Tweet
Hallo,
heb laatst een onderwerp gestart, omdat mijn systeem met regelmaat volledig vastloopt. Alles hangt vast en ik moet d.m.v. een harde return mijn laptop opnieuw opstarten.
Kreeg hier toen het advies om twee bovengenoemde programma's te laten draaien en de logs daarvan hier te plaatsen.
Hoop dat iemand me kan helpen bij dit probleem. Bij voorbaat dank!
Dr. Web CureIt log
A0252054.exe C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP997 Adware.Apropos
A0252055.exe C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP997 Adware.Apropos
A0252083.bat C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP998 Waarschijnlijk BATCH.Virus
A0252089.bat C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP998 Waarschijnlijk SCRIPT.Virus
Combofix log
ComboFix 08-03-09.1 - EriQ 2008-03-09 20:56:03.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.605 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\EriQ.ERIK\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.
The following files were disabled during the run:
C:\WINDOWS\system32\CTRLWZRD.dll
C:\WINDOWS\system32\signhook.dll
(((((((((((((((((((( Bestanden Gemaakt van 2008-02-09 to 2008-03-09 ))))))))))))))))))))))))))))))
.
2008-03-09 19:24 . 2008-03-09 19:24 <DIR> d-------- C:\Documents and Settings\EriQ.ERIK\DoctorWeb
2008-03-09 19:04 . 2008-03-09 19:04 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-23 18:38 . 2008-02-23 18:38 <DIR> d-------- C:\Program Files\NetLimiter
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\Provisioning
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\LogFiles
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\ime
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\ehome
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\AU_Temp
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\AU_Log
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\AU_Backup
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\Program Files\VeryPDF PDF2Word v3.0
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\Program Files\Sony Setup
2008-02-21 19:04 . 2008-02-21 19:04 <DIR> d-------- C:\Documents and Settings\EriQ.ERIK\Application Data\Real(2)
2008-02-17 17:27 . 2008-02-17 17:27 <DIR> d-------- C:\Program Files\Belastingdienst
2008-02-15 16:44 . 2008-02-15 16:44 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 19:27 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\BitTorrent
2008-02-24 17:49 --------- d-----w C:\Program Files\Winamp
2008-02-23 18:50 --------- d-----w C:\Program Files\PokerStars
2008-02-23 17:37 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\Nokia
2008-02-07 12:25 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\Nokia Multimedia Player
2008-02-07 11:46 --------- d-----w C:\Program Files\Nokia
2008-02-07 11:44 --------- d-----w C:\Program Files\Common Files\Nokia
2008-02-07 11:44 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Installations
2008-01-29 23:46 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\Ableton
2008-01-29 23:45 --------- d-----w C:\Program Files\Ableton
2008-01-22 15:16 --------- d-----w C:\Program Files\DC++
2008-01-09 13:45 --------- d-----w C:\Program Files\Google
2006-08-11 16:24 20,728 ----a-w C:\Documents and Settings\EriQ.ERIK\Application Data\GDIPFONTCACHEV1.DAT
2006-02-07 20:22 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2005-09-27 12:02 125,440 ----a-w C:\Program Files\Office2003_SP2Changes.xls
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-09-08 00:01 43008]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45 313472]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" [2004-10-05 11:28 3054592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-05-27 21:07 4726784]
"nwiz"="nwiz.exe" [2003-05-27 21:07 323584 C:\WINDOWS\system32\nwiz.exe]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2003-04-02 03:20 12288]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-12-09 14:46 180269]
"Fix-It AV"="C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe" [2003-06-10 14:58 32768]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NetLimiter"="C:\Program Files\NetLimiter\NetLimiter.exe" [2004-03-31 14:23 823296]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]
C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-05-14 20:53:43 110592]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
BlackICE PC Protection.lnk - C:\Program Files\ISS\BlackICE\blackice.exe [2005-11-11 15:03:44 778240]
Post-it© Software Notes.lnk - C:\Program Files\3M\PSNotes\psn.exe [2003-10-10 14:53:20 675840]
SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk - C:\Program Files\SAGEM Wi-Fi 11g USB adapter LAN Utility\WLANUTL.exe [2007-08-22 18:49:58 835584]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2005-11-05 16:13:32 106560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=CTRLWZRD.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
R2 Fix-It Task Manager;Fix-It Task Manager;C:\PROGRA~1\VCOM\Fix-It\mxtask.exe [2005-04-21 17:03]
R2 Wcproto;Wireless Configurator NDIS Protocol Driver for WXP/2000;C:\WINDOWS\system32\DRIVERS\wcproto.sys [2007-08-21 15:18]
R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-06-01 16:46]
S3 RapDrv;RapDrv;C:\WINDOWS\system32\drivers\RapDrv.sys [2003-10-24 15:57]
S3 RapFile;RapFile;C:\WINDOWS\system32\drivers\RapFile.sys [2003-02-25 18:26]
S3 RapNet;RapNet;C:\WINDOWS\system32\drivers\RapNet.sys [2003-02-25 18:26]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 13:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 13:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 13:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 13:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 13:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 13:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 13:58]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33383d00-f415-11db-89da-000d563849dc}]
\Shell\AutoRun\command - D:\setupSNK.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-09 21:00:22
Windows 5.1.2600 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\DOCUME~1\ERIQ~1.ERI\LOCALS~1\Temp\mc29.tmp"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\CTRLWZRD.dll
-> C:\WINDOWS\system32\signhook.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\WINDOWS\system32\CTRLWZRD.dll
-> C:\WINDOWS\system32\signhook.dll
-> C:\Program Files\NetLimiter\nl_lsp.dll
-> C:\WINDOWS\system32\nl_msgc.dll
.
Voltooingstijd: 2008-03-09 21:01:52
heb laatst een onderwerp gestart, omdat mijn systeem met regelmaat volledig vastloopt. Alles hangt vast en ik moet d.m.v. een harde return mijn laptop opnieuw opstarten.
Kreeg hier toen het advies om twee bovengenoemde programma's te laten draaien en de logs daarvan hier te plaatsen.
Hoop dat iemand me kan helpen bij dit probleem. Bij voorbaat dank!
Dr. Web CureIt log
A0252054.exe C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP997 Adware.Apropos
A0252055.exe C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP997 Adware.Apropos
A0252083.bat C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP998 Waarschijnlijk BATCH.Virus
A0252089.bat C:\System Volume Information\_restore{41078E40-CC59-44FC-A15C-E52F41D58666}\RP998 Waarschijnlijk SCRIPT.Virus
Combofix log
ComboFix 08-03-09.1 - EriQ 2008-03-09 20:56:03.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.605 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\EriQ.ERIK\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.
The following files were disabled during the run:
C:\WINDOWS\system32\CTRLWZRD.dll
C:\WINDOWS\system32\signhook.dll
(((((((((((((((((((( Bestanden Gemaakt van 2008-02-09 to 2008-03-09 ))))))))))))))))))))))))))))))
.
2008-03-09 19:24 . 2008-03-09 19:24 <DIR> d-------- C:\Documents and Settings\EriQ.ERIK\DoctorWeb
2008-03-09 19:04 . 2008-03-09 19:04 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-23 18:38 . 2008-02-23 18:38 <DIR> d-------- C:\Program Files\NetLimiter
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\Provisioning
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\LogFiles
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\ime
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\ehome
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\AU_Temp
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\AU_Log
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\WINDOWS\AU_Backup
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\Program Files\VeryPDF PDF2Word v3.0
2008-02-23 18:37 . 2008-02-23 18:37 <DIR> d-------- C:\Program Files\Sony Setup
2008-02-21 19:04 . 2008-02-21 19:04 <DIR> d-------- C:\Documents and Settings\EriQ.ERIK\Application Data\Real(2)
2008-02-17 17:27 . 2008-02-17 17:27 <DIR> d-------- C:\Program Files\Belastingdienst
2008-02-15 16:44 . 2008-02-15 16:44 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 19:27 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\BitTorrent
2008-02-24 17:49 --------- d-----w C:\Program Files\Winamp
2008-02-23 18:50 --------- d-----w C:\Program Files\PokerStars
2008-02-23 17:37 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\Nokia
2008-02-07 12:25 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\Nokia Multimedia Player
2008-02-07 11:46 --------- d-----w C:\Program Files\Nokia
2008-02-07 11:44 --------- d-----w C:\Program Files\Common Files\Nokia
2008-02-07 11:44 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Installations
2008-01-29 23:46 --------- d-----w C:\Documents and Settings\EriQ.ERIK\Application Data\Ableton
2008-01-29 23:45 --------- d-----w C:\Program Files\Ableton
2008-01-22 15:16 --------- d-----w C:\Program Files\DC++
2008-01-09 13:45 --------- d-----w C:\Program Files\Google
2006-08-11 16:24 20,728 ----a-w C:\Documents and Settings\EriQ.ERIK\Application Data\GDIPFONTCACHEV1.DAT
2006-02-07 20:22 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2005-09-27 12:02 125,440 ----a-w C:\Program Files\Office2003_SP2Changes.xls
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-09-08 00:01 43008]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45 313472]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" [2004-10-05 11:28 3054592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-05-27 21:07 4726784]
"nwiz"="nwiz.exe" [2003-05-27 21:07 323584 C:\WINDOWS\system32\nwiz.exe]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2003-04-02 03:20 12288]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-12-09 14:46 180269]
"Fix-It AV"="C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe" [2003-06-10 14:58 32768]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NetLimiter"="C:\Program Files\NetLimiter\NetLimiter.exe" [2004-03-31 14:23 823296]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]
C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-05-14 20:53:43 110592]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
BlackICE PC Protection.lnk - C:\Program Files\ISS\BlackICE\blackice.exe [2005-11-11 15:03:44 778240]
Post-it© Software Notes.lnk - C:\Program Files\3M\PSNotes\psn.exe [2003-10-10 14:53:20 675840]
SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk - C:\Program Files\SAGEM Wi-Fi 11g USB adapter LAN Utility\WLANUTL.exe [2007-08-22 18:49:58 835584]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2005-11-05 16:13:32 106560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=CTRLWZRD.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
R2 Fix-It Task Manager;Fix-It Task Manager;C:\PROGRA~1\VCOM\Fix-It\mxtask.exe [2005-04-21 17:03]
R2 Wcproto;Wireless Configurator NDIS Protocol Driver for WXP/2000;C:\WINDOWS\system32\DRIVERS\wcproto.sys [2007-08-21 15:18]
R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-06-01 16:46]
S3 RapDrv;RapDrv;C:\WINDOWS\system32\drivers\RapDrv.sys [2003-10-24 15:57]
S3 RapFile;RapFile;C:\WINDOWS\system32\drivers\RapFile.sys [2003-02-25 18:26]
S3 RapNet;RapNet;C:\WINDOWS\system32\drivers\RapNet.sys [2003-02-25 18:26]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 13:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 13:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 13:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 13:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 13:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 13:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 13:58]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33383d00-f415-11db-89da-000d563849dc}]
\Shell\AutoRun\command - D:\setupSNK.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-09 21:00:22
Windows 5.1.2600 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\DOCUME~1\ERIQ~1.ERI\LOCALS~1\Temp\mc29.tmp"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\CTRLWZRD.dll
-> C:\WINDOWS\system32\signhook.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\WINDOWS\system32\CTRLWZRD.dll
-> C:\WINDOWS\system32\signhook.dll
-> C:\Program Files\NetLimiter\nl_lsp.dll
-> C:\WINDOWS\system32\nl_msgc.dll
.
Voltooingstijd: 2008-03-09 21:01:52
Comment