Frickxinator

26 oktober 2012

hier is de log:

ComboFix 12-10-26.03 - Yentl 26/10/2012 17:15:19.1.4 - x64 NETWORK

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4003.3070 [GMT 2:00]

Gestart vanuit: c:\users\Yentl\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\dsgsdgdsgdsgw.pad

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-26 to 2012-10-26 ))))))))))))))))))))))))))))))

.

2012-10-26 15:21 . 2012-10-26 15:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-25 15:21 . 2012-10-26 15:19 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5860CCB-B301-491E-BCE6-F044D76346B8}\offreg.dll

2012-10-24 11:29 . 2012-10-24 17:22 -------- d-----w- C:\Call of Duty- Modern Warfare 3

2012-10-23 18:55 . 2012-10-23 18:59 -------- d-----w- c:\program files (x86)\Call of Duty- Modern Warfare 3

2012-10-23 16:13 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5860CCB-B301-491E-BCE6-F044D76346B8}\mpengine.dll

2012-10-16 16:03 . 2012-10-25 15:07 -------- d-s---w- c:\users\Yentl\Google Drive

2012-10-14 07:16 . 2012-10-14 07:16 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller

2012-10-14 06:40 . 2012-10-14 07:14 -------- d-----w- c:\program files (x86)\Battlefield 3™

2012-10-11 05:17 . 2012-08-20 15:38 2048 ----a-w- c:\windows\SysWow64\user.exe

2012-10-11 05:17 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll

2012-10-11 05:17 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-10-11 05:17 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll

2012-10-11 05:17 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-10-11 05:17 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll

2012-10-11 05:17 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll

2012-10-11 05:17 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2012-10-11 05:17 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll

2012-10-11 05:17 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll

2012-10-11 05:17 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2012-10-11 05:17 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll

2012-10-11 05:17 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2012-10-10 13:58 . 2012-10-10 13:58 -------- d-----w- c:\users\Yentl\AppData\Roaming\MajorWare

2012-10-08 15:20 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL

2012-10-04 16:10 . 2012-10-20 13:46 -------- d-----w- c:\program files (x86)\Paradox Interactive

2012-10-03 12:36 . 2012-10-16 15:14 -------- d-----w- C:\PoRTaL

2012-10-01 13:24 . 2012-10-01 13:24 -------- d-----w- c:\program files (x86)\City Interactive

2012-09-30 18:05 . 2012-09-30 18:05 -------- d-----w- c:\users\Yentl\AppData\Local\FLT

2012-09-30 17:51 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll

2012-09-30 17:51 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll

2012-09-30 17:51 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll

2012-09-30 17:51 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll

2012-09-30 17:51 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll

2012-09-30 17:51 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll

2012-09-30 17:45 . 2012-09-30 17:49 -------- d-----w- c:\program files (x86)\Orcs Must Die 2

2012-09-30 12:42 . 2012-09-30 12:43 -------- d-----w- c:\program files (x86)\Origin Games

2012-09-30 12:42 . 2012-09-30 12:42 -------- d-----w- c:\users\Yentl\AppData\Roaming\Origin

2012-09-30 12:42 . 2012-09-30 12:42 -------- d-----w- c:\users\Yentl\AppData\Local\Origin

2012-09-30 12:41 . 2012-09-30 12:43 -------- d-----w- c:\programdata\Origin

2012-09-30 12:41 . 2012-09-30 12:41 -------- d-----w- c:\programdata\Electronic Arts

2012-09-30 12:40 . 2012-09-30 12:42 -------- d-----w- c:\program files (x86)\Origin

2012-09-30 09:54 . 2012-09-30 09:54 -------- d-----w- c:\users\Yentl\AppData\Roaming\Creative

2012-09-30 09:54 . 2012-09-30 09:54 -------- d-----w- c:\programdata\Creative

2012-09-26 21:14 . 2012-09-26 21:14 -------- d-----w- c:\program files (x86)\Valve

2012-09-26 21:09 . 2012-09-27 05:21 -------- d-----w- c:\users\Yentl\AppData\Local\SKIDROW

2012-09-26 19:38 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll

2012-09-26 19:38 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-09-26 19:38 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-09-26 18:08 . 2012-09-26 18:08 -------- d-----w- c:\program files (x86)\2K Games

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-11 15:14 . 2012-08-28 13:32 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-09 15:28 . 2012-08-25 14:59 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 15:28 . 2012-08-25 14:59 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-29 17:54 . 2012-09-07 14:11 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-31 17:01 . 2012-08-31 17:02 916456 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-31 17:01 . 2012-08-31 17:02 289768 ----a-w- c:\windows\system32\javaws.exe

2012-08-31 17:01 . 2012-08-31 17:02 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-08-31 17:01 . 2012-08-31 17:01 189416 ----a-w- c:\windows\system32\javaw.exe

2012-08-31 17:01 . 2012-08-31 17:01 188904 ----a-w- c:\windows\system32\java.exe

2012-08-31 17:01 . 2012-08-31 17:01 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2012-08-27 12:58 . 2012-08-27 12:58 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2012-08-27 12:58 . 2012-08-27 12:58 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-08-27 11:28 . 2012-08-27 11:28 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-08-27 08:52 . 2012-08-27 08:53 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-08-27 08:52 . 2012-08-27 08:53 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-08-27 08:26 . 2012-08-27 08:26 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-08-27 08:26 . 2012-08-27 08:26 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-08-27 08:26 . 2012-08-27 08:26 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-08-27 08:26 . 2012-08-27 08:26 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-08-27 08:26 . 2012-08-27 08:26 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-08-27 08:26 . 2012-08-27 08:26 82432 ----a-w- c:\windows\system32\icardie.dll

2012-08-27 08:26 . 2012-08-27 08:26 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-08-27 08:26 . 2012-08-27 08:26 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-08-27 08:26 . 2012-08-27 08:26 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-08-27 08:26 . 2012-08-27 08:26 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-08-27 08:26 . 2012-08-27 08:26 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-08-27 08:26 . 2012-08-27 08:26 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-08-27 08:26 . 2012-08-27 08:26 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-08-27 08:26 . 2012-08-27 08:26 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-08-27 08:26 . 2012-08-27 08:26 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-08-27 08:26 . 2012-08-27 08:26 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-08-27 08:26 . 2012-08-27 08:26 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-08-27 08:26 . 2012-08-27 08:26 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-08-27 08:26 . 2012-08-27 08:26 448512 ----a-w- c:\windows\system32\html.iec

2012-08-27 08:26 . 2012-08-27 08:26 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-08-27 08:26 . 2012-08-27 08:26 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-08-27 08:26 . 2012-08-27 08:26 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-08-27 08:26 . 2012-08-27 08:26 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-08-27 08:26 . 2012-08-27 08:26 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-08-27 08:26 . 2012-08-27 08:26 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-08-27 08:26 . 2012-08-27 08:26 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-08-27 08:26 . 2012-08-27 08:26 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-08-27 08:26 . 2012-08-27 08:26 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-08-27 08:26 . 2012-08-27 08:26 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-08-27 08:26 . 2012-08-27 08:26 222208 ----a-w- c:\windows\system32\msls31.dll

2012-08-27 08:26 . 2012-08-27 08:26 197120 ----a-w- c:\windows\system32\msrating.dll

2012-08-27 08:26 . 2012-08-27 08:26 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-08-27 08:26 . 2012-08-27 08:26 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-08-27 08:26 . 2012-08-27 08:26 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-08-27 08:26 . 2012-08-27 08:26 160256 ----a-w- c:\windows\system32\wextract.exe

2012-08-27 08:26 . 2012-08-27 08:26 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-08-27 08:26 . 2012-08-27 08:26 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-08-27 08:26 . 2012-08-27 08:26 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-08-27 08:26 . 2012-08-27 08:26 149504 ----a-w- c:\windows\system32\occache.dll

2012-08-27 08:26 . 2012-08-27 08:26 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-08-27 08:26 . 2012-08-27 08:26 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-08-27 08:26 . 2012-08-27 08:26 12288 ----a-w- c:\windows\system32\mshta.exe

2012-08-27 08:26 . 2012-08-27 08:26 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-08-27 08:26 . 2012-08-27 08:26 114176 ----a-w- c:\windows\system32\admparse.dll

2012-08-27 08:26 . 2012-08-27 08:26 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-08-27 08:26 . 2012-08-27 08:26 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-08-27 08:26 . 2012-08-27 08:26 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-08-27 08:26 . 2012-08-27 08:26 103936 ----a-w- c:\windows\system32\inseng.dll

2012-08-27 08:26 . 2012-08-27 08:26 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-08-24 11:15 . 2012-09-22 16:09 17810944 ----a-w- c:\windows\system32\mshtml.dll

2012-08-24 10:39 . 2012-09-22 16:09 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-24 10:31 . 2012-09-22 16:09 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 10:22 . 2012-09-22 16:09 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-08-24 10:21 . 2012-09-22 16:09 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 10:20 . 2012-09-22 16:09 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 10:18 . 2012-09-22 16:09 237056 ----a-w- c:\windows\system32\url.dll

2012-08-24 10:17 . 2012-09-22 16:09 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-08-24 10:14 . 2012-09-22 16:09 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 10:14 . 2012-09-22 16:09 816640 ----a-w- c:\windows\system32\jscript.dll

2012-08-24 10:13 . 2012-09-22 16:09 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 10:12 . 2012-09-22 16:09 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-08-24 10:11 . 2012-09-22 16:09 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-08-24 10:10 . 2012-09-22 16:09 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-08-24 10:09 . 2012-09-22 16:09 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-24 10:04 . 2012-09-22 16:09 248320 ----a-w- c:\windows\system32\ieui.dll

2012-08-24 06:59 . 2012-09-22 16:09 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-08-24 06:51 . 2012-09-22 16:09 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-08-24 06:51 . 2012-09-22 16:09 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-08-24 06:47 . 2012-09-22 16:09 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-08-24 06:47 . 2012-09-22 16:09 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-08-24 06:43 . 2012-09-22 16:09 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-08-22 18:12 . 2012-09-12 11:15 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-12 11:16 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-12 11:15 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-12 11:15 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 21:01 . 2012-09-26 11:51 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-08-21 11:01 . 2012-09-16 08:43 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-08-21 11:01 . 2012-08-29 11:50 125872 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-08-21 11:01 . 2012-08-29 11:50 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-08-20 17:38 . 2012-10-11 05:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-08-02 17:58 . 2012-09-12 11:16 574464 ----a-w- c:\windows\system32\d3d10level9.dll

2012-08-02 16:57 . 2012-09-12 11:16 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-09-23 1353080]

"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-10-02 15687032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-02-04 203776]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648]

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-08-30 8704]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]

R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-02-04 8283136]

R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-02-04 295424]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648]

R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-25 12262336]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-27 1255736]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-27 283200]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-03-03 8507392]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-25 15:28]

.

2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 16:01]

.

2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 16:01]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-10-02 07:42 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-10-02 07:42 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-10-02 07:42 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-10-02 07:42 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.dell.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\Yentl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

FF - ProfilePath - c:\users\Yentl\AppData\Roaming\Mozilla\Firefox\Profiles\3er9hdom.default\

FF - ExtSQL: 2012-10-12 17:37; jid1-1JLAXLsPiy10cg@jetpack; c:\users\Yentl\AppData\Roaming\Mozilla\Firefox\Profiles\3er9hdom.default\extensions\jid1-1JLAXLsPiy10cg@jetpack.xpi

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-26 17:22:53

ComboFix-quarantined-files.txt 2012-10-26 15:22

.

Pre-Run: 251.970.048.000 bytes beschikbaar

Post-Run: 252.755.877.888 bytes beschikbaar

.

- - End Of File - - 1C628B7573360AB394A14A65272137F9

25 oktober 2012

Hallo, mijn pc is besmet met een virus, ik weet niet wat ik moet doen... Alleszins hieronder mijn hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:35:20, on 25/10/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Safe mode with network support

Running processes:

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Users\Yentl\Downloads\HijackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dell Official Site - The Power To Do More | Dell

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yentl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll' missing

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

Kan iemand mij aub helpen?

Frickxinator

7 september 2012

Mijn pc werkt terug, heel erg bedankt!

hier zijn de logs:

Malwarebytes Anti-Malware 1.62.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2012.09.07.09

Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden)

Internet Explorer 9.0.8112.16421

Yentl :: YENTL-LAPTOP [administrator]

7/09/2012 16:12:41

mbam-log-2012-09-07 (16-12-41).txt

Scantype: Snelle scan

Uitgeschakelde scanopties: P2P

Objecten gescand: 194752

Verstreken tijd: 1 minuut/minuten, 58 seconde(n)

Geheugenprocessen gedetecteerd: 0