ComboFix 08-12-28.04 - Roland 2008-12-29 19:59:36.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.2047.1499
Gestart vanuit: c:\documents and settings\Roland\Bureaublad\ComboFix.exe
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
—- Previous Run ——-
.
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\winsecurityxp
c:\windows\wiaserviv.log
d:\recycler\desktop.ini
.
(((((((((((((((((((( Bestanden Gemaakt van 2008-11-28 to 2008-12-29 ))))))))))))))))))))))))))))))
.
2008-12-28 14:52 . 2008-12-28 14:52 d——– c:\program files\Trend Micro
2008-12-28 13:57 . 2008-12-28 13:58 d——– c:\program files\CleanUp!
2008-12-28 12:29 . 2008-12-28 12:29 d——– c:\program files\Lavasoft
2008-12-28 12:29 . 2008-12-28 12:31 d——– c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-28 11:46 . 2008-12-28 11:46 d–h-c— c:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-12-26 20:04 . 2008-12-26 20:04 d——– c:\documents and settings\All Users\Application Data\proDAD
2008-12-26 12:18 . 2008-12-26 18:47 d——– c:\program files\SureThing Express Labeler
2008-12-24 21:02 . 2008-12-26 16:02 d——– c:\program files\LooksBuilderSE
2008-12-24 21:02 . 2003-06-26 10:04 237,568 ——— c:\windows\system32\qtmlClient.dll
2008-12-24 21:02 . 2003-07-01 16:49 69,632 ——— c:\windows\system32\MtxPreview.dll
2008-12-24 21:02 . 2003-07-01 16:49 49,152 ——— c:\windows\system32\MtxParhBFXPreview.dll
2008-12-24 21:02 . 2003-01-20 09:08 49,152 ——— c:\windows\system32\CvoAPI.dll
2008-12-24 21:02 . 2003-07-09 10:43 45,056 ——— c:\windows\system32\BFXSrcFilter.ax
2008-12-24 21:02 . 2008-12-27 16:02 2,443 –a—— c:\windows\Graffiti5.2Pin.ini
2008-12-24 21:01 . 2008-12-29 18:43 d——– c:\program files\Boris FX, Inc
2008-12-24 19:59 . 2008-12-24 19:59 d——– c:\program files\Common Files\Pinnacle
2008-12-24 19:58 . 2008-12-26 15:52 d——– c:\documents and settings\All Users\Application Data\Pinnacle Studio Ultimate
2008-12-20 12:53 . 2008-12-20 12:53 410,984 ——— c:\windows\system32\deploytk.dll
2008-12-19 21:11 . 2008-12-19 21:18 d——– c:\documents and settings\All Users\Application Data\NexonEU
2008-12-14 20:14 . 2008-05-30 14:19 507,400 ——— c:\windows\system32\XAudio2_1.dll
2008-12-14 20:14 . 2008-05-30 14:17 65,032 ——— c:\windows\system32\XAPOFX1_0.dll
2008-12-14 20:12 . 2008-12-14 20:12 d——– c:\windows\Logs
2008-12-09 18:49 . 2008-12-09 18:50 d——– c:\program files\AMS Photo Effects
2008-12-01 10:59 . 2008-12-01 20:24 d——– C:\$CTJTMP
2008-12-01 10:59 . 2008-12-01 10:59 974 –a—— C:\drvpnp.dat
2008-12-01 10:59 . 2008-12-01 10:59 755 –a—— C:\pnpID.dat
2008-12-01 10:59 . 2008-12-01 10:59 38 –a—— C:\CTJINI.INI
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-29 18:58 1,224 —-a-w c:\windows\system32\drivers\APPFLTR.CFG.bck
2008-12-29 18:58 1,224 —-a-w c:\windows\system32\drivers\APPFLTR.CFG
2008-12-29 18:56 449,940 —-a-w c:\windows\system32\drivers\APPFCONT.DAT.bck
2008-12-29 18:56 449,940 —-a-w c:\windows\system32\drivers\APPFCONT.DAT
2008-12-29 18:55 13,880 —-a-w c:\windows\system32\drivers\COMFiltr.sys
2008-12-29 18:55 ——— d—–w c:\program files\SPAMfighter
2008-12-29 18:30 ——— d–h–w c:\program files\InstallShield Installation Information
2008-12-29 17:44 ——— d—–w c:\documents and settings\Roland\Application Data\proDAD
2008-12-29 17:43 ——— d—–w c:\program files\Pinnacle
2008-12-29 17:25 ——— d—a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-28 13:01 ——— d—–w c:\program files\Malwarebytes' Anti-Malware
2008-12-28 11:29 ——— d—–w c:\program files\Common Files\Wise Installation Wizard
2008-12-28 10:46 ——— d—–w c:\program files\Uniblue
2008-12-26 10:30 ——— d—–w c:\documents and settings\Roland\Application Data\Skype
2008-12-26 09:58 ——— d—–w c:\documents and settings\Roland\Application Data\skypePM
2008-12-21 14:37 ——— d—–w c:\documents and settings\Roland\Application Data\Canon
2008-12-20 20:28 ——— d—–w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-12-20 11:52 ——— d—–w c:\program files\Java
2008-12-15 19:51 ——— d—–w c:\program files\Driver Magician
2008-12-11 15:41 ——— d—–w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-10 06:49 ——— d—–w c:\program files\SUPERAntiSpyware
2008-12-03 18:52 38,496 ——w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 18:52 15,504 ——w c:\windows\system32\drivers\mbam.sys
2008-12-01 19:25 ——— d—–w c:\program files\Microsoft LifeCam
2008-11-28 18:56 ——— d—–w c:\documents and settings\Roland\Application Data\Sports Interactive
2008-11-28 18:55 ——— d—–w c:\documents and settings\All Users\Application Data\Sports Interactive
2008-11-16 18:30 ——— d—–w c:\program files\Skype
2008-11-16 18:30 ——— d—–w c:\program files\Common Files\Skype
2008-11-16 18:30 ——— d—–w c:\documents and settings\All Users\Application Data\Skype
2008-11-16 17:43 ——— dcsh–w c:\program files\Common Files\WindowsLiveInstaller
2008-11-16 17:40 ——— d—–w c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-10 18:04 ——— d—–w c:\documents and settings\All Users\Application Data\hps
2008-11-10 18:03 ——— d—–w c:\program files\Fotoservice
2008-10-23 12:43 286,720 ——w c:\windows\system32\gdi32.dll
2008-10-16 20:33 826,368 ——w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ——w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ——w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ——w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ——w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ——w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ——w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ——w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ——w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ——w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ——w c:\windows\system32\muweb.dll
2008-10-03 10:05 247,326 ——w c:\windows\system32\strmdll.dll
2008-09-30 15:43 1,286,152 ——w c:\windows\system32\msxml4.dll
2008-04-14 18:21 22,328 —-a-w c:\documents and settings\Roland\Application Data\PnkBstrK.sys
2002-07-26 16:02 153,088 —-a-w c:\program files\UNWISE.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe”
“ctfmon.exe”=“c:\windows\system32\ctfmon.exe”
“OpwareSE2”=“c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe”
“APVXDWIN”=“c:\program files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE”
“Device Detection”=“c:\program files\Media Markt Fotoservice\dd.exe”
“SW20”=“c:\windows\system32\sw20.exe”
“SW24”=“c:\windows\system32\sw24.exe”
“PinnacleDriverCheck”=“c:\windows\system32\\PSDrvCheck.exe”
“USBToolTip”=“c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe”
“PPFW”=“c:\program files\panda software\panda antivirus + firewall 2007\firewall\PPFW.EXE”
“SPAMfighter Agent”=“c:\program files\SPAMfighter\SFAgent.exe”
“VX1000”=“c:\windows\vVX1000.exe”
“LifeCam”=“c:\program files\Microsoft LifeCam\LifeExp.exe”
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll”
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE”
“{93994DE8-8239-4655-B1D1-5F4E91300429}”= “c:\progra~1\DVDREG~1\DVDShell.dll”
“{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”= “c:\program files\SUPERAntiSpyware\SASSEH.DLL”
2008-12-10 07:49 352256 c:\program files\SUPERAntiSpyware\SASWINLO.DLL
2007-02-15 20:02 50736 c:\windows\system32\avldr.dll
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
“EnableFirewall”= 0 (0x0)
“%windir%\\system32\\sessmgr.exe”=
“c:\\Program Files\\Azureus\\Azureus.exe”=
“c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE”=
“c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe”=
“%SystemDir%\\winsecurityxp\\mswinup.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“c:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe”=
“c:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe”=
“c:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe”=
“c:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe”=
“c:\\WINDOWS\\system32\\PnkBstrA.exe”=
“c:\\WINDOWS\\system32\\PnkBstrB.exe”=
“c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe”=
“c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe”=
“c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe”=
“c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe”=
“c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe”=
“c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe”=
“c:\\Program Files\\Skype\\Phone\\Skype.exe”=
R1 APPFLT;App Filter Plugin;\??\c:\windows\system32\Drivers\APPFLT.SYS
R1 DSAFLT;DSA Filter Plugin;\??\c:\windows\system32\Drivers\DSAFLT.SYS
R1 FNETMON;NetMon Filter Plugin;\??\c:\windows\system32\Drivers\fnetmon.SYS
R1 IDSFLT;Ids Filter Plugin;\??\c:\windows\system32\Drivers\IDSFLT.SYS
R1 NETFLTDI;Panda Net Driver ;\??\c:\windows\system32\Drivers\NETFLTDI.SYS
R1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS
R1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\Drivers\ShlDrv51.sys
R1 SMSFLT;SMS Filter Plugin;\??\c:\windows\system32\Drivers\SMSFLT.SYS
R1 WNMFLT;Wifi Monitor Filter Plugin;\??\c:\windows\system32\Drivers\WNMFLT.SYS
R2 cpoint;Panda CPoint Driver;c:\windows\system32\drivers\cpoint.sys
R2 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys
R2 SPAMfighter Update Service;SPAMfighter Update Service;“c:\program files\SPAMfighter\sfus.exe”
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys
R3 ctgame;Game Port;c:\windows\system32\DRIVERS\ctgame.sys
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\netimflt.sys
R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys
R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys
R3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS
S3 4e635768-814d-4093-a344-ced4d10782ed;4e635768-814d-4093-a344-ced4d10782ed;\??\n:\player\cds300.dll
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\DRIVERS\Amps2prt.sys
S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys
S3 win32x;win32x;\??\c:\windows\system32\drivers\win32x.sys
.
- - - - ORPHANS VERWIJDERD - - - -
Notify-nnnkIYpM - nnnkIYpM.dll
MSConfigStartUp-CTFMON - (no file)
.
——- Bijkomende Scan ——-
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74}
LSP: c:\program files\Panda Software\Panda Antivirus + Firewall 2007\pavlsp.dll
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
c:\windows\system32\unicows.dll - c:\windows\Downloaded Program Files\ImageUploader4.ocx
O16 -: {37A8A17B-2DDC-4600-BBC6-538C10AED8C0}
hxxp://htmlupload.silverwire.de/upload/JavaActiveX/ImageUploader4.cab
c:\windows\Downloaded Program Files\ImageUploader4.inf
c:\windows\system32\unicows.dll - c:\windows\Downloaded Program Files\ImageUploader5.ocx
O16 -: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
hxxp://www.new2.foto.com/ImageUploader5.cab
c:\windows\Downloaded Program Files\ImageUploader5.inf
c:\windows\system32\unicows.dll - c:\windows\Downloaded Program Files\IPSUploader.ocx
O16 -: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8}
hxxp://asp04.photoprintit.de/microsite/defaults/activex/IPSUploader.cab
c:\windows\Downloaded Program Files\IPSUploader.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 20:04:51
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
——————— DLLs Geladen Onder Lopende Processen ———————
- - - - - - - > ‘winlogon.exe’(572)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\avldr.dll
.
Voltooingstijd: 2008-12-29 20:08:20
ComboFix-quarantined-files.txt 2008-12-29 19:07:56
Pre-Run: 22,566,363,136 bytes beschikbaar
Post-Run: 22,537,957,376 bytes beschikbaar
226 — E O F — 2008-12-28 10:37:58
logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:28, on 29-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Media Markt Fotoservice\dd.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: “C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe”
O4 - HKLM\..\Run: “C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE” /s
O4 - HKLM\..\Run: C:\Program Files\Media Markt Fotoservice\dd.exe
O4 - HKLM\..\Run: C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: “C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe”
O4 - HKLM\..\Run: c:\program files\panda software\panda antivirus + firewall 2007\firewall\PPFW.EXE PPFW.EXE /cmd:allowpandarules /prod:titanium /mod:7 /flg:2 /ver:7.0.0
O4 - HKLM\..\Run: “C:\Program Files\SPAMfighter\SFAgent.exe” update delay 60
O4 - HKLM\..\Run: C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: “C:\Program Files\Microsoft LifeCam\LifeExp.exe”
O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {37A8A17B-2DDC-4600-BBC6-538C10AED8C0} (Silverwire Image Uploader Control) - http://htmlupload.silverwire.de/upload/JavaActiveX/ImageUploader4.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1193333499765
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157571661550
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167252739218
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp04.photoprintit.de/microsite/defaults/activex/IPSUploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
–
End of file - 10023 bytes
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
