Archief - internet flipt egt hard

woutervg · 9 sep 2011

hey mijn internet flipt echt wel hard als ik game dit is het resultaat van combofix :
ComboFix 11-09-09.03 - Admin 09/09/2011 17:39:12.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1033.18.4028.2359 [GMT 2:00]
Gestart vanuit: c:\users\Admin\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\Common
c:\program files (x86)\Hyperionics DB Toolbar\tbHElper.dll
c:\windows\7Loader.TAG
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-08-09 to 2011-09-09 ))))))))))))))))))))))))))))))
.
.
2011-09-09 15:09 . 2010-11-05 07:20 2716768 ----a-w- c:\windows\system32\drivers\athwx.sys
2011-09-08 18:39 . 2011-09-08 18:39 -------- d-----w- c:\program files (x86)\WUSB54G Wireless-G Adapter
2011-09-08 18:39 . 2003-05-14 22:15 40960 ----a-w- c:\windows\SysWow64\USB54G.dll
2011-09-08 18:39 . 2001-09-05 01:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-09-08 18:39 . 2001-09-05 01:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-09-08 18:39 . 2001-09-05 01:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-09-08 18:39 . 2001-09-05 01:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-09-08 18:39 . 2001-09-05 00:24 610436 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-09-08 16:40 . 2011-09-08 16:40 -------- d-sh--w- c:\windows\ftpcache
2011-09-08 15:45 . 2011-04-16 19:19 601424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{92F498AE-4A32-4183-8896-2E9B1D592A8D}\gapaengine.dll
2011-09-08 15:45 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8E7F5E7-1B4F-4A22-B029-F29078A23CA1}\mpengine.dll
2011-09-07 18:13 . 2011-09-07 18:13 -------- d-----w- C:\Perfect World Entertainment
2011-09-07 18:08 . 2011-09-08 16:46 682280 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-09-07 18:03 . 2011-09-08 16:24 -------- d-----w- c:\program files (x86)\Call of Duty - World at War
2011-09-07 17:45 . 2011-09-07 17:24 258352 ----a-w- c:\windows\SysWow64\unicows.dll
2011-09-05 18:28 . 2011-09-07 18:45 -------- d-----w- c:\users\Admin\AppData\Local\PMB Files
2011-09-05 18:28 . 2011-09-07 15:55 -------- d-----w- c:\programdata\PMB Files
2011-09-05 18:27 . 2011-09-05 18:27 -------- d-----w- c:\program files (x86)\Pando Networks
2011-09-04 10:44 . 2011-09-08 16:42 -------- d-----w- c:\program files (x86)\Activision
2011-09-03 15:56 . 2011-09-03 15:56 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2011-09-03 08:43 . 2011-09-07 12:30 -------- d-----w- c:\users\Admin\AppData\Local\LogiShrd
2011-09-03 08:42 . 2011-09-03 08:42 53248 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-09-03 08:42 . 2011-09-03 08:42 -------- d-----w- c:\users\Admin\AppData\Roaming\Leadertech
2011-09-03 08:41 . 2011-09-03 08:41 -------- d-----w- c:\program files (x86)\Common Files\LWS
2011-09-03 08:40 . 2011-09-07 12:30 -------- d-----w- c:\program files (x86)\Logitech
2011-09-03 08:34 . 2011-09-03 08:34 -------- d-----w- c:\program files (x86)\Easy Driver Pro
2011-09-02 15:23 . 2011-09-02 15:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-09-02 15:23 . 2011-09-02 15:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-09-02 15:23 . 2011-09-02 15:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-09-02 15:23 . 2011-09-02 15:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-09-02 15:23 . 2011-09-02 15:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-09-02 15:23 . 2011-09-02 15:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-09-02 15:23 . 2011-09-02 15:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-09-02 15:22 . 2011-09-02 15:23 -------- d-----w- c:\program files (x86)\QuickTime
2011-09-02 15:22 . 2011-09-02 15:22 -------- d-----w- c:\programdata\Apple Computer
2011-09-02 15:20 . 2011-09-02 15:20 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-08-30 15:04 . 2011-08-30 15:39 -------- d-----w- C:\Modern Warfare 2
2011-08-29 14:16 . 2011-09-09 15:50 -------- d-----w- c:\users\Admin\AppData\Local\LogMeIn Hamachi
2011-08-29 14:16 . 2011-08-29 14:16 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2011-08-29 05:43 . 2011-09-09 14:34 -------- d-----w- c:\users\Admin\AppData\Roaming\.minecraft
2011-08-27 10:05 . 2011-08-27 10:05 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-08-26 22:21 . 2011-08-26 22:21 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll
2011-08-26 22:21 . 2011-08-26 22:21 28056 ----a-w- c:\windows\system32\xfcodec64.dll
2011-08-26 10:30 . 2011-08-26 10:30 -------- d-----w- c:\programdata\POP3Profiles
2011-08-26 10:24 . 2005-04-03 21:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-08-26 10:24 . 2005-04-03 21:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-08-26 10:24 . 2005-04-03 21:01 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-08-26 10:24 . 2005-04-03 21:00 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-08-26 10:24 . 2005-04-03 21:02 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-08-26 10:24 . 2005-04-03 20:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-08-26 10:23 . 2011-08-26 10:23 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-08-26 10:23 . 2011-08-26 10:23 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-08-25 09:33 . 2011-08-25 12:45 -------- d-----w- c:\users\Admin\AppData\Roaming\MAGIX
2011-08-25 09:32 . 2011-08-25 12:30 -------- d-----w- c:\program files (x86)\MAGIX
2011-08-25 09:32 . 2011-08-25 12:30 -------- d-----w- c:\programdata\MAGIX
2011-08-25 09:32 . 2011-08-29 09:24 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services
2011-08-25 08:55 . 2011-08-26 20:32 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-08-24 15:57 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 15:57 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-08-24 08:40 . 2011-08-24 08:40 -------- d-----w- c:\users\Admin\AppData\Roaming\Publish Providers
2011-08-23 19:21 . 2011-08-23 19:21 -------- d-----w- c:\programdata\Sony
2011-08-23 19:21 . 2011-08-23 19:21 -------- d-----w- c:\program files\Sony
2011-08-23 19:21 . 2011-08-23 19:21 -------- d-----w- c:\program files (x86)\Sony
2011-08-23 17:28 . 2011-08-23 17:28 -------- d-----w- C:\MicrosoftKB946758
2011-08-23 16:04 . 2011-08-23 16:22 7 ----a-w- c:\windows\treeskp.sys
2011-08-23 16:04 . 2011-08-23 16:22 7 ----a-w- c:\windows\sbacknt.bin
2011-08-23 14:35 . 2011-08-23 14:35 -------- d-----w- c:\users\Admin\AppData\Roaming\ATI
2011-08-23 14:35 . 2011-08-23 14:35 -------- d-----w- c:\users\Admin\AppData\Local\ATI
2011-08-23 14:35 . 2011-08-23 14:35 -------- d-----w- c:\programdata\ATI
2011-08-23 14:35 . 2011-08-23 14:35 -------- d-----w- c:\program files (x86)\AMD APP
2011-08-23 14:35 . 2011-08-23 14:35 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-08-23 14:35 . 2011-08-23 14:35 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-08-23 14:34 . 2011-08-23 14:34 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-08-23 14:34 . 2011-08-23 14:34 -------- d-----w- c:\program files\ATI
2011-08-23 14:34 . 2011-08-23 14:35 -------- d-----w-
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\SysWOW64\nisvcloc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
c:\program files (x86)\Common Files\AOL\1309532172\ee\aolupdates.exe
c:\program files (x86)\Windows Live\Contacts\wlcomm.exe
c:\program files (x86)\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Voltooingstijd: 2011-09-09 17:56:18 - machine werd herstart
ComboFix-quarantined-files.txt 2011-09-09 15:56
.
Pre-Run: 251.949.723.648 bytes free
Post-Run: 254.063.292.416 bytes free
.
- - End Of File - - 4FDC9634DF042671CFDC6561EFB0D22A

woutervg · 9 sep 2011

dit is nog een deeltje:

c:\program files\ATI Technologies
2011-08-23 14:33 . 2011-08-23 14:33 -------- d-----w- C:\ATI
2011-08-23 14:14 . 2011-08-23 14:14 0 ----a-w- c:\windows\ativpsrm.bin
2011-08-22 07:18 . 2011-08-22 07:18 -------- d-----w- C:\found.000
2011-08-21 18:54 . 2011-08-21 18:54 -------- d-----w- c:\program files (x86)\AutoHotkey
2011-08-21 08:17 . 2011-08-21 08:17 -------- d-----w- c:\program files (x86)\Skype
2011-08-19 15:54 . 2011-08-24 15:59 -------- d-----w- c:\users\Admin\AppData\Local\NFS Underground 2
2011-08-19 15:47 . 2011-08-19 15:47 -------- d-----w- c:\program files (x86)\EA GAMES
2011-08-18 18:34 . 2010-12-11 21:27 117248 ----a-w- c:\windows\SysWow64\CTFtoolMenu.dll
2011-08-17 15:29 . 2011-08-17 15:33 -------- d-----w- c:\program files (x86)\WEBZEN
2011-08-17 09:47 . 2011-08-17 09:47 -------- d-----w- c:\users\Admin\AppData\Local\Minibar
2011-08-17 09:47 . 2011-09-09 15:47 -------- d-----w- c:\program files (x86)\Hyperionics DB Toolbar
2011-08-17 09:47 . 2011-08-17 09:47 -------- d-----w- c:\program files (x86)\HyperCam 2
2011-08-16 14:15 . 2011-08-16 14:15 -------- d-----w- c:\users\Admin\AppData\Roaming\Windows Live Writer
2011-08-16 14:15 . 2011-08-16 14:15 -------- d-----w- c:\users\Admin\AppData\Local\Windows Live Writer
2011-08-16 08:35 . 2011-08-16 08:35 -------- d-----w- C:\Splash
2011-08-16 08:25 . 2011-09-05 16:45 -------- d-----w- c:\program files (x86)\Call of Duty
2011-08-13 14:43 . 2011-08-13 14:43 -------- d-----w- c:\users\Admin\AppData\Roaming\Gearbox Software
2011-08-13 14:33 . 2011-08-26 10:25 -------- d-----w- c:\program files (x86)\Ubisoft
2011-08-13 12:48 . 2011-08-13 12:48 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-08-13 10:08 . 2011-09-09 15:23 -------- d-----w- c:\users\Admin\AppData\Roaming\Xfire
2011-08-11 13:07 . 2011-08-11 13:07 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-11 06:11 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll
2011-08-11 06:11 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccu32.dll
2011-08-11 06:11 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccr32.dll
2011-08-11 06:11 . 2011-06-15 09:59 126976 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2011-08-11 06:11 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll
2011-08-11 06:11 . 2011-06-15 08:55 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2011-08-11 06:11 . 2011-06-15 08:55 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2011-08-11 06:11 . 2011-06-15 08:55 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2011-08-11 06:11 . 2011-06-15 08:55 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2011-08-11 06:11 . 2011-06-15 08:55 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2011-08-11 06:11 . 2011-06-15 08:54 94208 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaosp.dll
2011-08-11 06:11 . 2011-07-09 02:46 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-11 06:09 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-11 06:09 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-11 06:09 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-11 06:00 . 2011-08-11 13:05 -------- d-----w- c:\users\Admin\AppData\Local\OpenCandy
2011-08-11 06:00 . 2011-08-11 06:00 -------- d-----w- c:\users\Admin\AppData\Roaming\OpenCandy
2011-08-11 05:59 . 2011-08-11 13:07 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-08 16:46 . 2011-06-30 16:27 107832 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-09-08 16:46 . 2011-06-30 16:27 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-09-05 16:07 . 2011-06-30 16:27 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-08-27 10:04 . 2011-04-17 12:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-14 07:27 . 2011-06-24 13:38 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-12 04:10 . 2011-04-17 06:57 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-08-07 12:55 . 2011-08-07 12:55 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-07-28 22:23 . 2011-07-28 22:23 9980416 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-28 22:09 . 2011-07-28 22:09 23921664 ----a-w- c:\windows\system32\atio6axx.dll
2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-07-28 21:39 . 2011-07-28 21:39 852992 ----a-w- c:\windows\system32\aticfx64.dll
2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-28 21:36 . 2011-07-28 21:36 485376 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-28 21:35 . 2011-07-28 21:35 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-28 21:34 . 2011-07-28 21:34 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-07-28 21:34 . 2011-07-28 21:34 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-07-28 21:33 . 2011-07-28 21:33 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-07-28 21:33 . 2011-07-28 21:33 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-28 21:33 . 2011-07-28 21:33 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-07-28 21:30 . 2009-07-13 21:59 4198912 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-07-28 21:20 . 2009-07-13 21:59 4943360 ----a-w- c:\windows\system32\atidxx64.dll
2011-07-28 21:12 . 2011-07-28 21:12 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-07-28 21:11 . 2011-07-28 21:11 3871744 ----a-w- c:\windows\system32\atiumd6a.dll
2011-07-28 21:11 . 2011-07-28 21:11 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-07-28 21:11 . 2011-07-28 21:11 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-07-28 21:10 . 2011-07-28 21:10 9644544 ----a-w- c:\windows\system32\aticaldd64.dll
2011-07-28 21:09 . 2009-07-13 21:59 4256768 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-07-28 21:03 . 2009-07-13 21:59 4056064 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-07-28 21:02 . 2011-07-28 21:02 5399040 ----a-w- c:\windows\system32\atiumd64.dll
2011-07-28 21:01 . 2011-07-28 21:01 58880 ----a-w- c:\windows\system32\coinst.dll
2011-07-28 20:54 . 2011-07-28 20:54 378368 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 266240 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-07-28 20:54 . 2011-07-28 20:54 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 309248 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-28 20:53 . 2011-07-28 20:53 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-07-28 20:53 . 2011-07-28 20:53 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-28 20:51 . 2011-07-28 20:51 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-07-28 20:51 . 2011-07-28 20:51 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-07-28 15:49 . 2011-07-28 15:49 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-07-28 15:48 . 2011-07-28 15:48 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-28 15:48 . 2011-07-28 15:48 16552960 ----a-w- c:\windows\system32\amdocl64.dll
2011-07-27 12:12 . 2011-07-27 12:12 49152 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\UNINST_Uninstall_G_ABF4E3362B5B45E69A52EEAF1C98F172.exe
2011-07-27 12:12 . 2011-07-27 12:12 45056 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\GM_M8000.exe21_45643C25457B4883B78E9444882502AA.exe
2011-07-27 12:12 . 2011-07-27 12:12 45056 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\GM_M8000.exe2_186D725B72104964BD040EE7DD661C21.exe
2011-07-27 12:12 . 2011-07-27 12:12 45056 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\ARPPRODUCTICON.exe
2011-07-20 14:22 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-17 21:54 . 2011-07-17 21:54 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-07-17 21:53 . 2011-07-17 21:53 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-07-17 21:53 . 2011-07-17 21:53 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-07-16 04:26 . 2011-08-11 06:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-13 04:53 . 2011-08-07 07:39 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-05 18:11 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-05 18:11 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-07-04 07:34 . 2011-07-04 07:34 0 ----a-w- c:\windows\SysWow64\REN72FF.tmp
2011-07-04 07:34 . 2011-07-04 07:34 0 ----a-w- c:\windows\SysWow64\REN72FE.tmp
2011-07-04 07:34 . 2011-07-04 07:34 0 ----a-w- c:\windows\SysWow64\REN72FD.tmp
2011-07-02 07:30 . 2011-07-02 07:30 10920 ----a-w- C:\aolconnfix.exe
2011-07-01 07:53 . 2011-07-01 07:57 58696 ----a-w- c:\windows\SysWow64\AOLParconLink.exe
2011-06-18 09:55 . 2009-06-10 21:38 113594 ----a-w- c:\windows\SysWow64\slmgr.vbs
2011-06-18 09:55 . 2009-06-10 20:59 113594 ----a-w- c:\windows\system32\slmgr.vbs
2011-06-18 09:55 . 2009-07-13 23:52 142336 ----a-w- c:\windows\system32\sppwmi.dll
2011-06-18 09:55 . 2009-07-13 23:36 118784 ----a-w- c:\windows\SysWow64\sppwmi.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-07-29 17361032]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"HostManager"="c:\program files (x86)\Common Files\AOL\1309532172\ee\AOLSoftware.exe" [2010-03-08 41800]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2011-8-27 3510680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\Archlord\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-08-09 741224]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-05-26 442656]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
S3 LVUVC64;Logitech Webcam 120(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7f976ff-c41a-11e0-834d-00038a000015}]
\shell\AutoRun\command - d:\setup\rsrc\Autorun.exe
\shell\dinstall\command - d:\directx\dxsetup.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = my.daemon-search.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{770B9E07-FF00-40C8-8BAA-5F6B533DCD53}: NameServer = 192.168.1.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\lf5ql82x.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3047386&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3047386&SearchSource=2&q=
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

Juisterr · 10 sep 2011

Combofix is geen speeltje hoor. ?

Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:

Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware

Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

Het venster met de vraag of je de "Evaluatie wil starten" mag je in principe weigeren, deze kan je later ook nog inschakelen.
Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Archief - internet flipt egt hard

woutervg

Legacy Member

woutervg

Legacy Member

Juisterr

Legacy Member