Vraag & Antwoord

Beveiliging & privacy

nog een vundo

Anoniem
juisterr
3 antwoorden
  • C:\WINDOWS\system32\awtqp.dll
    C:\WINDOWS\system32\lgvoshqi.dll
    C:\WINDOWS\system32\vtuts.dll
    C:\WINDOWS\system32\whxatmiu.dll
    C:\WINDOWS\system32\byxxvvu.dll
    C:\WINDOWS\system32\gebcdba.dll
    C:\WINDOWS\system32\qomkjgf.dll
    C:\WINDOWS\system32\urqonki.dll
    C:\WINDOWS\system32\pqtwa.ini
    C:\WINDOWS\system32\rttss.bak1
    C:\WINDOWS\system32\rttss.bak2
    C:\WINDOWS\system32\rttss.ini
    C:\WINDOWS\system32\stutv.ini
    C:\WINDOWS\system32\rttss.bak1
    C:\WINDOWS\system32\rttss.bak2
    C:\WINDOWS\system32\rttss.ini
    C:\WINDOWS\system32\ssttr.dll


    * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\msxml3a.dll


    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    ——-\nm


    ((((((((((((((((((((((((( Files Created from 2007-05-21 to 2007-06-21 )))))))))))))))))))))))))))))))


    2007-06-21 17:13 49,152 –a—— C:\WINDOWS\nircmd.exe
    2007-06-21 17:10 122,900 –a—— C:\WINDOWS\system32\tvvwgwya.exe
    2007-06-20 22:15 <DIR> d——– C:\WINDOWS\system32\xircom
    2007-06-20 22:15 <DIR> d——– C:\WINDOWS\srchasst
    2007-06-20 22:15 <DIR> d——– C:\Program Files\msn gaming zone
    2007-06-20 22:14 <DIR> d——– C:\Program Files\microsoft frontpage
    2007-06-20 17:09 122,900 –a—— C:\WINDOWS\system32\srradkhn.exe
    2007-06-14 20:26 <DIR> d——– C:\Program Files\Lavasoft
    2007-06-14 20:26 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    2007-06-12 22:54 <DIR> d——– C:\Program Files\Windows Live Safety Center
    2007-06-07 23:53 524,288 –ah—– C:\DOCUME~1\ADMINI~1\NTUSER.DAT
    2007-06-07 19:57 <DIR> d——– C:\Program Files\Windows Live
    2007-06-05 23:43 <DIR> d——– C:\Program Files\Common Files\xing shared
    2007-06-04 19:33 2,580 –a—— C:\WINDOWS\system32\ocbdabwv.exe
    2007-06-04 15:18 9,344 –a—— C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-06-04 15:17 8,320 –a—— C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-06-04 15:14 6,272 –a—— C:\WINDOWS\system32\drivers\AWRTPD.sys
    2007-06-03 18:54 2,580 –a—— C:\WINDOWS\system32\nfcxwlxq.exe
    2007-06-02 18:51 2,580 –a—— C:\WINDOWS\system32\bvvkxewd.exe
    2007-05-30 23:56 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    2007-05-30 23:08 190,976 –a—— C:\DOCUME~1\FAMILY~1\ext.exe
    2007-05-27 14:24 <DIR> d——– C:\Program Files\Winamp


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-06-21 15:24:27 288 —-a-w C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000002-80671102}.dat
    2007-06-21 15:24:27 288 —-a-w C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000A-00001102-00000002-80671102}.dat
    2007-06-20 20:15:00 ——– d—–w C:\Program Files\Windows NT
    2007-06-20 15:11:51 ——– d—–w C:\DOCUME~1\FAMILY~1\APPLIC~1\VoipBuster
    2007-06-14 18:25:41 ——– d—–w C:\Program Files\Common Files\Wise Installation Wizard
    2007-06-07 17:57:49 ——– d—–w C:\Program Files\Messenger Plus! Live
    2007-06-07 17:57:48 ——– d—–w C:\Program Files\MSN Messenger
    2007-06-05 22:28:14 ——– d—–w C:\DOCUME~1\FAMILY~1\APPLIC~1\Real
    2007-06-05 21:43:26 ——– d—–w C:\Program Files\Common Files\Real
    2007-06-04 19:36:17 ——– d—–w C:\Program Files\TuneUp Utilities 2007
    2007-05-27 13:14:40 ——– d—–w C:\DOCUME~1\FAMILY~1\APPLIC~1\Skype
    2007-05-16 15:32:55 683,520 —-a-w C:\WINDOWS\system32\inetcomm.dll
    2007-05-14 23:37:26 ——– d—–w C:\DOCUME~1\FAMILY~1\APPLIC~1\gtk-2.0
    2007-05-14 17:12:41 ——– d—–w C:\Program Files\GIMP-2.0
    2007-05-14 17:11:20 ——– d—–w C:\Program Files\Common Files\GTK
    2007-05-03 15:53:15 ——– d—–w C:\Program Files\Paltalk Messenger
    2007-04-26 21:12:03 ——– d—–w C:\Program Files\Real
    2007-04-25 14:21:15 144,896 —-a-w C:\WINDOWS\system32\schannel.dll
    2007-04-18 16:12:23 2,854,400 —-a-w C:\WINDOWS\system32\msi.dll
    2007-04-13 13:19:52 7,680 —-a-w C:\WINDOWS\system32\lsdelete.exe
    2007-03-29 02:42:42 29,704 —-a-w C:\WINDOWS\system32\uxtuneup.dll


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {2F85D76C-0569-466F-A488-493E6BD0E955}=C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26 23:44]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\Windows Live Toolbar\msntb.dll [2006-10-11 00:26]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTHelper"="CTHELPER.EXE" [2003-06-09 04:07 C:\WINDOWS\system32\CTHELPER.EXE]
    "Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 02:00]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 16:09]
    "Lexmark X5100 Series"="C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe" [2002-12-03 19:29]
    "VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 19:18]
    "VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 13:49]
    "OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 23:02]
    "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 19:29]
    "MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 13:05]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-06-05 23:41]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VoipBuster"="C:\program files\voipbuster.com\voipbuster\voipbuster.exe" [2007-06-21 17:10]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
    "nlsf"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
    "tscuninstall"=%systemroot%\system32\tscupgrd.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoSharedDocuments"=1 (0x1)
    "NoResolveTrack"=1 (0x1)
    "LinkResolveIgnoreLinkInfo "=1 (0x1)
    "NoLowDiskSpaceChecks"=1 (0x1)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoSharedDocuments"=1 (0x1)
    "NoResolveTrack"=1 (0x1)
    "LinkResolveIgnoreLinkInfo "=1 (0x1)
    "NoLowDiskSpaceChecks"=1 (0x1)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"="C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 14:11]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvurqpp]
    wvurqpp.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
    UxTuneUp


    Contents of the 'Scheduled Tasks' folder
    2007-06-21 15:11:02 C:\WINDOWS\tasks\Controleren op updates voor Windows Live Toolbar.job
    2007-05-18 16:56:20 C:\WINDOWS\tasks\Easy Onderhoud.job

    **************************************************************************

    catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-06-21 17:25:34
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-06-21 17:27:39 - machine was rebooted
    C:\ComboFix-quarantined-files.txt … 2007-06-21 17:27

    — E O F —
  • Hullu, wil je een eigen topic beginnen aub, ik zal gerben even vragen of hij dit bericht in een nieuw topic zetten kan.
  • afgesplitst

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.