Cynthia
-
Items
3 -
Registratiedatum
-
Laatst bezocht
Cynthia's prestaties
-
Malware doctor en geen internet
Cynthia reageerde op Cynthia's topic in Archief Bestrijding malware & virussen
Hallo, na het verwijderen van de bestandjes in het bovenstaande bericht doet mijn internet het weer. Nu kon ik malwarebytes dus eindelijk updaten! Maar die heeft niks op mijn laptop gevonden. Malwarebyteslog: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4420 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 11-8-2010 23:05:14 mbam-log-2010-08-11 (23-05-14).txt Scantype: Snelle scan Objecten gescand: 135658 Verstreken tijd: 5 minuut/minuten, 46 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) En de nieuwe Hijackthislog: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:08:17, on 11-8-2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\AGRSMMSG.exe C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe C:\Program Files\Acer\OrbiCam10\OrbiCam.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe -- End of file - 5621 bytes Zit dit er goed uit? Ik wil jullie alvast bedanken voor de snelle reacties en voor jullie hulp. Groetjes Cynthia -
Malware doctor en geen internet
Cynthia reageerde op Cynthia's topic in Archief Bestrijding malware & virussen
Oke, ik heb gedaan wat u zei en dit is het resultaat: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:04:09, on 11-8-2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\AGRSMMSG.exe C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe C:\Program Files\Acer\OrbiCam10\OrbiCam.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\Explorer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\owgbca.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe -- End of file - 6465 bytes Groetjes Cynthia -
Malware doctor en geen internet
Cynthia plaatste een topic in Archief Bestrijding malware & virussen
Hallo, ik heb sinds 9 augustus 2010 malware doctor op mijn laptop gevonden. Ik heb nu als het goed is alle malware doctor gerelateerde bestanden van mijn laptop verwijderd. Ik heb malwarebytes gedraait en combofix. Malwarebytes vind niks in mijn laptop.. Terwijl er wel degelijk iets mis is. Want ik kan namelijk niet op internet. Er staat dat ik wel verbonden ben maar mijn internet vind geen pagina's. Op de laptop van mijn ouders ( waar ik dus nu gebruik van maak ) doet internet het wel. We werken met wifi, en ik heb de router en het modum al opnieuw opgestart maar niks lijkt te werken. Hier mijn combofixlogje: ComboFix 10-08-10.07 - Cynthia 11-08-2010 20:13:13.1.1 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.1014.281 [GMT 2:00] Gestart vanuit: c:\users\Cynthia\Desktop\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Cynthia\AppData\Local\uabhwmrss c:\users\Cynthia\AppData\Local\uabhwmrss\rhetyxxtssd.exe c:\users\Cynthia\AppData\Roaming\ohydy.exe c:\windows\system32\msippsth.dll F:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_TCPIP Pass-through Filter (((((((((((((((((((( Bestanden Gemaakt van 2010-07-11 to 2010-08-11 )))))))))))))))))))))))))))))) . 2010-08-10 20:34 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-10 20:34 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-10 19:43 . 2010-08-10 20:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-10 17:16 . 2010-08-10 17:16 -------- d-----w- c:\users\Cynthia\AppData\Roaming\Malwarebytes 2010-08-10 17:16 . 2010-08-10 17:16 -------- d-----w- c:\programdata\Malwarebytes 2010-08-09 23:01 . 2010-08-09 23:01 8192 ----a-w- c:\windows\system32\owgbca.dll 2010-07-22 07:40 . 2010-07-22 07:40 1615200 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll 2010-07-22 07:40 . 2010-07-22 07:40 1107296 ----a-w- c:\programdata\avg9\update\backup\avgxpl.dll 2010-07-22 07:40 . 2010-07-22 07:40 921440 ----a-w- c:\programdata\avg9\update\backup\avgemc.exe 2010-07-22 07:40 . 2010-07-22 07:40 4368224 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll 2010-07-15 16:58 . 2010-07-15 16:58 242896 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys 2010-07-15 16:58 . 2010-07-15 16:58 216200 ----a-w- c:\programdata\avg9\update\backup\avgldx86.sys 2010-07-15 16:58 . 2010-07-15 16:58 12536 ----a-w- c:\windows\system32\avgrsstx.dll 2010-07-15 16:49 . 2010-07-15 16:49 1690464 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll 2010-07-15 16:49 . 2010-07-15 16:49 1038688 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe 2010-07-15 16:49 . 2010-07-15 16:49 813336 ----a-w- c:\programdata\avg9\update\backup\avginet.dll 2010-07-15 16:49 . 2010-07-15 16:49 624920 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-10 21:08 . 2010-03-30 10:31 -------- d-----w- c:\program files\Pando Networks 2010-07-15 18:11 . 2010-02-28 19:03 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2010-07-15 16:58 . 2010-02-26 20:52 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-07-15 16:57 . 2010-02-26 20:52 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-07-14 08:53 . 2010-03-01 12:33 -------- d-----w- c:\programdata\Microsoft Help 2010-07-03 16:24 . 2010-03-24 21:55 -------- d-----w- c:\users\Cynthia\AppData\Roaming\Skype 2010-06-29 14:00 . 2010-03-24 21:58 -------- d-----w- c:\users\Cynthia\AppData\Roaming\skypePM 2010-06-29 11:27 . 2010-06-13 00:14 98304 ----a-w- c:\programdata\NexonUS\NGM\npNxGameUS.dll 2010-06-29 11:27 . 2010-06-13 00:14 126976 ----a-w- c:\programdata\NexonUS\NGM\nxgameus.dll 2010-06-29 11:27 . 2010-06-13 00:14 401408 ----a-w- c:\programdata\NexonUS\NGM\NGMResource.dll 2010-06-29 11:27 . 2010-06-13 00:14 258352 ----a-w- c:\programdata\NexonUS\NGM\unicows.dll 2010-06-29 11:27 . 2010-06-13 00:14 765952 ----a-w- c:\programdata\NexonUS\NGM\NGMDll.dll 2010-06-29 11:27 . 2010-06-13 00:14 172032 ----a-w- c:\programdata\NexonUS\NGM\NGM.exe 2010-06-13 00:14 . 2010-06-13 00:14 -------- d-----w- c:\programdata\NexonUS 2010-06-02 18:18 . 2010-02-26 20:52 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-05-27 21:08 . 2010-05-27 21:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-05-27 21:06 . 2009-07-14 08:27 691728 ----a-w- c:\windows\system32\perfh013.dat 2010-05-27 21:06 . 2009-07-14 08:27 130232 ----a-w- c:\windows\system32\perfc013.dat 2010-05-27 07:24 . 2010-06-08 21:10 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-27 03:49 . 2010-06-08 21:10 293888 ----a-w- c:\windows\system32\atmfd.dll 2010-05-21 05:18 . 2010-06-08 21:10 977920 ----a-w- c:\windows\system32\wininet.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 88363] "LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 304664] "LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-20 244512] "AcerOrbicamRibbon"="c:\program files\Acer\OrbiCam10\OrbiCam.exe" [2006-11-20 754712] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-15 2065760] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 135664] R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNt.sys [2008-10-17 131072] R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2008-10-17 79104] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-12 1343400] R3 XDva337;XDva337;c:\windows\system32\XDva337.sys [2010-03-30 68680] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-27 691696] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-15 216400] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-15 243024] S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-22 921952] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-15 308136] S3 netw5v32;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] . Inhoud van de 'Gedeelde Taken' map 2010-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 21:55] 2010-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 21:55] 2010-08-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3114666481-1891537434-2557200653-1000Core.job - c:\users\Cynthia\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-02 13:11] 2010-08-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3114666481-1891537434-2557200653-1000UA.job - c:\users\Cynthia\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-02 13:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html LSP: c:\windows\system32\owgbca.dll . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-imwsxdsa - c:\users\Cynthia\AppData\Local\uabhwmrss\rhetyxxtssd.exe . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\taskhost.exe c:\program files\AVG\AVG9\avgnsx.exe c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\system32\conhost.exe c:\windows\AGRSMMSG.exe c:\program files\AVG\AVG9\avgtray.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2010-08-11 20:25:57 - machine werd herstart ComboFix-quarantined-files.txt 2010-08-11 18:25 Pre-Run: 32.017.616.896 bytes beschikbaar Post-Run: 31.714.955.264 bytes beschikbaar - - End Of File - - 9C1EEC26DD75FEF3895BDCB8FB4F149F Help me plz
