Ga naar inhoud

Trage pc en virusmelding

celleke1613
 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht ... en laat dan maar weer even de huidige toestand kennen ?

Link naar reactie
Delen op andere sites
celleke1613 Enthousiasteling

celleke1613

Geplaatst:
  • Auteur
Geplaatst:

Kape,

heb gedaan zoals gevraagd.

Bij opstart combofix,kreeg ik volgende melding:"Bootpartitie kan niet opgeteld worden", heb dan ok gedrukt en programma is verder gelopen.

Hieronder het logbestand:

ComboFix 11-11-12.02 - User 12/11/2011 10:02:27.3.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.546 [GMT 1:00]

Gestart vanuit: c:\documents and settings\User\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\User\Bureaublad\CFScript..txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\PowerToyReadme.htm

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-10-12 to 2011-11-12 ))))))))))))))))))))))))))))))

.

.

2011-11-10 23:45 . 2011-11-12 08:58 12568 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS

2011-11-10 23:45 . 2011-11-10 23:45 -------- d-----w- c:\documents and settings\All Users\Favorieten

2011-11-08 20:43 . 2011-11-08 20:43 -------- d-----w- c:\windows\system32\wbem\Repository

2011-11-08 18:03 . 2011-11-10 09:05 -------- d-----w- c:\program files\K-Lite Codec Pack

2011-11-08 07:30 . 2011-11-10 09:05 -------- d-----w- c:\program files\iPod

2011-11-08 07:30 . 2011-11-10 09:00 -------- d-----w- c:\program files\iTunes

2011-11-08 07:30 . 2011-11-08 07:31 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2011-11-08 07:27 . 2011-11-10 09:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2011-11-08 07:24 . 2011-11-10 09:05 -------- d-----w- c:\program files\Bonjour

2011-11-08 07:18 . 2011-11-08 07:18 -------- d-----w- c:\program files\MixMeister

2011-11-04 19:36 . 2011-11-04 19:36 -------- d-----w- c:\documents and settings\User\Application Data\AVG2012

2011-11-04 19:34 . 2011-11-08 18:11 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012

2011-11-03 23:58 . 2011-11-03 23:58 -------- d-----w- c:\windows\system32\dumps

2011-10-16 17:55 . 2011-10-16 17:55 18139008 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-10 14:22 . 2003-01-10 12:55 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-10-07 05:23 . 2011-01-07 04:41 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-04 05:21 . 2011-02-10 05:53 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

2011-09-28 07:06 . 2002-09-11 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 10:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 10:41 . 2002-09-11 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-26 10:41 . 2002-09-11 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-13 05:30 . 2011-01-19 02:32 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2011-09-09 11:44 . 2011-08-26 09:35 1409 ----a-w- c:\windows\QTFont.for

2011-09-06 14:09 . 2002-09-11 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 16:00 . 2011-08-18 15:02 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-22 23:41 . 2002-09-11 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:41 . 2002-09-11 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:41 . 2002-09-11 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:58 . 2007-03-18 13:18 385024 ----a-w- c:\windows\system32\html.iec

2011-08-17 13:49 . 2002-09-11 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2011-08-17 10:08 . 2011-08-17 10:08 388096 ----a-r- c:\documents and settings\User\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

.

.

((((((((((((((((((((((((((((( SnapShot_2011-11-11_00.16.58 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-11-12 07:39 . 2011-11-12 07:39 16384 c:\windows\Temp\Perflib_Perfdata_ac0.dat

- 2002-09-11 12:00 . 2011-11-10 11:50 87304 c:\windows\system32\perfc009.dat

+ 2002-09-11 12:00 . 2011-11-12 07:43 87304 c:\windows\system32\perfc009.dat

+ 2010-11-03 17:05 . 2011-11-11 23:21 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe

+ 2010-10-20 15:08 . 2010-10-20 15:08 40808 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\RECALL.DLL

+ 2011-01-12 17:59 . 2011-01-12 17:59 43352 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OUTLRPC.DLL

+ 2010-10-22 14:05 . 2010-10-22 14:05 28000 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OUTLACCT.DLL

+ 2010-10-20 15:08 . 2010-10-20 15:08 87920 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\DLGSETP.DLL

+ 2002-09-11 12:00 . 2011-11-12 07:43 636530 c:\windows\system32\perfh013.dat

- 2002-09-11 12:00 . 2011-11-10 11:50 636530 c:\windows\system32\perfh013.dat

+ 2002-09-11 12:00 . 2011-11-12 07:43 516688 c:\windows\system32\perfh009.dat

- 2002-09-11 12:00 . 2011-11-10 11:50 516688 c:\windows\system32\perfh009.dat

+ 2002-09-11 12:00 . 2011-11-12 07:43 128456 c:\windows\system32\perfc013.dat

- 2002-09-11 12:00 . 2011-11-10 11:50 128456 c:\windows\system32\perfc013.dat

- 2008-08-14 23:43 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll

+ 2008-08-14 23:43 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll

- 2011-09-13 10:16 . 2011-09-09 09:12 602624 c:\windows\system32\dllcache\crypt32.dll

+ 2011-09-13 10:16 . 2011-09-28 07:06 602624 c:\windows\system32\dllcache\crypt32.dll

+ 2011-10-26 21:50 . 2011-10-26 21:50 596992 c:\windows\Installer\33bc5dc.msp

+ 2010-11-03 17:05 . 2011-11-11 23:21 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

- 2011-11-01 10:19 . 2011-11-01 10:19 571232 c:\windows\Installer\{90140000-006E-0413-0000-0000000FF1CE}\misc.exe

+ 2011-11-11 23:19 . 2011-11-11 23:19 571232 c:\windows\Installer\{90140000-006E-0413-0000-0000000FF1CE}\misc.exe

+ 2010-10-20 14:11 . 2010-10-20 14:11 105344 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\TRANSMGR.DLL

+ 2011-03-31 14:08 . 2011-03-31 14:08 347568 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\SCNPST64.DLL

+ 2011-03-31 14:08 . 2011-03-31 14:08 336808 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\SCNPST32.DLL

+ 2010-10-22 14:05 . 2010-10-22 14:05 423280 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\RTFHTML.DLL

+ 2011-03-17 09:34 . 2011-03-17 09:34 309096 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\PSTPRX32.DLL

+ 2011-03-18 22:08 . 2011-03-18 22:08 329616 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OUTLPH.DLL

+ 2011-03-17 09:34 . 2011-03-17 09:34 523656 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OUTLMIME.DLL

+ 2010-10-20 15:08 . 2010-10-20 15:08 122720 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OUTLCTL.DLL

+ 2010-12-21 02:08 . 2010-12-21 02:08 616312 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONWORDADDIN.DLL

+ 2010-12-21 02:08 . 2010-12-21 02:08 561024 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONPPTADDIN.DLL

+ 2011-03-11 16:52 . 2011-03-11 16:52 140656 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONENOTEMANAGED.DLL

+ 2010-12-21 00:07 . 2010-12-21 00:07 227712 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONENOTEM.EXE

+ 2010-12-21 02:08 . 2010-12-21 02:08 533368 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONBTTNWD.DLL

+ 2010-12-21 02:08 . 2010-12-21 02:08 533376 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONBTTNPPT.DLL

+ 2010-12-27 23:52 . 2010-12-27 23:52 698240 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONBTTNOL.DLL

+ 2010-12-27 23:52 . 2010-12-27 23:52 233360 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OMSXP32.DLL

+ 2010-12-27 23:52 . 2010-12-27 23:52 724864 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OMSMAIN.DLL

+ 2010-12-20 23:59 . 2010-12-20 23:59 360824 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\MSOUC.EXE

+ 2010-12-20 23:59 . 2010-12-20 23:59 718720 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\MSOSYNC.EXE

+ 2010-10-20 15:08 . 2010-10-20 15:08 358752 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\MIMEDIR.DLL

+ 2010-10-20 15:08 . 2010-10-20 15:08 135528 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\IMPMAIL.DLL

+ 2010-12-21 02:08 . 2010-12-21 02:08 577960 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\IECONTENTSERVICE.EXE

+ 2011-03-17 09:34 . 2011-03-17 09:34 155008 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ENVELOPE.DLL

+ 2010-10-22 14:05 . 2010-10-22 14:05 135032 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\CONTAB32.DLL

+ 2011-10-22 14:21 . 2011-10-22 14:21 3463168 c:\windows\Installer\33bc630.msp

+ 2011-10-26 21:45 . 2011-10-26 21:45 9177600 c:\windows\Installer\33bc618.msp

+ 2011-10-26 22:21 . 2011-10-26 22:21 1020928 c:\windows\Installer\33bc5fe.msp

+ 2011-10-26 22:23 . 2011-10-26 22:23 8821760 c:\windows\Installer\33bc5f4.msp

+ 2010-11-03 17:05 . 2011-11-11 23:21 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe

+ 2010-11-03 17:05 . 2011-11-11 23:21 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe

- 2010-11-03 17:05 . 2011-11-01 10:27 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe

+ 2011-03-18 21:59 . 2011-03-18 21:59 9221992 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONMAIN.DLL

+ 2011-03-02 19:21 . 2011-03-02 19:21 1683808 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\ONENOTE.EXE

+ 2011-03-18 22:08 . 2011-03-18 22:08 3250560 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OLMAPI32.DLL

+ 2011-10-26 21:51 . 2011-10-26 21:51 16885760 c:\windows\Installer\33bc5d3.msp

+ 2011-10-26 21:46 . 2011-10-26 21:46 11580928 c:\windows\Installer\33bc5b4.msp

+ 2011-10-22 14:21 . 2011-10-22 14:21 21515264 c:\windows\Installer\33bc59c.msp

+ 2011-03-31 14:08 . 2011-03-31 14:08 15933792 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\OUTLOOK.EXE

+ 2011-04-06 19:53 . 2011-04-06 19:53 72521600 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\MSORES.DLL

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-14 7630848]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

SMCWUSB-G 802.11g Wireless USB Utility.lnk - c:\program files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2006-1-18 442368]

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"gxwhdduwemzlaowntsfaTaskMgr"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoFileAssociate"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Exif Launcher S.lnk]

backup=c:\windows\pss\Exif Launcher S.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"AVG Security Toolbar Service"=3 (0x3)

"avg9wd"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\mmc.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=

"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=

"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

"3389:TCP"= 3389:TCP:Remote Desktop

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 7:13 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [19/01/2011 3:32 32592]

R0 DiskSec;Magix Volume Filter Driver;c:\windows\system32\drivers\disksec.sys [2/02/2010 16:11 14208]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/01/2011 5:41 230608]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [10/02/2011 6:54 295248]

R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [24/08/2011 12:35 328536]

R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [27/09/2011 19:08 745880]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/08/2011 6:09 192776]

R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27/08/2009 17:09 1253376]

R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7/06/2011 16:23 821080]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [30/03/2011 16:17 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10/02/2011 6:53 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/02/2011 6:53 16720]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9/01/2010 21:37 4640000]

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6/08/2009 22:33 47360]

R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]

R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]

S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 6:25 4433248]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/12/2010 14:51 136176]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 13:44 580992]

S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21/05/2008 12:42 64000]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7/08/2008 11:10 3276800]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/12/2010 14:51 136176]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12/06/2011 10:15 31125880]

S3 NEOWATCH;NEOWATCH;c:\windows\system32\Drivers\NWatch22.sys --> c:\windows\system32\Drivers\NWatch22.sys [?]

S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?]

S3 RegFilter;RegFilter;\??\c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys --> c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [?]

S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [16/08/2007 19:54 408064]

S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]

S3 UrlFilter;UrlFilter;\??\c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys --> c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [?]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [11/09/2002 13:00 14336]

S4 FileMonitor;FileMonitor;\??\c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys --> c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

WINRM REG_MULTI_SZ WINRM

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2011-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 13:50]

.

2011-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 13:50]

.

2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004Core.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-11 09:10]

.

2011-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004UA.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-11 09:10]

.

2011-11-11 c:\windows\Tasks\NeroLiveEpgUpdate-USER-DJ4XE9X5VR_User.job

- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-10-27 07:59]

.

2011-11-12 c:\windows\Tasks\User_Feed_Synchronization-{73E18E08-8680-4446-AFFB-60BE6B8452A4}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyServer = proxy.pandora.be:8080

uInternet Settings,ProxyOverride = 127.0.0.1

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.2.1

DPF: DirectAnimation Java Classes

DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB

DPF: Microsoft XML Parser for Java

DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-11-12 10:12

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

Voltooingstijd: 2011-11-12 10:16:40

ComboFix-quarantined-files.txt 2011-11-12 09:16

ComboFix2.txt 2011-11-11 00:22

ComboFix3.txt 2010-11-19 09:39

.

Pre-Run: 16.689.852.416 bytes beschikbaar

Post-Run: 16.677.654.528 bytes beschikbaar

.

- - End Of File - - 2B0AF2EBDF441F4DAEBDD533B164A333

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.