Ga naar inhoud

pgmjans

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    92

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door pgmjans

  1. pgmjans
    Hoi Kape, hier heb je de opnieuw de logfile. ComboFix 12-07-16.01 - applbeheer 16-07-2012 19:54:31.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2038.1258 [GMT 2:00] Gestart vanuit: c:\documents and settings\applbeheer\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\applbeheer\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . Besmet exemplaar van c:\windows\system32\Services.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\windows\erdnt\cache\services.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))) . . 2012-07-13 17:21 . 2012-07-16 17:49 -------- d--h--r- c:\documents and settings\applbeheer\Onlangs geopend 2012-07-13 10:24 . 2012-07-13 10:43 -------- d-----w- C:\downloads joomla 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Malwarebytes 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\DriverCure 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\SpeedyPC Software 2012-07-06 14:52 . 2012-07-09 16:52 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-07-06 08:49 . 2012-07-06 08:49 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-07-06 08:48 . 2012-07-06 08:48 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-07-06 08:48 . 2012-07-06 08:48 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll 2012-07-06 08:48 . 2012-07-06 08:48 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-07-06 08:48 . 2012-07-06 08:48 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-07-06 08:37 . 2012-07-06 08:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters 2012-07-06 08:29 . 2012-07-06 08:59 -------- d-----w- c:\documents and settings\All Users\Application Data\clp 2012-07-06 08:29 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Fighters 2012-07-06 08:28 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Fighters 2012-07-06 08:27 . 2012-07-06 08:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Toolkit Suite 2012-07-06 08:27 . 2012-07-06 09:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2012-07-06 08:25 . 2012-07-06 09:06 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Systweak 2012-07-06 08:09 . 2012-07-06 08:11 -------- d-----w- C:\hijackthis 2012-07-04 19:30 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2012-07-04 19:29 . 2012-07-04 19:29 -------- d-----w- c:\program files\Panda Security 2012-07-04 19:28 . 2012-07-04 19:28 -------- d-----w- c:\program files\Common Files\Bitdefender 2012-07-04 19:24 . 2012-07-04 19:24 -------- d-----w- c:\documents and settings\applbeheer\Application Data\QuickScan 2012-07-03 21:03 . 2012-07-03 21:03 -------- d-----w- c:\program files\ESET 2012-06-28 15:15 . 2012-06-28 15:15 -------- d-----w- c:\documents and settings\applbeheer\Local Settings\Application Data\MetaGeek,_LLC 2012-06-28 15:11 . 2012-06-28 15:11 -------- d-----w- c:\program files\MetaGeek . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-16 18:02 . 2008-06-05 09:49 0 ----a-w- c:\documents and settings\applbeheer\Local Settings\Application Data\WavXMapDrive.bat 2012-07-13 07:14 . 2012-04-27 17:46 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-13 07:14 . 2012-01-18 06:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-03 16:21 . 2008-10-23 07:49 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2012-04-15 10:12 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-07-03 16:21 . 2012-01-18 14:49 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2008-10-23 07:49 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2008-10-23 07:49 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-07-03 16:21 . 2008-10-23 07:49 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-07-03 16:21 . 2008-10-23 07:49 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2008-10-23 07:49 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2008-10-23 07:49 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-07-03 16:21 . 2012-01-18 14:48 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2008-10-23 07:49 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-13 13:55 . 2004-09-13 13:52 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2007-05-15 15:43 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2004-09-13 13:52 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2004-09-13 13:52 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2007-07-30 17:18 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2004-09-13 14:05 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2004-09-13 14:05 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2007-07-30 17:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2004-09-13 14:05 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2004-09-13 14:05 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2004-09-13 13:52 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2004-09-13 14:05 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2007-07-30 17:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2008-10-23 11:38 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2008-10-23 11:38 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2007-07-30 17:18 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2004-09-13 13:52 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2004-09-13 13:52 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-11 14:44 . 2004-09-13 13:52 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2004-09-13 13:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2004-09-13 13:52 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 03:15 . 2004-09-13 13:52 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2004-08-04 00:58 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:47 . 2004-09-13 14:03 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-06 08:48 . 2012-01-18 20:53 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2011-11-11 59240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-12-05 405504] "PMX Daemon"="ICO.EXE" [2006-11-08 49152] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2007-09-10 92160] "SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2007-09-14 218424] "KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-10 30192] "TrayServer"="c:\program files\MAGIX\Film_op_DVD_8\TrayServer.exe" [2008-01-30 90112] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-3-18 50688] Printkey2000.lnk - c:\program files\PrintKey2000\Printkey2000.exe [2009-2-26 869376] Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2012-1-18 1622016] Sweex utility.lnk - c:\program files\Sweex\LW153\Utility\UI.exe [2012-1-18 1314816] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2012-1-18 118784] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gemsafe] 2006-11-16 15:20 73728 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2007-09-19 18:25 159744 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] 2007-07-20 16:55 1228800 ----a-w- c:\program files\Dell\QuickSet\quickset.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] 2006-08-17 09:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\applbeheer\\Application Data\\Spotify\\spotify.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= . R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [4-7-2012 21:30 28552] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [15-4-2012 12:12 18544] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18-1-2012 16:49 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23-10-2008 9:49 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23-10-2008 9:49 21256] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [25-12-2009 13:29 38144] R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [18-1-2012 17:43 19072] R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30-5-2012 13:56 3048136] R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [13-9-2004 15:52 5120] R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2-11-2006 14:32 97536] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29-2-2012 9:50 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27-4-2012 19:46 250056] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [9-8-2010 14:19 1527900] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18-3-2008 10:43 30192] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-7-2012 10:49 129976] S3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [23-10-2008 8:43 18432] S3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [23-10-2008 8:43 14336] S3 RTL8187B;Wireless Network USB Adapter 54g WL-169;c:\windows\system32\DRIVERS\RTL8187B.sys --> c:\windows\system32\DRIVERS\RTL8187B.sys [?] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [9-8-2010 14:21 544768] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys --> c:\windows\system32\Drivers\VMUVC.sys [?] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys --> c:\windows\system32\drivers\vvftUVC.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 07:14] . 2012-07-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2012-07-16 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-03 16:21] . 2012-07-16 c:\windows\Tasks\User_Feed_Synchronization-{E3121B44-F8B2-4411-80AE-F1187474AF03}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: {16BC6A51-9F62-49E3-9F96-C842EF2FFE3E} - file:///D:/WebPlayer.cab FF - ProfilePath - c:\documents and settings\applbeheer\Application Data\Mozilla\Firefox\Profiles\t0aa9isq.default\ FF - prefs.js: browser.search.selectedEngine - midicair Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&SearchSource=2&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111805&tt=100512_1_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.hardId - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15471 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:46 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-16 20:03 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'lsass.exe'(972) c:\windows\system32\wvauth.dll c:\windows\system32\biolsp.dll . - - - - - - - > 'explorer.exe'(2804) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Roxio\Drag-to-Disc\Shellex.dll c:\windows\system32\DLAAPI_W.DLL c:\windows\system32\CDRTC.DLL c:\program files\Roxio\Drag-to-Disc\ShellRes.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\System32\SCardSvr.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Dell\QuickSet\NICCONFIGSVC.exe c:\program files\Ralink\Common\RaRegistry.exe c:\windows\system32\StacSV.exe c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe c:\windows\system32\msdtc.exe c:\windows\system32\ICO.EXE c:\windows\system32\igfxsrvc.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2012-07-16 20:07:35 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-16 18:07 ComboFix2.txt 2012-07-14 22:19 ComboFix3.txt 2012-07-09 17:11 ComboFix4.txt 2012-07-04 19:11 . Pre-Run: 48.620.777.472 bytes beschikbaar Post-Run: 48.786.526.208 bytes beschikbaar . - - End Of File - - 86890056A5043A399A2E1C82F1E3D0AB
  2. pgmjans
    Hoi Kape, ik hhet uitgevoerd. zie onderstaande de logfile: ComboFix 12-07-14.01 - applbeheer 15-07-2012 0:12.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2038.1380 [GMT 2:00] Gestart vanuit: c:\documents and settings\applbeheer\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\applbeheer\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . FILE :: "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\caption.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\core.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-core.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-more.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\jquery.cycle.all.2.74." "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.end.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.start.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.end.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.start.js" . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-14 to 2012-07-14 )))))))))))))))))))))))))))))) . . 2012-07-13 17:21 . 2012-07-14 22:06 -------- d--h--r- c:\documents and settings\applbeheer\Onlangs geopend 2012-07-13 10:24 . 2012-07-13 10:43 -------- d-----w- C:\downloads joomla 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Malwarebytes 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\DriverCure 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\SpeedyPC Software 2012-07-06 14:52 . 2012-07-09 16:52 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-07-06 08:49 . 2012-07-06 08:49 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-07-06 08:48 . 2012-07-06 08:48 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-07-06 08:48 . 2012-07-06 08:48 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll 2012-07-06 08:48 . 2012-07-06 08:48 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-07-06 08:48 . 2012-07-06 08:48 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-07-06 08:37 . 2012-07-06 08:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters 2012-07-06 08:29 . 2012-07-06 08:59 -------- d-----w- c:\documents and settings\All Users\Application Data\clp 2012-07-06 08:29 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Fighters 2012-07-06 08:28 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Fighters 2012-07-06 08:27 . 2012-07-06 08:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Toolkit Suite 2012-07-06 08:27 . 2012-07-06 09:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2012-07-06 08:25 . 2012-07-06 09:06 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Systweak 2012-07-06 08:09 . 2012-07-06 08:11 -------- d-----w- C:\hijackthis 2012-07-04 19:30 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2012-07-04 19:29 . 2012-07-04 19:29 -------- d-----w- c:\program files\Panda Security 2012-07-04 19:28 . 2012-07-04 19:28 -------- d-----w- c:\program files\Common Files\Bitdefender 2012-07-04 19:24 . 2012-07-04 19:24 -------- d-----w- c:\documents and settings\applbeheer\Application Data\QuickScan 2012-07-03 21:03 . 2012-07-03 21:03 -------- d-----w- c:\program files\ESET 2012-06-28 15:15 . 2012-06-28 15:15 -------- d-----w- c:\documents and settings\applbeheer\Local Settings\Application Data\MetaGeek,_LLC 2012-06-28 15:11 . 2012-06-28 15:11 -------- d-----w- c:\program files\MetaGeek . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-14 06:10 . 2008-06-05 09:49 0 ----a-w- c:\documents and settings\applbeheer\Local Settings\Application Data\WavXMapDrive.bat 2012-07-13 07:14 . 2012-04-27 17:46 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-13 07:14 . 2012-01-18 06:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-03 16:21 . 2008-10-23 07:49 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2012-04-15 10:12 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-07-03 16:21 . 2012-01-18 14:49 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2008-10-23 07:49 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2008-10-23 07:49 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-07-03 16:21 . 2008-10-23 07:49 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-07-03 16:21 . 2008-10-23 07:49 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2008-10-23 07:49 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2008-10-23 07:49 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-07-03 16:21 . 2012-01-18 14:48 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2008-10-23 07:49 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-13 13:55 . 2004-09-13 13:52 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2007-05-15 15:43 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2004-09-13 13:52 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2004-09-13 13:52 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2007-07-30 17:18 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2004-09-13 14:05 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2004-09-13 14:05 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2007-07-30 17:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2004-09-13 14:05 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2004-09-13 14:05 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2004-09-13 13:52 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2004-09-13 14:05 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2007-07-30 17:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2008-10-23 11:38 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2008-10-23 11:38 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2007-07-30 17:18 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2004-09-13 13:52 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2004-09-13 13:52 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-11 14:44 . 2004-09-13 13:52 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2004-09-13 13:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2004-09-13 13:52 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 03:15 . 2004-09-13 13:52 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2004-08-04 00:58 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:47 . 2004-09-13 14:03 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-06 08:48 . 2012-01-18 20:53 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-04_19.06.18 ))))))))))))))))))))))))))))))))))))))))) . - 2008-10-23 07:10 . 2012-05-10 06:48 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2008-10-23 07:10 . 2012-07-11 21:10 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2008-10-23 07:10 . 2012-05-10 06:48 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2008-10-23 07:10 . 2012-07-11 21:10 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2008-10-23 07:10 . 2012-07-11 21:10 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2008-10-23 07:10 . 2012-05-10 06:48 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2008-10-23 07:10 . 2012-07-11 21:10 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2012-07-13 07:14 . 2012-07-13 07:14 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe + 2012-07-11 20:14 . 2012-07-11 20:14 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe + 2012-07-11 20:14 . 2012-07-11 20:14 465096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.dll - 2012-04-27 17:46 . 2012-07-01 16:53 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe + 2012-04-27 17:46 . 2012-07-13 07:14 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe + 2004-09-13 13:58 . 2012-07-11 21:31 298048 c:\windows\system32\FNTCACHE.DAT - 2004-09-13 13:58 . 2012-06-14 05:16 298048 c:\windows\system32\FNTCACHE.DAT + 2008-12-05 06:58 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll + 2010-11-09 14:52 . 2012-05-28 18:17 536576 c:\windows\system32\dllcache\msado15.dll - 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll - 2008-10-23 07:10 . 2012-05-10 06:48 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2008-10-23 07:10 . 2012-07-11 21:10 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2008-10-23 07:10 . 2012-07-11 21:10 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2008-10-23 07:10 . 2012-07-11 21:10 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2008-10-23 07:10 . 2012-05-10 06:48 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe - 2008-10-23 07:10 . 2012-05-10 06:48 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe + 2008-10-23 07:10 . 2012-07-11 21:10 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe - 2008-10-23 07:10 . 2012-05-10 06:48 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2012-06-26 14:09 . 2012-06-26 14:09 731688 c:\windows\Downloaded Program Files\qsax.dll + 2009-08-04 12:06 . 2009-08-04 12:06 132352 c:\windows\Downloaded Program Files\as2stubie.dll + 2004-09-13 13:52 . 2012-06-08 14:25 8509952 c:\windows\system32\shell32.dll + 2012-07-13 07:14 . 2012-07-13 07:14 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll + 2008-10-23 06:50 . 2012-06-13 13:55 1866240 c:\windows\system32\dllcache\win32k.sys + 2008-06-17 19:03 . 2012-06-08 14:25 8509952 c:\windows\system32\dllcache\shell32.dll + 2008-10-23 06:03 . 2012-06-05 15:49 1372672 c:\windows\system32\dllcache\msxml6.dll - 2008-10-23 06:03 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll + 2008-11-14 13:36 . 2012-06-05 15:49 1172480 c:\windows\system32\dllcache\msxml3.dll - 2008-11-14 13:36 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll + 2012-06-29 12:33 . 2012-06-29 12:33 6063616 c:\windows\Installer\56df06.msp + 2008-10-23 06:53 . 2012-07-11 21:11 57442464 c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] 2012-01-11 14:29 241872 ----a-w- c:\program files\Softonic\softonic\1.5.11.5\bh\softonic.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files\Softonic\softonic\1.5.11.5\softonicTlbr.dll" [2012-01-11 250064] . [HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}] [HKEY_CLASSES_ROOT\Softonic.dskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\Softonic.dskBnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2011-11-11 59240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-12-05 405504] "PMX Daemon"="ICO.EXE" [2006-11-08 49152] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2007-09-10 92160] "SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2007-09-14 218424] "KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-10 30192] "TrayServer"="c:\program files\MAGIX\Film_op_DVD_8\TrayServer.exe" [2008-01-30 90112] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-3-18 50688] Printkey2000.lnk - c:\program files\PrintKey2000\Printkey2000.exe [2009-2-26 869376] Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2012-1-18 1622016] Sweex utility.lnk - c:\program files\Sweex\LW153\Utility\UI.exe [2012-1-18 1314816] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2012-1-18 118784] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gemsafe] 2006-11-16 15:20 73728 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2007-09-19 18:25 159744 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] 2007-07-20 16:55 1228800 ----a-w- c:\program files\Dell\QuickSet\quickset.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] 2006-08-17 09:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\applbeheer\\Application Data\\Spotify\\spotify.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= . R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [4-7-2012 21:30 28552] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [15-4-2012 12:12 18544] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18-1-2012 16:49 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23-10-2008 9:49 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23-10-2008 9:49 21256] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [25-12-2009 13:29 38144] R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [18-1-2012 17:43 19072] R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [13-9-2004 15:52 5120] R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2-11-2006 14:32 97536] S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30-5-2012 13:56 3048136] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29-2-2012 9:50 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27-4-2012 19:46 250056] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [9-8-2010 14:19 1527900] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18-3-2008 10:43 30192] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-7-2012 10:49 129976] S3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [23-10-2008 8:43 18432] S3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [23-10-2008 8:43 14336] S3 RTL8187B;Wireless Network USB Adapter 54g WL-169;c:\windows\system32\DRIVERS\RTL8187B.sys --> c:\windows\system32\DRIVERS\RTL8187B.sys [?] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [9-8-2010 14:21 544768] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys --> c:\windows\system32\Drivers\VMUVC.sys [?] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys --> c:\windows\system32\drivers\vvftUVC.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2012-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 07:14] . 2012-07-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2012-07-14 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-03 16:21] . 2012-07-14 c:\windows\Tasks\User_Feed_Synchronization-{E3121B44-F8B2-4411-80AE-F1187474AF03}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: {16BC6A51-9F62-49E3-9F96-C842EF2FFE3E} - file:///D:/WebPlayer.cab FF - ProfilePath - c:\documents and settings\applbeheer\Application Data\Mozilla\Firefox\Profiles\t0aa9isq.default\ FF - prefs.js: browser.search.selectedEngine - midicair Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&SearchSource=2&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111805&tt=100512_1_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.hardId - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15471 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:46 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-!{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-15 00:18 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(912) c:\windows\system32\igfxdev.dll . - - - - - - - > 'lsass.exe'(968) c:\windows\system32\wvauth.dll c:\windows\system32\biolsp.dll . - - - - - - - > 'explorer.exe'(248) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-07-15 00:19:58 ComboFix-quarantined-files.txt 2012-07-14 22:19 ComboFix2.txt 2012-07-09 17:11 ComboFix3.txt 2012-07-04 19:11 . Pre-Run: 48.476.004.352 bytes beschikbaar Post-Run: 48.823.713.792 bytes beschikbaar . - - End Of File - - F7AFA0E32F717947E37C8B02853BFB62
  3. pgmjans
    Ok ik heb gevonden hoe ik de externe HD kan scannen maar krijg een paar virussen niet verwijderd via emisoft. Er staat bij vraag het de expert. Weet jij hoe ik onderstaande kan verwijderen? Deze worden nl niet automatisch verwijderd. E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\caption.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\core.js - File not found :\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-core.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-more.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\jquery.cycle.all.2.74.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.start.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.start.js - File not found
  4. pgmjans
    Hallo kape, onderstaande files kreeg ik niet verwijderd met emisoft. Weet jij hoe ik deze kan verwijderen? E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\caption.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\core.js - File not found :\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-core.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-more.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\jquery.cycle.all.2.74.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.start.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.start.js - File not found
  5. pgmjans
    Hallo Kape, Mijn pc heeft problemen met Emisoft Emergency kit. Hij loopt nl naa een tijd je vast. Mijn laptop heb ik wel gescand en deze is nu "virus vrij" hoop ik. Ik heb nl alles verwijderd. Moet ik nu nog iets doen of is dit alles. Dan heb ik nog een vraag: is er ook een mogelijkheid om een externe harddisk te scannen? Aan mij pc hangt nl een externe HD, deze wil ik graag scannen vermodelijk zit daar ook nog iets op want ik schrijf nl alles weg naar mijn (mirror) harddisk. Ik heb de site perterjanssens.nl terug gezet en kan geen virus meer ontdekken met avast. ik zal je het log bestandje nog sturen.
  6. pgmjans
    Hallo, de hele site door jotti halen is onbegonnen werk. De site heeft duizende files. Alles opnieuw installeren heeft ook niet mij voorkeur... Dan ben ik nl een dag bezig met istalleren... Zijn er nog andere optie's?
  7. pgmjans
    Ik denk niet dat dit het enige is... Er zullen er wel nog veel meer zijn. Hoe krijg ik deaze pc ooit nog schoon? Geen idee..
  8. pgmjans
    Ik heb het laten scannen.... hier wordt je niet vrolijk van.. zie bijlage
  9. pgmjans
    Hoi Kape, wat moet ik dan doen... Ik kreeg vanmiddag nog geen virusmelding..
  10. pgmjans
    Klopt ik heb de site verplaatst naar peterjanssens.nl en daar gaat het goed. ik zal tzt hotelsin.be verwijderen. Kun je me nog een spam/malware programma aanbevelen zodat ik ik hier minder snel last van krijg. BVD
  11. pgmjans
    Het is gelukt. Het virus is verwijderd. Krijg de melding nu niet meer. Ik wil dit natuurlijk in de toekomst voorkomen. Heb je nog een tip welke malware/spamfilter ik het beste kan aanschaffen. De virusscanner is van panda. Groet en bedankt je kunt de call sluiten.
  12. pgmjans
    Hallo Kape, Ik heb het volgende gedaan. Ik heb een website gemaakt en de bestanden op het internet geplaatst via FTP. Dus ik zal nu eerst de site verwijderen en daarna de website weer opnieuw online plaatsen (vanaf de gescande pc). Is deze volgorde goed of moet ik eerst de pc scannen en dan pas de site online scannen? Ik heb nl op mijn pc geen avast staan (op een andere wel). Het virus wordt alleen herkent door Avast, andere hebben geen probleem. Ik zal dus de website online zetten opnieuw bekijken op het internet en kijken of ik het virus weg is. ik laat je nog iets weten. Voor zover in iedergeval bedankt.
  13. pgmjans
    Hallo, Combix is 2 x vastgelopen maar ik heb wel een combofix.txt er is wel een combofix.txt bestand aangemaakt. Het stond op c:\combofix\combofix.txt. Hieronder staat de logfile. Hoop dat dit voldoende is. ComboFix 12-07-07.04 - WDH1 08-07-2012 13:31:56.2.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.4094.2398 [GMT 2:00] Gestart vanuit: C:\Users\WDH1\Desktop\ComboFix.exe AV: Panda Antivirus Pro 2012 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} SP: Panda Antivirus Pro 2012 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) ---- Voorgaande Run ------- C:\Users\WDH1\AppData\Local\Microsoft\Windows\Temporary Internet Files\PMHE4C4.tmp C:\Windows\system32\drivers\etc\hosts.txt (((((((((((((((((((( Bestanden Gemaakt van 2012-06-08 to 2012-07-08 )))))))))))))))))))))))))))))) 2012-07-08 11:39:30 . 2012-07-08 11:39:30 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp 2012-07-08 11:39:30 . 2012-07-08 11:39:30 -------- d-----w- C:\Users\Default\AppData\Local\temp 2012-07-06 16:01:06 . 2012-05-31 04:04:02 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{771BDBF9-F76B-48E0-8549-69E0B29C064D}\mpengine.dll 2012-07-06 11:13:39 . 2012-07-06 11:13:39 12872 ----a-w- C:\Windows\system32\bootdelete.exe 2012-07-06 11:07:14 . 2012-07-06 11:13:37 -------- d-----w- C:\ProgramData\HitmanPro 2012-07-06 10:36:57 . 2012-07-08 11:39:42 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware 2012-07-06 08:30:46 . 2012-07-06 08:30:46 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2012-07-06 08:30:38 . 2012-07-06 08:30:39 856712 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2012-07-06 08:00:55 . 2009-06-30 08:37:16 33800 ----a-w- C:\Windows\system32\drivers\pavboot64.sys 2012-07-06 07:49:28 . 2012-07-07 08:15:08 -------- d-----w- C:\hijackthis 2012-07-06 07:41:05 . 2011-06-21 04:09:00 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys 2012-06-24 10:28:00 . 2012-06-02 22:19:43 2428952 ----a-w- C:\Windows\system32\wuaueng.dll 2012-06-24 10:28:00 . 2012-06-02 22:19:42 57880 ----a-w- C:\Windows\system32\wuauclt.exe 2012-06-24 10:28:00 . 2012-06-02 22:19:42 44056 ----a-w- C:\Windows\system32\wups2.dll 2012-06-24 10:28:00 . 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\system32\wucltux.dll 2012-06-24 10:27:34 . 2012-06-02 22:19:46 38424 ----a-w- C:\Windows\system32\wups.dll 2012-06-24 10:27:34 . 2012-06-02 22:19:23 701976 ----a-w- C:\Windows\system32\wuapi.dll 2012-06-24 10:27:34 . 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\system32\wudriver.dll 2012-06-24 10:27:14 . 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\system32\wuwebv.dll 2012-06-24 10:27:14 . 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\system32\wuapp.exe 2012-06-23 14:53:05 . 2012-06-23 14:53:10 -------- d-----w- C:\Program Files (x86)\Safari 2012-06-23 14:46:11 . 2012-06-23 14:46:11 -------- d-----w- C:\Program Files\iPod 2012-06-23 14:46:10 . 2012-06-23 14:46:40 -------- d-----w- C:\Program Files\iTunes 2012-06-23 14:46:10 . 2012-06-23 14:46:40 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-15 09:43:13 . 2012-05-18 02:51:05 174200 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2012-06-15 08:35:56 . 2012-06-15 08:35:56 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-06-15 08:35:52 . 2012-06-15 08:35:52 856712 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-06-11 20:42:03 . 2012-06-11 20:44:20 -------- d-----w- C:\Users\WDH1\AppData\Roaming\Notepad++ 2012-06-11 20:42:03 . 2012-06-11 20:42:19 -------- d-----w- C:\Program Files (x86)\Notepad++ 2012-06-08 14:45:54 . 2012-06-08 14:45:56 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2012-06-08 14:45:48 . 2012-06-08 14:45:48 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-06-08 14:45:48 . 2012-06-08 14:45:48 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-07-08 11:40:45 . 2011-08-02 15:43:17 23080 ----a-w- C:\Windows\gdrv.sys 2012-05-31 10:25:12 . 2010-01-30 17:29:31 279656 ------w- C:\Windows\system32\MpSigStub.exe 2012-04-25 10:11:36 . 2012-04-25 10:11:36 52736 ----a-w- C:\Windows\system32\drivers\usbaapl64.sys 2012-04-25 10:11:36 . 2012-04-25 10:11:36 4547944 ----a-w- C:\Windows\system32\usbaaplrc.dll 2012-04-18 18:56:30 . 2012-04-18 18:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2012-04-18 18:56:30 . 2012-04-18 18:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 10:22:56 59240] "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 10:30:40 59240] "SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 14:07:20 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 16:36:46 30040] "TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-12-03 21:04:20 5076064] "AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 03:57:06 406992] "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 12:37:14 517096] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 18:06:18 59280] "APVXDWIN"="C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" [2011-04-13 16:06:56 1000768] "SCANINICIO"="C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" [2011-02-02 10:59:44 70464] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2012-04-18 18:56:22 421888] "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 17:33:22 421776] "emsisoft anti-malware"="C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" [2012-06-17 13:44:44 3367328] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Nikon Monitor.lnk - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [2008-6-5 479232] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="" R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576] R2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-26 07:37:38 135664] R3 EverestDriver;FinalWire EVEREST Kernel Driver;G:\Data\Software\EVEREST Ultimate Edition\kerneld.amd64 [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 10:10:02 3276800] R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-26 07:37:38 135664] R3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-08 14:45:48 129976] R3 Prot6Flt;Prot6Flt;C:\Windows\system32\DRIVERS\Prot6Flt.sys [x] R3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 12:37:14 517096] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 11:07:05 59392] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys [2012-04-25 10:11:36 52736] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-18 14:52:42 1255736] S0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot64.sys [2009-06-30 08:37:16 33800] S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 02:00:00 55280] S0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);C:\Windows\system32\DRIVERS\tdrpm255.sys [2010-05-20 11:03:58 1477152] S1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2011-05-19 12:10:34 23208] S1 ShldFlt;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShldFlt.sys [2009-10-27 11:07:42 48136] S2 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-06-17 13:44:46 3069752] S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 03:54:20 169312] S2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-05-20 11:03:58 2475952] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [2009-08-18 01:36:20 203264] S2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm6460.sys [2010-05-21 12:50:50 65608] S2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 11:43:26 68136] S2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 16:09:10 1253376] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 04:01:00 2214504] S2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe [2010-08-16 13:54:46 28992] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 13:31:10 1153368] S2 SSPORT;SSPORT;C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 02:51:17 11576] S2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 15:51:05 2253688] S3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys [2010-05-20 11:04:00 250464] S3 PavTPK.sys;PavTPK.sys;C:\Windows\system32\PavTPK.sys [x] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 21:05:32 187392] Inhoud van de 'Gedeelde Taken' map 2012-07-08 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-26 07:37:40 . 2010-06-26 07:37:38] 2012-07-08 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-26 07:37:40 . 2010-06-26 07:37:38] --------- X64 Entries ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acronis Scheduler2Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-12-03 21:05:34 357400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 ------- Bijkomende Scan ------- uStart Page = hxxp://www.google.nl/ uLocal Page = C:\Windows\system32\blank.htm mLocal Page = C:\Windows\SYSTEM32\blank.htm IE: Doel van koppeling converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm IE: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm IE: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm IE: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll IE: Toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 DPF: {B4A41BDB-320A-4AF4-8DBC-846866A62657} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/ma7.0.43/ImageUploader7.cab FF - ProfilePath - C:\Users\WDH1\AppData\Roaming\Mozilla\Firefox\Profiles\bxdmsgwk.default\ FF - prefs.js: browser.search.selectedEngine - Secure-zoeken FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= - - - - ORPHANS VERWIJDERD - - - - Wow6432Node-HKCU-Run-AdobeBridge - (no file) Notify-avldr - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) AddRemove-HijackThis - C:\Users\WDH1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLXMJ8SH\HijackThis.exe
  14. pgmjans
    Hallo Kape, super bedankt dat je naar mijn probleem wilt kijken. hieronder heb je de 2 logfiles: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.07.07.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 WDH1 :: WDH1-PC [administrator] 7-7-2012 10:00:34 mbam-log-2012-07-07 (10-00-34).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 237987 Verstreken tijd: 6 minuut/minuten, 15 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile Hijack: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:16:04, on 7-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2012\WebProxy.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\hijackthis\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-392257131-1012527331-1996792792-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-392257131-1012527331-1996792792-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {B4A41BDB-320A-4AF4-8DBC-846866A62657} (Album Upload Software Control Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma7.0.43/ImageUploader7.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Emsisoft Anti-Malware 6.6 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - e:\wamp\bin\apache\apache2.2.17\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - e:\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15029 bytes
  15. pgmjans
    Ok. wanneer denk je dat ze online zijn? Dan kan ik daar rekening mee houden... Ben dan nl ook online.
  16. pgmjans
    Hallo Asus, fijn dat je even wil meekijken. Ik zit nl reeds een paardagen te rommelen en ik kan krijg het virus niet verwijderd. Hier heb je een nieuwe logfile: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:30:04, on 6-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2012\WebProxy.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Notepad++\notepad++.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\hijackthis\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: (no name) - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Armada Custom Toolbar - {29c0f5ff-3564-46bc-9f4a-50c73f426486} - C:\Program Files (x86)\armadacustomtoolbar\armadacustomtoolbarX.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Armada Custom Toolbar - {29c0f5ff-3564-46bc-9f4a-50c73f426486} - C:\Program Files (x86)\armadacustomtoolbar\armadacustomtoolbarX.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-392257131-1012527331-1996792792-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-392257131-1012527331-1996792792-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {B4A41BDB-320A-4AF4-8DBC-846866A62657} (Album Upload Software Control Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma7.0.43/ImageUploader7.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Emsisoft Anti-Malware 6.6 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: ABP_InstallCheckerService - Unknown owner - C:\Users\WDH1\AppData\Local\Temp\nsr649D.tmp\ABP_InstallChecker.exe (file missing) O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - e:\wamp\bin\apache\apache2.2.17\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - e:\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16382 bytes
  17. pgmjans
    Hallo, Ik heb een website gemaakt en krijg sinds kort een virusmelding via AVAST. Alleen Avast geeft deze melding andere virusscanners niet. Het betreft een website die ik aan het bouwen ben voor iemand. De melding is: JS:Redirector-XO [tri] Ik heb reeds meerdere online sans gedaan maar krijg het virus niet verwijderd. Ik heb Hijackthis gedraaid ook zonder resultaat. Ik heb de pc gescand en verviolgens de website verwijderd en de website vanaf de gescande pc terug gezet (het is een Joomal website). Ik ben teneinde raad. Wie o wie kan mij helpen? De hijackthis log file is deze: Logfile of HijackThis v1.99.1 Scan saved at 18:15:28, on 6-7-2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Running processes: C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2012\WebProxy.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\hijackthis\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: (no name) - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Armada Custom Toolbar - {29c0f5ff-3564-46bc-9f4a-50c73f426486} - C:\Program Files (x86)\armadacustomtoolbar\armadacustomtoolbarX.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Armada Custom Toolbar - {29c0f5ff-3564-46bc-9f4a-50c73f426486} - C:\Program Files (x86)\armadacustomtoolbar\armadacustomtoolbarX.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O11 - Options group: [iNTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {B4A41BDB-320A-4AF4-8DBC-846866A62657} (Album Upload Software Control Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma7.0.43/ImageUploader7.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: Emsisoft Anti-Malware 6.6 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: ABP_InstallCheckerService - Unknown owner - C:\Users\WDH1\AppData\Local\Temp\nsr649D.tmp\ABP_InstallChecker.exe (file missing) O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Unknown owner - e:\wamp\bin\apache\apache2.2.17\bin\httpd.exe" -k runservice (file missing) O23 - Service: wampmysqld - Unknown owner - e:\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.