Ga naar inhoud

[OPGELOST] Spyware

Samuel_Belgium
 Delen

Aanbevolen berichten

Samuel_Belgium Bijdrager

Samuel_Belgium

Geplaatst:
  • Auteur
Geplaatst:

Gelukt.

ComboFix 08-11-22.02 - Samuel 2008-11-23 14:15:27.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1043.18.717 [GMT 1:00]

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\dllcache\beep.sys

c:\windows\system32\eafadbdf6_d.dll

c:\windows\system32\umpndreu.dll

c:\windows\system32\w32apiw.dll

c:\windows\system32\wutcplos.dll

c:\windows\system32\xrbdsy.dll

c:\windows\system32\xvozzn.dll

c:\windows\system32\yhbtrpbt.ini

c:\windows\system32\yiqrjxuk.ini

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_TDSSSERV.SYS

-------\Legacy_TDSSSERV.SYS

(((((((((((((((((((( Bestanden Gemaakt van 2008-10-23 to 2008-11-23 ))))))))))))))))))))))))))))))

.

2008-11-22 19:20 . 2008-11-22 19:20 <DIR> d-------- c:\program files\Lavasoft

2008-11-22 19:20 . 2008-11-22 19:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft

2008-11-22 19:09 . 2008-11-22 19:10 <DIR> d-------- c:\program files\CleanUp!

2008-11-22 18:06 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe

2008-11-22 18:06 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe

2008-11-22 18:06 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe

2008-11-22 18:06 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe

2008-11-22 18:06 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe

2008-11-22 18:06 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe

2008-11-22 18:06 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe

2008-11-22 18:06 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe

2008-11-22 18:06 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe

2008-11-22 18:06 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe

2008-11-22 18:06 . 2008-11-22 18:06 3,934 --a------ c:\windows\system32\tmp.reg

2008-11-22 17:57 . 2008-11-22 17:57 <DIR> d-------- c:\program files\Enigma Software Group

2008-11-22 17:02 . 2008-11-22 17:15 <DIR> d-------- c:\program files\SpyNoMore

2008-11-22 17:02 . 2008-11-22 17:02 <DIR> d-------- c:\program files\Common Files\Download Manager

2008-11-22 17:02 . 2008-11-22 17:02 1,152 --a------ c:\windows\system32\windrv.sys

2008-11-22 15:58 . 2008-11-22 15:58 <DIR> d-------- c:\program files\XoftSpySE

2008-11-22 15:58 . 2008-11-22 15:58 <DIR> d-------- c:\program files\ClamWinPortable

2008-11-21 21:27 . 2008-11-22 17:37 <DIR> d-------- C:\!KillBox

2008-11-21 21:22 . 2008-11-23 14:15 <DIR> d-------- c:\windows\system32\CatRoot2

2008-11-21 18:53 . 2008-11-21 21:00 73,728 --a------ c:\windows\system32\TDSSxfum.dll

2008-11-21 18:53 . 2008-11-21 20:59 31,232 --a------ c:\windows\system32\TDSSrtql.dll

2008-11-21 18:53 . 2008-11-21 20:59 29,696 --a------ c:\windows\system32\TDSShrxr.dll

2008-11-21 18:53 . 2008-11-23 14:07 2,336 --a------ c:\windows\system32\TDSSlxwp.dll

2008-11-21 18:53 . 2008-11-21 20:59 527 --a------ c:\windows\system32\TDSSlrvd.dat

2008-11-21 18:48 . 2008-11-21 18:48 <DIR> d-------- c:\program files\Trend Micro

2008-11-21 18:45 . 2008-11-21 20:59 35,840 --a------ c:\windows\system32\TDSSoiqt.dll

2008-11-21 17:34 . 2008-11-21 17:34 <DIR> d-------- c:\windows\ERUNT

2008-11-20 22:21 . 2008-11-21 16:44 <DIR> d-------- c:\program files\Spyware Terminator

2008-11-20 22:21 . 2008-11-21 21:30 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Spyware Terminator

2008-11-20 22:21 . 2008-11-21 21:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spyware Terminator

2008-11-20 22:21 . 2008-11-20 22:21 141,312 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys

2008-11-20 21:05 . 2008-11-20 21:05 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Sunbelt Software

2008-11-20 21:05 . 2008-11-20 21:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sunbelt Software

2008-11-20 21:05 . 2008-11-20 21:05 0 --a------ c:\windows\system32\SBRC.dat

2008-11-20 21:05 . 2008-11-20 21:05 0 --a------ c:\windows\system32\SBFC.dat

2008-11-20 21:04 . 2008-11-20 21:04 <DIR> d-------- c:\program files\Sunbelt Software

2008-11-20 20:00 . 2008-11-21 20:59 60,416 --a------ c:\windows\system32\drivers\TDSSmqlt.sys

2008-11-15 21:48 . 2008-11-23 14:12 <DIR> dr-h----- c:\documents and settings\Samuel\Onlangs geopend

2008-11-15 14:16 . 2008-11-15 19:08 <DIR> d-------- c:\program files\Album Cover Art Downloader

2008-11-15 14:16 . 2008-11-15 14:37 <DIR> d-------- c:\documents and settings\Samuel\Application Data\albumart

2008-11-14 19:57 . 2008-11-14 19:57 <DIR> d-------- c:\program files\CopyRightLeft

2008-11-12 14:21 . 2008-11-12 16:08 <DIR> d-------- c:\program files\IObit

2008-11-11 18:38 . 2008-11-11 18:38 <DIR> d-------- c:\program files\Mp3tag

2008-11-11 18:38 . 2008-11-11 18:38 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Mp3tag

2008-11-11 15:42 . 2008-11-15 15:36 <DIR> d-------- c:\program files\MP3Gain

2008-11-11 14:28 . 2008-11-11 14:28 <DIR> d-------- c:\program files\Google

2008-11-11 14:26 . 2008-11-11 14:26 <DIR> d-------- c:\windows\system32\URTTemp

2008-11-10 21:52 . 2008-11-10 21:58 <DIR> d-------- c:\documents and settings\Samuel\Application Data\gtk-2.0

2008-11-10 21:52 . 2008-11-10 21:52 <DIR> d-------- c:\documents and settings\Samuel\.thumbnails

2008-11-10 21:15 . 2008-11-10 21:15 <DIR> d-------- c:\program files\DivX

2008-11-10 16:06 . 2008-11-11 11:46 <DIR> d-------- c:\program files\TagRename

2008-11-09 20:05 . 2008-11-11 12:07 <DIR> d-------- c:\documents and settings\Samuel\.gimp-2.6

2008-11-09 20:05 . 2008-11-09 20:05 <DIR> d-------- c:\documents and settings\Samuel\.gegl-0.0

2008-11-09 20:03 . 2008-11-09 20:03 <DIR> d-------- c:\program files\Gimp-2.0

2008-11-09 19:13 . 2008-11-09 19:13 <DIR> d-------- c:\program files\Symantec

2008-11-09 16:54 . 2008-11-09 16:54 <DIR> d-------- c:\program files\Nattyware

2008-11-09 15:13 . 2008-11-09 15:13 40,960 --a------ c:\windows\system32\kmqclfdc.dll

2008-11-08 15:09 . 2008-11-08 15:15 <DIR> d-------- c:\documents and settings\Samuel\Application Data\PowerChallenge

2008-11-08 15:03 . 2008-11-08 15:03 40,960 --a------ c:\windows\system32\ttunjouh.dll

2008-11-03 19:03 . 2008-11-09 21:42 <DIR> d-------- c:\program files\CoreFTP

2008-11-03 19:03 . 2008-11-18 21:07 <DIR> d-------- c:\documents and settings\Samuel\Application Data\CoreFTP

2008-11-01 14:58 . 2008-11-01 15:02 <DIR> d-------- c:\windows\system32\Adobe

2008-10-28 19:15 . 2008-10-28 19:15 <DIR> d-------- c:\documents and settings\Samuel\Application Data\JGsoft

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-22 18:20 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-11-22 16:36 --------- d-----w c:\documents and settings\Samuel\Application Data\uTorrent

2008-11-22 10:26 --------- d-----w c:\documents and settings\Samuel\Application Data\Creative

2008-11-11 13:29 --------- d--h--w c:\program files\InstallShield Installation Information

2008-11-10 17:52 --------- d-----w c:\program files\Common Files\Real

2008-11-09 20:42 --------- d-----w c:\program files\Eraser

2008-11-09 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet

2008-11-08 15:03 --------- d-----w c:\program files\MessengerDiscovery

2008-11-01 13:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2008-10-27 21:24 --------- d-----w c:\program files\Common Files\Adobe

2008-10-19 14:20 --------- d-----w c:\documents and settings\Samuel\Application Data\FileZilla

2008-10-17 18:20 --------- d-----w c:\documents and settings\Samuel\Application Data\SmartFTP

2008-10-17 15:41 --------- d-----w c:\program files\Avant Browser

2008-10-14 15:32 --------- d--h--w c:\documents and settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}

2008-10-09 15:29 --------- d-----w c:\program files\RegSupreme Pro

2008-10-07 17:57 --------- d-----w c:\program files\Prisma

2008-10-07 14:17 --------- d-----w c:\program files\DAEMON Tools Lite

2008-10-06 11:55 --------- d-----w c:\program files\Microsoft Silverlight

2008-10-06 11:47 --------- d-----w c:\program files\DAEMON Tools Toolbar

2008-10-06 11:45 717,296 ----a-w c:\windows\system32\drivers\sptd.sys

2008-10-06 11:45 --------- d-----w c:\documents and settings\Samuel\Application Data\DAEMON Tools

2008-10-04 18:46 --------- d-----w c:\program files\TuneUp Utilities 2008

2008-10-04 18:46 --------- d-----w c:\documents and settings\Samuel\Application Data\TuneUp Software

2008-10-04 18:46 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software

2008-10-04 14:27 --------- d-----w c:\program files\NKProds

2008-10-04 14:27 --------- d-----w c:\documents and settings\Samuel\Application Data\nCleaner

2008-09-29 19:36 --------- d-----w c:\program files\Creative

2008-09-29 19:35 --------- d--h--w c:\program files\Creative Installation Information

2008-09-29 19:35 --------- d-----w c:\program files\Common Files\Creative

2008-09-29 19:34 --------- d-----w c:\documents and settings\All Users\Application Data\Creative

2008-09-23 19:19 --------- d-----w c:\documents and settings\Samuel\Application Data\Media Player Classic

2008-09-23 18:58 --------- d-----w c:\program files\Graphmatica

2008-08-30 11:17 606,848 ----a-w c:\windows\flashax.exe

2008-08-30 11:17 12,288 ----a-w c:\windows\impborl.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]

"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 700416]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

"Eraser"="c:\program files\Eraser\Eraser.exe" [2007-12-23 916240]

"Systweak Wallpaper Changer"="c:\program files\Advanced System Optimizer\wallpaper.exe" [2007-06-22 151280]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-13 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 270336]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-02-13 7557120]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-02-13 86016]

"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 1569280]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"fssui"="c:\program files\Windows Live\Family Safety\fssui.exe" [2007-12-17 243240]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"SBCSTray"="c:\program files\Sunbelt Software\CounterSpy\SBCSTray.exe" [2007-11-28 698864]

"SNM"="c:\program files\SpyNoMore\SNM.exe" [2008-11-22 1058816]

"SpyHunter Security Suite"="c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-09-10 864256]

"nwiz"="nwiz.exe" [2006-02-13 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\Samuel\Menu Start\Programma's\Opstarten\

Adobe Media Player.lnk - c:\program files\Adobe Media Player\Adobe Media Player.exe [2008-09-01 260096]

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 101784]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RegCompact]

2008-04-16 13:24 165368 c:\windows\system32\RegCompact.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-08-31 43816]

R2 fsssvc;Windows Live OneCare Family Safety;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2007-12-17 523816]

R2 UxTuneUp;TuneUp Thema-uitbreiding;c:\windows\System32\svchost.exe -k netsvcs [2008-04-15 14336]

R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\c:\windows\system32\ASNDIS5.SYS [2008-08-30 16269]

S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-04 355584]

S3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" -k runservice [2008-10-18 24635]

S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe wampmysqld []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

*Newly Created Service* - MCHINJDRV

.

Inhoud van de 'Gedeelde Taken' map

2008-11-23 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]

2008-11-19 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

.

.

------- Bijkomende Scan -------

.

FireFox -: Profile - c:\documents and settings\Samuel\Application Data\Mozilla\Firefox\Profiles\wy0h43wd.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.be

FF -: plugin - c:\documents and settings\Samuel\Application Data\Mozilla\Firefox\Profiles\wy0h43wd.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll

FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll

FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-23 14:17:48

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(908)

c:\windows\system32\RegCompact.dll

c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

- - - - - - - > 'lsass.exe'(964)

c:\windows\system32\nvappfilter.dll

c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Lavasoft\Ad-Aware\aawservice.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\windows\ATKKBService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\CTSVCCDA.EXE

c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe

c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

c:\windows\system32\nvsvc32.exe

c:\program files\Sunbelt Software\CounterSpy\SBCSSvc.exe

c:\program files\Spyware Terminator\sp_rsser.exe

c:\windows\system32\wdfmgr.exe

c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\rundll32.exe

c:\program files\PC Connectivity Solution\ServiceLayer.exe

c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe

c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\PC Connectivity Solution\Transports\NclToBTSrv.exe

c:\program files\Common Files\Nokia\MPAPI\MPAPI3s.exe

c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe

.

**************************************************************************

.

Voltooingstijd: 2008-11-23 14:19:44 - machine werd herstart

ComboFix-quarantined-files.txt 2008-11-23 13:19:40

Pre-Run: 2,771,767,296 bytes beschikbaar

Post-Run: 2,824,781,824 bytes beschikbaar

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer /TUTag=4KGVV1 /Kernel=TUKernel.exe

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /usepmtimer /TUTag=4KGVV1-BAK

273

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dat is al iets ...

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\tmp.reg

c:\windows\system32\VCCLSID.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\VACFix.exe

c:\windows\system32\o4Patch.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\IEDFix.C.exe

c:\windows\system32\404Fix.exe

c:\windows\system32\Process.exe

c:\windows\system32\dumphive.exe

c:\windows\system32\WS2Fix.exe

c:\windows\system32\TDSSxfum.dll

c:\windows\system32\TDSSrtql.dll

c:\windows\system32\TDSShrxr.dll

c:\windows\system32\TDSSlxwp.dll

c:\windows\system32\TDSSlrvd.dat

c:\windows\system32\TDSSoiqt.dll

c:\windows\system32\kmqclfdc.dll

c:\windows\system32\ttunjouh.dll

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites
Samuel_Belgium Bijdrager

Samuel_Belgium

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 08-11-22.02 - Samuel 2008-11-23 19:26:55.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1043.18.363 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Samuel\Mijn documenten\CombosFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Samuel\Mijn documenten\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

FILE ::

c:\windows\system32\tmp.reg

c:\windows\system32\VCCLSID.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\VACFix.exe

c:\windows\system32\o4Patch.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\IEDFix.C.exe

c:\windows\system32\404Fix.exe

c:\windows\system32\Process.exe

c:\windows\system32\dumphive.exe

c:\windows\system32\WS2Fix.exe

c:\windows\system32\TDSSxfum.dll

c:\windows\system32\TDSSrtql.dll

c:\windows\system32\TDSShrxr.dll

c:\windows\system32\TDSSlxwp.dll

c:\windows\system32\TDSSlrvd.dat

c:\windows\system32\TDSSoiqt.dll

c:\windows\system32\kmqclfdc.dll

c:\windows\system32\ttunjouh.dll

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\tmp.reg

c:\windows\system32\VCCLSID.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\VACFix.exe

c:\windows\system32\o4Patch.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\IEDFix.C.exe

c:\windows\system32\404Fix.exe

c:\windows\system32\Process.exe

c:\windows\system32\dumphive.exe

c:\windows\system32\WS2Fix.exe

c:\windows\system32\TDSSxfum.dll

c:\windows\system32\TDSSrtql.dll

c:\windows\system32\TDSShrxr.dll

c:\windows\system32\TDSSlxwp.dll

c:\windows\system32\TDSSlrvd.dat

c:\windows\system32\TDSSoiqt.dll

c:\windows\system32\kmqclfdc.dll

c:\windows\system32\ttunjouh.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-10-23 to 2008-11-23 ))))))))))))))))))))))))))))))

.

2008-11-23 14:23 . 2008-11-23 14:23 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2008-11-23 14:23 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-11-23 14:23 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-11-22 19:20 . 2008-11-22 19:20 <DIR> d-------- c:\program files\Lavasoft

2008-11-22 19:20 . 2008-11-22 19:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft

2008-11-22 19:09 . 2008-11-22 19:10 <DIR> d-------- c:\program files\CleanUp!

2008-11-22 17:57 . 2008-11-22 17:57 <DIR> d-------- c:\program files\Enigma Software Group

2008-11-22 17:02 . 2008-11-22 17:15 <DIR> d-------- c:\program files\SpyNoMore

2008-11-22 17:02 . 2008-11-22 17:02 <DIR> d-------- c:\program files\Common Files\Download Manager

2008-11-22 17:02 . 2008-11-22 17:02 1,152 --a------ c:\windows\system32\windrv.sys

2008-11-22 15:58 . 2008-11-22 15:58 <DIR> d-------- c:\program files\XoftSpySE

2008-11-22 15:58 . 2008-11-22 15:58 <DIR> d-------- c:\program files\ClamWinPortable

2008-11-21 21:27 . 2008-11-22 17:37 <DIR> d-------- C:\!KillBox

2008-11-21 21:22 . 2008-11-23 15:24 <DIR> d-------- c:\windows\system32\CatRoot2

2008-11-21 18:48 . 2008-11-21 18:48 <DIR> d-------- c:\program files\Trend Micro

2008-11-21 17:34 . 2008-11-21 17:34 <DIR> d-------- c:\windows\ERUNT

2008-11-20 22:21 . 2008-11-21 16:44 <DIR> d-------- c:\program files\Spyware Terminator

2008-11-20 22:21 . 2008-11-21 21:30 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Spyware Terminator

2008-11-20 22:21 . 2008-11-21 21:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spyware Terminator

2008-11-20 22:21 . 2008-11-20 22:21 141,312 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys

2008-11-20 21:05 . 2008-11-20 21:05 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Sunbelt Software

2008-11-20 21:05 . 2008-11-20 21:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sunbelt Software

2008-11-20 21:05 . 2008-11-20 21:05 0 --a------ c:\windows\system32\SBRC.dat

2008-11-20 21:05 . 2008-11-20 21:05 0 --a------ c:\windows\system32\SBFC.dat

2008-11-20 21:04 . 2008-11-20 21:04 <DIR> d-------- c:\program files\Sunbelt Software

2008-11-15 21:48 . 2008-11-23 16:05 <DIR> dr-h----- c:\documents and settings\Samuel\Onlangs geopend

2008-11-15 14:16 . 2008-11-15 19:08 <DIR> d-------- c:\program files\Album Cover Art Downloader

2008-11-15 14:16 . 2008-11-15 14:37 <DIR> d-------- c:\documents and settings\Samuel\Application Data\albumart

2008-11-14 19:57 . 2008-11-14 19:57 <DIR> d-------- c:\program files\CopyRightLeft

2008-11-12 14:21 . 2008-11-12 16:08 <DIR> d-------- c:\program files\IObit

2008-11-11 18:38 . 2008-11-11 18:38 <DIR> d-------- c:\program files\Mp3tag

2008-11-11 18:38 . 2008-11-11 18:38 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Mp3tag

2008-11-11 15:42 . 2008-11-15 15:36 <DIR> d-------- c:\program files\MP3Gain

2008-11-11 14:28 . 2008-11-11 14:28 <DIR> d-------- c:\program files\Google

2008-11-11 14:26 . 2008-11-11 14:26 <DIR> d-------- c:\windows\system32\URTTemp

2008-11-10 21:52 . 2008-11-10 21:58 <DIR> d-------- c:\documents and settings\Samuel\Application Data\gtk-2.0

2008-11-10 21:52 . 2008-11-10 21:52 <DIR> d-------- c:\documents and settings\Samuel\.thumbnails

2008-11-10 21:15 . 2008-11-10 21:15 <DIR> d-------- c:\program files\DivX

2008-11-10 16:06 . 2008-11-11 11:46 <DIR> d-------- c:\program files\TagRename

2008-11-09 20:05 . 2008-11-11 12:07 <DIR> d-------- c:\documents and settings\Samuel\.gimp-2.6

2008-11-09 20:05 . 2008-11-09 20:05 <DIR> d-------- c:\documents and settings\Samuel\.gegl-0.0

2008-11-09 20:03 . 2008-11-09 20:03 <DIR> d-------- c:\program files\Gimp-2.0

2008-11-09 19:13 . 2008-11-09 19:13 <DIR> d-------- c:\program files\Symantec

2008-11-09 16:54 . 2008-11-09 16:54 <DIR> d-------- c:\program files\Nattyware

2008-11-08 15:09 . 2008-11-08 15:15 <DIR> d-------- c:\documents and settings\Samuel\Application Data\PowerChallenge

2008-11-03 19:03 . 2008-11-09 21:42 <DIR> d-------- c:\program files\CoreFTP

2008-11-03 19:03 . 2008-11-18 21:07 <DIR> d-------- c:\documents and settings\Samuel\Application Data\CoreFTP

2008-11-01 14:58 . 2008-11-01 15:02 <DIR> d-------- c:\windows\system32\Adobe

2008-10-28 19:15 . 2008-10-28 19:15 <DIR> d-------- c:\documents and settings\Samuel\Application Data\JGsoft

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-22 18:20 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-11-22 16:36 --------- d-----w c:\documents and settings\Samuel\Application Data\uTorrent

2008-11-22 10:26 --------- d-----w c:\documents and settings\Samuel\Application Data\Creative

2008-11-11 13:29 --------- d--h--w c:\program files\InstallShield Installation Information

2008-11-10 17:52 --------- d-----w c:\program files\Common Files\Real

2008-11-09 20:42 --------- d-----w c:\program files\Eraser

2008-11-09 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet

2008-11-08 15:03 --------- d-----w c:\program files\MessengerDiscovery

2008-11-01 13:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2008-10-27 21:24 --------- d-----w c:\program files\Common Files\Adobe

2008-10-19 14:20 --------- d-----w c:\documents and settings\Samuel\Application Data\FileZilla

2008-10-17 18:20 --------- d-----w c:\documents and settings\Samuel\Application Data\SmartFTP

2008-10-17 15:41 --------- d-----w c:\program files\Avant Browser

2008-10-14 15:32 --------- d--h--w c:\documents and settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}

2008-10-09 15:29 --------- d-----w c:\program files\RegSupreme Pro

2008-10-07 17:57 --------- d-----w c:\program files\Prisma

2008-10-07 14:17 --------- d-----w c:\program files\DAEMON Tools Lite

2008-10-06 11:55 --------- d-----w c:\program files\Microsoft Silverlight

2008-10-06 11:47 --------- d-----w c:\program files\DAEMON Tools Toolbar

2008-10-06 11:45 717,296 ----a-w c:\windows\system32\drivers\sptd.sys

2008-10-06 11:45 --------- d-----w c:\documents and settings\Samuel\Application Data\DAEMON Tools

2008-10-04 19:12 2,289,152 ----a-w c:\windows\system32\TUKernel.exe

2008-10-04 18:46 355,584 ----a-w c:\windows\system32\TuneUpDefragService.exe

2008-10-04 18:46 --------- d-----w c:\program files\TuneUp Utilities 2008

2008-10-04 18:46 --------- d-----w c:\documents and settings\Samuel\Application Data\TuneUp Software

2008-10-04 18:46 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software

2008-10-04 14:27 --------- d-----w c:\program files\NKProds

2008-10-04 14:27 --------- d-----w c:\documents and settings\Samuel\Application Data\nCleaner

2008-09-29 19:36 --------- d-----w c:\program files\Creative

2008-09-29 19:35 --------- d--h--w c:\program files\Creative Installation Information

2008-09-29 19:35 --------- d-----w c:\program files\Common Files\Creative

2008-09-29 19:34 --------- d-----w c:\documents and settings\All Users\Application Data\Creative

2008-09-23 19:19 --------- d-----w c:\documents and settings\Samuel\Application Data\Media Player Classic

2008-09-23 18:58 --------- d-----w c:\program files\Graphmatica

2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll

2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll

2008-08-30 19:51 499,712 ----a-w c:\windows\system32\msvcp71.dll

2008-08-30 19:51 348,160 ----a-w c:\windows\system32\msvcr71.dll

2008-08-30 19:29 107,888 ----a-w c:\windows\system32\CmdLineExt.dll

2008-08-30 11:17 606,848 ----a-w c:\windows\flashax.exe

2008-08-30 11:17 12,288 ----a-w c:\windows\impborl.dll

2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe

2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]

"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 700416]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

"Eraser"="c:\program files\Eraser\Eraser.exe" [2007-12-23 916240]

"Systweak Wallpaper Changer"="c:\program files\Advanced System Optimizer\wallpaper.exe" [2007-06-22 151280]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-13 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 270336]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-02-13 7557120]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-02-13 86016]

"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 1569280]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"fssui"="c:\program files\Windows Live\Family Safety\fssui.exe" [2007-12-17 243240]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"SBCSTray"="c:\program files\Sunbelt Software\CounterSpy\SBCSTray.exe" [2007-11-28 698864]

"SNM"="c:\program files\SpyNoMore\SNM.exe" [2008-11-22 1058816]

"SpyHunter Security Suite"="c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-09-10 864256]

"nwiz"="nwiz.exe" [2006-02-13 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\Samuel\Menu Start\Programma's\Opstarten\

Adobe Media Player.lnk - c:\program files\Adobe Media Player\Adobe Media Player.exe [2008-09-01 260096]

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 101784]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RegCompact]

2008-04-16 13:24 165368 c:\windows\system32\RegCompact.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-08-31 43816]

R2 fsssvc;Windows Live OneCare Family Safety;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2007-12-17 523816]

R2 UxTuneUp;TuneUp Thema-uitbreiding;c:\windows\System32\svchost.exe -k netsvcs [2008-04-15 14336]

R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\c:\windows\system32\ASNDIS5.SYS [2008-08-30 16269]

S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-04 355584]

S3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" -k runservice [2008-10-18 24635]

S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe wampmysqld []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Inhoud van de 'Gedeelde Taken' map

2008-11-23 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]

2008-11-19 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-23 16:28:53

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(908)

c:\windows\system32\RegCompact.dll

c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

- - - - - - - > 'lsass.exe'(964)

c:\windows\system32\nvappfilter.dll

c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

.

Voltooingstijd: 2008-11-23 16:29:51

ComboFix-quarantined-files.txt 2008-11-23 15:29:49

ComboFix2.txt 2008-11-23 13:19:46

Pre-Run: 2.736.738.304 bytes beschikbaar

Post-Run: 2,767,720,448 bytes beschikbaar

242

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:30:17, on 23/11/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\ATKKBService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Windows Live\Family Safety\fsssvc.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\ASUS\WLAN Card Utilities\Center.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Windows Live\Family Safety\fssui.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\Eraser\Eraser.exe

C:\Program Files\Advanced System Optimizer\wallpaper.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Adobe Media Player\Adobe Media Player.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

O4 - HKLM\..\Run: [sNM] C:\Program Files\SpyNoMore\SNM.exe /startup

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide

O4 - HKCU\..\Run: [systweak Wallpaper Changer] C:\Program Files\Advanced System Optimizer\wallpaper.exe -minimize

O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Bluetooth Manager.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220188919921

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220203462546

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe

--

End of file - 10798 bytes

Link naar reactie
Delen op andere sites
Samuel_Belgium Bijdrager

Samuel_Belgium

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 08-11-22.02 - Samuel 2008-11-23 19:26:55.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1043.18.363 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Samuel\Mijn documenten\CombosFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Samuel\Mijn documenten\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

FILE ::

c:\windows\system32\tmp.reg

c:\windows\system32\VCCLSID.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\VACFix.exe

c:\windows\system32\o4Patch.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\IEDFix.C.exe

c:\windows\system32\404Fix.exe

c:\windows\system32\Process.exe

c:\windows\system32\dumphive.exe

c:\windows\system32\WS2Fix.exe

c:\windows\system32\TDSSxfum.dll

c:\windows\system32\TDSSrtql.dll

c:\windows\system32\TDSShrxr.dll

c:\windows\system32\TDSSlxwp.dll

c:\windows\system32\TDSSlrvd.dat

c:\windows\system32\TDSSoiqt.dll

c:\windows\system32\kmqclfdc.dll

c:\windows\system32\ttunjouh.dll

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\tmp.reg

c:\windows\system32\VCCLSID.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\VACFix.exe

c:\windows\system32\o4Patch.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\IEDFix.C.exe

c:\windows\system32\404Fix.exe

c:\windows\system32\Process.exe

c:\windows\system32\dumphive.exe

c:\windows\system32\WS2Fix.exe

c:\windows\system32\TDSSxfum.dll

c:\windows\system32\TDSSrtql.dll

c:\windows\system32\TDSShrxr.dll

c:\windows\system32\TDSSlxwp.dll

c:\windows\system32\TDSSlrvd.dat

c:\windows\system32\TDSSoiqt.dll

c:\windows\system32\kmqclfdc.dll

c:\windows\system32\ttunjouh.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-10-23 to 2008-11-23 ))))))))))))))))))))))))))))))

.

2008-11-23 14:23 . 2008-11-23 14:23 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2008-11-23 14:23 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-11-23 14:23 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-11-22 19:20 . 2008-11-22 19:20 <DIR> d-------- c:\program files\Lavasoft

2008-11-22 19:20 . 2008-11-22 19:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft

2008-11-22 19:09 . 2008-11-22 19:10 <DIR> d-------- c:\program files\CleanUp!

2008-11-22 17:57 . 2008-11-22 17:57 <DIR> d-------- c:\program files\Enigma Software Group

2008-11-22 17:02 . 2008-11-22 17:15 <DIR> d-------- c:\program files\SpyNoMore

2008-11-22 17:02 . 2008-11-22 17:02 <DIR> d-------- c:\program files\Common Files\Download Manager

2008-11-22 17:02 . 2008-11-22 17:02 1,152 --a------ c:\windows\system32\windrv.sys

2008-11-22 15:58 . 2008-11-22 15:58 <DIR> d-------- c:\program files\XoftSpySE

2008-11-22 15:58 . 2008-11-22 15:58 <DIR> d-------- c:\program files\ClamWinPortable

2008-11-21 21:27 . 2008-11-22 17:37 <DIR> d-------- C:\!KillBox

2008-11-21 21:22 . 2008-11-23 15:24 <DIR> d-------- c:\windows\system32\CatRoot2

2008-11-21 18:48 . 2008-11-21 18:48 <DIR> d-------- c:\program files\Trend Micro

2008-11-21 17:34 . 2008-11-21 17:34 <DIR> d-------- c:\windows\ERUNT

2008-11-20 22:21 . 2008-11-21 16:44 <DIR> d-------- c:\program files\Spyware Terminator

2008-11-20 22:21 . 2008-11-21 21:30 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Spyware Terminator

2008-11-20 22:21 . 2008-11-21 21:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spyware Terminator

2008-11-20 22:21 . 2008-11-20 22:21 141,312 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys

2008-11-20 21:05 . 2008-11-20 21:05 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Sunbelt Software

2008-11-20 21:05 . 2008-11-20 21:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sunbelt Software

2008-11-20 21:05 . 2008-11-20 21:05 0 --a------ c:\windows\system32\SBRC.dat

2008-11-20 21:05 . 2008-11-20 21:05 0 --a------ c:\windows\system32\SBFC.dat

2008-11-20 21:04 . 2008-11-20 21:04 <DIR> d-------- c:\program files\Sunbelt Software

2008-11-15 21:48 . 2008-11-23 16:05 <DIR> dr-h----- c:\documents and settings\Samuel\Onlangs geopend

2008-11-15 14:16 . 2008-11-15 19:08 <DIR> d-------- c:\program files\Album Cover Art Downloader

2008-11-15 14:16 . 2008-11-15 14:37 <DIR> d-------- c:\documents and settings\Samuel\Application Data\albumart

2008-11-14 19:57 . 2008-11-14 19:57 <DIR> d-------- c:\program files\CopyRightLeft

2008-11-12 14:21 . 2008-11-12 16:08 <DIR> d-------- c:\program files\IObit

2008-11-11 18:38 . 2008-11-11 18:38 <DIR> d-------- c:\program files\Mp3tag

2008-11-11 18:38 . 2008-11-11 18:38 <DIR> d-------- c:\documents and settings\Samuel\Application Data\Mp3tag

2008-11-11 15:42 . 2008-11-15 15:36 <DIR> d-------- c:\program files\MP3Gain

2008-11-11 14:28 . 2008-11-11 14:28 <DIR> d-------- c:\program files\Google

2008-11-11 14:26 . 2008-11-11 14:26 <DIR> d-------- c:\windows\system32\URTTemp

2008-11-10 21:52 . 2008-11-10 21:58 <DIR> d-------- c:\documents and settings\Samuel\Application Data\gtk-2.0

2008-11-10 21:52 . 2008-11-10 21:52 <DIR> d-------- c:\documents and settings\Samuel\.thumbnails

2008-11-10 21:15 . 2008-11-10 21:15 <DIR> d-------- c:\program files\DivX

2008-11-10 16:06 . 2008-11-11 11:46 <DIR> d-------- c:\program files\TagRename

2008-11-09 20:05 . 2008-11-11 12:07 <DIR> d-------- c:\documents and settings\Samuel\.gimp-2.6

2008-11-09 20:05 . 2008-11-09 20:05 <DIR> d-------- c:\documents and settings\Samuel\.gegl-0.0

2008-11-09 20:03 . 2008-11-09 20:03 <DIR> d-------- c:\program files\Gimp-2.0

2008-11-09 19:13 . 2008-11-09 19:13 <DIR> d-------- c:\program files\Symantec

2008-11-09 16:54 . 2008-11-09 16:54 <DIR> d-------- c:\program files\Nattyware

2008-11-08 15:09 . 2008-11-08 15:15 <DIR> d-------- c:\documents and settings\Samuel\Application Data\PowerChallenge

2008-11-03 19:03 . 2008-11-09 21:42 <DIR> d-------- c:\program files\CoreFTP

2008-11-03 19:03 . 2008-11-18 21:07 <DIR> d-------- c:\documents and settings\Samuel\Application Data\CoreFTP

2008-11-01 14:58 . 2008-11-01 15:02 <DIR> d-------- c:\windows\system32\Adobe

2008-10-28 19:15 . 2008-10-28 19:15 <DIR> d-------- c:\documents and settings\Samuel\Application Data\JGsoft

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-22 18:20 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-11-22 16:36 --------- d-----w c:\documents and settings\Samuel\Application Data\uTorrent

2008-11-22 10:26 --------- d-----w c:\documents and settings\Samuel\Application Data\Creative

2008-11-11 13:29 --------- d--h--w c:\program files\InstallShield Installation Information

2008-11-10 17:52 --------- d-----w c:\program files\Common Files\Real

2008-11-09 20:42 --------- d-----w c:\program files\Eraser

2008-11-09 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet

2008-11-08 15:03 --------- d-----w c:\program files\MessengerDiscovery

2008-11-01 13:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2008-10-27 21:24 --------- d-----w c:\program files\Common Files\Adobe

2008-10-19 14:20 --------- d-----w c:\documents and settings\Samuel\Application Data\FileZilla

2008-10-17 18:20 --------- d-----w c:\documents and settings\Samuel\Application Data\SmartFTP

2008-10-17 15:41 --------- d-----w c:\program files\Avant Browser

2008-10-14 15:32 --------- d--h--w c:\documents and settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}

2008-10-09 15:29 --------- d-----w c:\program files\RegSupreme Pro

2008-10-07 17:57 --------- d-----w c:\program files\Prisma

2008-10-07 14:17 --------- d-----w c:\program files\DAEMON Tools Lite

2008-10-06 11:55 --------- d-----w c:\program files\Microsoft Silverlight

2008-10-06 11:47 --------- d-----w c:\program files\DAEMON Tools Toolbar

2008-10-06 11:45 717,296 ----a-w c:\windows\system32\drivers\sptd.sys

2008-10-06 11:45 --------- d-----w c:\documents and settings\Samuel\Application Data\DAEMON Tools

2008-10-04 19:12 2,289,152 ----a-w c:\windows\system32\TUKernel.exe

2008-10-04 18:46 355,584 ----a-w c:\windows\system32\TuneUpDefragService.exe

2008-10-04 18:46 --------- d-----w c:\program files\TuneUp Utilities 2008

2008-10-04 18:46 --------- d-----w c:\documents and settings\Samuel\Application Data\TuneUp Software

2008-10-04 18:46 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software

2008-10-04 14:27 --------- d-----w c:\program files\NKProds

2008-10-04 14:27 --------- d-----w c:\documents and settings\Samuel\Application Data\nCleaner

2008-09-29 19:36 --------- d-----w c:\program files\Creative

2008-09-29 19:35 --------- d--h--w c:\program files\Creative Installation Information

2008-09-29 19:35 --------- d-----w c:\program files\Common Files\Creative

2008-09-29 19:34 --------- d-----w c:\documents and settings\All Users\Application Data\Creative

2008-09-23 19:19 --------- d-----w c:\documents and settings\Samuel\Application Data\Media Player Classic

2008-09-23 18:58 --------- d-----w c:\program files\Graphmatica

2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll

2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll

2008-08-30 19:51 499,712 ----a-w c:\windows\system32\msvcp71.dll

2008-08-30 19:51 348,160 ----a-w c:\windows\system32\msvcr71.dll

2008-08-30 19:29 107,888 ----a-w c:\windows\system32\CmdLineExt.dll

2008-08-30 11:17 606,848 ----a-w c:\windows\flashax.exe

2008-08-30 11:17 12,288 ----a-w c:\windows\impborl.dll

2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe

2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]

"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 700416]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

"Eraser"="c:\program files\Eraser\Eraser.exe" [2007-12-23 916240]

"Systweak Wallpaper Changer"="c:\program files\Advanced System Optimizer\wallpaper.exe" [2007-06-22 151280]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-13 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 270336]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-02-13 7557120]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-02-13 86016]

"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 1569280]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"fssui"="c:\program files\Windows Live\Family Safety\fssui.exe" [2007-12-17 243240]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"SBCSTray"="c:\program files\Sunbelt Software\CounterSpy\SBCSTray.exe" [2007-11-28 698864]

"SNM"="c:\program files\SpyNoMore\SNM.exe" [2008-11-22 1058816]

"SpyHunter Security Suite"="c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-09-10 864256]

"nwiz"="nwiz.exe" [2006-02-13 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\Samuel\Menu Start\Programma's\Opstarten\

Adobe Media Player.lnk - c:\program files\Adobe Media Player\Adobe Media Player.exe [2008-09-01 260096]

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 101784]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RegCompact]

2008-04-16 13:24 165368 c:\windows\system32\RegCompact.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-08-31 43816]

R2 fsssvc;Windows Live OneCare Family Safety;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2007-12-17 523816]

R2 UxTuneUp;TuneUp Thema-uitbreiding;c:\windows\System32\svchost.exe -k netsvcs [2008-04-15 14336]

R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\c:\windows\system32\ASNDIS5.SYS [2008-08-30 16269]

S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-04 355584]

S3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" -k runservice [2008-10-18 24635]

S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe wampmysqld []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Inhoud van de 'Gedeelde Taken' map

2008-11-23 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]

2008-11-19 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-23 16:28:53

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(908)

c:\windows\system32\RegCompact.dll

c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

- - - - - - - > 'lsass.exe'(964)

c:\windows\system32\nvappfilter.dll

c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

.

Voltooingstijd: 2008-11-23 16:29:51

ComboFix-quarantined-files.txt 2008-11-23 15:29:49

ComboFix2.txt 2008-11-23 13:19:46

Pre-Run: 2.736.738.304 bytes beschikbaar

Post-Run: 2,767,720,448 bytes beschikbaar

242

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:30:17, on 23/11/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\ATKKBService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Windows Live\Family Safety\fsssvc.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\ASUS\WLAN Card Utilities\Center.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Windows Live\Family Safety\fssui.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\Eraser\Eraser.exe

C:\Program Files\Advanced System Optimizer\wallpaper.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Adobe Media Player\Adobe Media Player.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

O4 - HKLM\..\Run: [sNM] C:\Program Files\SpyNoMore\SNM.exe /startup

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide

O4 - HKCU\..\Run: [systweak Wallpaper Changer] C:\Program Files\Advanced System Optimizer\wallpaper.exe -minimize

O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Bluetooth Manager.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220188919921

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220203462546

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe

--

End of file - 10798 bytes

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.