Ga naar inhoud

Internet dipjes

beldinho

Door beldinho
in Archief Internet & Netwerk

 Delen

Aanbevolen berichten

beldinho Groentje

beldinho

Geplaatst:
  • Auteur
Geplaatst:

Het kostte even tijd want combofix vond het niet zo leuk dat ik ook AVG virusscanner had geinstalleerd, maar volgens mij is het gelukt:

Combofix:

ComboFix 11-03-02.05 - Beld 03-03-2011 18:13:04.3.2 - x86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2046.1780 [GMT 1:00]

Gestart vanuit: d:\documents and settings\Beld\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: d:\documents and settings\Beld\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoveLeft_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoveRight_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\EngineSettings.json

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&locale=nl-nl.xml

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&locale=nl-nl.xml

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&locale=nl-nl.xml

d:\documents and settings\Beld\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0&locale=nl-nl.xml

d:\program files\ConduitEngine

d:\program files\ConduitEngine\appContextMenu.xml

d:\program files\ConduitEngine\ConduitEngineHelper.exe

d:\program files\ConduitEngine\ConduitEngineUninstall.exe

d:\program files\ConduitEngine\engineContextMenu.xml

d:\program files\ConduitEngine\EngineSettings.json

d:\program files\ConduitEngine\INSTALL.LOG

d:\program files\ConduitEngine\toolbar.cfg

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-02-03 to 2011-03-03 ))))))))))))))))))))))))))))))

.

2011-03-03 17:05 . 2011-03-03 17:05 -------- d-----w- d:\windows\LastGood

2011-03-03 15:34 . 2011-03-03 15:34 -------- d-----w- d:\documents and settings\Beld\Application Data\AVG10

2011-03-03 15:32 . 2011-03-03 15:32 -------- d--h--w- d:\documents and settings\All Users\Application Data\Common Files

2011-03-03 15:31 . 2011-03-03 17:06 -------- d-----w- d:\documents and settings\All Users\Application Data\AVG10

2011-03-03 15:22 . 2011-03-03 15:30 -------- d-----w- d:\documents and settings\All Users\Application Data\MFAData

2011-03-03 13:48 . 2011-03-03 13:48 -------- d-----w- d:\program files\DsNET Corp

2011-03-03 12:21 . 2011-03-03 12:21 388096 ----a-r- d:\documents and settings\Beld\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-03-03 12:21 . 2011-03-03 12:21 -------- d-----w- d:\program files\Trend Micro

2011-03-01 22:55 . 2011-03-01 22:55 -------- d-----w- d:\documents and settings\Beld\Application Data\Leadertech

2011-02-25 19:47 . 2011-02-25 19:47 -------- d-----w- d:\documents and settings\CURRENT_USER

2011-02-09 10:47 . 2011-02-09 10:47 -------- d-----w- d:\documents and settings\Beld\Application Data\gtk-2.0

2011-02-09 10:44 . 2011-02-09 10:44 -------- d-----w- d:\documents and settings\Beld\.thumbnails

2011-02-08 12:52 . 2008-11-10 10:41 32656 ----a-w- d:\windows\system32\msonpmon.dll

2011-02-08 12:52 . 2006-10-26 18:56 33104 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

2011-02-08 12:48 . 2011-02-09 08:48 -------- d-----w- d:\program files\Microsoft Works

2011-02-08 12:42 . 2011-02-08 12:47 -------- d-----w- d:\windows\SHELLNEW

2011-02-08 12:41 . 2011-02-08 12:41 -------- d-----r- D:\MSOCache

2011-02-08 11:07 . 2011-02-09 10:50 -------- d-----w- d:\documents and settings\Beld\.gimp-2.6

2011-02-08 11:06 . 2011-02-08 11:06 -------- d-----w- d:\program files\GIMP-2.0

2011-02-04 09:49 . 2011-02-04 09:49 -------- d-----w- d:\documents and settings\Beld\Local Settings\Application Data\Temp

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-01-21 14:44 . 2008-04-15 12:00 441344 ----a-w- d:\windows\system32\shimgvw.dll

2011-01-07 14:09 . 2008-04-15 12:00 290048 ----a-w- d:\windows\system32\atmfd.dll

2011-01-02 17:02 . 2011-01-02 17:02 40960 ----a-r- d:\documents and settings\Beld\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe

2011-01-02 17:02 . 2011-01-02 17:02 40960 ----a-r- d:\documents and settings\Beld\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe

2010-12-31 14:04 . 2008-04-15 12:00 1855104 ----a-w- d:\windows\system32\win32k.sys

2010-12-22 12:34 . 2008-04-15 12:00 301568 ----a-w- d:\windows\system32\kerberos.dll

2010-12-20 22:15 . 2008-04-15 12:00 670208 ----a-w- d:\windows\system32\wininet.dll

2010-12-20 22:15 . 2008-04-15 12:00 61952 ----a-w- d:\windows\system32\tdc.ocx

2010-12-20 22:15 . 2008-04-15 12:00 81920 ----a-w- d:\windows\system32\ieencode.dll

2010-12-20 22:13 . 2008-04-15 12:00 371712 ----a-w- d:\windows\system32\html.iec

2010-12-20 17:25 . 2008-04-15 12:00 735232 ----a-w- d:\windows\system32\lsasrv.dll

2010-12-20 17:09 . 2011-01-11 20:31 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys

2010-12-20 17:08 . 2011-01-11 20:31 20952 ----a-w- d:\windows\system32\drivers\mbam.sys

2010-12-09 15:15 . 2008-04-15 12:00 739328 ----a-w- d:\windows\system32\ntdll.dll

2010-12-09 15:14 . 2008-04-14 22:11 2031616 ----a-w- d:\windows\system32\ntkrnlpa.exe

2010-12-09 15:14 . 2008-04-15 12:00 2153472 ----a-w- d:\windows\system32\ntoskrnl.exe

2010-12-09 14:30 . 2008-04-15 12:00 33280 ----a-w- d:\windows\system32\csrsrv.dll

.

((((((((((((((((((((((((((((( SnapShot@2011-03-03_13.44.47 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-11 23:02 . 2009-07-11 23:02 51008 d:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 59728 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 42832 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 43344 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 61264 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 62800 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 61760 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 61776 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 53568 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 63296 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 36688 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 35648 d:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll

+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 d:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll

+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 d:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll

+ 2008-04-15 12:00 . 2011-03-03 17:13 86866 d:\windows\system32\perfc013.dat

+ 2008-04-15 12:00 . 2011-03-03 17:13 68156 d:\windows\system32\perfc009.dat

+ 2008-08-19 00:18 . 2008-08-19 00:18 77824 d:\windows\system32\fmcodec.DLL

+ 2011-03-03 17:05 . 2010-09-07 02:48 26064 d:\windows\LastGood\system32\DRIVERS\avgrkx86.sys

+ 2011-03-03 17:05 . 2010-09-07 02:48 34384 d:\windows\LastGood\system32\DRIVERS\avgmfx86.sys

+ 2011-03-03 17:05 . 2010-08-03 14:23 26192 d:\windows\LastGood\system32\DRIVERS\AVGIDSShim.sys

+ 2011-03-03 17:05 . 2010-08-03 14:23 30288 d:\windows\LastGood\system32\DRIVERS\AVGIDSFilter.sys

+ 2011-03-03 17:05 . 2010-09-13 14:27 25680 d:\windows\LastGood\system32\DRIVERS\AVGIDSEH.sys

+ 2009-07-11 23:02 . 2009-07-11 23:02 653120 d:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 569664 d:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll

+ 2009-07-11 23:05 . 2009-07-11 23:05 225280 d:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll

+ 2008-04-15 12:00 . 2011-03-03 17:13 501816 d:\windows\system32\perfh013.dat

+ 2008-04-15 12:00 . 2011-03-03 17:13 435260 d:\windows\system32\perfh009.dat

+ 2011-03-03 17:05 . 2010-11-12 12:19 299984 d:\windows\LastGood\system32\DRIVERS\avgtdix.sys

+ 2011-03-03 17:05 . 2010-12-08 03:12 251728 d:\windows\LastGood\system32\DRIVERS\avgldx86.sys

+ 2011-03-03 17:05 . 2010-08-03 14:23 123472 d:\windows\LastGood\system32\DRIVERS\AVGIDSDriver.sys

+ 2011-03-03 15:30 . 2011-03-03 15:30 219648 d:\windows\Installer\a94c1.msi

+ 2009-07-11 23:02 . 2009-07-11 23:02 3780424 d:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll

+ 2009-07-11 23:02 . 2009-07-11 23:02 3765048 d:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll

+ 2011-03-03 15:32 . 2011-03-03 15:32 3277312 d:\windows\Installer\a94c9.msi

+ 2011-03-03 15:30 . 2011-03-03 15:30 1568768 d:\windows\Installer\a94c5.msi

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

"3RVX"="d:\program files\3RVX\3RVX.exe" [2008-10-13 159232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelZeroConfig"="d:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-11-03 1372160]

"IntelWireless"="d:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-11-03 1202448]

"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2010-10-16 110696]

"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2010-10-16 13851752]

"NVHotkey"="nvHotkey.dll" [2010-10-16 178792]

"nwiz"="d:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]

"KADxMain"="d:\windows\system32\KADxMain.exe" [2006-11-02 282624]

"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Apoint"="d:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]

"Acrobat Assistant 8.0"="d:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]

"AdobeCS4ServiceManager"="d:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-06-08 611712]

"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"Iomega Home Storage Manager"="d:\program files\Iomega\Home Storage Manager\Iomega Discovery.exe" [2009-10-27 152936]

"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Speed Launcher.lnk]

path=d:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Speed Launcher.lnk

backup=d:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Synchronizer.lnk]

path=d:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Synchronizer.lnk

backup=d:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^OpenVPN GUI.lnk]

path=d:\documents and settings\All Users\Menu Start\Programma's\Opstarten\OpenVPN GUI.lnk

backup=d:\windows\pss\OpenVPN GUI.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^Beld^Menu Start^Programma's^Opstarten^MagicDisc.lnk]

path=d:\documents and settings\Beld\Menu Start\Programma's\Opstarten\MagicDisc.lnk

backup=d:\windows\pss\MagicDisc.lnkStartup

[HKLM\~\startupfolder\D:^Documents and Settings^Beld^Menu Start^Programma's^Opstarten^OpenOffice.org 3.2 .lnk]

path=d:\documents and settings\Beld\Menu Start\Programma's\Opstarten\OpenOffice.org 3.2 .lnk

backup=d:\windows\pss\OpenOffice.org 3.2 .lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-09-20 22:07 932288 ----a-r- d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-12-13 16:16 421160 ----a-w- d:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2011-02-04 09:48 395640 ----a-w- d:\program files\uTorrent\uTorrent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"d:\\Program Files\\Messenger\\msmsgs.exe"=

"d:\\Program Files\\uTorrent\\uTorrent.exe"=

"d:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"=

"d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"d:\\Program Files\\KONAMI\\Pro Evolution Soccer 2011\\pes2011.exe"=

"d:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"d:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"d:\\Program Files\\iTunes\\iTunes.exe"=

"d:\\wamp\\bin\\apache\\Apache2.2.17\\bin\\httpd.exe"=

"d:\\Program Files\\Iomega\\Home Storage Manager\\Iomega Discovery.exe"=

"d:\\Program Files\\Iomega\\Home Storage Manager\\Iomega Storage Manager.exe"=

"d:\\Program Files\\TmNationsForever\\TmForever.exe"=

"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"d:\\Program Files\\EA Sports\\FIFA 11\\Game\\fifa.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5353:TCP"= 5353:TCP:Adobe CSI CS4

S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [4-11-2010 19:03 691696]

S1 nltdi;nltdi;d:\windows\system32\drivers\nltdi.sys [25-3-2010 9:49 82360]

S2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;d:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [19-12-2006 14:21 79432]

S2 Remote Solver for Flow Simulation 2010;Remote Solver for Flow Simulation 2010;d:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [23-11-2009 19:48 71464]

S3 BCM42XX;Broadcom iLine10-networkadapterstuurprogramma;d:\windows\system32\drivers\bcm42xx5.sys [5-1-2011 11:56 54271]

S3 BCM44X2;Stuurprogramma voor BCM 10/100 ethernet-netwerkadapter;d:\windows\system32\drivers\BCM4E5.SYS [5-1-2011 11:55 26568]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;d:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [20-1-2010 0:59 87336]

S3 DXEC01;DXEC01;d:\windows\system32\drivers\dxec01.sys [2-11-2006 12:32 97536]

S3 NLNdisMP;NLNdisMP;d:\windows\system32\DRIVERS\nlndis.sys --> d:\windows\system32\DRIVERS\nlndis.sys [?]

S3 NLNdisPT;NetLimiter Ndis Protocol Service;d:\windows\system32\DRIVERS\nlndis.sys --> d:\windows\system32\DRIVERS\nlndis.sys [?]

S4 msvsmon80;Visual Studio 2005 Remote Debugger;d:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23-9-2005 7:01 2799808]

.

Inhoud van de 'Gedeelde Taken' map

2011-01-11 d:\windows\Tasks\AppleSoftwareUpdate.job

- d:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]

2011-03-03 d:\windows\Tasks\WGASetup.job

- d:\windows\system32\KB905474\wgasetup.exe [2010-11-05 21:18]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: Append to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

FF - ProfilePath - d:\documents and settings\Beld\Application Data\Mozilla\Firefox\Profiles\pr78huro.default\

FF - prefs.js: browser.startup.homepage - google.nl

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.

- - - - ORPHANS VERWIJDERD - - - -

MSConfigStartUp-AVG_TRAY - d:\program files\AVG\AVG10\avgtray.exe

AddRemove-conduitEngine - d:\progra~1\CONDUI~1\ConduitEngineUninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-03-03 18:20

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(240)

d:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

d:\windows\system32\netprovcredman.dll

.

Voltooingstijd: 2011-03-03 18:22:24

ComboFix-quarantined-files.txt 2011-03-03 17:22

ComboFix2.txt 2011-03-03 15:12

ComboFix3.txt 2011-03-03 13:45

Pre-Run: 132.246.720.512 bytes beschikbaar

Post-Run: 132.236.410.880 bytes beschikbaar

- - End Of File - - FC5E23A0A93C03180F55E0574EDD6FF1

Link naar reactie
Delen op andere sites
beldinho Groentje

beldinho

Geplaatst:
  • Auteur
Geplaatst:

Ik gebruik geen IE, ik gebruik alleen Firefox, dus dat kan het probleem niet zijn, ik kan niet precies zeggen of het probleem nu is opgelost omdat de dipjes onregelmatig voorkomen, maar ik heb wel het idee dat het wat beter geworden is.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.