llk
-
Items
14 -
Registratiedatum
-
Laatst bezocht
llk's prestaties
-
Ik heb het schermpje nog altijd niet zien terug op duiken, dus ik gok dat het is opgelost. Om nog even te vermelden, ik had die dag dat ik de laatste keer de melding kreeg ook mijn windows partitie gedefragmenteerd. Moest het iemand kunnen helpen later ;-) Nog is bedankt voor alle hulp, en hopelijk dat ik het topic niet meer moet openen.
-
Blijkbaar werkt hij terug normaal zonder Kapersky uit te voeren. De eerste keer nadat hij het bericht terug gaf en Findykill had uitgevoerd had ik combofix opgestart, omdat hij daarmee wel een keer of twee normaal afsluit, en blijkbaar doet hij het nu terug normaal. Ik heb het voorlopig een keer of tien getest, wat een absoluut record is Ik ga het voorlopig nog niet aangeven als opgelost, als het probleem niet terugkeert zal ik tegen het einde van de week aangeven als opgelost, en anders zullen jullie nog van me horen
-
Gedaan, en ik krig hetzelfde resultaat als daarvoor. Vlak na het uitvoeren sluit hij normaal af, daarna krijg ik de foutmelding.
-
Ik krig het bericht dat FindyKill bestanden ontbreekt en dat het daardoor niet kan verdergaan :| Ik heb hhet programma al terug verwijderd en geherinstalleerd, en nog steeds hetzelfde bericht. EDIT: Blijkbaar is het nu toch gelukt met het programma te google'n en te downloaden. FindyKill log ############################## | FindyKill V5.050 | # User : Seppe (Administrators) # SEPPE-PC # Update on 03/09/2010 by El Desaparecido # Start at: 21:55:34 | 11/09/2010 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # Intel® Core2 Duo CPU E6850 @ 3.00GHz # Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # AV : Panda Global Protection 2010 3.01.00 [ Enabled | Updated ] # FW : Panda Personal Firewall 2010[ Enabled ]3.01.00 # C:\ # Lokale vaste schijf # 117,19 Go (72,79 Go free) [systeem] # NTFS # D:\ # Lokale vaste schijf # 348,56 Go (242,14 Go free) [Data] # NTFS # E:\ # Lokale vaste schijf # 298,09 Go (149,98 Go free) [LACIE] # NTFS # F:\ # Cd-rom-schijf # G:\ # Cd-rom-schijf # H:\ # Verwisselbare schijf # 980,72 Mo (911,23 Mo free) [uDISK 2.0] # FAT ################## | Infected File | C:\WINDOWS\prefetch\WINUPGRO.EXE-2D513C93.pf ################## | Registry | ################## | State | # Showing of hidden files : OK # Safe boot mode : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # EapHost -> Start = 3 ( Good = 2 | Bad = 4 ) # Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) ################## | End of Report # FindyKill V5.050 ! | Infected File verwijderen ?
-
yup, Na ik combofix had opgestart heb ik hem afgesloten om te zien of hij het probleem nog had, geen probleem, zoals meestal vlak na ik combofix heb laten draaien. Nu heb ik hem om te testen een 2e keer afgesloten en hij geeft de melding weer.
-
ComboFix 10-09-09.04 - Seppe 11/09/2010 9:58.6.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2030.1509 [GMT 2:00] Gestart vanuit: c:\documents and settings\Seppe\Mijn documenten\Downloads\ComboFix.exe AV: Panda Global Protection 2010 *On-access scanning disabled* (Updated) {8BF935E7-731F-4115-B7A5-789FF5087595} FW: Panda Personal Firewall 2010 *enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2010-08-11 to 2010-09-11 )))))))))))))))))))))))))))))) . 2010-08-12 13:48 . 2010-08-12 13:48 -------- d-----w- c:\documents and settings\Seppe\Application Data\HDRsoft . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-11 07:52 . 2010-01-31 15:45 378068 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck 2010-09-11 07:52 . 2010-01-31 15:45 378068 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT 2010-09-11 07:35 . 2010-01-31 15:45 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck 2010-09-11 07:35 . 2010-01-31 15:45 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG 2010-09-10 20:11 . 2010-06-27 20:29 -------- d-----w- c:\documents and settings\Seppe\Application Data\Bioshock2 2010-09-03 19:38 . 2010-02-06 17:52 -------- d-----w- c:\documents and settings\Seppe\Application Data\uTorrent 2010-09-03 17:55 . 2010-07-01 12:21 -------- d-----w- c:\program files\Microsoft Silverlight 2010-08-14 13:57 . 2006-03-02 12:00 99092 ----a-w- c:\windows\system32\perfc013.dat 2010-08-14 13:57 . 2006-03-02 12:00 527186 ----a-w- c:\windows\system32\perfh013.dat 2010-08-14 13:52 . 2010-01-31 15:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-11 14:01 . 2010-02-23 19:51 -------- d-----w- c:\documents and settings\Seppe\Application Data\gtk-2.0 2010-08-09 09:05 . 2010-08-09 09:05 503808 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-15eaf785-n\msvcp71.dll 2010-08-09 09:05 . 2010-08-09 09:05 499712 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-15eaf785-n\jmc.dll 2010-08-09 09:05 . 2010-08-09 09:05 348160 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-15eaf785-n\msvcr71.dll 2010-08-09 09:05 . 2010-08-09 09:05 61440 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-27a75794-n\decora-sse.dll 2010-08-09 09:05 . 2010-08-09 09:05 12800 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-27a75794-n\decora-d3d.dll 2010-08-03 14:53 . 2010-08-03 14:53 -------- d-----w- c:\documents and settings\Seppe\Application Data\Malwarebytes 2010-08-03 14:53 . 2010-08-03 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-03 12:24 . 2010-01-31 15:18 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-08-03 08:33 . 2010-08-03 08:33 388096 ----a-r- c:\documents and settings\Seppe\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-02 10:49 . 2010-08-02 10:48 -------- d-----w- c:\program files\NVIDIA Corporation 2010-08-02 10:48 . 2010-08-02 10:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2010-08-02 10:48 . 2010-08-02 10:48 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin 2010-08-02 10:48 . 2010-08-02 10:48 1 ----a-w- c:\windows\system32\nvdrssel.bin 2010-08-02 10:48 . 2010-08-02 10:48 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin 2010-08-02 09:35 . 2010-04-07 14:48 -------- d-----w- c:\program files\SystemRequirementsLab 2010-08-02 08:36 . 2010-08-02 08:36 -------- d-----w- c:\program files\Common Files\Java 2010-08-02 08:34 . 2010-04-07 14:46 -------- d-----w- c:\program files\Java 2010-07-17 03:00 . 2010-05-08 07:51 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-09 14:24 . 2010-07-09 14:24 81920 ----a-w- c:\windows\system32\nvwddi.dll 2010-07-07 11:46 . 2010-01-31 15:45 604776 ----a-w- c:\windows\system32\NVUNINST.EXE 2010-07-01 20:29 . 2010-07-01 20:29 221136 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-06-30 12:33 . 2006-03-02 12:00 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2006-03-02 12:00 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2006-03-02 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2006-03-02 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2010-01-31 15:11 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll . ((((((((((((((((((((((((((((( SnapShot_2010-08-18_15.26.15 ))))))))))))))))))))))))))))))))))))))))) . + 2010-09-11 07:32 . 2010-09-11 07:32 16384 c:\windows\Temp\Perflib_Perfdata_2d4.dat + 2010-07-01 12:21 . 2010-09-03 15:28 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2010-07-01 12:21 . 2010-07-01 12:21 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2010-08-13 18:09 . 2010-08-13 18:09 12263936 c:\windows\Installer\3ea29f.msp + 2010-09-03 15:27 . 2010-09-03 15:27 20303872 c:\windows\Installer\10bf93.msp . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-31 135664] "Steam"="d:\program files\Steam\Steam.exe" [2010-09-03 1242448] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" [2009-09-25 906496] "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2010\Inicio.exe" [2009-08-12 56064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "WireLessKeyboard"="c:\program files\Trust\Trust Keyboard 15036\StartAutorun.exe" [2005-11-30 94208] "CreativeMouse "="c:\program files\Mouse Driver\MouseDrv.exe" [2004-06-27 503808] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208] "iTunesHelper"="d:\program files\Itunes\iTunesHelper.exe" [2010-01-22 141608] "Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 1569280] "Prey Laptop Tracker"="c:\prey\platform\windows\cron.exe" [2010-03-30 216648] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 15:58 58672 ----a-w- c:\windows\system32\avldr.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= "d:\\Program Files\\Itunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\r.u.s.e. beta\\Ruse.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\bioshock 2\\SP\\Builds\\Binaries\\Bioshock2Launcher.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\bioshock 2\\MP\\Builds\\Binaries\\Bioshock2Launcher.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\grand theft auto iv\\GTAIV\\LaunchGTAIV.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\world of goo\\WorldOfGoo.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"= "d:\\Program Files\\Ubisoft\\THE SETTLERS - Rise of an Empire\\base\\bin\\Settlers6.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\audiosurf\\engine\\QuestViewer.exe"= R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [31/01/2010 17:44 28552] R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [31/01/2010 17:45 75016] R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [31/01/2010 17:45 53128] R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [31/01/2010 17:45 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [31/01/2010 17:45 193800] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [31/01/2010 17:45 159112] R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [31/01/2010 17:43 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [31/01/2010 17:45 46728] R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [31/01/2010 17:43 163336] R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2010\psksvc.exe [31/01/2010 17:45 28928] R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?] R3 KEYBOARDWDFilter;KEYBOARDWDFilter;c:\windows\system32\drivers\KEYBOARDWD.SYS [31/01/2010 18:50 6528] R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;c:\windows\system32\drivers\neti1639.sys [31/01/2010 17:45 199432] R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?] R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21/02/2010 13:26 135664] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [8/06/2010 20:51 544768] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23/02/2010 21:30 691696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] panda REG_MULTI_SZ Gwmsrv getPlusHelper REG_MULTI_SZ getPlusHelper . Inhoud van de 'Gedeelde Taken' map 2010-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-01-31 c:\windows\Tasks\Basis-opruiming.job - c:\program files\Panda Security\Panda Global Protection 2010\PlaTasks.exe [2010-01-31 12:46] 2010-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 11:26] 2010-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 11:26] 2010-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-823518204-725345543-1004Core.job - c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-31 16:11] 2010-09-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-823518204-725345543-1004UA.job - c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-31 16:11] . . ------- Bijkomende Scan ------- . IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-11 10:12 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-343818398-823518204-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:f8,fd,7b,bc,a6,b9,ca,31,17,b3,5f,0b,89,d3,9f,f3,04,ed,3c,c1,0b,c1,b0, 7c,50,b2,f1,8b,24,fb,6c,d1,cc,be,c9,24,c4,ab,75,34,9c,8d,23,71,27,21,9c,db,\ "??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52,fe,22 [HKEY_USERS\S-1-5-21-343818398-823518204-725345543-1004\Software\SecuROM\License information*] "datasecu"=hex:36,4e,dd,db,47,fc,f3,bd,7c,53,92,c5,8f,03,51,3a,5c,38,dc,85,d0, c6,76,c1,57,e1,2b,e6,93,71,90,17,34,c8,a3,96,b0,47,f6,09,ab,d8,b8,61,a7,f1,\ "rkeysecu"=hex:12,07,cb,85,76,bb,52,4b,55,c6,76,49,5c,f1,72,21 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1060) c:\windows\system32\avldr.dll - - - - - - - > 'explorer.exe'(360) c:\program files\Panda Security\Panda Global Protection 2010\pavoepl.dll d:\program files\Itunes\iTunesMiniPlayer.dll d:\program files\Itunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll d:\program files\Itunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\progra~1\WINDOW~2\wmpband.dll c:\program files\Panda Security\Panda Global Protection 2010\PavTrc.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-09-11 10:13:24 ComboFix-quarantined-files.txt 2010-09-11 08:13 ComboFix2.txt 2010-09-03 20:22 ComboFix3.txt 2010-08-18 15:27 ComboFix4.txt 2010-08-10 20:13 Pre-Run: 77.756.735.488 bytes beschikbaar Post-Run: 77.772.058.624 bytes beschikbaar - - End Of File - - 8CB1BF0D93D53391790A5285AF6ABDC7
-
hoi, sorry voor het terug opendoen van het topic maar blijkbaar is het probleem terug gekeerd. De oplossingen die gegeven zijn werken altijd, maar na een aantal keer krijg ik terug hetzelfde bericht. Dus om het op te lossen open ik eerst Malware Bytes, en dan ComboFix. Maar zou het kunnen zijn dat het probleem iets te maken heeft met Chrome ? Want als ik me goed herinner krijg ik altijd nadat ik Combofix heb uitgevoerd en opnieuw opgestart het bericht dat Chrome niet mijn standaardbrowser is (wat hij normaal wel is). Dus ik klik op instellen als standaard, en meestal krijg ik daarna weer de foutmelding.
-
nu is het probleem opgelost. Allemaal bedankt!
-
CCleaner staat alreeds op de PC en ik start die regelmatig op. De laatste keer was vlak voor ik het topic heb geplaatst, dus ik vrees dat het weinig zal helpen. Ik zal nog eens proberen en zien of het enig effect heeft, maar ik betwijfel het.
-
Yep, ik krijg nog altijd hetzelfde bericht tijdens het afsluiten.
-
COMBOFIX: ComboFix 10-08-03.04 - Seppe 04/08/2010 15:21:05.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2030.1459 [GMT 2:00] Gestart vanuit: c:\documents and settings\Seppe\Mijn documenten\Downloads\ComboFix.exe AV: Panda Global Protection 2010 *On-access scanning disabled* (Updated) {8BF935E7-731F-4115-B7A5-789FF5087595} FW: Panda Personal Firewall 2010 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Voorgaande Run ------- . c:\docume~1\Seppe\LOCALS~1\Temp\install_flash_player.exe . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-04 to 2010-08-04 )))))))))))))))))))))))))))))) . 2010-08-03 14:53 . 2010-08-03 14:53 -------- d-----w- c:\documents and settings\Seppe\Application Data\Malwarebytes 2010-08-03 14:53 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-03 14:53 . 2010-08-03 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-03 14:53 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-03 08:43 . 2010-08-03 15:11 -------- d--h--r- c:\documents and settings\Seppe\Onlangs geopend 2010-08-03 08:33 . 2010-08-03 08:33 388096 ----a-r- c:\documents and settings\Seppe\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-02 10:48 . 2010-08-02 10:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2010-08-02 10:48 . 2010-08-02 10:48 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin 2010-08-02 10:48 . 2010-08-02 10:48 1 ----a-w- c:\windows\system32\nvdrssel.bin 2010-08-02 10:48 . 2010-08-02 10:48 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin 2010-08-02 10:48 . 2010-08-02 10:49 -------- d-----w- c:\program files\NVIDIA Corporation 2010-08-02 10:47 . 2010-07-09 22:38 61440 ----a-w- c:\windows\system32\OpenCL.dll 2010-08-02 10:47 . 2010-07-09 22:38 2914408 ----a-w- c:\windows\system32\nvcuvid.dll 2010-08-02 10:47 . 2010-07-09 22:38 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll 2010-08-02 10:47 . 2010-07-09 22:38 4595712 ----a-w- c:\windows\system32\nvcuda.dll 2010-08-02 10:47 . 2010-07-09 22:38 2195030 ----a-w- c:\windows\system32\nvdata.bin 2010-08-02 10:47 . 2010-07-09 22:38 10260480 ----a-w- c:\windows\system32\nvcompiler.dll 2010-08-02 10:47 . 2010-08-02 10:47 -------- d-----w- C:\NVIDIA 2010-08-02 08:36 . 2010-08-02 08:36 -------- d-----w- c:\program files\Common Files\Java 2010-07-14 09:10 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-04 13:27 . 2010-01-31 15:45 369380 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck 2010-08-04 13:27 . 2010-01-31 15:45 369380 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT 2010-08-04 13:14 . 2010-01-31 15:45 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck 2010-08-04 13:14 . 2010-01-31 15:45 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG 2010-08-03 12:24 . 2010-01-31 15:18 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-08-02 11:28 . 2010-02-06 17:52 -------- d-----w- c:\documents and settings\Seppe\Application Data\uTorrent 2010-08-02 09:35 . 2010-04-07 14:48 -------- d-----w- c:\program files\SystemRequirementsLab 2010-08-02 08:34 . 2010-04-07 14:46 -------- d-----w- c:\program files\Java 2010-07-17 03:00 . 2010-05-08 07:51 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-09 22:38 . 2010-01-31 15:45 604776 ----a-w- c:\windows\system32\nvudisp.exe 2010-07-09 22:38 . 2007-11-07 06:00 6343040 ----a-w- c:\windows\system32\nv4_disp.dll 2010-07-09 22:38 . 2007-11-07 06:00 236136 ----a-w- c:\windows\system32\nvcodins.dll 2010-07-09 22:38 . 2007-11-07 06:00 236136 ----a-w- c:\windows\system32\nvcod.dll 2010-07-09 22:38 . 2007-11-07 06:00 1388544 ----a-w- c:\windows\system32\nvapi.dll 2010-07-09 22:38 . 2007-11-07 06:00 13549568 ----a-w- c:\windows\system32\nvoglnt.dll 2010-07-09 22:38 . 2007-11-07 06:00 10604128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2010-07-07 11:46 . 2010-01-31 15:45 604776 ----a-w- c:\windows\system32\NVUNINST.EXE 2010-07-01 20:29 . 2010-07-01 20:29 221136 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-07-01 15:42 . 2010-06-27 20:29 -------- d-----w- c:\documents and settings\Seppe\Application Data\Bioshock2 2010-07-01 12:21 . 2010-07-01 12:21 -------- d-----w- c:\program files\Microsoft Silverlight 2010-07-01 10:54 . 2010-07-01 10:54 1606 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2010-07-01 10:54 . 2006-03-02 12:00 91214 ----a-w- c:\windows\system32\perfc013.dat 2010-07-01 10:54 . 2006-03-02 12:00 509966 ----a-w- c:\windows\system32\perfh013.dat 2010-06-30 17:48 . 2010-06-30 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SecuROM 2010-06-27 20:26 . 2010-06-27 20:26 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2010-06-14 14:31 . 2010-01-31 15:11 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 11:03 . 2010-06-14 10:00 -------- d-----w- c:\program files\VMware 2010-06-14 11:03 . 2010-06-14 10:00 -------- d-----w- c:\documents and settings\All Users\Application Data\VMware 2010-06-14 11:01 . 2010-06-14 10:46 -------- d-----w- c:\documents and settings\Seppe\Application Data\VMware 2010-06-14 10:43 . 2010-06-14 10:03 -------- d-----w- c:\documents and settings\LocalService\Application Data\VMware 2010-06-12 21:54 . 2010-01-31 15:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-06-08 18:56 . 2010-06-08 18:56 -------- d-----w- c:\documents and settings\Seppe\Application Data\Music Recognition 2010-06-08 18:53 . 2010-06-08 18:51 -------- d-----w- c:\program files\Common Files\MAGIX Shared 2010-06-08 18:53 . 2010-06-08 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX 2010-06-08 17:21 . 2010-06-08 17:19 -------- d-----w- c:\documents and settings\Seppe\Application Data\Synthesia 2010-05-22 15:03 . 2010-05-22 15:03 503808 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5597c587-n\msvcp71.dll 2010-05-22 15:03 . 2010-05-22 15:03 499712 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5597c587-n\jmc.dll 2010-05-22 15:03 . 2010-05-22 15:03 348160 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5597c587-n\msvcr71.dll 2010-05-22 15:02 . 2010-05-22 15:02 61440 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-16bf3440-n\decora-sse.dll 2010-05-22 15:02 . 2010-05-22 15:02 12800 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-16bf3440-n\decora-d3d.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-31 135664] "Steam"="d:\program files\Steam\Steam.exe" [2010-07-01 1238352] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" [2009-09-25 906496] "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2010\Inicio.exe" [2009-08-12 56064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "WireLessKeyboard"="c:\program files\Trust\Trust Keyboard 15036\StartAutorun.exe" [2005-11-30 94208] "CreativeMouse "="c:\program files\Mouse Driver\MouseDrv.exe" [2004-06-27 503808] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-04-10 413696] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208] "iTunesHelper"="d:\program files\Itunes\iTunesHelper.exe" [2010-01-22 141608] "Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 1569280] "Prey Laptop Tracker"="c:\prey\platform\windows\cron.exe" [2010-03-30 216648] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 15:58 58672 ----a-w- c:\windows\system32\avldr.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= "d:\\Program Files\\Itunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\r.u.s.e. beta\\Ruse.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\bioshock 2\\SP\\Builds\\Binaries\\Bioshock2Launcher.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\bioshock 2\\MP\\Builds\\Binaries\\Bioshock2Launcher.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\grand theft auto iv\\GTAIV\\LaunchGTAIV.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\world of goo\\WorldOfGoo.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\audiosurf\\engine\\QuestViewer.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"= "d:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"= "d:\\Program Files\\Ubisoft\\THE SETTLERS - Rise of an Empire\\base\\bin\\Settlers6.exe"= R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [31/01/2010 17:44 28552] R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [31/01/2010 17:45 75016] R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [31/01/2010 17:45 53128] R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [31/01/2010 17:45 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [31/01/2010 17:45 193800] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [31/01/2010 17:45 159112] R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [31/01/2010 17:43 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [31/01/2010 17:45 46728] R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [31/01/2010 17:43 163336] R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2010\psksvc.exe [31/01/2010 17:45 28928] R3 KEYBOARDWDFilter;KEYBOARDWDFilter;c:\windows\system32\drivers\KEYBOARDWD.SYS [31/01/2010 18:50 6528] R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;c:\windows\system32\drivers\neti1639.sys [31/01/2010 17:45 199432] R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21/02/2010 13:26 135664] S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?] S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [8/06/2010 20:51 544768] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23/02/2010 21:30 691696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] panda REG_MULTI_SZ Gwmsrv getPlusHelper REG_MULTI_SZ getPlusHelper . Inhoud van de 'Gedeelde Taken' map 2010-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-01-31 c:\windows\Tasks\Basis-opruiming.job - c:\program files\Panda Security\Panda Global Protection 2010\PlaTasks.exe [2010-01-31 12:46] 2010-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 11:26] 2010-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 11:26] 2010-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-823518204-725345543-1004Core.job - c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-31 16:11] 2010-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-823518204-725345543-1004UA.job - c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-31 16:11] . . ------- Bijkomende Scan ------- . IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab . - - - - ORPHANS VERWIJDERD - - - - AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-343818398-823518204-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:f8,fd,7b,bc,a6,b9,ca,31,17,b3,5f,0b,89,d3,9f,f3,04,ed,3c,c1,0b,c1,b0, 7c,50,b2,f1,8b,24,fb,6c,d1,cc,be,c9,24,c4,ab,75,34,9c,8d,23,71,27,21,9c,db,\ "??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52,fe,22 [HKEY_USERS\S-1-5-21-343818398-823518204-725345543-1004\Software\SecuROM\License information*] "datasecu"=hex:d7,ce,20,14,78,c8,09,40,76,1f,05,f5,e2,08,72,89,bc,a1,99,55,fd, e5,55,8e,5e,f2,35,cd,36,c3,a7,12,60,40,66,ea,a6,a2,30,fe,bf,b2,29,16,71,7b,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1064) c:\windows\system32\avldr.dll - - - - - - - > 'explorer.exe'(2608) c:\program files\Panda Security\Panda Global Protection 2010\pavoepl.dll d:\program files\Itunes\iTunesMiniPlayer.dll d:\program files\Itunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll d:\program files\Itunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\progra~1\WINDOW~2\wmpband.dll c:\program files\Panda Security\Panda Global Protection 2010\PavTrc.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-08-04 15:34:45 ComboFix-quarantined-files.txt 2010-08-04 13:34 Pre-Run: 73.746.096.128 bytes beschikbaar Post-Run: 73.707.085.824 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - 2C3A55F149650D55C7BDC017A29C8201 Hijack This: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:36:43, on 4/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\system32\PnkBstrA.exe c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrv51.exe C:\Program Files\Panda Security\Panda Global Protection 2010\AVENGINE.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE C:\Program Files\Mouse Driver\MouseDrv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe D:\Program Files\Itunes\iTunesHelper.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Prey\platform\windows\cron.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Panda Security\Panda Global Protection 2010\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\PavBckPT.exe C:\WINDOWS\system32\ctfmon.exe C:\ComboFix\CF18181.cfxxe C:\ComboFix\CF18181.cfxxe C:\ComboFix\mbr.cfxxe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\ComboFix\handle.cfxxe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Trust\Trust Keyboard 15036\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [Prey Laptop Tracker] C:\Prey\platform\windows\cron.exe --log O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264951704203 O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrv51.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Audio Service (STacSV) - Unknown owner - c:\docume~1\seppe\locals~1\temp\cdm\{054ae8e7-b69c-47d8-8ba4-09d5e621dce3}\STacSV.exe (file missing) O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 11924 bytes
-
MBAM: Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 4385 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/08/2010 16:58:52 mbam-log-2010-08-03 (16-58-52).txt Scantype: Snelle scan Objecten gescand: 160076 Verstreken tijd: 4 minuut/minuten, 20 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Hijack This: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:11:40, on 3/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\system32\PnkBstrA.exe c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe c:\docume~1\seppe\locals~1\temp\cdm\{054ae8e7-b69c-47d8-8ba4-09d5e621dce3}\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrv51.exe C:\Program Files\Panda Security\Panda Global Protection 2010\AVENGINE.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE C:\Program Files\Mouse Driver\MouseDrv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe D:\Program Files\Itunes\iTunesHelper.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Prey\platform\windows\cron.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\cmd.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\Prey\platform\windows\bin\bash.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Prey\platform\windows\bin\bash.exe C:\Prey\platform\windows\bin\bash.exe C:\Prey\platform\windows\bin\bash.exe C:\Prey\platform\windows\bin\grep.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Panda Security\Panda Global Protection 2010\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\PavBckPT.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\NOTEPAD.EXE D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Trust\Trust Keyboard 15036\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [Prey Laptop Tracker] C:\Prey\platform\windows\cron.exe --log O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264951704203 O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrv51.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\docume~1\seppe\locals~1\temp\cdm\{054ae8e7-b69c-47d8-8ba4-09d5e621dce3}\STacSV.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 12699 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:49:21, on 3/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\system32\PnkBstrA.exe c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe c:\docume~1\seppe\locals~1\temp\cdm\{054ae8e7-b69c-47d8-8ba4-09d5e621dce3}\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrv51.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Panda Security\Panda Global Protection 2010\AVENGINE.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Mouse Driver\MouseDrv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe D:\Program Files\Itunes\iTunesHelper.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Prey\platform\windows\cron.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\WINDOWS\system32\cmd.exe C:\Prey\platform\windows\bin\bash.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Prey\platform\windows\bin\bash.exe C:\Prey\platform\windows\bin\bash.exe C:\Prey\platform\windows\bin\grep.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Panda Security\Panda Global Protection 2010\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Global Protection 2010\PavBckPT.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Trust\Trust Keyboard 15036\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Prey Laptop Tracker] C:\Prey\platform\windows\cron.exe --log O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264951704203 O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrv51.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\docume~1\seppe\locals~1\temp\cdm\{054ae8e7-b69c-47d8-8ba4-09d5e621dce3}\STacSV.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 12052 bytes
-
hallo allemaal, ik hoop dat er iemand hier kan helpen met een 'probleempje' dat ik heb. Telkens als ik mijn desktop wil afsluiten krijg ik eerst het bericht 'Programma beëindigen c:\...\cmd'. OP zich is het geen groot probleem, even klikken op programma beëindigen en hij staat weer af, maar que gebruikersgemak is het toch niet handig. OP de PC staat Windows XP, SP3 en hij is een half jaartje geleden helemaal geformatteerd. Voor de rest is hij ngo vrij standaard, er staan geen scripts op of andere dingen die eventueel het command window zouden gebruiken. Is er een mogelijkheid om dit op te lossen buiten de hele zooi weer opnieuw te installeren ? gz llk
