Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Ben
Hallo,
Ik had ook om het gemaakte logje van Malwarebytes' Anti-Malware gevraagd.(met de verwijderingen)
En hoe het met je probleem is?
Gr.Ben
Dag Ben
Dat ander logje weet ik niet waar ik dat moet zoeken.Ik heb dat gister avond nog gedaan na dat ik de besmette pc had opgestart in veilige modus met internet toegang.Ik kan nu met de besmette pc terug op internet via home spot van telenet met mijn gebruikers naam en paswoord.
Groetjes Guy.
PS
Gisteren lukte het enkel in veilige modus vandaag in normale opstart.
Gisteren met normale opstart altijd het politievirus
Hallo,
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.
>>>Gisteren lukte het enkel in veilige modus vandaag in normale opstart.
Gisteren met normale opstart altijd het politievirus<<<
Heb je nou nog steeds last van het politievirus???
Gr.Ben
Hallo,
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
startupall;
filesrcm;
iedefaults;
emptyclsid;
emptyjava;
emptyflash;
emptyiecache;
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht en vertel hoe het nu gaat.
Gr.Ben
Dag Ben
Ik ktijg op de andere pc zoek exe niet gedownload er is een melding dat er geen geldige toegang is.
Ik heb dan na lang zoeken de cd toch kunnen opstarten bij de opstart van de besmette pc.
Er is een volledige scan uitgevoerd daarna de cd verwijderd en de pc terug opgestart.
Ik heb nu geprobeerd om een online scan uit te voeren maar dat zal voor morgen zijn internet valt regelmatig weg.
Groetjes Guy
He Ben
hier het gevraagde lochje
Gr. Guy
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by HP at 13:58:18 on 2012-10-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.5611.3920
.
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Backup
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy
C:\Windows\system32\taskhost.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.be/
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
mRun: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
mRun: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
StartupFolder: C:\Users\HP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
LSP: C:\Windows\system32\BGLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 195.130.130.141 195.130.131.141
TCP: Interfaces\{06A899AD-E716-4061-96E1-FC9AD0E835A3} : DhcpNameServer = 195.130.130.141 195.130.131.141
TCP: Interfaces\{06A899AD-E716-4061-96E1-FC9AD0E835A3}\45563686E6963736865602449656E63747 : DhcpNameServer = 192.168.1.1 192.168.4.1 195.130.131.3
TCP: Interfaces\{06A899AD-E716-4061-96E1-FC9AD0E835A3}\4756C656E65647D21607E6D23354835453 : DhcpNameServer = 195.130.130.3 195.130.131.3
TCP: Interfaces\{06A899AD-E716-4061-96E1-FC9AD0E835A3}\755627B607C616164737 : DhcpNameServer = 192.168.1.1 192.168.4.1 195.130.130.3
TCP: Interfaces\{7618A3F7-29AC-404E-AEBD-4F7D96A60A7F} : DhcpNameServer = 195.130.130.3 195.130.131.3
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: BgGamingMonitor.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
BHO-X64: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No File
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
mRun-x64: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
AppInit_DLLs-X64: BgGamingMonitor.dll
SEH-X64: {E54729E8-BB3D-4270-9D49-7389EA579090}: EasyBits Security Shield Hook - prevents launching insecure programs by kids
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys –> C:\Windows\system32\DRIVERS\amd_sata.sys
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys –> C:\Windows\system32\DRIVERS\amd_xata.sys
R1 AFW;Agnitum Firewall Driver;C:\Windows\system32\DRIVERS\afw.sys –> C:\Windows\system32\DRIVERS\afw.sys
R1 BdSpy;BdSpy;C:\Windows\system32\DRIVERS\BdSpy.sys –> C:\Windows\system32\DRIVERS\BdSpy.sys
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;C:\Windows\system32\DRIVERS\NSKernel.sys –> C:\Windows\system32\DRIVERS\NSKernel.sys
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;C:\Windows\system32\DRIVERS\NSNetmon.sys –> C:\Windows\system32\DRIVERS\NSNetmon.sys
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys –> C:\Windows\system32\DRIVERS\vwififlt.sys
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 BsBackup;BullGuard backup service;C:\Windows\System32\SvcHost.exe -k BullGuard_Backup
R2 BsBhvScan;BullGuard Behavioural Detection;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
R2 BsFileScan;BullGuard on-access service;C:\Windows\System32\SvcHost.exe -k BullGuard
R2 BsFire;BullGuard firewall service;C:\Windows\System32\SvcHost.exe -k BullGuard
R2 BsMailProxy;BullGuard e-mail monitoring service;C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy
R2 BsMain;BullGuard main service;C:\Windows\System32\SvcHost.exe -k BullGuard_Main
R2 BsScanner;BullGuard scanning service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
R2 BsUpdate;BullGuard update service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
R3 afwcore;afwcore;C:\Windows\system32\DRIVERS\afwcore.sys –> C:\Windows\system32\DRIVERS\afwcore.sys
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys –> C:\Windows\system32\DRIVERS\amdiox64.sys
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys –> C:\Windows\system32\DRIVERS\atikmdag.sys
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys –> C:\Windows\system32\DRIVERS\atikmpag.sys
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys –> C:\Windows\system32\drivers\AtihdW76.sys
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys –> C:\Windows\system32\DRIVERS\clwvd.sys
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys –> C:\Windows\system32\drivers\mbam.sys
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys –> C:\Windows\system32\DRIVERS\RtsPStor.sys
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys –> C:\Windows\system32\DRIVERS\Rt64win7.sys
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys –> C:\Windows\system32\DRIVERS\rtl8192Ce.sys
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys –> C:\Windows\system32\DRIVERS\usbfilter.sys
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS –> C:\Windows\system32\DRIVERS\VSTAZL6.SYS
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS –> C:\Windows\system32\DRIVERS\VSTDPV6.SYS
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS –> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys –> C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys –> C:\Windows\system32\drivers\TsUsbGD.sys
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe –> C:\Windows\system32\Wat\WatAdminSvc.exe
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe –> C:\Windows\system32\atiesrxx.exe
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
S4 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
S4 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
S4 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
.
=============== Created Last 30 ================
.
2012-10-02 08:52:29 ——– d—–w- C:\Users\HP\AppData\Local\{43BAEC35-7699-47C2-9775-2B2ACBDACF03}
2012-10-01 20:51:55 ——– d—–w- C:\Users\HP\AppData\Local\{51C03E86-2DD3-4B8B-8BB6-A20ABDFFA376}
2012-10-01 19:48:06 ——– d—–w- C:\Users\HP\AppData\Local\{5E773B75-3ACF-4780-8801-EDE93AEC72FA}
2012-10-01 17:20:52 ——– d—–w- C:\Users\HP\AppData\Local\{10D97076-76AB-48B3-BB4A-422A3C00D510}
2012-10-01 17:18:26 ——– d—–w- C:\Users\HP\AppData\Local\{CB7AD0FD-29A7-4FAE-876C-30F1791D6932}
2012-10-01 16:11:44 ——– d—–w- C:\Users\HP\AppData\Local\{43BAB70A-C67E-4EC6-BF37-A36BA7A7E212}
2012-10-01 06:31:15 ——– d—–w- C:\Users\HP\AppData\Local\{5BF8395E-9EB6-4D6D-8E67-5127F8F58BBD}
2012-09-30 20:22:26 ——– d—–w- C:\Users\HP\AppData\Local\{45353AE8-DF99-4F51-A14D-6F68FF40134A}
2012-09-30 19:43:02 25928 —-a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-30 19:43:02 ——– d—–w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-30 19:06:47 256904 —-a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2012-09-30 09:19:02 ——– d—–w- C:\Users\HP\AppData\Local\{C5D7D5F4-568F-4841-8464-8AEC4228090E}
2012-09-30 09:12:27 ——– d—–w- C:\Users\HP\AppData\Local\{45B1E8EC-CFD6-4261-9730-3211EF465F0A}
2012-09-30 08:48:14 ——– d—–w- C:\Users\HP\AppData\Local\{33236F75-D2F9-4BB4-A73E-5CA181E99934}
2012-09-30 08:44:59 ——– d—–w- C:\Users\HP\AppData\Local\{A26E721D-11BD-4813-AFE0-EB9D261BCC7F}
2012-09-30 08:43:06 ——– d—–w- C:\Users\HP\AppData\Local\{84200A9C-9F36-4A7E-A4FC-4E0A5504A82B}
2012-09-30 08:39:15 ——– d—–w- C:\Users\HP\AppData\Local\{87F40D80-3144-4C13-B284-774ABC525202}
2012-09-30 08:30:09 ——– d—–w- C:\Users\HP\AppData\Local\{8D942FD6-D17C-4948-A3C4-584030434803}
2012-09-30 08:00:52 ——– d—–w- C:\Users\HP\AppData\Local\{43F06C33-D67C-4834-B710-B795D915A419}
2012-09-30 06:53:34 ——– d—–w- C:\Users\HP\AppData\Local\{1D762E47-A972-43CC-B848-66DE3DAF5A77}
2012-09-30 06:50:41 ——– d—–w- C:\Users\HP\AppData\Local\{233A7D15-A183-416E-A173-E1AD681EA15D}
2012-09-30 06:32:17 ——– d—–w- C:\Users\HP\AppData\Local\{471B5D2E-BDE9-42A9-9CD1-6A1E9536D99D}
2012-09-30 06:28:20 ——– d—–w- C:\Users\HP\AppData\Local\{F9C8F5D9-B3AE-4F7D-90B6-677D8803B4A8}
2012-09-30 06:25:05 ——– d—–w- C:\Users\HP\AppData\Local\{A6CEEE3B-BF8E-4A40-8C8E-F5B3188921AC}
2012-09-30 06:20:27 ——– d—–w- C:\Users\HP\AppData\Local\{98AF7946-6038-4C37-940A-3192616465CF}
2012-09-29 22:54:38 ——– d—–w- C:\Users\HP\AppData\Local\{70EDA4B3-2695-4A6E-B509-C34DF7D6ED53}
2012-09-29 21:03:39 ——– d—–w- C:\Users\HP\AppData\Local\{6CF6C206-FBAD-4C2B-9809-9883D01CEDD4}
2012-09-29 09:03:24 ——– d—–w- C:\Users\HP\AppData\Local\{FCA84610-7AF3-425B-A8CF-9B72AC566806}
2012-09-28 09:53:55 ——– d—–w- C:\Users\HP\AppData\Local\{8503ECED-6369-4E37-A85E-1C25258294C3}
2012-09-27 19:56:00 ——– d—–w- C:\Users\HP\AppData\Local\{6E3A7701-65A9-4364-92F8-9CFF7D39E1F8}
2012-09-26 16:59:21 ——– d—–w- C:\Users\HP\AppData\Local\{5B25D378-747E-4B09-ADF9-7096900A33E6}
2012-09-25 17:21:42 245760 —-a-w- C:\Windows\System32\OxpsConverter.exe
2012-09-25 17:16:07 ——– d—–w- C:\Users\HP\AppData\Local\{D42A977E-1CE5-40B1-8750-E48D26B3CE76}
2012-09-24 17:42:17 ——– d—–w- C:\Users\HP\AppData\Local\{6D85AA85-C755-4153-99B8-401CE896C271}
2012-09-23 10:02:56 ——– d—–w- C:\Users\HP\AppData\Local\{D4576999-9794-4FBC-9875-F59FC3D90C2C}
2012-09-22 12:53:26 ——– d—–w- C:\Users\HP\AppData\Local\{7D3C2587-57F5-426A-BCAA-5ABA1BDBA297}
2012-09-21 18:53:48 ——– d—–w- C:\Users\HP\AppData\Local\{6AB6457D-9EB6-42FF-8639-3AB60F2BC154}
2012-09-20 14:50:02 ——– d—–w- C:\Users\HP\AppData\Local\{8252CF73-6255-4722-B758-7F991C50B6CF}
2012-09-17 16:11:53 ——– d—–w- C:\Users\HP\AppData\Local\{B00FA883-AB58-4A57-8139-1C12D17A08C4}
2012-09-16 07:37:58 ——– d—–w- C:\Users\HP\AppData\Local\{A3540A14-9C38-4410-9D43-7E3664B97817}
2012-09-15 15:20:39 ——– d—–w- C:\Users\HP\AppData\Local\{B34E7EB3-2399-484D-A461-4F8F51B0BB96}
2012-09-13 15:57:59 ——– d—–w- C:\Users\HP\AppData\Local\{C3FB27A6-6F95-4762-A8FD-5B4AD9CC0016}
2012-09-12 22:51:49 950128 —-a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 22:51:48 574464 —-a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 22:51:48 490496 —-a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 22:51:48 41472 —-a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 22:51:47 376688 —-a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 22:51:47 288624 —-a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 22:51:47 1913200 —-a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-12 16:13:56 ——– d—–w- C:\Users\HP\AppData\Local\{1EAE98F7-B6BD-4705-980E-EAEA05328AAE}
2012-09-11 20:54:15 ——– d—–w- C:\Users\HP\AppData\Local\{ED1A6A73-5FB4-4230-AA4E-2C98A03DD7EE}
2012-09-11 08:26:11 ——– d—–w- C:\Users\HP\AppData\Local\{ACA35B63-D397-4316-8FF8-D202BB1D9CEB}
2012-09-09 09:55:17 ——– d—–w- C:\Users\HP\AppData\Local\{6BC02D4F-0DD4-4FDB-8CD4-360A0C04D9A5}
2012-09-08 10:04:34 ——– d—–w- C:\Users\HP\AppData\Local\{A9FDAB5E-D7A3-4C88-B229-F8D9D0A905EA}
2012-09-07 21:58:46 ——– d—–w- C:\Users\HP\AppData\Local\{438B6D45-50CC-4100-B990-3488EED331AE}
2012-09-07 07:35:34 ——– d—–w- C:\Users\HP\AppData\Local\{97258834-6E73-400D-89D3-630F116C503D}
2012-09-06 10:55:39 ——– d—–w- C:\Users\HP\AppData\Local\{86650121-FB6D-46FF-BA2A-C2F2EFD5EE1D}
2012-09-05 07:58:42 ——– d—–r- C:\Program Files (x86)\Skype
2012-09-05 07:12:07 ——– d—–w- C:\Users\HP\AppData\Local\{87001D26-D7E4-4A9F-A66B-B8DD41506268}
2012-09-04 17:40:17 ——– d—–w- C:\Users\HP\AppData\Local\{325C8EB1-628D-4AD8-B523-913F6CB771A4}
2012-09-03 18:10:49 ——– d—–w- C:\Users\HP\AppData\Local\{633AE5E3-A201-40CB-86B8-8768FA1D7C6E}
2012-09-02 18:09:51 ——– d—–w- C:\Users\HP\AppData\Local\{005C51EA-E15A-4201-A3A2-B7428E87406A}
.
==================== Find3M ====================
.
2012-08-26 19:13:18 111064 —-a-w- C:\Windows\System32\BgGamingMonitor.dll
2012-08-26 19:13:18 100216 —-a-w- C:\Windows\SysWow64\BgGamingMonitor.dll
2012-08-24 10:31:32 2312704 —-a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 —-a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 —-a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 —-a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 —-a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 —-a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 —-a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 —-a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 —-a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 —-a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 —-a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 —-a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-08 22:04:32 63840 —-a-w- C:\Windows\System32\BGLsp.dll
2012-08-08 22:04:32 54624 —-a-w- C:\Windows\SysWow64\BGLsp.dll
2012-07-18 18:15:06 3148800 —-a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 —-a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 —-a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 —-a-w- C:\Windows\SysWow64\browcli.dll
.
============= FINISH: 13:59:29,58 ===============
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
dat het wel in orde zal zijn als gij wilt zal ik nog wel een logje plaatsen van hijackthis.