Programma Beëindigen: CMD

[llk]

CCleaner staat alreeds op de PC en ik start die regelmatig op.

De laatste keer was vlak voor ik het topic heb geplaatst, dus ik vrees dat het weinig zal helpen.

Ik zal nog eens proberen en zien of het enig effect heeft, maar ik betwijfel het.

[kape]

Essentieel was het verwijderen van Combofix. Als je CCleaner met regelmaat gebruikt, is dit maar een extraatje.

[llk]

nu is het probleem opgelost.

Allemaal bedankt!

[llk]

hoi, sorry voor het terug opendoen van het topic maar blijkbaar is het probleem terug gekeerd.

De oplossingen die gegeven zijn werken altijd, maar na een aantal keer krijg ik terug hetzelfde bericht.

Dus om het op te lossen open ik eerst Malware Bytes, en dan ComboFix.

Maar zou het kunnen zijn dat het probleem iets te maken heeft met Chrome ? Want als ik me goed herinner krijg ik altijd nadat ik Combofix heb uitgevoerd en opnieuw opgestart het bericht dat Chrome niet mijn standaardbrowser is (wat hij normaal wel is). Dus ik klik op instellen als standaard, en meestal krijg ik daarna weer de foutmelding.

[kape]

Neen, Chrome zal daar niet de oorzaak van zijn. Bij gebruik van Combofix, wordt de browser wel eens teruggezet naar IE ... en dan krijg je bij een volgende gebruik van Chrome opnieuw de vraag naar de "standaardbrowser".

Wil je je laatste logje - liefst actueel - van Combofix eens in een nieuw bericht plaatsen ?

11 september 2010 aangepast door kape

[llk]

ComboFix 10-09-09.04 - Seppe 11/09/2010 9:58.6.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2030.1509 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Seppe\Mijn documenten\Downloads\ComboFix.exe

AV: Panda Global Protection 2010 *On-access scanning disabled* (Updated) {8BF935E7-731F-4115-B7A5-789FF5087595}

FW: Panda Personal Firewall 2010 *enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-08-11 to 2010-09-11 ))))))))))))))))))))))))))))))

.

2010-08-12 13:48 . 2010-08-12 13:48 -------- d-----w- c:\documents and settings\Seppe\Application Data\HDRsoft

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-11 07:52 . 2010-01-31 15:45 378068 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck

2010-09-11 07:52 . 2010-01-31 15:45 378068 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT

2010-09-11 07:35 . 2010-01-31 15:45 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck

2010-09-11 07:35 . 2010-01-31 15:45 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG

2010-09-10 20:11 . 2010-06-27 20:29 -------- d-----w- c:\documents and settings\Seppe\Application Data\Bioshock2

2010-09-03 19:38 . 2010-02-06 17:52 -------- d-----w- c:\documents and settings\Seppe\Application Data\uTorrent

2010-09-03 17:55 . 2010-07-01 12:21 -------- d-----w- c:\program files\Microsoft Silverlight

2010-08-14 13:57 . 2006-03-02 12:00 99092 ----a-w- c:\windows\system32\perfc013.dat

2010-08-14 13:57 . 2006-03-02 12:00 527186 ----a-w- c:\windows\system32\perfh013.dat

2010-08-14 13:52 . 2010-01-31 15:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-08-11 14:01 . 2010-02-23 19:51 -------- d-----w- c:\documents and settings\Seppe\Application Data\gtk-2.0

2010-08-09 09:05 . 2010-08-09 09:05 503808 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-15eaf785-n\msvcp71.dll

2010-08-09 09:05 . 2010-08-09 09:05 499712 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-15eaf785-n\jmc.dll

2010-08-09 09:05 . 2010-08-09 09:05 348160 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-15eaf785-n\msvcr71.dll

2010-08-09 09:05 . 2010-08-09 09:05 61440 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-27a75794-n\decora-sse.dll

2010-08-09 09:05 . 2010-08-09 09:05 12800 ----a-w- c:\documents and settings\Seppe\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-27a75794-n\decora-d3d.dll

2010-08-03 14:53 . 2010-08-03 14:53 -------- d-----w- c:\documents and settings\Seppe\Application Data\Malwarebytes

2010-08-03 14:53 . 2010-08-03 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-08-03 12:24 . 2010-01-31 15:18 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-08-03 08:33 . 2010-08-03 08:33 388096 ----a-r- c:\documents and settings\Seppe\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-08-02 10:49 . 2010-08-02 10:48 -------- d-----w- c:\program files\NVIDIA Corporation

2010-08-02 10:48 . 2010-08-02 10:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation

2010-08-02 10:48 . 2010-08-02 10:48 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin

2010-08-02 10:48 . 2010-08-02 10:48 1 ----a-w- c:\windows\system32\nvdrssel.bin

2010-08-02 10:48 . 2010-08-02 10:48 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin

2010-08-02 09:35 . 2010-04-07 14:48 -------- d-----w- c:\program files\SystemRequirementsLab

2010-08-02 08:36 . 2010-08-02 08:36 -------- d-----w- c:\program files\Common Files\Java

2010-08-02 08:34 . 2010-04-07 14:46 -------- d-----w- c:\program files\Java

2010-07-17 03:00 . 2010-05-08 07:51 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-07-09 14:24 . 2010-07-09 14:24 81920 ----a-w- c:\windows\system32\nvwddi.dll

2010-07-07 11:46 . 2010-01-31 15:45 604776 ----a-w- c:\windows\system32\NVUNINST.EXE

2010-07-01 20:29 . 2010-07-01 20:29 221136 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2010-06-30 12:33 . 2006-03-02 12:00 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-24 12:27 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-06-24 09:02 . 2006-03-02 12:00 1852032 ----a-w- c:\windows\system32\win32k.sys

2010-06-21 15:27 . 2006-03-02 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-17 14:03 . 2006-03-02 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll

2010-06-14 14:31 . 2010-01-31 15:11 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-14 07:43 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

.

((((((((((((((((((((((((((((( SnapShot_2010-08-18_15.26.15 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-09-11 07:32 . 2010-09-11 07:32 16384 c:\windows\Temp\Perflib_Perfdata_2d4.dat

+ 2010-07-01 12:21 . 2010-09-03 15:28 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

- 2010-07-01 12:21 . 2010-07-01 12:21 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

+ 2010-08-13 18:09 . 2010-08-13 18:09 12263936 c:\windows\Installer\3ea29f.msp

+ 2010-09-03 15:27 . 2010-09-03 15:27 20303872 c:\windows\Installer\10bf93.msp

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-31 135664]

"Steam"="d:\program files\Steam\Steam.exe" [2010-09-03 1242448]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" [2009-09-25 906496]

"SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2010\Inicio.exe" [2009-08-12 56064]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]

"WireLessKeyboard"="c:\program files\Trust\Trust Keyboard 15036\StartAutorun.exe" [2005-11-30 94208]

"CreativeMouse "="c:\program files\Mouse Driver\MouseDrv.exe" [2004-06-27 503808]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]

"iTunesHelper"="d:\program files\Itunes\iTunesHelper.exe" [2010-01-22 141608]

"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 1569280]

"Prey Laptop Tracker"="c:\prey\platform\windows\cron.exe" [2010-03-30 216648]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

2008-03-18 15:58 58672 ----a-w- c:\windows\system32\avldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"d:\\Program Files\\uTorrent\\uTorrent.exe"=

"d:\\Program Files\\Itunes\\iTunes.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\r.u.s.e. beta\\Ruse.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\bioshock 2\\SP\\Builds\\Binaries\\Bioshock2Launcher.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\bioshock 2\\MP\\Builds\\Binaries\\Bioshock2Launcher.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\grand theft auto iv\\GTAIV\\LaunchGTAIV.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\world of goo\\WorldOfGoo.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=

"d:\\Program Files\\Ubisoft\\THE SETTLERS - Rise of an Empire\\base\\bin\\Settlers6.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\audiosurf\\engine\\QuestViewer.exe"=

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [31/01/2010 17:44 28552]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [31/01/2010 17:45 75016]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [31/01/2010 17:45 53128]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [31/01/2010 17:45 22072]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [31/01/2010 17:45 193800]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [31/01/2010 17:45 159112]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [31/01/2010 17:43 41144]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [31/01/2010 17:45 46728]

R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [31/01/2010 17:43 163336]

R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2010\psksvc.exe [31/01/2010 17:45 28928]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 KEYBOARDWDFilter;KEYBOARDWDFilter;c:\windows\system32\drivers\KEYBOARDWD.SYS [31/01/2010 18:50 6528]

R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;c:\windows\system32\drivers\neti1639.sys [31/01/2010 17:45 199432]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21/02/2010 13:26 135664]

S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [8/06/2010 20:51 544768]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23/02/2010 21:30 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

panda REG_MULTI_SZ Gwmsrv

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

2010-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-01-31 c:\windows\Tasks\Basis-opruiming.job

- c:\program files\Panda Security\Panda Global Protection 2010\PlaTasks.exe [2010-01-31 12:46]

2010-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 11:26]

2010-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 11:26]

2010-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-823518204-725345543-1004Core.job

- c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-31 16:11]

2010-09-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-823518204-725345543-1004UA.job

- c:\documents and settings\Seppe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-31 16:11]

.

.

------- Bijkomende Scan -------

.

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-09-11 10:12

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-343818398-823518204-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:f8,fd,7b,bc,a6,b9,ca,31,17,b3,5f,0b,89,d3,9f,f3,04,ed,3c,c1,0b,c1,b0,

7c,50,b2,f1,8b,24,fb,6c,d1,cc,be,c9,24,c4,ab,75,34,9c,8d,23,71,27,21,9c,db,\

"??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52,fe,22

[HKEY_USERS\S-1-5-21-343818398-823518204-725345543-1004\Software\SecuROM\License information*]

"datasecu"=hex:36,4e,dd,db,47,fc,f3,bd,7c,53,92,c5,8f,03,51,3a,5c,38,dc,85,d0,

c6,76,c1,57,e1,2b,e6,93,71,90,17,34,c8,a3,96,b0,47,f6,09,ab,d8,b8,61,a7,f1,\

"rkeysecu"=hex:12,07,cb,85,76,bb,52,4b,55,c6,76,49,5c,f1,72,21

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(1060)

c:\windows\system32\avldr.dll

- - - - - - - > 'explorer.exe'(360)

c:\program files\Panda Security\Panda Global Protection 2010\pavoepl.dll

d:\program files\Itunes\iTunesMiniPlayer.dll

d:\program files\Itunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll

d:\program files\Itunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll

c:\progra~1\WINDOW~2\wmpband.dll

c:\program files\Panda Security\Panda Global Protection 2010\PavTrc.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Voltooingstijd: 2010-09-11 10:13:24

ComboFix-quarantined-files.txt 2010-09-11 08:13

ComboFix2.txt 2010-09-03 20:22

ComboFix3.txt 2010-08-18 15:27

ComboFix4.txt 2010-08-10 20:13

Pre-Run: 77.756.735.488 bytes beschikbaar

Post-Run: 77.772.058.624 bytes beschikbaar

- - End Of File - - 8CB1BF0D93D53391790A5285AF6ABDC7

[kape]

Ook dit ziet er weer (opnieuw) goed uit. Zit je nu nog steeds met hetzelfde probleem ?

[llk]

yup,

Na ik combofix had opgestart heb ik hem afgesloten om te zien of hij het probleem nog had, geen probleem, zoals meestal vlak na ik combofix heb laten draaien.

Nu heb ik hem om te testen een 2e keer afgesloten en hij geeft de melding weer.

[kape]

Download Findykill en laat dit programma runnen. Kies voor de optie 1 en plaats dan het logje in je volgende bericht.

[llk]

Ik krig het bericht dat FindyKill bestanden ontbreekt en dat het daardoor niet kan verdergaan :|

Ik heb hhet programma al terug verwijderd en geherinstalleerd, en nog steeds hetzelfde bericht.

EDIT: Blijkbaar is het nu toch gelukt met het programma te google'n en te downloaden.

FindyKill log

############################## | FindyKill V5.050 |

# User : Seppe (Administrators) # SEPPE-PC

# Update on 03/09/2010 by El Desaparecido

# Start at: 21:55:34 | 11/09/2010

# Website : http://pagesperso-orange.fr/NosTools/index.html

# Contact : FindyKill.Contact@gmail.com

# Intel® Core2 Duo CPU E6850 @ 3.00GHz

# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3

# Internet Explorer 8.0.6001.18702

# Windows Firewall Status : Disabled

# AV : Panda Global Protection 2010 3.01.00 [ Enabled | Updated ]

# FW : Panda Personal Firewall 2010[ Enabled ]3.01.00

# C:\ # Lokale vaste schijf # 117,19 Go (72,79 Go free) [systeem] # NTFS

# D:\ # Lokale vaste schijf # 348,56 Go (242,14 Go free) [Data] # NTFS

# E:\ # Lokale vaste schijf # 298,09 Go (149,98 Go free) [LACIE] # NTFS

# F:\ # Cd-rom-schijf

# G:\ # Cd-rom-schijf

# H:\ # Verwisselbare schijf # 980,72 Mo (911,23 Mo free) [uDISK 2.0] # FAT

################## | Infected File |

C:\WINDOWS\prefetch\WINUPGRO.EXE-2D513C93.pf

################## | Registry |

################## | State |

# Showing of hidden files : OK

# Safe boot mode : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )

# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )

# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )

# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )

# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )

# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | End of Report # FindyKill V5.050 ! |

Infected File verwijderen ?

11 september 2010 aangepast door llk