Ga naar inhoud

Logfile of HijackThis v1.99.1

LeBe
 Delen

Aanbevolen berichten

LeBe Leerling

LeBe

Geplaatst:
  • Auteur
Geplaatst:

Hierbij de combofix log:

ComboFix 12-11-09.02 - Gebruiker 10-01-2012 11:47:16.2.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1015.661 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Gebruiker\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Gebruiker\Bureaublad\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Gebruiker\Application Data\Caozy

c:\documents and settings\Gebruiker\Application Data\Caozy\irul.wot

c:\documents and settings\Gebruiker\Application Data\Ofuxco

c:\documents and settings\Gebruiker\Application Data\searchquband

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCall.dll

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla.dll

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla17.dll

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla18.exe

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla19.dll

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla2.dll

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla20.dll

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla21.dll

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseCustomCalla21.exe

c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP\WiseData.ini

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-10 to 2012-01-10 ))))))))))))))))))))))))))))))

.

.

2012-11-03 09:50 . 2012-01-06 13:27 -------- d-----w- c:\program files\PC Tools Registry Mechanic

2012-10-30 10:11 . 2012-10-12 05:56 6918632 -c--a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-10-25 09:14 . 2012-10-25 09:14 -------- d-----w- c:\program files\MSXML 4.0

2012-10-24 18:56 . 2012-10-24 19:09 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Audacity

2012-10-23 09:48 . 2012-10-23 09:48 -------- d-----w- c:\program files\PC Tools

2012-10-23 09:47 . 2012-10-23 09:47 -------- dc----w- c:\documents and settings\All Users\Application Data\PC Tools

2012-10-23 09:47 . 2012-10-23 09:47 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Product_RM

2012-10-03 18:26 . 2012-10-03 18:26 -------- d-----w- c:\documents and settings\Gebruiker\AppData

2012-10-03 18:20 . 2012-10-03 18:20 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Ilivid Player

2012-10-03 18:17 . 2012-10-03 18:17 -------- dc----w- c:\documents and settings\All Users\Application Data\boost_interprocess

2012-09-25 18:49 . 2012-09-25 18:53 -------- d-----w- c:\windows\system32\NtmsData

2012-09-24 12:20 . 2012-09-24 12:20 -------- d-----w- C:\Drivers

2012-09-24 12:20 . 2002-10-15 20:41 102220 ----a-w- c:\windows\system32\drivers\sonypvs1.sys

2012-09-24 12:20 . 2001-11-05 07:23 299923 ----a-w- c:\windows\system32\drivers\sonyhcs.sys

2012-09-24 12:20 . 2001-11-05 07:23 38739 ----a-w- c:\windows\system32\drivers\sonyhcc.sys

2012-09-24 12:20 . 2001-11-05 07:23 6097 ----a-w- c:\windows\system32\drivers\sonyhcb.sys

2012-09-24 12:20 . 2001-07-03 18:39 3654 ----a-w- c:\windows\system32\drivers\Sonyhcp.dll

2012-09-24 12:20 . 2001-07-03 18:33 53248 ----a-w- c:\windows\system32\SONYHCY.DLL

2012-09-24 08:23 . 2012-09-24 08:23 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2012-09-18 09:48 . 2012-10-09 08:23 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-18 09:48 . 2012-10-09 08:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-18 09:43 . 2008-04-13 22:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys

2012-09-18 09:43 . 2008-04-13 22:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys

2012-09-18 09:43 . 2008-04-14 20:33 91648 ----a-w- c:\windows\system32\kswdmcap.ax

2012-09-18 09:43 . 2008-04-14 20:33 61952 ----a-w- c:\windows\system32\kstvtune.ax

2012-09-18 09:43 . 2008-04-13 22:16 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys

2012-09-18 09:43 . 2008-04-13 22:16 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2012-09-18 09:43 . 2008-04-14 20:33 43008 ----a-w- c:\windows\system32\ksxbar.ax

2012-09-18 09:43 . 2008-04-14 20:32 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll

2012-09-18 09:43 . 2008-04-14 20:32 54272 ----a-w- c:\windows\system32\vfwwdm32.dll

2012-09-18 09:43 . 2008-04-13 22:16 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys

2012-09-18 09:43 . 2008-04-13 22:16 38912 ----a-w- c:\windows\system32\drivers\avc.sys

2012-07-11 18:11 . 2012-07-11 18:11 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\FunnyGames

2012-07-11 18:11 . 2012-07-11 18:11 -------- d-----w- c:\program files\FunnyGames

2012-07-06 13:58 . 2012-07-06 13:58 78336 -c----w- c:\windows\system32\dllcache\browser.dll

2012-06-14 07:10 . 2012-08-28 15:17 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-06-08 04:32 . 2012-06-08 04:32 1375288 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL

2012-05-02 10:17 . 2012-05-02 10:17 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-05-01 13:02 . 2012-05-01 13:02 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Deployment

2012-04-11 13:17 . 2012-04-11 13:17 2594632 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\VBE6.DLL

2012-04-04 11:59 . 2012-04-04 11:59 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\CrashRpt

2012-04-04 10:57 . 2012-04-04 10:57 -------- d-----w- c:\program files\MSBuild

2012-04-04 10:57 . 2012-05-09 19:38 -------- d-----w- c:\windows\system32\XPSViewer

2012-04-04 10:57 . 2012-04-04 10:57 -------- d-----w- c:\program files\Reference Assemblies

2012-04-04 10:57 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

2012-04-04 10:56 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll

2012-04-04 10:51 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll

2012-04-04 10:51 . 2012-04-04 10:51 -------- d-----w- c:\windows\Logs

2012-04-04 10:14 . 2012-04-04 10:14 -------- d-----w- c:\program files\Atari

2012-02-29 14:10 . 2012-02-29 14:10 148480 -c----w- c:\windows\system32\dllcache\imagehlp.dll

2012-02-17 19:16 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-02-17 19:15 . 2012-10-02 15:31 -------- d-----w- c:\program files\Microsoft Security Client

2012-02-16 11:14 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-02-16 11:14 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll

2012-01-28 09:56 . 2012-01-28 09:56 -------- d-sh--w- c:\documents and settings\Gebruiker\IECompatCache

2012-01-23 15:17 . 2012-01-23 15:18 -------- dc-h--w- c:\windows\ie8

2012-01-21 16:03 . 2012-01-21 16:03 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

2012-01-20 22:44 . 2012-01-20 22:44 -------- d-sh--w- c:\documents and settings\Gebruiker\PrivacIE

2012-01-20 22:42 . 2012-01-20 22:42 -------- d-sh--w- c:\documents and settings\Gebruiker\IETldCache

2012-01-14 12:58 . 2012-01-14 12:58 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Mozilla

2012-01-10 10:44 . 2012-01-10 10:44 29904 -c--a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{462F0A41-0768-400F-844A-8DEA8FA3ED81}\MpKslba788b06.sys

2012-01-09 21:20 . 2012-10-12 05:56 6918632 -c--a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{462F0A41-0768-400F-844A-8DEA8FA3ED81}\mpengine.dll

2012-01-09 11:59 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll

2012-01-09 11:58 . 2012-08-28 15:17 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2012-01-09 11:58 . 2012-08-28 15:17 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2012-01-09 11:58 . 2012-08-28 15:17 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2012-01-08 08:31 . 2012-01-08 08:33 -------- dc----w- C:\Virusverwijdering

2012-01-07 13:59 . 2012-01-07 13:59 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Sun

2012-01-07 13:39 . 2012-01-07 13:39 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Malwarebytes

2012-01-07 13:38 . 2012-01-07 13:38 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-01-07 13:38 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-07 13:35 . 2012-01-07 13:35 -------- d-----w- c:\program files\Common Files\Java

2012-01-07 13:35 . 2012-01-07 13:34 544656 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-07 13:35 . 2012-01-07 13:34 128000 ----a-w- c:\windows\system32\javacpl.cpl

2012-01-07 13:34 . 2012-01-07 13:34 -------- d-----w- c:\program files\Java

2012-01-07 13:25 . 2012-01-07 13:26 -------- d-----w- c:\program files\backups

2012-01-06 20:31 . 2012-01-06 20:31 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Get from YouTube

2012-01-06 19:18 . 2012-01-06 19:18 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Import Audio from Video

2012-01-06 19:18 . 2012-01-06 20:49 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Music Editor Free

2012-01-06 19:17 . 2005-03-28 14:52 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll

2012-01-06 19:17 . 2005-02-24 10:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll

2012-01-06 19:17 . 2005-05-18 10:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll

2012-01-06 19:17 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll

2012-01-06 19:17 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll

2012-01-06 19:17 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll

2012-01-06 19:17 . 2005-03-28 14:54 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll

2012-01-06 19:17 . 2005-05-17 11:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll

2012-01-06 19:17 . 2005-04-15 11:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll

2012-01-06 19:17 . 2004-11-04 12:31 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll

2012-01-06 19:17 . 2002-01-05 15:37 344064 ----a-w- c:\windows\system32\msvcr70.dll

2012-01-06 19:17 . 2012-01-06 20:18 -------- d-----w- c:\program files\Music Editor Free

2012-01-06 19:16 . 2012-01-06 19:16 373456 ----a-w- c:\program files\SoftonicDownloader_voor_music-editor-free.exe

2012-01-06 13:45 . 2012-01-06 13:45 -------- d-----w- c:\program files\Enigma Software Group

2012-01-06 13:44 . 2012-01-06 13:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2012-01-06 13:43 . 2012-01-06 13:44 725440 ----a-w- c:\program files\SpyHunter-Installer.exe

2012-01-06 13:39 . 2012-01-06 17:54 -------- d-----w- c:\program files\7-Zip

2012-01-06 13:27 . 2012-01-06 13:27 -------- d-----w- c:\windows\system32\wbem\Repository

2012-01-06 13:12 . 2012-01-08 08:32 -------- dcs---w- c:\documents and settings\Administrator

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-30 20:03 . 2011-04-18 12:18 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2012-08-28 15:17 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:17 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:17 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec

2012-08-24 13:53 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-08-23 06:27 . 2004-08-04 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-23 06:27 . 2004-08-04 00:58 2032128 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-21 12:44 . 2011-01-26 13:09 38560 ----a-w- c:\windows\system32\CleanMFT32.exe

2012-07-06 13:58 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05 . 2008-06-06 11:52 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 18:23 . 2004-08-04 12:00 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:49 . 2008-06-06 13:01 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:49 . 2004-08-04 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2004-08-04 12:00 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2009-01-15 11:41 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2008-06-06 11:54 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2008-06-06 11:54 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2008-06-06 11:54 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2009-01-15 11:41 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2008-06-06 11:54 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2008-06-06 11:54 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 13:19 . 2004-08-04 12:00 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2011-01-15 10:27 15896 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2009-01-15 11:41 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2008-06-06 11:54 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2009-01-15 11:41 24088 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2008-06-06 11:54 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 13:19 . 2011-05-30 15:31 18160 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 13:18 . 2011-05-30 15:31 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 13:18 . 2009-08-06 18:23 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-01 16:50 . 2004-08-04 12:00 604672 ----a-w- c:\windows\system32\crypt32.dll

2012-05-14 09:23 . 2004-08-04 12:00 347136 ----a-w- c:\windows\system32\localspl.dll

2012-02-29 14:10 . 2004-08-04 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll

2011-11-25 21:57 . 2004-08-04 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll

2011-11-20 06:12 . 2004-08-04 12:00 60928 ----a-w- c:\windows\system32\packager.exe

2011-11-16 14:22 . 2004-08-04 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll

2011-11-03 15:29 . 2004-08-04 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll

2011-11-03 15:29 . 2004-08-04 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll

2011-11-01 16:07 . 2004-08-04 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll

2011-10-28 05:32 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-10-18 11:13 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll

2011-10-14 14:47 . 2004-08-04 12:00 23040 ----a-w- c:\windows\system32\mciseq.dll

2011-10-14 14:47 . 2004-08-04 12:00 179200 ----a-w- c:\windows\system32\winmm.dll

2011-12-21 08:02 . 2012-01-14 12:58 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Driver Updater"="c:\program files\Carambis\Driver Updater\dupdater.exe" [2010-06-08 4973056]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-04 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-10-02 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-10-02 118784]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]

"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-16 161336]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2011-1-22 151552]

Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2011-1-22 106496]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Atari\\TDU2\\UpLauncher.exe"=

"c:\\Program Files\\Atari\\TDU2\\DownloadCache\\20110218191951\\UpLauncher.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

.

R1 MpKslba788b06;MpKslba788b06;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{462F0A41-0768-400F-844A-8DEA8FA3ED81}\MpKslba788b06.sys [10-1-2012 11:44 29904]

S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSLBA788B06

*Deregistered* - uphcleanhlp

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-18 08:23]

.

2012-01-07 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-04 08:35]

.

2012-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-03 17:37]

.

2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-03 17:37]

.

2012-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1580818891-839522115-1004Core.job

- c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-17 07:27]

.

2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1580818891-839522115-1004UA.job

- c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-17 07:27]

.

2012-01-10 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 15:25]

.

2012-01-10 c:\windows\Tasks\WGASetup.job

- c:\windows\system32\KB905474\wgasetup.exe [2011-06-04 20:18]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uInternet Settings,ProxyOverride = <local>

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.254

FF - ProfilePath - c:\documents and settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\lkwpc03k.default\

FF - prefs.js: network.proxy.type - 2

FF - ExtSQL: 2012-04-10 11:34; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-10 11:54

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"3140210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Voltooingstijd: 2012-01-10 11:56:07

ComboFix-quarantined-files.txt 2012-01-10 10:56

ComboFix2.txt 2012-01-09 20:08

.

Pre-Run: 6.755.528.704 bytes beschikbaar

Post-Run: 6.809.292.800 bytes beschikbaar

.

- - End Of File - - 4320DF113032E92581EF8C8D83A0A0B2

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.