crazystalin

Lid

Bekijk profiel Bekijk hun activiteit

Items
3
Registratiedatum
28 juli 2010
Laatst bezocht
29 juli 2010

crazystalin's prestaties

Nieuweling (1/14)

Recente badges

Reputatie

ad-ware virus

crazystalin reageerde op crazystalin's topic in Archief Bestrijding malware & virussen

hier is het report , ik heb op het moment nog geen problemen ondervonden als het zo doorgaat is deze thread opgelost ComboFix 10-07-28.04 - agent 007 29/07/2010 19:21:17.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.1023.690 [GMT 2:00] Gestart vanuit: c:\documents and settings\agent 007\Mijn documenten\Downloads\ComboFix.exe . (((((((((((((((((((( Bestanden Gemaakt van 2010-06-28 to 2010-07-29 )))))))))))))))))))))))))))))) . 2010-07-29 17:15 . 2010-07-29 17:15 4 ----a-w- c:\program files\46671.dat 2010-07-29 14:22 . 2010-07-29 14:22 -------- d-----w- c:\program files\ESET 2010-07-29 12:11 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-29 12:11 . 2010-07-29 12:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-29 12:11 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-29 00:48 . 2010-07-29 16:35 -------- d--h--r- c:\documents and settings\agent 007\Onlangs geopend 2010-07-28 17:04 . 2003-06-25 14:05 266360 ----a-w- c:\windows\system32\TweakUI.exe 2010-07-27 17:15 . 2010-07-27 17:15 -------- d-----r- c:\documents and settings\NetworkService\Favorieten 2010-07-27 15:04 . 2010-07-27 15:04 -------- d-----r- c:\documents and settings\LocalService\Favorieten 2010-07-25 12:24 . 2010-07-25 12:24 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-07-25 12:24 . 2010-07-25 12:24 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-07-25 12:24 . 2010-07-25 12:24 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-07-24 12:37 . 2010-07-24 12:37 -------- d-----w- c:\program files\YouTube Downloader 2010-07-20 04:27 . 2010-07-20 04:27 156136 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-07-16 15:30 . 2010-07-16 15:30 -------- d-----w- c:\program files\Common Files\Skype 2010-07-15 17:55 . 2010-07-15 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\SwiftKit 2010-07-15 17:55 . 2010-07-22 23:06 -------- d-----w- c:\program files\SwiftKit 2010-07-15 01:00 . 2010-07-15 01:00 -------- d-----w- C:\db030b16edc4c6ecbb21a390 2010-07-14 16:40 . 2010-07-14 16:40 -------- d-----w- c:\documents and settings\agent 007\Application Data\Hardcore 2010-07-14 12:49 . 2010-07-14 13:45 -------- d-----w- c:\documents and settings\agent 007\Application Data\gamigo 2010-07-14 12:31 . 2010-07-14 12:32 -------- d-----w- c:\documents and settings\agent 007\Application Data\Martial Empires Luancher OBT 2010-07-14 12:31 . 2010-07-14 12:32 -------- d-----w- c:\documents and settings\agent 007\Application Data\launcher 2010-07-14 11:28 . 2010-07-14 11:28 -------- d-----w- C:\Gamigo 2010-07-13 10:13 . 2010-07-13 10:13 -------- d-----w- C:\found.000 2010-07-08 22:38 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll 2010-07-08 22:37 . 2010-07-08 22:38 -------- d-----w- c:\program files\VstPlugins 2010-07-08 22:37 . 2010-07-08 22:37 -------- d-----w- c:\program files\Outsim 2010-07-08 22:34 . 2010-07-08 22:37 -------- d-----w- c:\program files\Image-Line 2010-07-07 17:47 . 2010-07-07 17:47 -------- d-----w- C:\SPLASH 2010-07-03 22:36 . 2010-07-03 22:36 -------- d-----w- c:\program files\NOS 2010-07-03 22:35 . 2010-03-29 06:53 32576 ----a-w- c:\documents and settings\agent 007\Application Data\Mozilla\Firefox\Profiles\a7x6jvhb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll 2010-07-03 22:35 . 2010-03-29 06:53 29984 ----a-w- c:\documents and settings\agent 007\Application Data\Mozilla\Firefox\Profiles\a7x6jvhb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe 2010-07-03 12:43 . 2010-07-22 22:49 51 ----a-w- c:\documents and settings\agent 007\jagex__preferences3.dat 2010-07-03 12:43 . 2010-07-22 23:04 99 ----a-w- c:\documents and settings\agent 007\jagex_runescape_preferences2.dat 2010-07-03 12:42 . 2010-07-22 22:49 46 ----a-w- c:\documents and settings\agent 007\jagex_runescape_preferences.dat 2010-07-01 22:59 . 2010-07-29 12:13 -------- d-----w- c:\documents and settings\agent 007\Application Data\Auslogics 2010-07-01 22:57 . 2010-07-01 22:57 -------- d-----w- c:\program files\Auslogics . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-29 17:02 . 2010-01-18 06:37 -------- d-----w- c:\documents and settings\agent 007\Application Data\Skype 2010-07-29 14:21 . 2010-02-28 10:50 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-07-29 13:19 . 2010-01-18 06:40 -------- d-----w- c:\documents and settings\agent 007\Application Data\skypePM 2010-07-29 12:11 . 2009-12-30 13:03 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-07-29 00:27 . 2010-06-27 11:16 -------- d-----w- c:\program files\Gpotato 2010-07-29 00:22 . 2010-02-12 22:13 -------- d-----w- c:\program files\DivX 2010-07-29 00:20 . 2010-07-29 00:20 757208 ----a-w- c:\program files\Internet Explorer.rar 2010-07-29 00:19 . 2009-12-29 00:52 -------- d-----w- c:\program files\Microsoft Games 2010-07-28 11:49 . 2010-01-07 16:09 -------- d-----w- c:\program files\World of Warcraft 2010-07-25 12:24 . 2010-05-28 19:26 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-07-25 12:24 . 2010-05-28 19:24 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-07-25 12:23 . 2010-05-28 19:41 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-07-25 12:23 . 2010-05-28 19:26 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-07-24 21:34 . 2010-01-09 21:12 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-07-24 21:34 . 2010-01-09 21:12 189392 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-07-22 13:50 . 2010-01-06 23:07 -------- d-----w- c:\documents and settings\agent 007\Application Data\uTorrent 2010-07-21 22:52 . 2010-05-28 19:25 -------- d-----w- c:\documents and settings\agent 007\Application Data\DivX 2010-07-07 17:49 . 2004-08-04 12:00 163644 ----a-w- c:\windows\system32\drivers\secdrv.sys 2010-07-06 22:33 . 2009-12-28 20:53 66824 ----a-w- c:\documents and settings\agent 007\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-07-05 12:30 . 2010-04-10 13:18 -------- d-----w- c:\program files\VirtualDJ 2010-07-05 12:19 . 2010-06-06 13:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-07-04 20:49 . 2009-12-30 13:03 -------- d-----w- c:\program files\Common Files\InstallShield 2010-07-03 22:36 . 2010-01-06 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-06-30 21:56 . 2004-08-04 12:00 87298 ----a-w- c:\windows\system32\perfc013.dat 2010-06-30 21:56 . 2004-08-04 12:00 502368 ----a-w- c:\windows\system32\perfh013.dat 2010-06-30 16:56 . 2010-01-07 19:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment 2010-06-27 21:49 . 2010-06-27 21:49 -------- d-----w- c:\program files\Common Files\INCA Shared 2010-06-27 11:00 . 2010-06-27 11:00 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files 2010-06-15 20:53 . 2010-06-15 20:53 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-06-15 20:53 . 2010-06-15 20:53 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-06-15 20:53 . 2010-06-15 20:53 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-06-15 20:52 . 2010-06-15 20:52 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-06-15 20:52 . 2010-06-15 20:52 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-06-14 14:30 . 2009-12-28 20:38 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-08 21:11 . 2010-02-20 00:11 -------- d-----w- c:\program files\Defraggler 2010-06-07 15:21 . 2010-06-07 15:21 -------- d-----w- c:\program files\Common Files\BioWare 2010-06-06 13:35 . 2010-06-06 12:38 -------- d-----w- c:\documents and settings\agent 007\Application Data\GetRightToGo 2010-05-28 19:41 . 2010-05-28 19:41 84040 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-05-28 19:41 . 2010-05-28 19:41 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-05-28 19:41 . 2010-05-28 19:41 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-05-28 19:41 . 2010-05-28 19:41 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-05-28 19:41 . 2010-05-28 19:41 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-05-28 19:41 . 2010-05-28 19:41 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-05-28 19:40 . 2010-05-28 19:40 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-05-28 19:40 . 2010-05-28 19:40 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-05-28 19:40 . 2010-05-28 19:40 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-05-28 19:40 . 2010-05-28 19:40 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-05-02 08:27 . 2004-08-04 12:00 1851008 ----a-w- c:\windows\system32\win32k.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2008-07-08 2828184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-16 149280] "RTHDCPL"="RTHDCPL.EXE" [2010-03-17 19520544] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-25 142120] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521] "ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2006-02-21 180224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^SetPointII.lnk] backup=c:\windows\pss\SetPointII.lnkCommon Startup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"= "c:\\Program Files\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\USArmy\\America's Army 2\\System\\ArmyOps.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\ASUS\\ASUS Live Update\\ALU.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "c:\\Documents and Settings\\agent 007\\Local Settings\\Application Data\\CrossLoop\\vncviewer.exe"= "c:\\Program Files\\Microsoft Games\\Age of Mythology\\aom.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\USArmy\\America's Army 3\\Binaries\\AA3Game.exe"= "c:\\Program Files\\Paradox Interactive\\Hearts of Iron III\\hoi3game.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5910:TCP"= 5910:TCP:*:Disabled:vnc5910 "57741:TCP"= 57741:TCP:*:Disabled:Pando Media Booster "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 CrossLoopService;CrossLoop Service;c:\documents and settings\agent 007\Local Settings\Application Data\CrossLoop\CrossLoopService.exe [18/02/2010 21:26 560792] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [13/01/2010 20:47 10384] R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [28/01/2010 21:34 1116544] R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [28/01/2010 21:34 7808] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25/03/2010 16:01 1691480] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 uvnc_service;uvnc_service;c:\documents and settings\agent 007\Local Settings\Application Data\CrossLoop\winvnc.exe [18/02/2010 21:26 1590216] S3 XDva345;XDva345;\??\c:\windows\system32\XDva345.sys --> c:\windows\system32\XDva345.sys [?] S3 XDva346;XDva346;\??\c:\windows\system32\XDva346.sys --> c:\windows\system32\XDva346.sys [?] S3 XDva347;XDva347;\??\c:\windows\system32\XDva347.sys --> c:\windows\system32\XDva347.sys [?] S3 XDva348;XDva348;\??\c:\windows\system32\XDva348.sys --> c:\windows\system32\XDva348.sys [?] S3 XDva349;XDva349;\??\c:\windows\system32\XDva349.sys --> c:\windows\system32\XDva349.sys [?] S3 XDva352;XDva352;\??\c:\windows\system32\XDva352.sys --> c:\windows\system32\XDva352.sys [?] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/01/2010 23:22 691696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper . Inhoud van de 'Gedeelde Taken' map 2010-07-27 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] . . ------- Bijkomende Scan ------- . uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\agent 007\Application Data\Mozilla\Firefox\Profiles\a7x6jvhb.default\ FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - plugin: c:\documents and settings\agent 007\Application Data\Facebook\npfbplugin_1_0_3.dll FF - plugin: c:\documents and settings\agent 007\Application Data\Mozilla\Firefox\Profiles\a7x6jvhb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS VERWIJDERD - - - - Notify-WgaLogon - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-29 19:25 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... c:\program files\Internet Explorer\IEXPLORE.EXE [2692] 0x8354D020 scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1272) c:\windows\system32\antiwpa.dll c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2010-07-29 19:27:10 ComboFix-quarantined-files.txt 2010-07-29 17:27 Pre-Run: 42.834.337.792 bytes beschikbaar Post-Run: 43.090.157.568 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - CD9AF91EC46ABD9D821C30764DB123CA
- 29 juli 2010
- 5 antwoorden
ad-ware virus

crazystalin reageerde op crazystalin's topic in Archief Bestrijding malware & virussen

hier is de nieuwe hijack log :Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:03:04, on 29/07/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Documents and Settings\agent 007\Local Settings\Application Data\CrossLoop\CrossLoopService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Registry Mechanic\RegMech.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\agent 007\Mijn documenten\Downloads\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-436374069-484061587-839522115-1000\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HelpAssistant') O4 - HKUS\S-1-5-21-436374069-484061587-839522115-1000\..\RunOnce: [ctfmon.exe] ctfmon.exe /n (User 'HelpAssistant') O4 - HKUS\S-1-5-21-436374069-484061587-839522115-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Documents and Settings\agent 007\Local Settings\Application Data\CrossLoop\CrossLoopService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: uvnc_service - UltraVNC - C:\Documents and Settings\agent 007\Local Settings\Application Data\CrossLoop\winvnc.exe -- End of file - 8084 bytes en de mbam log : Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 4365 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 29/07/2010 15:14:18 mbam-log-2010-07-29 (15-14-18).txt Scantype: Volledige scan (C:\|) Objecten gescand: 234413 Verstreken tijd: 1 uur/uren, 1 minuut/minuten, 5 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 6 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: C:\Documents and Settings\agent 007\Mijn documenten\downloads pro\Window XP Crack\keyfinder.exe (Application.FindKey) -> Quarantined and deleted successfully. C:\Documents and Settings\agent 007\Mijn documenten\downloads pro\Window XP Crack\wga-fix.exe (Hacktool.WGAFix) -> Quarantined and deleted successfully. C:\Documents and Settings\agent 007\Mijn documenten\downloads pro\Windows XP Crack\WGA Fixer.exe (Hacktool.WGAFix) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{FBC9F2F1-7C28-4561-8CCC-63230CC12B2F}\RP233\A0180731.rbf (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{FBC9F2F1-7C28-4561-8CCC-63230CC12B2F}\RP233\A0180734.rbf (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{FBC9F2F1-7C28-4561-8CCC-63230CC12B2F}\RP233\A0180735.rbf (Adware.WidgiToolbar) -> Quarantined and deleted successfully. maar ik heb nog altijd het probleem
- 29 juli 2010
- 5 antwoorden
ad-ware virus

crazystalin plaatste een topic in Archief Bestrijding malware & virussen

ik heb een adware virus die, automatisch een niet visueel zichtbare site de focus (voorgrond)geeft boven alle andere progamma's die ik open , ik heb al alles geprobeerdt wat er op windows support staat en ook al een windows toy gedownload hiervoor (tweak ui) maar niets helpt. hier is een hijack this report : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:25:04, on 28/07/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Documents and Settings\agent 007\Local Settings\Application Data\CrossLoop\CrossLoopService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Registry Mechanic\RegMech.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Documents and Settings\agent 007\Mijn documenten\Downloads\HijackThis(2).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = DAEMON-Search.com :: STARTPAGE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-436374069-484061587-839522115-1000\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HelpAssistant') O4 - HKUS\S-1-5-21-436374069-484061587-839522115-1000\..\RunOnce: [ctfmon.exe] ctfmon.exe /n (User 'HelpAssistant') O4 - HKUS\S-1-5-21-436374069-484061587-839522115-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Documents and Settings\agent 007\Local Settings\Application Data\CrossLoop\CrossLoopService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\Instal ik hoop dat jullie mij kunne helpen format is de laaste optie
- 28 juli 2010
- 5 antwoorden

Inloggen

crazystalin

Items

Registratiedatum

Laatst bezocht

crazystalin's prestaties

Nieuweling (1/14)

Recente badges

Reputatie

ad-ware virus

ad-ware virus

ad-ware virus

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie