Ga naar inhoud

Kan imesh internetstartpagina niet verwijderen en andere problemen...


Aanbevolen berichten

Ziezo

ComboFix 12-10-12.01 - Elke & Koen 13/10/2012 14:39:44.3.1 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.1023.454 [GMT 2:00]

Gestart vanuit: c:\users\Elke & Koen\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-13 to 2012-10-13 ))))))))))))))))))))))))))))))

.

.

2012-10-13 12:47 . 2012-10-13 12:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-10-13 12:47 . 2012-10-13 12:47 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-13 06:10 . 2012-10-13 06:10 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe

2012-10-13 06:10 . 2012-10-13 06:10 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe

2012-10-12 10:05 . 2012-10-13 12:47 -------- d-----w- c:\users\Elke & Koen\AppData\Local\temp

2012-10-06 11:35 . 2012-10-06 11:35 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\GameCenter

2012-10-06 11:35 . 2012-10-06 11:36 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\GoforFiles

2012-10-06 11:35 . 2012-10-06 11:35 -------- d-----w- c:\program files\GoforFiles

2012-10-03 14:51 . 2012-10-10 16:30 -------- d-----w- c:\program files\ePlaybus.com

2012-10-03 11:33 . 2012-10-03 11:33 -------- d-----w- c:\program files\Kai-Lan's Great Trip to China

2012-10-03 11:14 . 2012-10-03 11:14 -------- d-----w- c:\program files\Lion King

2012-10-03 11:07 . 2012-10-03 12:21 -------- d-----w- c:\program files\hpmonitor

2012-10-03 11:07 . 2012-01-20 12:14 17280 ----a-w- c:\windows\system32\roboot.exe

2012-10-03 11:07 . 2012-10-03 12:39 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\systweak

2012-10-03 11:05 . 2012-10-03 11:05 -------- d-----w- c:\programdata\Browser Manager

2012-09-27 07:53 . 2012-09-27 07:53 -------- d-----w- c:\program files\Application Updater

2012-09-27 07:53 . 2012-09-27 07:53 -------- d-----w- c:\program files\YTD Toolbar

2012-09-27 07:53 . 2012-09-27 07:53 -------- d-----w- c:\program files\Common Files\Spigot

2012-09-21 23:23 . 2012-09-21 23:23 -------- d-----w- c:\programdata\Sony Corporation

2012-09-21 23:23 . 2012-09-21 23:23 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\Sony Corporation

2012-09-21 23:22 . 2012-09-21 23:22 -------- d-----w- c:\users\Elke & Koen\AppData\Local\kinoma

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\users\Elke & Koen\AppData\Local\Sony Corporation

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\program files\Sony

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\program files\Common Files\Sony Shared

2012-09-14 16:04 . 2012-09-14 16:04 -------- d-----w- C:\games

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-09 16:21 . 2012-05-01 16:48 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-09 16:21 . 2011-10-26 20:58 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-07 15:04 . 2011-11-18 13:30 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-07-26 01:21 . 2012-07-26 01:21 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-07-16 00:41 . 2012-07-22 09:30 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{394898E9-C4A9-431F-AFDF-E70A266C3EDE}\mpengine.dll

2012-10-13 06:10 . 2012-08-06 16:37 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]

"VirtualCloneDrive"="c:\program files\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"Reader Application Helper"="c:\program files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2012-07-12 892928]

"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-09-19 1100680]

.

c:\users\Elke & Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-11-16 113664]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~2\BROWSE~1\23762~1.17\{16CDF~1\browsemngr.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-13 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 16:21]

.

2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-16 12:27]

.

2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-16 12:27]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://search.babylon.com/?affID=111304&tt=021012_ccp_4012_4&babsrc=HP_ss&mntrId=8cc6e5f90000000000000013d38a9e3a

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 195.130.130.133 195.130.131.133

TCP: Interfaces\{3E12EB68-457A-4CB6-BDA9-DC1348139DDB}: NameServer = 8.8.8.8,8.8.8.4

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

FF - ProfilePath - c:\users\Elke & Koen\AppData\Roaming\Mozilla\Firefox\Profiles\qvn0otmk.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.net/?sver=3&appid=72

FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=72&systemid=1&sver=3&sr=0&q=

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 8cc6e5f90000000000000013d38a9e3a

FF - user.js: extensions.BabylonToolbar_i.hardId - 8cc6e5f90000000000000013d38a9e3a

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15456

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=8cc6e5f90000000000000013d38a9e3a&q=

FF - user.js: extensions.BabylonToolbar.id - 8cc6e5f90000000000000013d38a9e3a

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15616

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.713:05

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-13 14:49:26

ComboFix-quarantined-files.txt 2012-10-13 12:49

ComboFix2.txt 2012-10-12 10:05

.

Pre-Run: 14.580.834.304 bytes free

Post-Run: 14.545.997.824 bytes free

.

- - End Of File - - 813A967A9CCDD1ED9BEC6A52818D5BBE

Link naar reactie
Delen op andere sites

  • Reacties 25
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

ComboFix 12-10-12.01 - Elke & Koen 13/10/2012 14:39:44.3.1 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.1023.454 [GMT 2:00]

Gestart vanuit: c:\users\Elke & Koen\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-13 to 2012-10-13 ))))))))))))))))))))))))))))))

.

.

2012-10-13 12:47 . 2012-10-13 12:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-10-13 12:47 . 2012-10-13 12:47 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-13 06:10 . 2012-10-13 06:10 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe

2012-10-13 06:10 . 2012-10-13 06:10 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe

2012-10-12 10:05 . 2012-10-13 12:47 -------- d-----w- c:\users\Elke & Koen\AppData\Local\temp

2012-10-06 11:35 . 2012-10-06 11:35 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\GameCenter

2012-10-06 11:35 . 2012-10-06 11:36 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\GoforFiles

2012-10-06 11:35 . 2012-10-06 11:35 -------- d-----w- c:\program files\GoforFiles

2012-10-03 14:51 . 2012-10-10 16:30 -------- d-----w- c:\program files\ePlaybus.com

2012-10-03 11:33 . 2012-10-03 11:33 -------- d-----w- c:\program files\Kai-Lan's Great Trip to China

2012-10-03 11:14 . 2012-10-03 11:14 -------- d-----w- c:\program files\Lion King

2012-10-03 11:07 . 2012-10-03 12:21 -------- d-----w- c:\program files\hpmonitor

2012-10-03 11:07 . 2012-01-20 12:14 17280 ----a-w- c:\windows\system32\roboot.exe

2012-10-03 11:07 . 2012-10-03 12:39 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\systweak

2012-10-03 11:05 . 2012-10-03 11:05 -------- d-----w- c:\programdata\Browser Manager

2012-09-27 07:53 . 2012-09-27 07:53 -------- d-----w- c:\program files\Application Updater

2012-09-27 07:53 . 2012-09-27 07:53 -------- d-----w- c:\program files\YTD Toolbar

2012-09-27 07:53 . 2012-09-27 07:53 -------- d-----w- c:\program files\Common Files\Spigot

2012-09-21 23:23 . 2012-09-21 23:23 -------- d-----w- c:\programdata\Sony Corporation

2012-09-21 23:23 . 2012-09-21 23:23 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\Sony Corporation

2012-09-21 23:22 . 2012-09-21 23:22 -------- d-----w- c:\users\Elke & Koen\AppData\Local\kinoma

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\users\Elke & Koen\AppData\Local\Sony Corporation

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\program files\Sony

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\program files\Common Files\Sony Shared

2012-09-14 16:04 . 2012-09-14 16:04 -------- d-----w- C:\games

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-09 16:21 . 2012-05-01 16:48 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-09 16:21 . 2011-10-26 20:58 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-07 15:04 . 2011-11-18 13:30 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-07-26 01:21 . 2012-07-26 01:21 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-07-16 00:41 . 2012-07-22 09:30 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{394898E9-C4A9-431F-AFDF-E70A266C3EDE}\mpengine.dll

2012-10-13 06:10 . 2012-08-06 16:37 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]

"VirtualCloneDrive"="c:\program files\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"Reader Application Helper"="c:\program files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2012-07-12 892928]

"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-09-19 1100680]

.

c:\users\Elke & Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-11-16 113664]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~2\BROWSE~1\23762~1.17\{16CDF~1\browsemngr.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-13 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 16:21]

.

2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-16 12:27]

.

2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-16 12:27]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://search.babylon.com/?affID=111304&tt=021012_ccp_4012_4&babsrc=HP_ss&mntrId=8cc6e5f90000000000000013d38a9e3a

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 195.130.130.133 195.130.131.133

TCP: Interfaces\{3E12EB68-457A-4CB6-BDA9-DC1348139DDB}: NameServer = 8.8.8.8,8.8.8.4

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

FF - ProfilePath - c:\users\Elke & Koen\AppData\Roaming\Mozilla\Firefox\Profiles\qvn0otmk.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.net/?sver=3&appid=72

FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=72&systemid=1&sver=3&sr=0&q=

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 8cc6e5f90000000000000013d38a9e3a

FF - user.js: extensions.BabylonToolbar_i.hardId - 8cc6e5f90000000000000013d38a9e3a

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15456

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=8cc6e5f90000000000000013d38a9e3a&q=

FF - user.js: extensions.BabylonToolbar.id - 8cc6e5f90000000000000013d38a9e3a

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15616

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.713:05

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-13 14:49:26

ComboFix-quarantined-files.txt 2012-10-13 12:49

ComboFix2.txt 2012-10-12 10:05

.

Pre-Run: 14.580.834.304 bytes free

Post-Run: 14.545.997.824 bytes free

.

- - End Of File - - 813A967A9CCDD1ED9BEC6A52818D5BBE

Link naar reactie
Delen op andere sites

Hmmm... I see...

Ik had het gesleept en het was niet automatisch aangegaan dus had ik hem opgestart, waarschijnlijk was er iets misgegaan met het slepen.

Tweede poging ;)

ComboFix 12-10-12.01 - Elke & Koen 14/10/2012 13:24:24.4.1 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.1023.480 [GMT 2:00]

Gestart vanuit: c:\users\Elke & Koen\Desktop\ComboFix.exe

gebruikte Opdracht switches :: D:\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Application Updater

c:\program files\Application Updater\ApplicationUpdater.exe

c:\program files\Application Updater\config.ini

c:\program files\Common Files\Spigot

c:\program files\Common Files\Spigot\Search Settings\baidu_ff.xml

c:\program files\Common Files\Spigot\Search Settings\baidu_ie.xml

c:\program files\Common Files\Spigot\Search Settings\config.ini

c:\program files\Common Files\Spigot\Search Settings\Lang\res1031.ini

c:\program files\Common Files\Spigot\Search Settings\Lang\res1033.ini

c:\program files\Common Files\Spigot\Search Settings\Lang\res1034.ini

c:\program files\Common Files\Spigot\Search Settings\Lang\res1036.ini

c:\program files\Common Files\Spigot\Search Settings\Lang\res1040.ini

c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe

c:\program files\Common Files\Spigot\Search Settings\SearchSettings64.exe

c:\program files\Common Files\Spigot\Search Settings\wth153.dll

c:\program files\Common Files\Spigot\Search Settings\wthx153.dll

c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml

c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml

c:\program files\Common Files\Spigot\Search Settings\yandex_ff.xml

c:\program files\Common Files\Spigot\Search Settings\yandex_ie.xml

c:\program files\Common Files\Spigot\wtxpcom\chrome.manifest

c:\program files\Common Files\Spigot\wtxpcom\chrome\content\listener.js

c:\program files\Common Files\Spigot\wtxpcom\chrome\content\listener.xul

c:\program files\Common Files\Spigot\wtxpcom\chrome\content\shared.jsm

c:\program files\Common Files\Spigot\wtxpcom\components\chrome.manifest

c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt

c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt

c:\program files\Common Files\Spigot\wtxpcom\components\install.rdf

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.13

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.14

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.15

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.16

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.17

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8

c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9

c:\program files\Common Files\Spigot\wtxpcom\install.rdf

c:\program files\YTD Toolbar

c:\program files\YTD Toolbar\FF\chrome.manifest

c:\program files\YTD Toolbar\FF\chrome\chrome.jar

c:\program files\YTD Toolbar\FF\install.rdf

c:\program files\YTD Toolbar\IE\6.3\config.ini

c:\program files\YTD Toolbar\IE\6.3\ytdToolbarIE.dll

c:\program files\YTD Toolbar\Res\amazon.gif

c:\program files\YTD Toolbar\Res\dailymotion.gif

c:\program files\YTD Toolbar\Res\ebay.gif

c:\program files\YTD Toolbar\Res\facebook.gif

c:\program files\YTD Toolbar\Res\googleplus.gif

c:\program files\YTD Toolbar\Res\hulu.gif

c:\program files\YTD Toolbar\Res\icon_settings.gif

c:\program files\YTD Toolbar\Res\Lang\res1031.ini

c:\program files\YTD Toolbar\Res\Lang\res1033.ini

c:\program files\YTD Toolbar\Res\Lang\res1034.ini

c:\program files\YTD Toolbar\Res\Lang\res1036.ini

c:\program files\YTD Toolbar\Res\Lang\res1040.ini

c:\program files\YTD Toolbar\Res\metacafe.gif

c:\program files\YTD Toolbar\Res\radio-close.gif

c:\program files\YTD Toolbar\Res\radio-minimize.gif

c:\program files\YTD Toolbar\Res\radiobeta.gif

c:\program files\YTD Toolbar\Res\search-button-hover.gif

c:\program files\YTD Toolbar\Res\search-button.gif

c:\program files\YTD Toolbar\Res\search-chevron-hover.gif

c:\program files\YTD Toolbar\Res\search-chevron.gif

c:\program files\YTD Toolbar\Res\search_amazon.gif

c:\program files\YTD Toolbar\Res\search_baidu.gif

c:\program files\YTD Toolbar\Res\search_ebay.gif

c:\program files\YTD Toolbar\Res\search_yahoo.gif

c:\program files\YTD Toolbar\Res\search_yandex.gif

c:\program files\YTD Toolbar\Res\search_youtube.gif

c:\program files\YTD Toolbar\Res\twitter.gif

c:\program files\YTD Toolbar\Res\veoh.gif

c:\program files\YTD Toolbar\Res\widgets.xml

c:\program files\YTD Toolbar\Res\youtube.gif

c:\program files\YTD Toolbar\Res\ytd.gif

c:\program files\YTD Toolbar\Res\ytd_logo.gif

c:\program files\YTD Toolbar\Res\ytd_logo_hover.gif

c:\program files\YTD Toolbar\WidgiHelper.exe

c:\programdata\Browser Manager

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-15.0.dll

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-16.0.dll

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-3.6.xpt

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\browsemngr.js

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22

c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe

c:\windows\system32\roboot.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_Application Updater

-------\Service_Browser Manager

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-14 to 2012-10-14 ))))))))))))))))))))))))))))))

.

.

2012-10-14 11:32 . 2012-10-14 11:35 -------- d-----w- c:\users\Elke & Koen\AppData\Local\temp

2012-10-14 11:32 . 2012-10-14 11:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-10-14 11:32 . 2012-10-14 11:32 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-13 06:10 . 2012-10-13 06:10 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe

2012-10-13 06:10 . 2012-10-13 06:10 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe

2012-10-06 11:35 . 2012-10-06 11:35 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\GameCenter

2012-10-06 11:35 . 2012-10-06 11:36 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\GoforFiles

2012-10-06 11:35 . 2012-10-06 11:35 -------- d-----w- c:\program files\GoforFiles

2012-10-03 14:51 . 2012-10-10 16:30 -------- d-----w- c:\program files\ePlaybus.com

2012-10-03 11:33 . 2012-10-03 11:33 -------- d-----w- c:\program files\Kai-Lan's Great Trip to China

2012-10-03 11:14 . 2012-10-03 11:14 -------- d-----w- c:\program files\Lion King

2012-10-03 11:07 . 2012-10-03 12:21 -------- d-----w- c:\program files\hpmonitor

2012-10-03 11:07 . 2012-10-03 12:39 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\systweak

2012-09-21 23:23 . 2012-09-21 23:23 -------- d-----w- c:\programdata\Sony Corporation

2012-09-21 23:23 . 2012-09-21 23:23 -------- d-----w- c:\users\Elke & Koen\AppData\Roaming\Sony Corporation

2012-09-21 23:22 . 2012-09-21 23:22 -------- d-----w- c:\users\Elke & Koen\AppData\Local\kinoma

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\users\Elke & Koen\AppData\Local\Sony Corporation

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\program files\Sony

2012-09-21 23:17 . 2012-09-21 23:17 -------- d-----w- c:\program files\Common Files\Sony Shared

2012-09-14 16:04 . 2012-09-14 16:04 -------- d-----w- C:\games

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-09 16:21 . 2012-05-01 16:48 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-09 16:21 . 2011-10-26 20:58 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-07 15:04 . 2011-11-18 13:30 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-07-26 01:21 . 2012-07-26 01:21 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-10-13 06:10 . 2012-08-06 16:37 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]

"VirtualCloneDrive"="c:\program files\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"Reader Application Helper"="c:\program files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2012-07-12 892928]

.

c:\users\Elke & Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-11-16 113664]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 16:21]

.

2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-16 12:27]

.

2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-16 12:27]

.

.

------- Bijkomende Scan -------

.

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 195.130.130.133 195.130.131.133

TCP: Interfaces\{3E12EB68-457A-4CB6-BDA9-DC1348139DDB}: NameServer = 8.8.8.8,8.8.8.4

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

FF - ProfilePath - c:\users\Elke & Koen\AppData\Roaming\Mozilla\Firefox\Profiles\qvn0otmk.default\

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\windows\system32\nvvsvc.exe

c:\program files\Creative\Shared Files\CTAudSvc.exe

c:\program files\NVIDIA Corporation\Display\nvxdsync.exe

c:\windows\system32\nvvsvc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\system32\taskhost.exe

c:\program files\AVG\AVG2012\avgnsx.exe

c:\program files\AVG\AVG2012\avgemcx.exe

c:\program files\GoforFiles\GFFUpdater.exe

c:\windows\system32\sppsvc.exe

c:\windows\system32\WUDFHost.exe

c:\windows\system32\conhost.exe

c:\program files\NVIDIA Corporation\Display\nvtray.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Voltooingstijd: 2012-10-14 13:38:21 - machine werd herstart

ComboFix-quarantined-files.txt 2012-10-14 11:38

ComboFix2.txt 2012-10-13 12:49

ComboFix3.txt 2012-10-12 10:05

.

Pre-Run: 15.706.599.424 bytes free

Post-Run: 15.522.926.592 bytes free

.

- - End Of File - - BE6A58BC699FB6F4E3022E7C28B3A606

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.