Ga naar inhoud

Claro search

Pizza_heidi
 Delen

Aanbevolen berichten

Pizza_heidi Verkenner

Pizza_heidi

Geplaatst:
  • Auteur
Geplaatst:

Kan gelukkig wel opstarten, maar nog steeds een Claro-tabblad...

Hier weer mijn logbestand, en ondertussen bedankt voor de moeite!

ComboFix 12-11-08.01 - Gebruiker 08-11-2012 16:33:33.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3063.2353 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Gebruiker\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Gebruiker\Bureaublad\CFScript.txt

AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

* Aanwezig AV is actief

.

.

FILE ::

"c:\windows\system32\drivers\ciuhultk.sys"

"c:\windows\system32\drivers\ctfovzye.sys"

"c:\windows\system32\drivers\cttznalz.sys"

"c:\windows\system32\drivers\ddfrggbu.sys"

"c:\windows\system32\drivers\hdrdaoho.sys"

"c:\windows\system32\drivers\hlihonlr.sys"

"c:\windows\system32\drivers\jrlppgli.sys"

"c:\windows\system32\drivers\mbmbegzn.sys"

"c:\windows\system32\drivers\njlvvgsh.sys"

"c:\windows\system32\drivers\ntkgfswz.sys"

"c:\windows\system32\drivers\rdtolfzq.sys"

"c:\windows\system32\drivers\thresysk.sys"

"c:\windows\system32\drivers\tngaqxck.sys"

"c:\windows\system32\drivers\uxptmosn.sys"

"c:\windows\system32\drivers\vyngofzt.sys"

"c:\windows\system32\drivers\vzzmqokm.sys"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_ciuhultk

-------\Service_ctfovzye

-------\Service_cttznalz

-------\Service_ddfrggbu

-------\Service_hdrdaoho

-------\Service_hlihonlr

-------\Service_jrlppgli

-------\Service_mbmbegzn

-------\Service_njlvvgsh

-------\Service_ntkgfswz

-------\Service_rdtolfzq

-------\Service_thresysk

-------\Service_tngaqxck

-------\Service_uxptmosn

-------\Service_vyngofzt

-------\Service_vzzmqokm

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-10-08 to 2012-11-08 ))))))))))))))))))))))))))))))

.

.

2012-11-07 15:43 . 2012-11-07 15:43 388096 ----a-r- c:\documents and settings\Gebruiker\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-11-07 15:22 . 2012-11-07 15:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-11-07 15:22 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-06 21:46 . 2012-11-08 15:31 -------- d--h--r- c:\documents and settings\Gebruiker\Onlangs geopend

2012-11-06 19:07 . 2011-09-01 10:08 987904 ----a-r- c:\windows\system32\drivers\RTL8192cu.sys

2012-11-05 19:06 . 2012-11-05 19:06 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET

2012-10-27 14:44 . 2012-10-27 14:44 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\TuneUp Software

2012-10-27 13:55 . 2012-11-05 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2012-10-27 13:55 . 2012-10-27 13:55 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\MFAData

2012-10-20 11:40 . 2012-09-24 21:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-16 19:38 . 2012-10-16 22:31 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\NNTPGrab

2012-10-11 20:46 . 2012-10-11 20:46 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Proxure

2012-10-11 20:46 . 2012-10-11 20:46 -------- d-----w- c:\documents and settings\All Users\Application Data\ClubSanDisk

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-04 19:47 . 2012-07-06 20:49 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-10-04 19:47 . 2011-11-02 10:17 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-21 01:46 . 2012-09-21 01:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys

2012-08-28 15:17 . 2008-04-15 12:00 916992 ------w- c:\windows\system32\wininet.dll

2012-08-28 15:17 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:17 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2012-08-24 13:53 . 2008-04-15 12:00 177664 ------w- c:\windows\system32\wintrust.dll

2012-08-23 06:27 . 2008-04-15 12:00 2153472 ------w- c:\windows\system32\ntoskrnl.exe

2012-08-23 06:27 . 2008-04-14 22:11 2032128 ------w- c:\windows\system32\ntkrnlpa.exe

2012-08-21 11:01 . 2012-07-26 20:07 26840 ------w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-08-21 11:01 . 2012-07-26 20:07 106928 ------w- c:\windows\system32\GEARAspi.dll

2012-07-18 14:01 . 2012-07-18 14:01 0 ----a-w- c:\program files\GUM6F.tmp

2011-11-25 19:03 . 2011-11-25 19:03 10424515 ----a-w- c:\program files\SABnzbd-0.6.10-win32-setup.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]

"HP Deskjet 3070 B611 series (NET)"="c:\program files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" [2011-06-08 1804648]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-19 405583]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 172032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360]

"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\SABnzbd\\SABnzbd.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Documents and Settings\\Gebruiker\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=

"c:\\Program Files\\ImgBurn\\ImgBurn.exe"=

"c:\\Program Files\\CCleaner\\CCleaner.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=

.

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-09-2012 02:46 177376]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14-03-2012 08:40 120152]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14-03-2012 08:40 104160]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [07-03-2012 15:40 913144]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [07-11-2012 16:22 399432]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [07-11-2012 16:22 676936]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [07-11-2012 16:22 22856]

R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [06-11-2012 20:07 987904]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys --> c:\windows\system32\DRIVERS\avgidshx.sys [?]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys --> c:\windows\system32\DRIVERS\avgidsdriverx.sys [?]

S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys --> c:\windows\system32\DRIVERS\avgidsshimx.sys [?]

S2 avgfws;AVG Firewall;"c:\program files\AVG\AVG2013\avgfws.exe" --> c:\program files\AVG\AVG2013\avgfws.exe [?]

S2 avgwd;AVG WatchDog;"c:\program files\AVG\AVG2013\avgwdsvc.exe" --> c:\program files\AVG\AVG2013\avgwdsvc.exe [?]

S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]

S3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\drivers\AE1200xp.sys [15-05-2012 19:32 1034240]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-02-05 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]

.

2012-10-26 c:\windows\Tasks\At1.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-07 c:\windows\Tasks\At2.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-08 c:\windows\Tasks\At3.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-04 c:\windows\Tasks\At4.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1897051121-1177238915-1012Core.job

- c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-02 12:51]

.

2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1897051121-1177238915-1012UA.job

- c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-02 12:51]

.

2012-11-08 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\documents and settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-11-08 16:46

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(1788)

c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll

c:\program files\Common Files\Ahead\Lib\MFC71U.DLL

c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll

c:\progra~1\WINDOW~2\wmpband.dll

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Java\jre7\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\windows\RTHDCPL.EXE

c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe

c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe

.

**************************************************************************

.

Voltooingstijd: 2012-11-08 16:49:32 - machine werd herstart

ComboFix-quarantined-files.txt 2012-11-08 15:49

ComboFix2.txt 2012-11-08 13:45

.

Pre-Run: 6.549.581.824 bytes beschikbaar

Post-Run: 6.534.909.952 bytes beschikbaar

.

- - End Of File - - 8394EAACCF9AAC7AF4B86C624A51F1E9

Link naar reactie
Delen op andere sites
  • Reacties 48
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

Pizza_heidi Verkenner

Pizza_heidi

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-11-08.01 - Gebruiker 08-11-2012 16:33:33.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3063.2353 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Gebruiker\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Gebruiker\Bureaublad\CFScript.txt

AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

* Aanwezig AV is actief

.

.

FILE ::

"c:\windows\system32\drivers\ciuhultk.sys"

"c:\windows\system32\drivers\ctfovzye.sys"

"c:\windows\system32\drivers\cttznalz.sys"

"c:\windows\system32\drivers\ddfrggbu.sys"

"c:\windows\system32\drivers\hdrdaoho.sys"

"c:\windows\system32\drivers\hlihonlr.sys"

"c:\windows\system32\drivers\jrlppgli.sys"

"c:\windows\system32\drivers\mbmbegzn.sys"

"c:\windows\system32\drivers\njlvvgsh.sys"

"c:\windows\system32\drivers\ntkgfswz.sys"

"c:\windows\system32\drivers\rdtolfzq.sys"

"c:\windows\system32\drivers\thresysk.sys"

"c:\windows\system32\drivers\tngaqxck.sys"

"c:\windows\system32\drivers\uxptmosn.sys"

"c:\windows\system32\drivers\vyngofzt.sys"

"c:\windows\system32\drivers\vzzmqokm.sys"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_ciuhultk

-------\Service_ctfovzye

-------\Service_cttznalz

-------\Service_ddfrggbu

-------\Service_hdrdaoho

-------\Service_hlihonlr

-------\Service_jrlppgli

-------\Service_mbmbegzn

-------\Service_njlvvgsh

-------\Service_ntkgfswz

-------\Service_rdtolfzq

-------\Service_thresysk

-------\Service_tngaqxck

-------\Service_uxptmosn

-------\Service_vyngofzt

-------\Service_vzzmqokm

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-10-08 to 2012-11-08 ))))))))))))))))))))))))))))))

.

.

2012-11-07 15:43 . 2012-11-07 15:43 388096 ----a-r- c:\documents and settings\Gebruiker\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-11-07 15:22 . 2012-11-07 15:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-11-07 15:22 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-06 21:46 . 2012-11-08 15:31 -------- d--h--r- c:\documents and settings\Gebruiker\Onlangs geopend

2012-11-06 19:07 . 2011-09-01 10:08 987904 ----a-r- c:\windows\system32\drivers\RTL8192cu.sys

2012-11-05 19:06 . 2012-11-05 19:06 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET

2012-10-27 14:44 . 2012-10-27 14:44 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\TuneUp Software

2012-10-27 13:55 . 2012-11-05 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2012-10-27 13:55 . 2012-10-27 13:55 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\MFAData

2012-10-20 11:40 . 2012-09-24 21:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-16 19:38 . 2012-10-16 22:31 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\NNTPGrab

2012-10-11 20:46 . 2012-10-11 20:46 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Proxure

2012-10-11 20:46 . 2012-10-11 20:46 -------- d-----w- c:\documents and settings\All Users\Application Data\ClubSanDisk

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-04 19:47 . 2012-07-06 20:49 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-10-04 19:47 . 2011-11-02 10:17 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-21 01:46 . 2012-09-21 01:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys

2012-08-28 15:17 . 2008-04-15 12:00 916992 ------w- c:\windows\system32\wininet.dll

2012-08-28 15:17 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:17 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2012-08-24 13:53 . 2008-04-15 12:00 177664 ------w- c:\windows\system32\wintrust.dll

2012-08-23 06:27 . 2008-04-15 12:00 2153472 ------w- c:\windows\system32\ntoskrnl.exe

2012-08-23 06:27 . 2008-04-14 22:11 2032128 ------w- c:\windows\system32\ntkrnlpa.exe

2012-08-21 11:01 . 2012-07-26 20:07 26840 ------w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-08-21 11:01 . 2012-07-26 20:07 106928 ------w- c:\windows\system32\GEARAspi.dll

2012-07-18 14:01 . 2012-07-18 14:01 0 ----a-w- c:\program files\GUM6F.tmp

2011-11-25 19:03 . 2011-11-25 19:03 10424515 ----a-w- c:\program files\SABnzbd-0.6.10-win32-setup.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]

"HP Deskjet 3070 B611 series (NET)"="c:\program files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" [2011-06-08 1804648]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-19 405583]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 172032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360]

"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\SABnzbd\\SABnzbd.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Documents and Settings\\Gebruiker\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=

"c:\\Program Files\\ImgBurn\\ImgBurn.exe"=

"c:\\Program Files\\CCleaner\\CCleaner.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=

.

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-09-2012 02:46 177376]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14-03-2012 08:40 120152]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14-03-2012 08:40 104160]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [07-03-2012 15:40 913144]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [07-11-2012 16:22 399432]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [07-11-2012 16:22 676936]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [07-11-2012 16:22 22856]

R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [06-11-2012 20:07 987904]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys --> c:\windows\system32\DRIVERS\avgidshx.sys [?]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys --> c:\windows\system32\DRIVERS\avgidsdriverx.sys [?]

S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys --> c:\windows\system32\DRIVERS\avgidsshimx.sys [?]

S2 avgfws;AVG Firewall;"c:\program files\AVG\AVG2013\avgfws.exe" --> c:\program files\AVG\AVG2013\avgfws.exe [?]

S2 avgwd;AVG WatchDog;"c:\program files\AVG\AVG2013\avgwdsvc.exe" --> c:\program files\AVG\AVG2013\avgwdsvc.exe [?]

S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]

S3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\drivers\AE1200xp.sys [15-05-2012 19:32 1034240]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-02-05 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]

.

2012-10-26 c:\windows\Tasks\At1.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-07 c:\windows\Tasks\At2.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-08 c:\windows\Tasks\At3.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-04 c:\windows\Tasks\At4.job

- c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08 16:06]

.

2012-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1897051121-1177238915-1012Core.job

- c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-02 12:51]

.

2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1897051121-1177238915-1012UA.job

- c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-02 12:51]

.

2012-11-08 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\documents and settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-11-08 16:46

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(1788)

c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll

c:\program files\Common Files\Ahead\Lib\MFC71U.DLL

c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll

c:\progra~1\WINDOW~2\wmpband.dll

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Java\jre7\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\windows\RTHDCPL.EXE

c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe

c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe

.

**************************************************************************

.

Voltooingstijd: 2012-11-08 16:49:32 - machine werd herstart

ComboFix-quarantined-files.txt 2012-11-08 15:49

ComboFix2.txt 2012-11-08 13:45

.

Pre-Run: 6.549.581.824 bytes beschikbaar

Post-Run: 6.534.909.952 bytes beschikbaar

.

- - End Of File - - 8394EAACCF9AAC7AF4B86C624A51F1E9

- - - Updated - - -

Sorry, volgens mij heb ik hem nu twee keer geplaatst....

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dit kan niet van Claro zijn ... er moet een diepere oorzaak zijn voor deze problemen.

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

  • Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
  • Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"
    4f8d1a3bd3fbd-EmsisoftEK11.jpg
  • Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
  • Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  • Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  • Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  • Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"
    4f8d1a4d61ffa-EmsisoftEK2.jpg
  • Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  • Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  • Herstart nu de computer.

Link naar reactie
Delen op andere sites
Pizza_heidi Verkenner

Pizza_heidi

Geplaatst:
  • Auteur
Geplaatst:

Oké, na drie uur scannen het volgende resultaat:

Emsisoft Emergency Kit - Versie 3.0

Laatste Update: 09-11-2012 10:31:28

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, D:\, E:\, I:\

Detecteer riskware: Uit

Scan archieven: Aan

ADS Scan: Aan

Bestandsextensiefilter: Uit

Geavanceerde cache: Aan

Directe schijftoegang: Uit

Scan gestart: 09-11-2012 10:37:25

E:\Downloads\complete\Software\Nero 7.10.1.0[1]\Keygen.exe Ontdekt: Trojan.Win32.Keygen.GG (A)

E:\Downloads\complete\Software\nieuwste Eset nod32 5.0 32_64 bit-tested 100% worked\Eset.NOD32.Antivirus.v5\ESET PureFix v2.02.exe Ontdekt: Trojan.Generic.KDV.361520 (B)

Gescand 374718

Gevonden 2

Scan geëindigd: 09-11-2012 12:15:12

Scantijd: 1:37:47

E:\Downloads\complete\Software\nieuwste Eset nod32 5.0 32_64 bit-tested 100% worked\Eset.NOD32.Antivirus.v5\ESET PureFix v2.02.exe Verwijderd Trojan.Generic.KDV.361520 (B)

E:\Downloads\complete\Software\Nero 7.10.1.0[1]\Keygen.exe Verwijderd Trojan.Win32.Keygen.GG (A)

Verwijderd 2

Ik durf hem alleen maar in veilige modus op te starten voordat ik bericht heb dat het goed is...

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Absoluut ... daar doet die Claro-search niets aan.

Download en installeer Speccy.

Tijdens de installatie heb je nu de mogelijkheid om Nederlands als taal te selecteren.

speccy.png

Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht.

Wil je in woord en beeld zien hoe je een logje van Speccy maakt en plaatst kun je dat Hier lezen.

Ook Dit (KLIK) filmpje laat zien hoe je een Speccy-logje kan plakken in je antwoord.

Na het plaatsen van je logje wordt dit door een expert nagekeken.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.