Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Lagarto1966
ComboFix 13-02-07.02 - Gebruiker 11-02-2013 15:23:01.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3327.2098
Gestart vanuit: c:\users\Gebruiker\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ysKRUsGOnUQhtAV
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-01-11 to 2013-02-11 ))))))))))))))))))))))))))))))
.
.
2013-02-11 14:30 . 2013-02-11 14:34 ——– d—–w- c:\users\Gebruiker\AppData\Local\temp
2013-02-11 14:30 . 2013-02-11 14:30 ——– d—–w- c:\users\Public\AppData\Local\temp
2013-02-11 14:30 . 2013-02-11 14:30 ——– d—–w- c:\users\Default\AppData\Local\temp
2013-02-11 11:24 . 2013-02-11 11:24 ——– d—–w- C:\TDSSKiller_Quarantine
2013-02-10 19:46 . 2013-02-10 19:46 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes
2013-02-10 19:46 . 2013-02-10 19:46 ——– d—–w- c:\programdata\Malwarebytes
2013-02-10 19:46 . 2013-02-10 19:46 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2013-02-10 19:46 . 2012-12-14 15:49 21104 —-a-w- c:\windows\system32\drivers\mbam.sys
2013-02-10 19:45 . 2013-02-10 19:45 ——– d—–w- c:\users\Gebruiker\AppData\Local\Programs
2013-02-10 17:26 . 2012-10-30 22:51 21256 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-10 17:26 . 2012-10-30 22:51 361032 —-a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-10 17:26 . 2012-10-15 16:59 44784 —-a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-02-10 17:26 . 2012-10-30 22:51 54232 —-a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-10 17:26 . 2012-10-30 22:51 738504 —-a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-10 17:26 . 2012-10-30 22:51 58680 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-10 17:25 . 2012-10-30 22:50 227648 —-a-w- c:\windows\system32\aswBoot.exe
2013-02-10 17:25 . 2013-02-10 17:25 ——– d—–w- c:\programdata\AVAST Software
2013-02-10 17:25 . 2013-02-10 17:25 ——– d—–w- c:\program files\AVAST Software
2013-02-10 17:05 . 2013-02-10 17:23 ——– d—–w- c:\program files\Boot-US
2013-02-10 17:05 . 2012-08-04 02:08 81920 —-a-w- c:\windows\system32\GkSui20.EXE
2013-02-10 16:08 . 2013-02-10 16:08 ——– d—–w- C:\LiveUpdate_Temp
2013-02-10 16:06 . 2013-02-10 16:06 ——– d—–w- c:\program files\FOXCONN
2013-02-10 16:05 . 2013-02-10 16:07 ——– d—–w- C:\tmp
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-10 17:47 . 2012-04-14 17:00 697712 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-10 17:47 . 2011-12-02 16:46 74096 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-10 17:47 . 2012-05-05 13:47 15739760 —-a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-12-16 14:13 . 2012-12-22 02:00 295424 —-a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00 34304 —-a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26 . 2013-01-09 05:24 308736 —-a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 05:24 2576384 —-a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 05:24 43520 —-a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 05:24 30720 —-a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 05:24 45568 —-a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 05:24 44544 —-a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 05:24 20480 —-a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 05:24 23552 —-a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 05:24 20480 —-a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 05:24 46592 —-a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 05:24 20480 —-a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 05:24 21504 —-a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 05:24 40960 —-a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 05:24 15360 —-a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 05:24 51712 —-a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 05:24 55296 —-a-w- c:\windows\system32\cero.rs
2012-11-30 04:53 . 2013-01-09 05:25 169984 —-a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47 . 2013-01-09 05:25 293376 —-a-w- c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 05:25 4096 —ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 4608 —ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 4096 —ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 4096 —ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 4096 —ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3584 —ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3584 —ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3584 —ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3584 —ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3584 —ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3584 —ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 4096 —ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 5120 —ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:24 3072 —ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-09 05:25 271360 —-a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-09 05:25 6144 —ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 05:25 4608 —ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 05:25 3584 —ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 05:25 3072 —ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-26 09:30 . 2012-11-26 09:30 745472 —-a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2012-11-26 09:30 . 2012-11-26 09:30 71680 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-26 09:30 . 2012-11-26 09:30 525312 —-a-w- c:\windows\system32\vbscript.dll
2012-11-26 09:30 . 2012-11-26 09:30 185344 —-a-w- c:\windows\system32\elshyph.dll
2012-11-26 09:30 . 2012-11-26 09:30 1772032 —-a-w- c:\windows\system32\wininet.dll
2012-11-26 09:30 . 2012-11-26 09:30 158720 —-a-w- c:\windows\system32\msls31.dll
2012-11-26 09:30 . 2012-11-26 09:30 150528 —-a-w- c:\windows\system32\iexpress.exe
2012-11-26 09:30 . 2012-11-26 09:30 137216 —-a-w- c:\windows\system32\ieUnatt.exe
2012-11-26 09:30 . 2012-11-26 09:30 135680 —-a-w- c:\windows\system32\wextract.exe
2012-11-26 09:30 . 2012-11-26 09:30 73728 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-26 09:30 . 2012-11-26 09:30 718336 —-a-w- c:\windows\system32\mshtmlmedia.dll
2012-11-26 09:30 . 2012-11-26 09:30 61952 —-a-w- c:\windows\system32\tdc.ocx
2012-11-26 09:30 . 2012-11-26 09:30 61440 —-a-w- c:\windows\system32\iesetup.dll
2012-11-26 09:30 . 2012-11-26 09:30 48640 —-a-w- c:\windows\system32\mshtmler.dll
2012-11-26 09:30 . 2012-11-26 09:30 38400 —-a-w- c:\windows\system32\imgutil.dll
2012-11-26 09:30 . 2012-11-26 09:30 361984 —-a-w- c:\windows\system32\html.iec
2012-11-26 09:30 . 2012-11-26 09:30 2882048 —-a-w- c:\windows\system32\jscript9.dll
2012-11-26 09:30 . 2012-11-26 09:30 23040 —-a-w- c:\windows\system32\licmgr10.dll
2012-11-26 09:30 . 2012-11-26 09:30 1441280 —-a-w- c:\windows\system32\inetcpl.cpl
2012-11-26 09:30 . 2012-11-26 09:30 12800 —-a-w- c:\windows\system32\mshta.exe
2012-11-26 09:30 . 2012-11-26 09:30 111104 —-a-w- c:\windows\system32\IEAdvpack.dll
2012-11-26 09:30 . 2012-11-26 09:30 109056 —-a-w- c:\windows\system32\iesysprep.dll
2012-11-26 09:29 . 2012-11-26 09:29 9728 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 906240 —-a-w- c:\windows\system32\FntCache.dll
2012-11-26 09:29 . 2012-11-26 09:29 604160 —-a-w- c:\windows\system32\d3d10level9.dll
2012-11-26 09:29 . 2012-11-26 09:29 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 417792 —-a-w- c:\windows\system32\WMPhoto.dll
2012-11-26 09:29 . 2012-11-26 09:29 4096 —ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 364544 —-a-w- c:\windows\system32\XpsGdiConverter.dll
2012-11-26 09:29 . 2012-11-26 09:29 3584 —ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 3419136 —-a-w- c:\windows\system32\d2d1.dll
2012-11-26 09:29 . 2012-11-26 09:29 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 293376 —-a-w- c:\windows\system32\dxgi.dll
2012-11-26 09:29 . 2012-11-26 09:29 2560 —ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2012-11-26 09:29 . 2012-11-26 09:29 249856 —-a-w- c:\windows\system32\d3d10_1core.dll
2012-11-26 09:29 . 2012-11-26 09:29 2284544 —-a-w- c:\windows\system32\msmpeg2vdec.dll
2012-11-26 09:29 . 2012-11-26 09:29 220160 —-a-w- c:\windows\system32\d3d10core.dll
2012-11-26 09:29 . 2012-11-26 09:29 207872 —-a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-11-26 09:29 . 2012-11-26 09:29 1885696 —-a-w- c:\windows\system32\d3d10warp.dll
2012-11-26 09:29 . 2012-11-26 09:29 187392 —-a-w- c:\windows\system32\UIAnimation.dll
2012-11-26 09:29 . 2012-11-26 09:29 161792 —-a-w- c:\windows\system32\d3d10_1.dll
2012-11-26 09:29 . 2012-11-26 09:29 1504768 —-a-w- c:\windows\system32\d3d11.dll
2012-11-26 09:29 . 2012-11-26 09:29 1247744 —-a-w- c:\windows\system32\DWrite.dll
2012-11-26 09:29 . 2012-11-26 09:29 1230336 —-a-w- c:\windows\system32\WindowsCodecs.dll
2012-11-26 09:29 . 2012-11-26 09:29 1158144 —-a-w- c:\windows\system32\XpsPrint.dll
2012-11-26 09:29 . 2012-11-26 09:29 1080832 —-a-w- c:\windows\system32\d3d10.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
@=“{472083B0-C522-11CF-8763-00608CC02F24}”
2012-10-30 22:50 121528 —-a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
@=“{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”
2012-11-13 23:32 129272 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
@=“{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”
2012-11-13 23:32 129272 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
@=“{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”
2012-11-13 23:32 129272 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
@=“{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}”
2012-11-13 23:32 129272 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
“HideMyIP”=“c:\program files\Hide My IP\HideMyIP.exe”
“MyTomTomSA.exe”=“c:\program files\MyTomTom 3\MyTomTomSA.exe”
“RockMelt Update”=“c:\users\Gebruiker\AppData\Local\RockMelt\Update\RockMeltUpdate.exe”
.
“RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe”
“EEventManager”=“c:\program files\Epson Software\Event Manager\EEventManager.exe”
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe”
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“Zune Launcher”=“c:\program files\Zune\ZuneLauncher.exe”
“GrooveMonitor”=“c:\program files\Microsoft Office\Office12\GrooveMonitor.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“avast”=“c:\program files\AVAST Software\Avast\avastUI.exe”
.
c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe
.
“ConsentPromptBehaviorAdmin”= 0 (0x0)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“PromptOnSecureDesktop”= 0 (0x0)
.
2010-07-06 20:19 98304 —-a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
R3 FIXUSTOR;FIXUSTOR;c:\windows\system32\DRIVERS\fixustor.sys
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
R3 nvamacpi;nvamacpi;c:\windows\system32\DRIVERS\NVAMACPI.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S1 aswSnx;aswSnx;
S1 aswSP;aswSP;
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe
S2 aswFsBlk;aswFsBlk;
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
S3 HideMyIpSRV;HideMyIpSRV;c:\program files\Hide My IP\HideMyIpSrv.exe
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys
.
.
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Inhoud van de ‘Gedeelde Taken’ map
.
2013-02-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2013-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001Core.job
- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001UA.job
- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe
.
2013-02-10 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001Core.job
- c:\users\Gebruiker\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
.
2013-02-11 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001UA.job
- c:\users\Gebruiker\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\HMIPCore.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKLM-RunOnce-Z1 - c:\users\Gebruiker\AppData\Local\temp\Rar$EX01.951\mbar\mbar.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-02-11 15:35:58
ComboFix-quarantined-files.txt 2013-02-11 14:35
ComboFix2.txt 2011-12-13 13:33
.
Pre-Run: 908.805.394.432 bytes beschikbaar
Post-Run: 909.704.544.256 bytes beschikbaar
.
- - End Of File - - BFCB8FD7D1099BDBAED6A1F428FA1380
