ComboFix 12-03-01.01 - Fred 01-03-2012 22:09:12.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3326.1772
Gestart vanuit: c:\users\Fred\Desktop\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Fred\AppData\Roaming\7za.exe
c:\users\Fred\AppData\Roaming\GHIN5XY753cvyibjl.exe
c:\users\Fred\AppData\Roaming\inst.exe
c:\users\Fred\AppData\Roaming\InstallDir
c:\users\Fred\AppData\Roaming\Microsoft\Windows\VXyWGiGS.cfg
c:\users\Fred\AppData\Roaming\Microsoft\Windows\VXyWGiGS.dat
c:\users\Fred\AppData\Roaming\Microsoft\Windows\VXyWGiGS.xtr
c:\users\Fred\AppData\Roaming\vso_ts_preview.xml
c:\windows\7Loader.TAG
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\system32\dtirc.dll
c:\windows\system32\system
c:\windows\system32\tmp3A74.tmp
c:\windows\system32\tmp3A75.tmp
c:\windows\system32\tmp6A03.tmp
c:\windows\system32\tmp6A14.tmp
c:\windows\system32\tmp795E.tmp
c:\windows\system32\tmp797E.tmp
c:\windows\system32\tmpD81E.tmp
c:\windows\system32\tmpD81F.tmp
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-01 to 2012-03-01 ))))))))))))))))))))))))))))))
.
.
2012-03-01 21:20 . 2012-03-01 21:20 ——– d—–w- c:\users\Gast\AppData\Local\temp
2012-03-01 10:36 . 2012-03-01 10:36 ——– d—–w- c:\program files\ESET
2012-02-29 17:33 . 2012-02-29 17:33 ——– d—–w- c:\users\Fred\AppData\Roaming\System
2012-02-26 10:43 . 2012-02-26 10:43 ——– d—–w- c:\users\UpdatusUser
2012-02-26 10:41 . 2012-02-10 04:13 61248 —-a-w- c:\windows\system32\OpenCL.dll
2012-02-26 10:41 . 2012-02-10 04:13 19443520 —-a-w- c:\windows\system32\nvoglv32.dll
2012-02-26 10:41 . 2012-02-10 04:13 10816832 —-a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-02-26 10:41 . 2012-01-17 12:46 27968 —-a-w- c:\windows\system32\nvhdap32.dll
2012-02-26 10:41 . 2012-01-17 12:45 148800 —-a-w- c:\windows\system32\drivers\nvhda32v.sys
2012-02-26 10:41 . 2012-01-17 12:45 876864 —-a-w- c:\windows\system32\nvhdagenco3220103.dll
2012-02-26 10:41 . 2012-02-10 04:13 5892928 —-a-w- c:\windows\system32\nvcuda.dll
2012-02-26 10:41 . 2012-02-10 04:13 2517312 —-a-w- c:\windows\system32\nvcuvid.dll
2012-02-26 10:41 . 2012-02-10 04:13 2437440 —-a-w- c:\windows\system32\nvcuvenc.dll
2012-02-26 10:41 . 2012-02-10 04:13 17543488 —-a-w- c:\windows\system32\nvcompiler.dll
2012-02-26 10:41 . 2012-02-10 04:13 15009600 —-a-w- c:\windows\system32\nvd3dum.dll
2012-02-26 10:41 . 2012-02-26 10:41 ——– d—–w- C:\NVIDIA
2012-02-20 20:29 . 2012-02-20 20:29 ——– d—–w- c:\users\Gast\AppData\Local\Adobe
2012-02-16 21:57 . 2012-02-16 22:29 ——– d—–w- c:\users\Fred\AppData\Roaming\DarknessII
2012-02-14 20:17 . 2012-02-14 20:17 ——– d—–w- c:\users\Fred\AppData\Roaming\No Company Name
2012-02-14 19:56 . 2011-12-30 05:27 478720 —-a-w- c:\windows\system32\timedate.cpl
2012-02-14 19:56 . 2012-01-04 08:58 442880 —-a-w- c:\windows\system32\ntshrui.dll
2012-02-14 19:56 . 2012-01-14 03:35 2343424 —-a-w- c:\windows\system32\win32k.sys
2012-02-14 19:56 . 2011-12-16 07:52 690688 —-a-w- c:\windows\system32\msvcrt.dll
2012-02-13 22:36 . 2012-02-13 22:37 ——– d—–w- c:\program files\TuneUp Utilities 2012
2012-02-13 13:28 . 2012-02-13 13:30 ——– d—–w- c:\programdata\Protexis
2012-02-13 13:26 . 2010-11-16 15:24 13880 —-a-w- c:\windows\system32\drivers\regi.sys
2012-02-12 18:12 . 2012-02-12 18:12 ——– d—–w- c:\program files\VirtualDJ
2012-02-12 12:27 . 2012-02-12 12:27 ——– d—–w- c:\users\Fred\AppData\Local\Unity
2012-02-11 09:18 . 2011-06-22 15:13 10915840 —-a-w- c:\windows\system32\libmfxhw32.dll
2012-02-11 09:18 . 2011-06-22 15:13 10833920 —-a-w- c:\windows\system32\libmfxsw32.dll
2012-02-09 19:05 . 2012-02-09 19:05 416064 —-a-w- c:\windows\system32\nvStreaming.exe
2012-02-07 19:34 . 2012-02-07 19:34 ——– d—–w- c:\program files\CoreCodec
2012-02-07 17:41 . 2011-11-07 16:24 21312 —-a-w- c:\windows\system32\authuitu.dll
2012-02-07 12:38 . 2012-02-11 09:19 ——– d—–w- c:\program files\AVS4YOU
2012-02-05 14:57 . 2012-02-05 14:57 ——– d—–w- c:\users\Gast\AppData\Local\Google
2012-02-05 14:56 . 2012-02-05 14:57 ——– d—–w- c:\users\Gast\AppData\Local\Deployment
2012-02-05 14:56 . 2012-02-05 14:56 ——– d—–w- c:\users\Gast\AppData\Local\Apps
2012-02-05 14:42 . 2012-02-05 14:42 ——– d—–w- c:\users\Gast\AppData\Local\DFX
2012-02-03 20:37 . 2012-02-03 20:37 ——– d—–w- c:\programdata\Codemasters
2012-02-03 19:55 . 2011-03-19 14:16 1417216 —-a-w- c:\windows\system32\rapture3d_oal.dll
2012-02-03 19:55 . 2010-09-22 12:12 19087360 —-a-w- c:\windows\system32\mkl_blueripple.dll
2012-02-03 19:55 . 2012-02-03 19:55 ——– d—–w- c:\program files\BRS
2012-02-03 16:34 . 2011-11-07 16:24 31552 —-a-w- c:\windows\system32\TURegOpt.exe
2012-02-03 16:34 . 2011-12-08 16:31 29504 —-a-w- c:\windows\system32\uxtuneup.dll
2012-02-03 16:34 . 2012-02-03 16:34 ——– d-sh–w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2012-02-02 20:26 . 2012-02-02 20:26 ——– d—–w- c:\programdata\AVS4YOU
2012-02-02 19:52 . 2012-02-02 19:53 ——– d—–w- c:\program files\MALWAREBYTES ANTI-MALWARE
2012-02-02 19:23 . 2012-02-02 19:23 ——– d—–w- C:\Intel
2012-02-02 18:20 . 2012-02-10 15:31 ——– d—–w- c:\program files\Spotnet
2012-02-01 16:39 . 2012-02-01 16:39 ——– d—–w- c:\users\Gast\AppData\Local\Unity
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 10:14 . 2011-05-26 16:50 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-10 04:13 . 2011-08-11 21:06 881984 —-a-w- c:\windows\system32\nvgenco32.dll
2012-02-10 04:13 . 2011-08-11 21:06 1000256 —-a-w- c:\windows\system32\nvdispco32.dll
2012-02-10 04:13 . 2010-05-07 13:09 7713088 —-a-w- c:\windows\system32\nvwgf2um.dll
2012-02-10 04:13 . 2010-05-07 13:09 2301248 —-a-w- c:\windows\system32\nvapi.dll
2012-02-10 03:02 . 2011-04-07 20:43 3881792 —-a-w- c:\windows\system32\nvcpl.dll
2012-02-10 03:00 . 2011-04-07 20:43 2719040 —-a-w- c:\windows\system32\nvsvc.dll
2012-02-10 03:00 . 2011-04-07 20:43 645440 —-a-w- c:\windows\system32\nvvsvc.exe
2012-02-10 03:00 . 2011-04-07 20:43 108352 —-a-w- c:\windows\system32\nvmctray.dll
2012-02-10 03:00 . 2010-03-16 00:15 62272 —-a-w- c:\windows\system32\nvshext.dll
2012-02-10 03:00 . 2011-04-07 20:43 2561344 —-a-w- c:\windows\system32\nvsvcr.dll
2012-02-03 19:55 . 2010-08-10 07:58 444952 —-a-w- c:\windows\system32\wrap_oal.dll
2012-02-03 19:55 . 2010-08-10 07:58 109080 —-a-w- c:\windows\system32\OpenAL32.dll
2011-12-10 14:24 . 2010-04-05 11:06 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
“Xvid”=“c:\program files\Xvid\CheckUpdate.exe”
.
“AVG_TRAY”=“c:\program files\AVG\AVG2012\avgtray.exe”
“SysTrayApp”=“c:\program files\IDT\WDM\sttray.exe”
“MimBoot”=“c:\progra~1\MUSICM~1\MUSICM~1\mimboot.exe”
“MMTray”=“c:\progra~1\MUSICM~1\MUSICM~1\mm_tray.exe”
“OODefragTray”=“c:\program files\OO Software\Defrag\oodtray.exe”
“AdobeAAMUpdater-1.0”=“c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“SwitchBoard”=“c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS5.5ServiceManager”=“c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe”
.
“RemoteHelper”=“c:\program files\Remote HD\Remote Helper\RemoteHelper.exe”
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
“SoftwareSASGeneration”= 3 (0x3)
“DisableStartupSound”= 1 (0x1)
.
2010-10-28 10:13 64592 —-a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DFX.lnk
backup=c:\windows\pss\DFX.lnk.CommonStartup
backupExtension=.CommonStartup
.
backup=c:\windows\pss\Logitech . Productregistratie.lnk.Startup
backupExtension=.Startup
.
backup=c:\windows\pss\Logitech Touch Mouse Server.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dfmirage-Install
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hobbyist Software VLC Streamer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent
.
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer
.
2012-01-03 07:37 843712 —-a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
2011-10-05 23:52 59240 —-a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
2011-11-01 22:25 59240 —-a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
2010-03-13 12:54 91520 —-a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
2010-04-02 07:11 75048 ——w- c:\program files\CyberLink\Shared files\brs.exe
.
2009-01-29 22:20 57344 —-a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
2011-01-20 09:20 1305408 —-a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
2007-03-30 04:00 182272 —-a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATICLE.EXE
.
2010-10-28 23:32 1352272 —-a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
2012-01-16 16:22 421736 —-a-w- c:\program files\iTunes\iTunesHelper.exe
.
2012-01-13 13:53 981680 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
2012-01-13 13:53 460872 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
2012-01-13 13:53 981680 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
2011-10-24 12:28 421888 —-a-w- c:\program files\QuickTime\QTTask.exe
.
2011-12-08 03:01 234792 —-a-w- c:\program files\CyberLink\PowerDVD11\PDVD11Serv.exe
.
2010-06-14 14:10 153672 —-a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe
.
2011-09-08 20:53 1242448 —-a-w- d:\program files\Steam\Steam.exe
.
2011-06-09 11:06 254696 —-a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
2008-05-13 10:16 442433 —-a-w- c:\program files\IDT\WDM\sttray.exe
.
2009-06-17 11:44 85160 —-a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
“ehTray.exe”=c:\windows\ehome\ehTray.exe
“RemoteHelper”=c:\program files\Remote HD\Remote Helper\RemoteHelper.exe
“Google Update”=“c:\users\Fred\AppData\Local\Google\Update\GoogleUpdate.exe” /c
“svhost.exe”=“c:\users\Fred\AppData\Roaming\svhost.exe”
“egregregerfwde”=“c:\users\Fred\AppData\Roaming\svhost.exe”
.
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe”
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe” -atboottime
“VirtualCloneDrive”=“c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe” /s
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“BDRegion”=c:\program files\Cyberlink\Shared files\brs.exe
“AdobeAAMUpdater-1.0”=“c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“OODefragTray”=c:\program files\OO Software\Defrag\oodtray.exe
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe”
.
“Malwarebytes Anti-Malware (reboot)”=“c:\program files\Malwarebytes' Anti-Malware\mbam.exe” /runcleanupscript
.
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control ;c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
R2 KMService;KMService;c:\windows\system32\srvany.exe
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys
R3 RemoteControl-USBLAN;RemoteControl-USBLAN;c:\windows\system32\DRIVERS\rcblan.sys
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys
S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control ;c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
S2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe
S2 regi;regi;c:\windows\system32\drivers\regi.sys
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
.
.
— Andere Services/Drivers In Geheugen —
.
*Deregistered* - Avgfwfd
*Deregistered* - AVGIDSDrivervtx
*Deregistered* - AVGIDSFiltervtx
*Deregistered* - AVGIDSShimvtx
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-03-01 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe
.
2012-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3430492480-909303241-1078843953-1000Core.job
- c:\users\Fred\AppData\Local\Google\Update\GoogleUpdate.exe
.
2012-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3430492480-909303241-1078843953-1000UA.job
- c:\users\Fred\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.startpagina.nl/
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
Trusted Zone: musicmatch.com\online
TCP: DhcpNameServer = 212.115.192.100 62.238.255.69
.
- - - - ORPHANS VERWIJDERD - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-WinSec32 - c:\users\Fred\AppData\Roaming\GHIN5XY753cvyibjl.exe
MSConfigStartUp-RemoteControl10 - c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
.
.
“ImagePath”=“\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl”
.
“ImagePath”=“\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl”
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
“OODEFRAG14.00.00.01PROFESSIONAL”=“6C38F0AAE7EC656B4223A95EE60E6E389B6D9B257CD0FA931929263694AED8E38093EF70789E29AF8F8F7E3A2B7CAF2260F747B1D6BEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B5559DB7CE019D40AA5CA6171C11EC38DE3DD5BB16E7868FA6DBC5B8AEF69536F0F9535BF0156F769BC1085C2D58AB634F0EE61994C864A0D6DEBD1F1E2B4C128C9A8900FE1C5C5B590A647DAEFE8DB0C0300F027FB721F9856E7D64C23A00BFCE787D8604E3A0ECF19A64BA482B01E0B5C9D6FAEA97B74C3A8F9874821406E561B5EC5ED40988E8CE510EA4DF44ED64F796AD5AEF3D44DDC2F8030BC59CD3C03125F5494C19039F2041492362285B429A04624D2A728A0A329898B77A29041FF0D29CDCC91BA573D831E1EF3EA776926E382CD3BB766FBDDA1098E0138556E497FA4782B00626DF301C881B688810038E0A234049FAFB7C5831A3BE05702D095F104277E6C4E26E22AFD186D7039D545503463AF925DFDB0507415E499D8F9545B5BCCE55395AC06CCE36698845B75CE2E4F4BFFB10EB06854DDB1F5EB3282B8CC84A6DEDB5B00B130F91CE7AEE1B849C23769F7E48963A3CF2C038454E46FCBA53E10E2183AD155C3CA5153015A8C92A63F3FBB752F8C8531FA3B0047B5CD21A19DFBD655E3D3CD4D4156FB241653EF603F84EDEA1511BB7281AE5A4BE0207B98E025DB6756F6E4A0AE8E30CF0FA86B411F862B1A102289B9C1F88348E7208E95D6C25136D773250448E4D4D1435DA5551C856EF309000723B119C43D60BDB4164289CFCDE2E1F3F9CD4DB8990068913BAA1A05F9EA6C4F6F8B17C69F550171C331EA2FB558F61B062718F58BF80F3E978218648B4122DA47EA7D3403F676695101FE71AD0BBB983187B42566DDF10186AC92576AAC6023E297DA3E4F91D0892F4DEF365C4747BDB73F09DA15BFEE52325FD6CBBAF5723C888A1C077E0DED0368FF21FF01AA30FA15FB11FDDBE609253EE899FEB6401810CE16754A0A2C0A6EDBFD897D32DD5F1FD7B819AB4C02849B4C49856DF609EA4952C83D90862F885659CEE5FA84C38B3E11908374FFC9ECC17D3BEFC742D3426B7951124DA38627C8F6F78CC0D3DA17880BED3EF600732788F816ED20AC7E5B307FE0F564C2FFB2FA3B59D88A5B788F74FA654919860F2377565836B062400115C7ADEE991C3E7D499A1E890966608800AC05DC03006958DE34939AF50A6EE9355D2C72AE36BEFB731174AB68C6BE1EFB0AE29F464E1738D3D2EB259D52A4425530573BA018CFB38ECB0152135D878BB06C7D1F6F3D609E2244874FA07FCB545F9BEF00EAA819B4A923B80C9C3B8D46C909458E5A1B878C902FCE8F5D8DF9E8433E6B2EEA61B02F12BB929FDEE85229C9C562236”
“OODEFRAG15.00.00.01PROFESSIONAL”=“38110516184BCDE804A58297B841030B30D86ACDF022010D225926A963A044AB82942990A338C8BD759BD89E716CB62260458938866326724134866775C6748D141EAE1099F625F2CAE91D6E931452E6CF9D6566D94F336FA415DC27D40FA898FE17F4198F65E88F052AA79F755228871346EFA7215CE0FA904ED38CB76EA428D75F80C3DE1480722C6775DD3275EA87C01A3C5CD7364D5ACC27B7CC1E0E8D66B84975B7A648B9CC4AA0A46AA901353DF3E4857A40BB792AA7D7FAB1474A6E553F9C21B8C77D4A26ED4CF9187D2A80D2CD67A78A5D02CA5A718FB31B3833B6C90D147197E9DD4856A950DD5096FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808A9C6AECB7A5D1407C038D530D6EB34522D9E02AF6D2ED5CB6697E3674F8676FE5C30C13694D2B47F3D9E9542A2D27C85809EEB3BD3B5FEBC54850510D781F901E9FE3835DB8DC6AD84C8AFF9098B3AF95D0AEEF152A8D2E85F32A9690EADBE48A16F726BE44227BE44ACAC588EB2546A8F25568FDA4D9B0EEC8C2520914B22522539E8959EC9E990FC6AC7CA0D58B6B6139C46CE548F3AAE16E81DE1F53D1AE2CB78E573E7A139C8E18992BFD132DE05967DB0731AFCA111A87D0BE0448D2E011E2E09C796E952CF5BF2EE2E9F9B5EBE8039DF427C49D83FA6E53CD377E67B78DCBF445BF3E786D08372150DAB115D8F6828EF843C4C7B86C422D2F50019B1D7F9F2DD78BC063ABC2ABB91D9A1B414699B04528892FE377AEC164406C11816729AF5716F22CD6846D363C3161E4D52031AEACB20A80152F03D87DBC595FC7FDE1B596E14C8729C673662DE4434C3F952185F73201E96A18386A3B4FCC602D9798910153ECAC979DB3F96EAEDE8A60197FD47B8E287241111CDF743F49407A7E027747F4934C9B3A28CC04520B62871D1E96E5AC569371F3A4E794CFD3511FA776C4296940612158072089A6C0B1DEAC6AA81EDAA40FC6167F37FE8E9CE487EE503189883B562F8FD78737165C8011E8046155B767AC7FC40E0C4070F7DF6EB16C8FC19002C9ED267D971A025C56F524BF29DE0937C902F356BE76948D28E15B7D0D77FF146D127CB865453C84BAC61389F750E709B7145F79AEDA575D1A1DC3EE1F506CCD5A78F01A1CF0AED199C399D6C5D48FCA3A8227D2FBDA376F1E9BDDFF6863A801E71399E82FD983DDFCA5D922C74C8305499BF0118A2A4B420C142973D1F80885A23E37FB55DA65D4564E2F5E8C39B82DD4BA67FFCCB37193CA90BA5183710DDB5D6E744F94E30FA63BB74E7DF35A0F2EB68F8BCB54E429399C5CC8D1DABF18152C82C52C29504C6C9C4504E7F158F81153F673DCF9E801681DBCF15983E85F5C45AAE5138DDC675791C48526D98ED”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-03-01 22:32:53
ComboFix-quarantined-files.txt 2012-03-01 21:32
.
Pre-Run: 24.894.668.800 bytes beschikbaar
Post-Run: 24.651.292.672 bytes beschikbaar
.
- - End Of File - - 2FA831D155182A0831CC3A80D8182F48
Scan saved at 22:36:57, on 1-3-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2012\avgtray.exe”
O4 - HKLM\..\Run: %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: C:\PROGRA~1\MUSICM~1\MUSICM~1\mm_tray.exe
O4 - HKLM\..\Run: C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
O4 - HKLM\..\Run: C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe” -launchedbylogin
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-3430492480-909303241-1078843953-1004\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3430492480-909303241-1078843953-1004\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-18\..\Run: C:\Program Files\Remote HD\Remote Helper\RemoteHelper.exe (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\Program Files\Remote HD\Remote Helper\RemoteHelper.exe (User ‘Default user’)
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
–
End of file - 8608 bytes
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
