BleepingComputer.com: [LOG] msconfig.exe deleted

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

[LOG] msconfig.exe deleted

#1 User is offline   Redmen800 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 07-July 11

Posted 07 July 2011 - 10:36 AM

Hello,

My computer was doing strange things: DNS-lookup errors, black screens, sometimes it took ages to start a program. All the antivirus programs didn't fins anything. A friend told me to run ComboFix. I followed the tutorial and now i was told to post the log. I remarked that msconfig.exe had been deleted. Is this a indication of malware? Here is the log:

ComboFix 11-07-07.02 - Alexander 07-07-2011  16:43:06.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.2813.1869 [GMT 2:00]
Gestart vanuit: c:\users\Alexander\Desktop\ComboFix.exe
AV: McAfee Antivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Antivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\msconfig.exe
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-06-07 to 2011-07-07  ))))))))))))))))))))))))))))))
.
.
2011-07-07 15:00 . 2011-07-07 15:01	--------	d-----w-	c:\users\Alexander\AppData\Local\temp
2011-07-07 15:00 . 2011-07-07 15:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-07-07 14:40 . 2011-07-07 14:40	--------	d-----w-	C:\32788R22FWJFW
2011-07-06 14:29 . 2011-07-06 14:29	--------	d-----w-	c:\programdata\PMS
2011-07-06 14:28 . 2011-07-06 14:31	--------	d-----w-	c:\program files\PS3 Media Server
2011-07-06 12:30 . 2011-07-06 12:31	--------	d-----w-	c:\users\Alexander\AppData\Local\{92660A92-F7C1-4F51-A12E-BDEE7D6C3CE1}
2011-07-05 09:20 . 2011-06-07 15:55	7074640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{00C09DD0-273E-4DF4-AA93-F350FD073E15}\mpengine.dll
2011-07-01 07:31 . 2011-07-01 07:31	--------	d-----w-	c:\users\Alexander\AppData\Local\{4A84E6BC-248B-4647-A598-45F7E2DF82EA}
2011-06-30 13:56 . 2011-06-30 13:56	--------	d-----w-	c:\program files\Common Files\Java
2011-06-30 13:49 . 2011-06-30 13:49	--------	d-----w-	c:\users\Alexander\AppData\Local\{757F0F28-4CEE-48A0-8F29-835D979136C7}
2011-06-29 14:47 . 2011-06-29 14:47	--------	d-----w-	c:\users\Alexander\AppData\Local\{82E58C4F-C23A-430D-936B-B8C860D7EAB2}
2011-06-29 13:32 . 2011-04-29 15:59	276992	----a-w-	c:\windows\system32\schannel.dll
2011-06-25 16:48 . 2011-06-25 16:51	--------	d-----w-	c:\users\Alexander\AppData\Roaming\Folding@home-x86
2011-06-25 16:48 . 2011-06-25 16:48	--------	d-----w-	c:\program files\Folding@home
2011-06-23 08:45 . 2011-06-23 08:45	--------	d-----w-	c:\users\Alexander\AppData\Local\{B4B3EC40-960C-4FF2-9CD1-3E91931CC515}
2011-06-23 08:30 . 2011-06-23 08:30	--------	d-----w-	c:\users\Alexander\AppData\Roaming\Adobe Mini Bridge CS5.1
2011-06-23 08:30 . 2011-06-23 08:30	--------	d-----w-	c:\users\Alexander\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-06-22 19:21 . 2011-06-22 19:21	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2011-06-22 15:56 . 2011-06-22 15:56	--------	d-----w-	c:\users\Alexander\AppData\Roaming\gtk-2.0
2011-06-22 15:56 . 2011-06-22 15:56	--------	d-----w-	c:\users\Alexander\.thumbnails
2011-06-22 15:53 . 2011-06-22 16:04	--------	d-----w-	c:\users\Alexander\.gimp-2.6
2011-06-22 15:52 . 2011-06-22 15:52	--------	d-----w-	c:\program files\GIMP-2.0
2011-06-22 15:30 . 2011-06-22 15:32	--------	d-----w-	c:\users\Alexander\AppData\Roaming\XnView
2011-06-22 13:09 . 2011-06-22 13:09	--------	d-----w-	c:\users\Alexander\AppData\Local\{5421CBB7-C552-4D3B-B216-80CF1B9F70D7}
2011-06-21 06:33 . 2011-06-21 06:34	--------	d-----w-	c:\users\Alexander\AppData\Local\{78790A04-1572-4D4D-9E88-267A83486C42}
2011-06-20 13:40 . 2011-06-20 13:40	--------	d-----w-	c:\users\Alexander\AppData\Roaming\Microsoft Games
2011-06-19 18:52 . 2011-06-19 18:52	--------	d-----w-	c:\users\Alexander\AppData\Local\{89861B5C-8667-4538-8529-DA142903BC42}
2011-06-18 12:09 . 2011-06-18 12:09	--------	d-----w-	c:\users\Alexander\AppData\Local\{8F5E79FF-E3D4-451E-9051-506029B2A2B2}
2011-06-15 11:55 . 2011-04-25 15:29	141104	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2011-06-15 11:55 . 2011-04-22 23:25	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-06-15 11:55 . 2011-04-22 23:35	1797632	----a-w-	c:\windows\system32\jscript9.dll
2011-06-15 10:55 . 2011-04-14 14:59	75264	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-06-15 10:54 . 2011-04-29 13:25	146432	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-15 10:54 . 2011-04-29 13:25	102400	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-15 10:54 . 2011-04-21 13:58	273408	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-15 10:54 . 2010-12-20 16:35	563712	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-15 10:54 . 2011-05-02 17:16	739328	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-15 10:54 . 2011-04-29 13:24	214016	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 10:54 . 2011-04-29 13:24	79872	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 10:54 . 2011-04-29 13:24	106496	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 10:53 . 2011-05-02 12:02	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-06-13 11:52 . 2011-06-13 11:52	--------	d-----w-	c:\program files\iPod
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 17:14 . 2010-12-24 18:37	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-05-16 15:11 . 2011-05-16 15:11	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-11 14:26 . 2011-04-29 14:34	36928	----a-w-	c:\windows\system32\drivers\pssdk41.sys
2011-05-10 06:06 . 2011-05-10 06:06	4517664	----a-w-	c:\windows\system32\usbaaplrc.dll
2011-05-10 06:06 . 2011-05-10 06:06	42496	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2011-05-04 02:52 . 2010-12-27 15:10	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-04-14 12:01 . 2010-12-25 12:25	9344	----a-w-	c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 12:01 . 2010-12-25 12:24	84488	----a-w-	c:\windows\system32\drivers\mferkdet.sys
2011-04-14 12:01 . 2010-12-25 12:24	64584	----a-w-	c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 12:01 . 2010-12-25 12:24	56064	----a-w-	c:\windows\system32\drivers\cfwids.sys
2011-04-14 12:01 . 2010-12-25 12:24	52320	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2011-04-14 12:01 . 2010-12-25 12:24	314088	----a-w-	c:\windows\system32\drivers\mfefirek.sys
2011-04-14 12:01 . 2010-12-25 12:24	165032	----a-w-	c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 12:01 . 2010-12-25 12:24	153280	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 12:01 . 2010-12-25 12:23	141792	----a-w-	c:\windows\system32\mfevtps.exe
2011-04-14 12:01 . 2010-08-24 19:57	95824	----a-w-	c:\windows\system32\drivers\mfeapfk.sys
2011-04-14 12:01 . 2010-08-24 19:57	387480	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2011-04-11 15:46 . 2011-04-11 15:46	74703	----a-w-	c:\windows\system32\mfc45.dll
2011-03-18 18:03 . 2011-04-17 10:00	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2011-04-19 14:55	24376	----a-w-	c:\program files\mozilla firefox\components\Scriptff.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-03-02 15:23	68216	----a-w-	c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-03-15 3278232]
"Steam"="c:\program files\Steam\steam.exe" [2011-04-24 1242448]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1195408]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-30 198904]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-04-14 84488]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-01-01 81168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PsSdk41;PsSdk41;c:\windows\system32\Drivers\pssdk41.sys [2011-05-11 36928]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
S0 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2007-04-03 35712]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-04-14 64584]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-04-14 165032]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-01-25 85768]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-04-14 141792]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-04-14 56064]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-04-14 314088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
Inhoud van de 'Gedeelde Taken' map
.
2011-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-26 13:20]
.
2011-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-26 13:20]
.
2011-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2568321160-842720230-811333349-1003Core.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 13:20]
.
2011-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2568321160-842720230-811333349-1003UA.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 13:20]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.youtube.com/
mStart Page = hxxp://nl.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Download alle links met IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video inhoud met IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download met IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.2
FF - ProfilePath - c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\dgpg4dtj.default\
.
.
------- Bestandsassociaties -------
.
JSEFile=NOTEPAD.EXE %1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-07 17:00
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-2568321160-842720230-811333349-1003_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):cc,01,48,4d,7a,76,78,55,c1,22,f8,17,82,b5,76,a5,7d,74,ee,2f,99,
   62,d0,c4,6a,e1,1d,78,8b,85,ed,97,2a,4f,bc,50,ca,32,bb,c4,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2568321160-842720230-811333349-1003_Classes\CLSID\{84c30889-b726-44ea-ba16-124bb80b053a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000069
"Therad"=dword:00000019
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2011-07-07  17:15:46
ComboFix-quarantined-files.txt  2011-07-07 15:15
.
Pre-Run: 12.443.123.712 bytes beschikbaar
Post-Run: 12.283.842.560 bytes beschikbaar
.
- - End Of File - - C3BF7AF32E0FF8998F18D59FB10192CD


Thanks,

Redmen800

EDIT: My computer is now running fine for an hour!

This post has been edited by Redmen800: 07 July 2011 - 10:37 AM

#2 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 23 July 2011 - 10:29 AM

How is your computer running?

Do you have any outstanding issues?
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

#3 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 29 July 2011 - 09:05 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users