Snarfyboy
-
Items
3 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Snarfyboy
-
-
Kape,
Bedankt, volgens mij is hij er vanaf.
heb toch even het logbestand gekopieerd.
zitten er nog bijzonderheden tussen dat je kan zien?
ComboFix 12-07-27.03 - Frans den Hoedt 28-07-2012 11:54:51.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.2046.1271 [GMT 2:00]
Gestart vanuit: c:\users\Frans den Hoedt\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Amazon.ico
c:\programdata\MercadoLivre.ico
c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\@
c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\U\00000001.@
c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\U\80000000.@
c:\windows\Installer\{5fecd64e-dce5-3524-9709-4ef8a7f6c9cb}\U\800000cb.@
.
Besmet exemplaar van c:\windows\system32\services.exe werd aangetroffen en gedesinfecteerd
Hersteld exemplaar van - c:\32788r22fwjfw\HarddiskVolumeShadowCopy5_!Windows!System32!services.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-06-28 to 2012-07-28 ))))))))))))))))))))))))))))))
.
.
2012-07-28 10:03 . 2012-07-28 10:06 -------- d-----w- c:\users\Frans den Hoedt\AppData\Local\temp
2012-07-28 10:03 . 2012-07-28 10:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-28 10:03 . 2012-07-28 10:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-28 00:15 . 2012-07-28 00:15 388096 ----a-r- c:\users\Frans den Hoedt\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-28 00:15 . 2012-07-28 00:15 -------- d-----w- c:\program files\Trend Micro
2012-07-27 23:18 . 2012-07-27 23:18 -------- d-----w- C:\$AVG
2012-07-27 23:04 . 2012-07-27 23:04 -------- d-----w- c:\users\Frans den Hoedt\AppData\Roaming\AVG2012
2012-07-27 23:03 . 2012-07-27 23:27 -------- d-----w- c:\programdata\AVG Secure Search
2012-07-27 23:03 . 2012-07-27 23:03 -------- d-----w- c:\program files\AVG Secure Search
2012-07-27 23:03 . 2012-07-27 23:03 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2012-07-27 23:02 . 2012-07-28 09:30 -------- d-----w- c:\windows\system32\drivers\AVG
2012-07-27 23:02 . 2012-07-27 23:46 -------- d-----w- c:\programdata\AVG2012
2012-07-27 23:02 . 2012-07-27 23:02 -------- d-----w- c:\program files\AVG
2012-07-27 22:59 . 2012-07-27 22:59 -------- d--h--w- c:\programdata\Common Files
2012-07-27 22:59 . 2012-07-28 09:31 -------- d-----w- c:\programdata\MFAData
2012-07-27 21:39 . 2012-07-27 21:39 -------- d-----w- C:\Temp
2012-07-27 21:38 . 2012-07-27 22:56 -------- d-----w- c:\users\Frans den Hoedt\AppData\Local\Samsung
2012-07-27 21:38 . 2012-07-27 21:38 -------- d-----w- c:\users\Frans den Hoedt\AppData\Roaming\Samsung
2012-07-27 21:37 . 2012-06-04 07:59 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-27 21:37 . 2012-06-04 07:59 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-27 21:35 . 2012-06-26 14:03 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-07-27 21:35 . 2012-07-27 22:56 -------- d-----w- c:\program files\MarkAny
2012-07-27 21:35 . 2012-06-26 14:02 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-07-27 21:34 . 2012-07-27 21:35 -------- d-----w- c:\program files\Samsung
2012-07-27 21:34 . 2012-07-27 21:35 -------- d-----w- c:\programdata\Samsung
2012-07-27 21:30 . 2012-07-27 21:30 -------- d-----w- c:\users\Frans den Hoedt\AppData\Local\Downloaded Installations
2012-07-27 16:32 . 2012-07-27 16:32 -------- d-----w- c:\program files\iPod
2012-07-27 16:32 . 2012-07-27 16:33 -------- d-----w- c:\program files\iTunes
2012-07-23 19:45 . 2012-07-23 19:45 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-07-23 15:41 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2BF5D319-BB5C-4C77-89AE-CA326CE04F8F}\mpengine.dll
2012-07-17 18:02 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-10 20:09 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-04 15:48 . 2012-02-13 17:00 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{01DB0D9C-EDEC-4EB2-ACE6-E0932EF85825}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 16:43 . 2012-04-04 16:03 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-27 16:43 . 2011-05-14 00:31 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-26 14:02 . 2012-06-26 14:02 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-06-26 14:02 . 2012-06-26 14:02 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-06-26 14:02 . 2012-06-26 14:02 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-06-26 14:02 . 2012-06-26 14:02 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2012-06-26 14:02 . 2012-06-26 14:02 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2012-06-26 14:02 . 2012-06-26 14:02 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2012-06-26 14:02 . 2012-06-26 14:02 569344 ----a-w- c:\windows\system32\muzdecode.ax
2012-06-26 14:02 . 2012-06-26 14:02 491520 ----a-w- c:\windows\system32\muzapp.dll
2012-06-26 14:02 . 2012-06-26 14:02 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2012-06-26 14:02 . 2012-06-26 14:02 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2012-06-26 14:02 . 2012-06-26 14:02 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2012-06-26 14:02 . 2012-06-26 14:02 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2012-06-26 14:02 . 2012-06-26 14:02 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2012-06-26 14:02 . 2012-06-26 14:02 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2012-06-26 14:02 . 2012-06-26 14:02 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2012-06-26 14:02 . 2012-06-26 14:02 245760 ----a-w- c:\windows\system32\MSCLib.dll
2012-06-26 14:02 . 2012-06-26 14:02 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2012-06-26 14:02 . 2012-06-26 14:02 200704 ----a-w- c:\windows\system32\muzwmts.dll
2012-06-26 14:02 . 2012-06-26 14:02 172032 ----a-w- c:\windows\system32\muzapp.exe
2012-06-26 14:02 . 2012-06-26 14:02 155648 ----a-w- c:\windows\system32\MSFLib.dll
2012-06-26 14:02 . 2012-06-26 14:02 143360 ----a-w- c:\windows\system32\3DAudio.ax
2012-06-26 14:02 . 2012-06-26 14:02 135168 ----a-w- c:\windows\system32\muzaf1.dll
2012-06-26 14:02 . 2012-06-26 14:02 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2012-06-26 14:02 . 2012-06-26 14:02 122880 ----a-w- c:\windows\system32\muzeffect.ax
2012-06-26 14:02 . 2012-06-26 14:02 118784 ----a-w- c:\windows\system32\MaDRM.dll
2012-06-26 14:02 . 2012-06-26 14:02 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2012-06-02 22:19 . 2012-06-21 14:26 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 14:26 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 14:26 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 14:26 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 14:26 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-21 14:26 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-21 14:26 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 14:26 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-21 14:26 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-05-01 04:44 . 2012-06-19 16:23 164352 ----a-w- c:\windows\system32\profsvc.dll
2011-06-09 10:03 . 2011-07-27 12:26 143240 ----a-w- c:\program files\Common Files\ApnStub.exe
2010-01-26 09:11 . 2011-05-06 18:33 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2012-06-20 17:36 . 2011-03-24 20:01 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-27 23:03 1811296 ----a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-07-27 1811296]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P17RunE"="P17RunE.dll" [2008-03-28 14848]
"SPC500NC_Monitor"="c:\windows\Philips\SPC500NC\Monitor.exe" [2006-11-03 319488]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-27 939872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 17:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-07-16 11:24 21432 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-07-16 11:23 975800 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-07-16 11:23 3524536 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2012-07-27 21:26 1193176 ----a-w- c:\program files\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys [x]
R1 MpKsl0032d3ca;MpKsl0032d3ca;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5513944E-71E9-47EC-B3D8-72F842A02434}\MpKsl0032d3ca.sys [x]
R1 MpKsl007c5f40;MpKsl007c5f40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{609EDC06-5054-4C56-8AF1-EDD9F6A944CE}\MpKsl007c5f40.sys [x]
R1 MpKsl06311cf3;MpKsl06311cf3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D856812-FA6F-4862-8387-EF565E32C6A6}\MpKsl06311cf3.sys [x]
R1 MpKsl0897f2b9;MpKsl0897f2b9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ECA8518F-D7A4-4077-8713-66120E35262A}\MpKsl0897f2b9.sys [x]
R1 MpKsl0a7b226d;MpKsl0a7b226d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CD440D6-1FEA-4F33-BD28-833DDF0E97C7}\MpKsl0a7b226d.sys [x]
R1 MpKsl0ef6d29e;MpKsl0ef6d29e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27193409-7D00-425A-8DC7-1357C3FF8B70}\MpKsl0ef6d29e.sys [x]
R1 MpKsl0f172eea;MpKsl0f172eea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F1F8284-4A0B-4218-BF6B-DA65D9B8544F}\MpKsl0f172eea.sys [x]
R1 MpKsl0fdc280f;MpKsl0fdc280f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DC5CCFC1-C679-4226-AD59-49890A45D953}\MpKsl0fdc280f.sys [x]
R1 MpKsl14595918;MpKsl14595918;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FE47E76E-D410-4249-9B24-74DDC4BEB45D}\MpKsl14595918.sys [x]
R1 MpKsl169151a3;MpKsl169151a3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EA00DF1-A5EB-40F7-B73B-8B353B973193}\MpKsl169151a3.sys [x]
R1 MpKsl17066fbd;MpKsl17066fbd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3C82427C-283E-49D1-97F7-0FD04B9D35E6}\MpKsl17066fbd.sys [x]
R1 MpKsl187ca231;MpKsl187ca231;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E7AC00E8-F3FA-4CD6-9C39-CA684A5D06F5}\MpKsl187ca231.sys [x]
R1 MpKsl1ee53307;MpKsl1ee53307;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{977DCA4D-D0F9-45BF-802E-123617BDA4F3}\MpKsl1ee53307.sys [x]
R1 MpKsl20d320b0;MpKsl20d320b0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26675D0C-2DBD-4579-8176-101CDD7EB0BE}\MpKsl20d320b0.sys [x]
R1 MpKsl230fe61e;MpKsl230fe61e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{960E529F-985D-4B05-80FA-61095A8C4C32}\MpKsl230fe61e.sys [x]
R1 MpKsl235f0382;MpKsl235f0382;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{31F2FC45-63A7-482A-AE1A-9FB1A0B960AC}\MpKsl235f0382.sys [x]
R1 MpKsl28467d61;MpKsl28467d61;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3655FC3A-41B6-40DF-9BA3-C897CD1ACEE7}\MpKsl28467d61.sys [x]
R1 MpKsl297ab8ec;MpKsl297ab8ec;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A2FD0D0-C94F-4375-8E2C-8B64F04A1CFA}\MpKsl297ab8ec.sys [x]
R1 MpKsl2bd68102;MpKsl2bd68102;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF2C9347-F467-4296-B7E7-DFC469894094}\MpKsl2bd68102.sys [x]
R1 MpKsl3b0ca987;MpKsl3b0ca987;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA561FB0-B5F3-468A-8828-5BA8D49537BA}\MpKsl3b0ca987.sys [x]
R1 MpKsl3dfd5438;MpKsl3dfd5438;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59634699-EC1B-4B13-9EB4-5757D63D38C6}\MpKsl3dfd5438.sys [x]
R1 MpKsl3eee5d8d;MpKsl3eee5d8d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A10F4618-78A1-417A-8121-43CAF018A044}\MpKsl3eee5d8d.sys [x]
R1 MpKsl43f68938;MpKsl43f68938;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DC5CCFC1-C679-4226-AD59-49890A45D953}\MpKsl43f68938.sys [x]
R1 MpKsl49bbc9a5;MpKsl49bbc9a5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E8A4F03C-7DBD-425C-8E43-D61557ACBA6F}\MpKsl49bbc9a5.sys [x]
R1 MpKsl4ab5a3ea;MpKsl4ab5a3ea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7FB8B15-5530-48C2-877D-63908C5AD2BD}\MpKsl4ab5a3ea.sys [x]
R1 MpKsl51249803;MpKsl51249803;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{93F71F65-C160-4E29-8B24-F76482BA6075}\MpKsl51249803.sys [x]
R1 MpKsl52200d8e;MpKsl52200d8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B295E763-25A4-470F-B563-7D7043D3848E}\MpKsl52200d8e.sys [x]
R1 MpKsl52b18e05;MpKsl52b18e05;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72FD88D3-1300-444C-AD84-45EB79DEE8D7}\MpKsl52b18e05.sys [x]
R1 MpKsl559700cf;MpKsl559700cf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA0C8AEB-F404-4556-BDAF-F9A4D34FC312}\MpKsl559700cf.sys [x]
R1 MpKsl559999b2;MpKsl559999b2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BCD12157-C511-47BA-B847-6F2A737E769D}\MpKsl559999b2.sys [x]
R1 MpKsl57ee7fb7;MpKsl57ee7fb7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61D57DD3-8753-4703-AACC-9846B236EA20}\MpKsl57ee7fb7.sys [x]
R1 MpKsl5812b290;MpKsl5812b290;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD2B0AE-D457-40D7-9684-EED6BB6B15C0}\MpKsl5812b290.sys [x]
R1 MpKsl5c603428;MpKsl5c603428;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49D1DE86-B364-4C86-869F-06996174B794}\MpKsl5c603428.sys [x]
R1 MpKsl64dde1c4;MpKsl64dde1c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{312FC048-E414-47C7-9E1F-ABD3D17FE63F}\MpKsl64dde1c4.sys [x]
R1 MpKsl6711d14a;MpKsl6711d14a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7FB8B15-5530-48C2-877D-63908C5AD2BD}\MpKsl6711d14a.sys [x]
R1 MpKsl69db0ae1;MpKsl69db0ae1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5AC92503-60BF-4285-AA48-3142E4F6E23F}\MpKsl69db0ae1.sys [x]
R1 MpKsl6a48d2e6;MpKsl6a48d2e6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E1B4A0D5-58F6-4500-BCB9-D05EE589707E}\MpKsl6a48d2e6.sys [x]
R1 MpKsl6f7d0168;MpKsl6f7d0168;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27193409-7D00-425A-8DC7-1357C3FF8B70}\MpKsl6f7d0168.sys [x]
R1 MpKsl7032f7d8;MpKsl7032f7d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3111EC53-E5F4-4163-8F51-4A2945AFC402}\MpKsl7032f7d8.sys [x]
R1 MpKsl70ba4150;MpKsl70ba4150;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{01439D6B-3003-4FDC-9CB0-30AEA59415D8}\MpKsl70ba4150.sys [x]
R1 MpKsl73064b0f;MpKsl73064b0f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72FD88D3-1300-444C-AD84-45EB79DEE8D7}\MpKsl73064b0f.sys [x]
R1 MpKsl7467e69d;MpKsl7467e69d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC233C-09FA-4CB2-9967-8AC669528226}\MpKsl7467e69d.sys [x]
R1 MpKsl74e42d40;MpKsl74e42d40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F1C774C6-3E92-4028-9570-6280E5FB96B6}\MpKsl74e42d40.sys [x]
R1 MpKsl7e60954d;MpKsl7e60954d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3111EC53-E5F4-4163-8F51-4A2945AFC402}\MpKsl7e60954d.sys [x]
R1 MpKsl7fec24a8;MpKsl7fec24a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1E9D6E4-B0BF-45DC-8714-005F76AC24E3}\MpKsl7fec24a8.sys [x]
R1 MpKsl8716f645;MpKsl8716f645;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DB5BD0E-8DD6-4BBD-B13D-DF7FDF03BFA3}\MpKsl8716f645.sys [x]
R1 MpKsl88e9cef1;MpKsl88e9cef1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88537732-CB0E-4224-9212-11C839504FF9}\MpKsl88e9cef1.sys [x]
R1 MpKsl8a2d9af6;MpKsl8a2d9af6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27193409-7D00-425A-8DC7-1357C3FF8B70}\MpKsl8a2d9af6.sys [x]
R1 MpKsl8d23fcf9;MpKsl8d23fcf9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BB7497-BD82-4847-B007-AAD9352E1A36}\MpKsl8d23fcf9.sys [x]
R1 MpKsl95baa29a;MpKsl95baa29a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B876DC1F-33AD-4FB5-AF0B-50EBCDBE777F}\MpKsl95baa29a.sys [x]
R1 MpKsl96463115;MpKsl96463115;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F7920119-B3FE-4999-806D-B70B73761C5C}\MpKsl96463115.sys [x]
R1 MpKsla20622d2;MpKsla20622d2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B9AE8670-3B62-4ACD-A35B-33D044AE48BB}\MpKsla20622d2.sys [x]
R1 MpKsla5c1326f;MpKsla5c1326f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{52AAF0A9-3FA6-49EC-BCE2-C9C8EB7830DA}\MpKsla5c1326f.sys [x]
R1 MpKsla66b46fb;MpKsla66b46fb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D2D81DC1-12DC-40D0-BD17-B0D53CAAACF5}\MpKsla66b46fb.sys [x]
R1 MpKsla7609033;MpKsla7609033;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA5DAFA5-575E-40C4-8ADA-471D25A58073}\MpKsla7609033.sys [x]
R1 MpKslb40bed02;MpKslb40bed02;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2D5A4D8A-7205-49E9-BE21-7104DD16B5AE}\MpKslb40bed02.sys [x]
R1 MpKslb6587e5f;MpKslb6587e5f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59634699-EC1B-4B13-9EB4-5757D63D38C6}\MpKslb6587e5f.sys [x]
R1 MpKslb779fdcb;MpKslb779fdcb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41C77235-609B-46CA-BCFA-1B0277247D8A}\MpKslb779fdcb.sys [x]
R1 MpKslc144f9c4;MpKslc144f9c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E63C813C-4326-4664-987C-E426B7CE62AC}\MpKslc144f9c4.sys [x]
R1 MpKslc411f35b;MpKslc411f35b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A2FD0D0-C94F-4375-8E2C-8B64F04A1CFA}\MpKslc411f35b.sys [x]
R1 MpKslcb88134b;MpKslcb88134b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{31F2FC45-63A7-482A-AE1A-9FB1A0B960AC}\MpKslcb88134b.sys [x]
R1 MpKslce8e7a81;MpKslce8e7a81;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{52AAF0A9-3FA6-49EC-BCE2-C9C8EB7830DA}\MpKslce8e7a81.sys [x]
R1 MpKsld1fa9a48;MpKsld1fa9a48;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26675D0C-2DBD-4579-8176-101CDD7EB0BE}\MpKsld1fa9a48.sys [x]
R1 MpKsld7250ec0;MpKsld7250ec0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F1C774C6-3E92-4028-9570-6280E5FB96B6}\MpKsld7250ec0.sys [x]
R1 MpKsldf53bdeb;MpKsldf53bdeb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D856812-FA6F-4862-8387-EF565E32C6A6}\MpKsldf53bdeb.sys [x]
R1 MpKsle1e5f901;MpKsle1e5f901;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2D5A4D8A-7205-49E9-BE21-7104DD16B5AE}\MpKsle1e5f901.sys [x]
R1 MpKsle3aaf291;MpKsle3aaf291;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88537732-CB0E-4224-9212-11C839504FF9}\MpKsle3aaf291.sys [x]
R1 MpKsle588d67a;MpKsle588d67a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49D1DE86-B364-4C86-869F-06996174B794}\MpKsle588d67a.sys [x]
R1 MpKsle5a5b549;MpKsle5a5b549;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DB5BD0E-8DD6-4BBD-B13D-DF7FDF03BFA3}\MpKsle5a5b549.sys [x]
R1 MpKsle5d10605;MpKsle5d10605;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D37436D5-DEF7-43CB-AEC1-880E7ED3272B}\MpKsle5d10605.sys [x]
R1 MpKsle9312907;MpKsle9312907;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1CCD78E-83F1-4F89-94FA-83719FB70372}\MpKsle9312907.sys [x]
R1 MpKsleb9d2d15;MpKsleb9d2d15;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B417A030-331A-4B45-A90A-B0D16B80E9C0}\MpKsleb9d2d15.sys [x]
R1 MpKslebf9453e;MpKslebf9453e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0FC84575-C309-4DE2-B5CC-226119BB1C1F}\MpKslebf9453e.sys [x]
R1 MpKsled20dea0;MpKsled20dea0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D856812-FA6F-4862-8387-EF565E32C6A6}\MpKsled20dea0.sys [x]
R1 MpKslf2777e28;MpKslf2777e28;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3111EC53-E5F4-4163-8F51-4A2945AFC402}\MpKslf2777e28.sys [x]
R1 MpKslf55c3445;MpKslf55c3445;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EBAC727A-FB91-4335-A920-55F5D2ED21F0}\MpKslf55c3445.sys [x]
R1 MpKslf90846de;MpKslf90846de;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD2B0AE-D457-40D7-9684-EED6BB6B15C0}\MpKslf90846de.sys [x]
R1 MpKslfa633d53;MpKslfa633d53;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CD440D6-1FEA-4F33-BD28-833DDF0E97C7}\MpKslfa633d53.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R4 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
S3 Ph3xIB32;Philips 713x VU PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 SPC500NC;Philips SPC500NC Webcam;c:\windows\system32\DRIVERS\SPC500NC.SYS [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:43]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://google.nl/
mStart Page = hxxp://nl.woofi.info
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
FF - ProfilePath - c:\users\Frans den Hoedt\AppData\Roaming\Mozilla\Firefox\Profiles\9ng8d4u0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B42e9cc5e-7d69-47ab-8b25-3ae2a0407973%7D&mid=e22ea4d4ce4547d0bf15d1530ba99584-f2de9f68bb51252802dcfda3d7e3ad66ba1613e3&ds=AVG&v=10.0.0.7〈=nl&pr=pr&d=2012-07-28%2001%3A03%3A21&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKCU-Run-ISUSPM - c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
SafeBoot-MsMpSvc
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Voltooingstijd: 2012-07-28 12:11:26 - machine werd herstart
ComboFix-quarantined-files.txt 2012-07-28 10:11
.
Pre-Run: 189.714.059.264 bytes beschikbaar
Post-Run: 189.641.936.896 bytes beschikbaar
.
- - End Of File - - D4BA3770B2840E52270EA9FFE59D2BCC
-
Goededag,
Mijn computer kon ik niet meer update en toen heb ik een scan uitgevoerd van AVG.
daar kwamen 5 virussen uit het scanbestand tot mijn verbazing.
4 van deze zijn gerepareerd/verwijderd door de scan maar van dit Trojaans paard kom ik niet vanaf.
Op een ander forum kwam ik een zelfde probleem tegen en daar werd iemand stap voor stap duidelijk geholpen na een scan die hij moest maken met het programma Hijjackthis.
Ik heb gelijk ook even een scan gemaakt en hoop dat iemand mij kan helpen tegen dit virus.
Zie hieronder en alvast bedankt voor de moeite!
Logfile of Trend Micro HijackThis v2.0.4Scan saved at 2:18:57, on 28-7-2012Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v9.00 (9.00.8112.16447)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Windows\Explorer.EXEC:\Windows\System32\rundll32.exeC:\Windows\Philips\SPC500NC\Monitor.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Samsung\Kies\KiesTrayAgent.exeC:\Program Files\AVG\AVG2012\avgtray.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\Spotify\Data\SpotifyWebHelper.exeC:\Program Files\Samsung\Kies\Kies.exeC:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exeC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exeC:\Program Files\Trend Micro\HiJackThis\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dllO4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntryO4 - HKLM\..\Run: [sPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exeO4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exeO4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -schedulerO4 - HKCU\..\Run: [spotify Web Helper] "C:\Program Files\Spotify\Data\SpotifyWebHelper.exe"O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preloadO4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startupO4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-21-1476420548-3530872497-1026628333-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')O4 - HKUS\S-1-5-21-1476420548-3530872497-1026628333-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dllO18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exeO23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exeO23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exeO23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exeO23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exeO23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe--End of file - 9720 bytes
C:\Windows\System32\services.exe - Trojaans paard Patched_c.LYU
in Archief Bestrijding malware & virussen
Geplaatst:
Hij vind niks meer.
top bedankt!