.34\patch25d.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\PrdDtRes.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ReputationCacheDB.db

c:\program files\Norton Security Scan\Engine\2.7.3.34\RevList.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\SAUpdt.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ScanCore.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ScanRes.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\ScanText.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\SKUCfg.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\SKURes.dll

c:\program files\Norton Security Scan\Engine\2.7.3.34\SymHTML.dll

c:\program files\Norton Security Scan\isolate.ini

c:\program files\NortonInstaller

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\13\01\InstUI.loc

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\ccL80U.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\ccSet.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\Engine.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\extract.dat

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\fallback.dat

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\finalzed.dat

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\Install.mft

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\InstStub.exe

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\InstUI.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\layout.dat

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\Lue.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\Microsoft.VC80.CRT\msvcm80.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\Microsoft.VC80.CRT\msvcp80.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\Microsoft.VC80.CRT\msvcr80.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\ProdCbk.dll

c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\SKUCfg.dll

c:\programdata\Norton

c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\isolate.ini

c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\Module9000.txt

c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\Norton\Connections\connections.dat

c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\Norton\itbLUReg\{65190544-26C3-43a4-A78A-694964901607}.dat

c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\Norton\itbLUReg\{6E3396BD-C6A6-4f0f-9254-267F9058FEC4}.dat

c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\Norton\itbLUReg\{71B3DD3A-BC1F-40cc-A74F-C0C30DFCE7D5}.dat

c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\Norton\itbLUReg\{D4F4CC32-7A41-4684-AE57-41E59E9B4503}.dat

c:\programdata\Norton\symdata.xml

c:\programdata\NortonInstaller

c:\programdata\NortonInstaller\Logs\08-30-2010-00h28m37s\Install.1.mft.7z

c:\programdata\NortonInstaller\Logs\08-30-2010-00h28m37s\NortonInstall-08-30-2010-00h28m37s.log

c:\programdata\NortonInstaller\Logs\08-30-2010-00h44m08s\NortonInstall-08-30-2010-00h44m08s.log

c:\programdata\NortonInstaller\Logs\Url.txt

c:\programdata\Symantec

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\catalog.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\cceraser.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\ecmsvr32.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\eeCtrl.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\ERASER.grd

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\ERASER.sig

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\ERASER.spm

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\ERASER.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\ESRDEF.BIN

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\HH

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\naveng.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\naveng32.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\navex15.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\navex32a.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\ncsacert.txt

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\scrauth.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\symaveng.cat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\symaveng.inf

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\SymErase.cat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\SymErase.inf

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\TCDEFS.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\TCSCAN7.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\TCSCAN8.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\TCSCAN9.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\technote.txt

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\TINF.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\tinfidx.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\TINFL.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\TSCAN1.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\tscan1hd.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\V.GRD

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\V.SIG

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN.INF

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN1.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN2.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN3.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN4.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN5.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN6.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN7.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN8.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\VIRSCAN9.DAT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\WHATSNEW.TXT

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100902.004\zdone.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\catalog.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\cceraser.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ecmsvr32.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\eeCtrl.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ERASER.grd

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ERASER.sig

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ERASER.spm

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ERASER.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\esrdef.bin

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\hh

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\naveng.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\naveng32.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\navex15.sys

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\navex32a.dll

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ncsacert.txt

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\scrauth.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\symaveng.cat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\symaveng.inf

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\SymErase.cat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\SymErase.inf

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tcdefs.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tcscan7.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tcscan8.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tcscan9.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\technote.txt

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tinf.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tinfidx.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tinfl.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tscan1.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\tscan1hd.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\v.grd

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\v.sig

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan.inf

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan1.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan2.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan3.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan4.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan5.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan6.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan7.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan8.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\virscan9.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\whatsnew.txt

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\zdone.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\definfo.dat

c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\usage.dat

c:\programdata\Symantec\symdata.xml

C:\sccfg.sys

c:\windows\system32\drivers\NSS

c:\windows\system32\drivers\NSS\0207030.022\isolate.ini

c:\windows\Tasks\Norton Security Scan for Olivier.job

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-08-02 to 2010-09-02 ))))))))))))))))))))))))))))))

.

2010-09-02 18:15 . 2010-09-02 18:15 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-09-02 18:15 . 2010-09-02 18:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-08-29 19:52 . 2010-09-02 14:27 -------- d-----w- c:\program files\Common Files\Steam

2010-08-29 19:52 . 2010-09-02 14:27 -------- d-----w- c:\program files\Steam

2010-08-29 19:32 . 2010-08-29 19:32 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll

2010-08-29 19:29 . 2010-08-29 19:29 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe

2010-08-29 19:29 . 2010-08-29 19:29 -------- d-----w- c:\program files\Common Files\DivX Shared

2010-08-29 19:29 . 2010-08-29 19:29 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe

2010-08-29 19:28 . 2010-08-29 19:30 -------- d-----w- c:\program files\DivX

2010-08-29 19:27 . 2010-08-29 19:27 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe

2010-08-29 19:27 . 2010-08-29 19:30 -------- d-----w- c:\programdata\DivX

2010-08-29 17:25 . 2010-08-29 17:25 -------- d-----w- c:\program files\Common Files\Java

2010-08-29 17:24 . 2010-08-29 17:24 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-08-29 17:24 . 2010-08-29 17:24 -------- d-----w- c:\program files\Java

2010-08-22 20:13 . 2010-09-02 14:00 -------- d-----w- c:\users\Olivier\AppData\Roaming\skypePM

2010-08-22 20:13 . 2010-09-02 14:26 -------- d-----w- c:\users\Olivier\AppData\Roaming\Skype

2010-08-22 20:12 . 2010-08-22 20:12 -------- d-----w- c:\program files\Common Files\Skype

2010-08-22 20:12 . 2010-08-22 20:13 -------- d-----r- c:\program files\Skype

2010-08-22 20:12 . 2010-08-22 20:12 -------- d-----w- c:\programdata\Skype

2010-08-20 18:43 . 2010-08-20 18:43 -------- d-----w- c:\program files\City Interactive

2010-08-19 13:24 . 2010-08-19 13:24 -------- d-----w- c:\program files\Paradox Interactive

2010-08-19 01:02 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll

2010-08-19 01:02 . 2010-04-14 17:46 428544 ----a-w- c:\windows\system32\EncDec.dll

2010-08-19 01:02 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-08-19 01:02 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-08-19 01:02 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-08-19 01:02 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-08-19 01:02 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-08-18 16:17 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll

2010-08-18 15:58 . 2010-08-18 15:58 -------- d-----w- c:\program files\PowerISO

2010-08-18 01:49 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2010-08-18 01:49 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2010-08-18 01:49 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2010-08-18 01:49 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2010-08-18 01:49 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2010-08-18 01:41 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2010-08-18 01:41 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2010-08-16 22:39 . 2010-08-16 22:39 -------- d-----w- c:\program files\Microsoft Silverlight

2010-08-16 22:29 . 2010-09-02 13:49 -------- d-----w- c:\program files\uTorrent

2010-08-16 22:28 . 2010-09-02 18:09 -------- d-----w- c:\users\Olivier\AppData\Roaming\uTorrent

2010-08-16 22:08 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll

2010-08-16 22:01 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll

2010-08-16 22:01 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll

2010-08-16 22:01 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-02 16:20 . 2010-09-02 16:20 -------- d-----w- c:\program files\Common Files\Symantec Shared

2010-09-02 14:30 . 2008-01-21 06:47 667114 ----a-w- c:\windows\system32\perfh013.dat

2010-09-02 14:30 . 2008-01-21 06:47 126648 ----a-w- c:\windows\system32\perfc013.dat

2010-09-02 14:26 . 2010-08-01 22:35 35093 ----a-w- c:\programdata\nvModes.dat

2010-08-29 19:33 . 2010-08-29 19:30 -------- d-----w- c:\users\Olivier\AppData\Roaming\DivX

2010-08-22 20:13 . 2010-08-22 20:13 56 ---ha-w- c:\programdata\ezsidmv.dat

2010-08-19 13:24 . 2010-07-27 20:52 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-08-19 13:24 . 2010-07-27 20:52 -------- d-----w- c:\program files\Common Files\InstallShield

2010-08-18 01:39 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-08-16 21:43 . 2010-07-27 20:49 49168 ----a-w- c:\users\Olivier\AppData\Local\GDIPFONTCACHEV1.DAT

2010-08-03 01:27 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2010-08-01 22:33 . 2010-08-01 22:33 -------- d-----w- c:\programdata\NVIDIA

2010-08-01 21:44 . 2010-07-27 20:49 680 ----a-w- c:\users\Olivier\AppData\Local\d3d9caps.dat

2010-08-01 20:11 . 2010-07-27 21:31 -------- d-----w- c:\users\Olivier\AppData\Roaming\Apple Computer

2010-08-01 20:11 . 2010-08-01 20:11 -------- d-----w- c:\program files\NVIDIA Corporation

2010-07-27 21:30 . 2010-07-27 21:30 -------- d-----w- c:\program files\iTunes

2010-07-27 21:30 . 2010-07-27 21:30 -------- d-----w- c:\program files\iPod

2010-07-27 21:30 . 2010-07-27 21:24 -------- d-----w- c:\programdata\Apple Computer

2010-07-27 21:30 . 2010-07-27 21:23 -------- d-----w- c:\program files\Common Files\Apple

2010-07-27 21:27 . 2010-07-27 21:23 -------- d-----w- c:\program files\Windows Live

2010-07-27 21:26 . 2010-07-27 21:25 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-07-27 21:25 . 2010-07-27 21:24 -------- d-----w- c:\program files\QuickTime

2010-07-27 21:24 . 2010-07-27 21:24 -------- d-----w- c:\program files\Apple Software Update

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\programdata\Apple

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\program files\Bonjour

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\program files\Microsoft

2010-07-27 21:23 . 2010-07-27 21:23 -------- d-----w- c:\program files\Windows Live SkyDrive

2010-07-27 21:18 . 2010-07-27 21:18 -------- d-----w- c:\program files\Common Files\Windows Live

2010-07-27 21:11 . 2010-07-27 21:11 552 ----a-w- c:\users\Olivier\AppData\Local\d3d8caps.dat

2010-07-27 21:04 . 2010-07-27 21:04 -------- d-----w- c:\users\Olivier\AppData\Roaming\Avira

2010-07-27 21:01 . 2010-07-27 21:01 -------- d-----w- c:\programdata\Avira

2010-07-27 21:01 . 2010-07-27 21:01 -------- d-----w- c:\program files\Avira

2010-07-27 20:53 . 2010-07-27 20:52 -------- d-----w- c:\program files\Sweex

2010-07-27 20:53 . 2010-07-27 20:53 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Sjablonen

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Menu Start

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Favorieten

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Documenten

2010-07-27 20:47 . 2010-07-27 20:47 -------- d-sh--we c:\programdata\Bureaublad

2010-07-27 20:38 . 2010-07-27 20:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2010-07-21 14:30 . 2010-07-21 14:30 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe

2010-06-28 16:17 . 2010-08-16 22:07 833024 ----a-w- c:\windows\system32\wininet.dll

2010-06-28 16:13 . 2010-08-16 22:07 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-06-21 13:18 . 2010-08-16 22:07 2036736 ----a-w- c:\windows\system32\win32k.sys

2010-06-18 16:43 . 2010-08-16 22:07 36352 ----a-w- c:\windows\system32\rtutils.dll

2010-06-18 14:43 . 2010-08-16 22:07 302080 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-18 14:43 . 2010-08-16 22:07 144896 ----a-w- c:\windows\system32\drivers\srv2.sys

2010-06-16 15:59 . 2010-08-16 22:07 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2010-06-11 15:31 . 2010-08-16 22:07 274432 ----a-w- c:\windows\system32\schannel.dll

2010-06-11 15:30 . 2010-08-16 22:07 1257472 ----a-w- c:\windows\system32\msxml3.dll

2010-06-08 17:00 . 2010-08-16 22:07 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-06-08 17:00 . 2010-08-16 22:07 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe

.

((((((((((((((((((((((((((((( SnapShot@2010-09-02_14.18.54 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-01-21 01:58 . 2010-09-02 14:27 29724 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2006-11-02 13:05 . 2010-09-02 14:27 59156 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2010-08-18 14:22 . 2010-08-29 15:31 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-08-18 14:22 . 2010-09-02 14:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-18 14:22 . 2010-08-29 15:31 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-08-18 14:22 . 2010-09-02 14:26 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-08-18 14:22 . 2010-08-29 15:31 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-08-18 14:22 . 2010-09-02 14:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-07-27 20:51 . 2010-09-02 13:51 3834 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1644316262-2045291656-1657216562-1000_UserData.bin

+ 2010-07-27 20:51 . 2010-09-02 14:27 3834 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1644316262-2045291656-1657216562-1000_UserData.bin

+ 2010-09-02 14:26 . 2010-09-02 14:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2010-08-29 15:31 . 2010-09-02 13:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2010-08-29 15:31 . 2010-09-02 13:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-09-02 14:26 . 2010-09-02 14:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2006-11-02 10:33 . 2010-09-02 14:30 586980 c:\windows\System32\perfh009.dat

- 2006-11-02 10:33 . 2010-09-02 13:54 586980 c:\windows\System32\perfh009.dat

+ 2006-11-02 10:33 . 2010-09-02 14:30 101052 c:\windows\System32\perfc009.dat

- 2006-11-02 10:33 . 2010-09-02 13:54 101052 c:\windows\System32\perfc009.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]

"Google Update"="c:\users\Olivier\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-07-27 136176]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

"Steam"="c:\program files\Steam\Steam.exe" [2010-08-29 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Sweex WiFi Utility.lnk - c:\program files\Sweex\Installer\Win2k\SWU.exe [2010-7-27 598016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - EECTRL

.

Inhoud van de 'Gedeelde Taken' map

2010-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1644316262-2045291656-1657216562-1000Core.job

- c:\users\Olivier\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 21:07]

2010-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1644316262-2045291656-1657216562-1000UA.job

- c:\users\Olivier\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 21:07]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-NSS - c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\InstStub.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-09-02 20:15

Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2010-09-02 20:17:31

ComboFix-quarantined-files.txt 2010-09-02 18:17

ComboFix2.txt 2010-09-02 14:20

Pre-Run: 50.827.460.608 bytes beschikbaar

Post-Run: 50.797.199.360 bytes beschikbaar

- - End Of File - - 1EEDA3ABFF61D0E736E9E5DEA8A2485E

Alvast heeeeeeeellll erg bedankt

MVG

Olivier2011

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Uitstekend ... dan mag je dit nog even doen :

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download hier CCleaner en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

That's it !

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.