Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Shield pops up messages


  • This topic is locked This topic is locked
9 replies to this topic

#1 ArjanRossum

ArjanRossum

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:54 PM

Posted 17 December 2012 - 02:09 PM

Hello,
I have a problem.
I excidentaly installed Security Shield, a virus saying you have virusses on your computer, and wants you to buy their full version to delete those virusses.
I completed all the stept on the how to remove Security Shield page, I put my PC into Safe mode, put my browser figurations into not using a proxy server and used the malware removal programs properly.
After that I put my PC back into normal mode, and the virus showed up again!
Two things I noticed in completing the steps was that the malware removal program 'mbam-setum' didn't find any virusses on the computer. Another thing I noticed was that the program 'PSISetup' or 'Secuna' didnt work because I 'might have outdated software', but it didn't show a messege on how to update my sofware.
Can anyone help me with removing Security Shield?
Thanks a lot,
Arjan

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702
Run by Van Rossum at 19:49:51 on 2012-12-17
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2013.1633 [GMT 1:00]
.
AV: Norman Security Suite *Disabled/Updated* {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/
uInternet Connection Wizard,ShellNext = iexplore
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [AdobeBridge] <no file>
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows_NT_5.1)_AppleWebKit/536.11_(KHTML,_like_Gecko)_Chrome/20.0.1132.57_Safari/536.11" -"http://www8.agame.com/games/shockwave/h/horse_eventing_2/horse_eventing2_girlsgogames_nl.html"
uRunOnce: [yvmgbuobwf] c:\docume~1\vanros~1\locals~1\applic~1\yvmgbuobwf.exe
mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://www.cr-delta.nl/cyfw/meadco/smsx.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1253209421078
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 192.168.2.254
TCP: Interfaces\{27CC5AEE-B4E4-4089-9DBB-6892B49EA2EA} : DHCPNameServer = 192.168.2.254
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2009-9-17 46816]
R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2010-8-17 91136]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2010-7-1 1668352]
S1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2010-8-17 26744]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/09/17 19:39:58];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-17 399432]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-17 676936]
S2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\ndiskio.sys [2009-10-16 22880]
S2 NHS;Norman Hash Server;c:\program files\norman\nvc\bin\nhs.exe [2012-5-14 793520]
S2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2010-8-17 231216]
S2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\zanda.exe [2009-2-25 431320]
S2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2010-8-17 90144]
S2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2010-8-17 61496]
S2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2009-9-17 100936]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2012-11-26 1225312]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-9-17 1684736]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 EMVSCARD;EMVSCARD;c:\windows\system32\drivers\EMVSCARD.sys [2009-9-17 20178]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-17 22856]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\nsesvc.exe [2012-8-22 288104]
S3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\nvcoas.exe [2012-7-4 287312]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2009-9-17 99312]
.
=============== Created Last 30 ================
.
2012-12-17 18:13:27 -------- d-----w- c:\documents and settings\van rossum\local settings\application data\Secunia PSI
2012-12-17 18:01:54 -------- d-----w- c:\program files\Secunia
2012-12-17 16:53:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-17 16:53:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-17 16:04:57 406528 ----a-w- c:\documents and settings\van rossum\local settings\application data\yvmgbuobwf.exe
2012-12-02 02:24:46 -------- d--h--r- c:\documents and settings\van rossum\Onlangs geopend
.
==================== Find3M ====================
.
2012-11-13 11:55:15 1866496 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 00:41:17 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 02:03:57 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12:55 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12:55 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:12:55 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:48 385024 ----a-w- c:\windows\system32\html.iec
2012-10-18 19:11:35 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-10-18 19:03:42 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-10-02 18:04:35 58368 ----a-w- c:\windows\system32\synceng.dll
.
============= FINISH: 19:50:47,84 ===============







.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 17-9-2009 19:11:20
System Uptime: 17-12-2012 19:21:35 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5QPL-AM
Processor: Intel Pentium III Xeon-processor | LGA775 | 2793/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 80,343 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1012: 19-9-2012 12:47:39 - Controlepunt van systeem
RP1013: 20-9-2012 13:23:59 - Controlepunt van systeem
RP1014: 21-9-2012 13:44:50 - Controlepunt van systeem
RP1015: 22-9-2012 13:47:04 - Controlepunt van systeem
RP1016: 23-9-2012 3:00:18 - Software Distribution Service 3.0
RP1017: 24-9-2012 10:31:13 - Controlepunt van systeem
RP1018: 25-9-2012 10:59:09 - Controlepunt van systeem
RP1019: 26-9-2012 11:19:32 - Controlepunt van systeem
RP1020: 27-9-2012 11:30:03 - Controlepunt van systeem
RP1021: 28-9-2012 11:59:23 - Controlepunt van systeem
RP1022: 29-9-2012 12:58:01 - Controlepunt van systeem
RP1023: 30-9-2012 13:59:06 - Controlepunt van systeem
RP1024: 1-10-2012 14:58:01 - Controlepunt van systeem
RP1025: 2-10-2012 16:07:42 - Controlepunt van systeem
RP1026: 3-10-2012 16:37:41 - Controlepunt van systeem
RP1027: 4-10-2012 17:46:18 - Controlepunt van systeem
RP1028: 5-10-2012 18:14:46 - Controlepunt van systeem
RP1029: 6-10-2012 19:13:50 - Controlepunt van systeem
RP1030: 8-10-2012 11:18:52 - Controlepunt van systeem
RP1031: 9-10-2012 11:30:30 - Controlepunt van systeem
RP1032: 10-10-2012 20:37:36 - Controlepunt van systeem
RP1033: 11-10-2012 3:00:39 - Software Distribution Service 3.0
RP1034: 12-10-2012 3:26:46 - Controlepunt van systeem
RP1035: 13-10-2012 4:26:45 - Controlepunt van systeem
RP1036: 14-10-2012 5:26:46 - Controlepunt van systeem
RP1037: 15-10-2012 6:08:18 - Controlepunt van systeem
RP1038: 16-10-2012 7:06:55 - Controlepunt van systeem
RP1039: 17-10-2012 8:54:03 - Controlepunt van systeem
RP1040: 17-10-2012 14:54:53 - Installed Call of Duty - World at War
RP1041: 17-10-2012 15:13:57 - DirectX is geïnstalleerd.
RP1042: 17-10-2012 15:38:11 - Configured Call of Duty - World at War
RP1043: 17-10-2012 15:49:08 - DirectX is geïnstalleerd.
RP1044: 17-10-2012 16:24:39 - Installed Call of Duty - World at War
RP1045: 17-10-2012 16:27:45 - DirectX is geïnstalleerd.
RP1046: 18-10-2012 17:23:42 - Controlepunt van systeem
RP1047: 18-10-2012 20:58:07 - Installed Call of Duty - World at War
RP1048: 18-10-2012 20:59:02 - DirectX is geïnstalleerd.
RP1049: 19-10-2012 21:49:38 - Controlepunt van systeem
RP1050: 20-10-2012 22:24:02 - Controlepunt van systeem
RP1051: 22-10-2012 20:31:22 - Controlepunt van systeem
RP1052: 24-10-2012 8:59:26 - Controlepunt van systeem
RP1053: 25-10-2012 10:29:34 - Controlepunt van systeem
RP1054: 26-10-2012 11:10:20 - Controlepunt van systeem
RP1055: 27-10-2012 11:14:50 - Controlepunt van systeem
RP1056: 28-10-2012 13:05:39 - Controlepunt van systeem
RP1057: 29-10-2012 13:17:39 - Controlepunt van systeem
RP1058: 30-10-2012 13:43:05 - Controlepunt van systeem
RP1059: 31-10-2012 14:02:10 - Controlepunt van systeem
RP1060: 1-11-2012 15:12:32 - Controlepunt van systeem
RP1061: 2-11-2012 15:24:32 - Controlepunt van systeem
RP1062: 3-11-2012 15:52:23 - Controlepunt van systeem
RP1063: 4-11-2012 16:12:24 - Controlepunt van systeem
RP1064: 5-11-2012 17:30:48 - Controlepunt van systeem
RP1065: 6-11-2012 18:49:11 - Controlepunt van systeem
RP1066: 7-11-2012 21:13:18 - Controlepunt van systeem
RP1067: 8-11-2012 21:36:37 - Controlepunt van systeem
RP1068: 9-11-2012 22:19:15 - Controlepunt van systeem
RP1069: 10-11-2012 23:57:51 - Controlepunt van systeem
RP1070: 13-11-2012 17:44:32 - Controlepunt van systeem
RP1071: 14-11-2012 19:01:14 - Controlepunt van systeem
RP1072: 15-11-2012 20:01:17 - Controlepunt van systeem
RP1073: 16-11-2012 21:00:49 - Controlepunt van systeem
RP1074: 16-11-2012 23:27:49 - Software Distribution Service 3.0
RP1075: 18-11-2012 12:19:14 - Controlepunt van systeem
RP1076: 19-11-2012 12:58:13 - Controlepunt van systeem
RP1077: 20-11-2012 14:55:31 - Controlepunt van systeem
RP1078: 21-11-2012 21:03:54 - Controlepunt van systeem
RP1079: 22-11-2012 22:02:41 - Controlepunt van systeem
RP1080: 23-11-2012 22:43:26 - Controlepunt van systeem
RP1081: 25-11-2012 9:21:05 - Controlepunt van systeem
RP1082: 26-11-2012 10:48:02 - Controlepunt van systeem
RP1083: 27-11-2012 11:12:22 - Controlepunt van systeem
RP1084: 28-11-2012 12:09:29 - Controlepunt van systeem
RP1085: 29-11-2012 12:24:42 - Controlepunt van systeem
RP1086: 30-11-2012 18:46:11 - Controlepunt van systeem
RP1087: 2-12-2012 12:52:10 - Controlepunt van systeem
RP1088: 3-12-2012 13:32:35 - Controlepunt van systeem
RP1089: 4-12-2012 13:53:47 - Controlepunt van systeem
RP1090: 5-12-2012 14:54:52 - Controlepunt van systeem
RP1091: 6-12-2012 15:43:10 - Controlepunt van systeem
RP1092: 7-12-2012 16:13:31 - Controlepunt van systeem
RP1093: 8-12-2012 17:04:06 - Controlepunt van systeem
RP1094: 9-12-2012 17:21:13 - Controlepunt van systeem
RP1095: 10-12-2012 19:24:11 - Controlepunt van systeem
RP1096: 11-12-2012 19:58:34 - Controlepunt van systeem
RP1097: 12-12-2012 20:56:45 - Controlepunt van systeem
RP1098: 13-12-2012 3:00:41 - Software Distribution Service 3.0
RP1099: 14-12-2012 3:28:02 - Controlepunt van systeem
RP1100: 15-12-2012 21:18:53 - Controlepunt van systeem
RP1101: 16-12-2012 22:06:20 - Controlepunt van systeem
.
==== Installed Programs ======================
.
1ClickDownloader
32 Bit HP CIO Components Installer
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.5.2 - Nederlands
Adobe Shockwave Player 11.5
µTorrent
Beveiligingsupdate voor Microsoft Windows (KB2564958)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2416400)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)
Beveiligingsupdate voor Windows XP (KB2476490)
Beveiligingsupdate voor Windows XP (KB2503665)
Beveiligingsupdate voor Windows XP (KB2507938)
Beveiligingsupdate voor Windows XP (KB2535512)
Beveiligingsupdate voor Windows XP (KB2536276-v2)
Beveiligingsupdate voor Windows XP (KB2536276)
Beveiligingsupdate voor Windows XP (KB2544893-v2)
Beveiligingsupdate voor Windows XP (KB2544893)
Beveiligingsupdate voor Windows XP (KB2555917)
Beveiligingsupdate voor Windows XP (KB2562937)
Beveiligingsupdate voor Windows XP (KB2566454)
Beveiligingsupdate voor Windows XP (KB2567053)
Beveiligingsupdate voor Windows XP (KB2567680)
Beveiligingsupdate voor Windows XP (KB2570222)
Beveiligingsupdate voor Windows XP (KB2570947)
Beveiligingsupdate voor Windows XP (KB2584146)
Beveiligingsupdate voor Windows XP (KB2585542)
Beveiligingsupdate voor Windows XP (KB2592799)
Beveiligingsupdate voor Windows XP (KB2598479)
Beveiligingsupdate voor Windows XP (KB2603381)
Beveiligingsupdate voor Windows XP (KB2618451)
Beveiligingsupdate voor Windows XP (KB2619339)
Beveiligingsupdate voor Windows XP (KB2620712)
Beveiligingsupdate voor Windows XP (KB2621440)
Beveiligingsupdate voor Windows XP (KB2624667)
Beveiligingsupdate voor Windows XP (KB2631813)
Beveiligingsupdate voor Windows XP (KB2633171)
Beveiligingsupdate voor Windows XP (KB2639417)
Beveiligingsupdate voor Windows XP (KB2641653)
Beveiligingsupdate voor Windows XP (KB2646524)
Beveiligingsupdate voor Windows XP (KB2647518)
Beveiligingsupdate voor Windows XP (KB2653956)
Beveiligingsupdate voor Windows XP (KB2655992)
Beveiligingsupdate voor Windows XP (KB2659262)
Beveiligingsupdate voor Windows XP (KB2660465)
Beveiligingsupdate voor Windows XP (KB2676562)
Beveiligingsupdate voor Windows XP (KB2685939)
Beveiligingsupdate voor Windows XP (KB2686509)
Beveiligingsupdate voor Windows XP (KB2691442)
Beveiligingsupdate voor Windows XP (KB2695962)
Beveiligingsupdate voor Windows XP (KB2698365)
Beveiligingsupdate voor Windows XP (KB2705219)
Beveiligingsupdate voor Windows XP (KB2707511)
Beveiligingsupdate voor Windows XP (KB2709162)
Beveiligingsupdate voor Windows XP (KB2712808)
Beveiligingsupdate voor Windows XP (KB2718523)
Beveiligingsupdate voor Windows XP (KB2719985)
Beveiligingsupdate voor Windows XP (KB2723135)
Beveiligingsupdate voor Windows XP (KB2724197)
Beveiligingsupdate voor Windows XP (KB2727528)
Beveiligingsupdate voor Windows XP (KB2731847)
Beveiligingsupdate voor Windows XP (KB2753842)
Beveiligingsupdate voor Windows XP (KB2758857)
Beveiligingsupdate voor Windows XP (KB2761226)
Beveiligingsupdate voor Windows XP (KB2770660)
Beveiligingsupdate voor Windows XP (KB2779030)
BufferChm
C4400
C4400_Help
Call of Duty - World at War
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Copy
CustomerResearchQFolder
CyberLink PowerDVD 9
Defraggler (remove only)
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
eSupportQFolder
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix voor Windows XP (KB2570791)
Hotfix voor Windows XP (KB2633952)
Hotfix voor Windows XP (KB2756822)
Hotfix voor Windows XP (KB2779562)
HP Customer Participation Program 10.0
HP Imaging Device Functions 10.0
HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
HP Photosmart Essential 2.5
HP Smart Web Printing 4.60
HP Solution Center 10.0
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
IncrediMail
Incredimail Backup Pro V3.4
Intel® Graphics Media Accelerator Driver
Java Auto Updater
Java™ 6 Update 30
Junk Mail filter update
Malwarebytes Anti-Malware versie 1.65.1.1000
MarketResearch
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Dutch Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Language Pack - NLD
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2000 Premium
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (Dutch) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Dutch) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
Norman Security Suite
OCR Software by I.R.I.S. 10.0
Opera 12.11
Pakket voor de provider van Microsoft Base-smartcardcryptografieservice
PanoStandAlone
PS_AIO_03_C4400_ProductContext
PS_AIO_03_C4400_Software
PS_AIO_03_C4400_Software_Min
PSSWCORE
PunkBuster Services
Realtek High Definition Audio Driver
Scan
Secunia PSI (3.0.0.6001)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Segoe UI
Shop for HP Supplies
SmartCard Reader Driver Installation
SmartWebPrinting
SolutionCenter
Status
Toolbox
TP-LINK Wireless Client Utility
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
Update voor Windows Internet Explorer 8 (KB973874)
Update voor Windows Internet Explorer 8 (KB976662)
Update voor Windows Internet Explorer 8 (KB976749)
Update voor Windows Internet Explorer 8 (KB980182)
Update voor Windows XP (KB2541763)
Update voor Windows XP (KB2616676-v2)
Update voor Windows XP (KB2616676)
Update voor Windows XP (KB2641690)
Update voor Windows XP (KB2661254-v2)
Update voor Windows XP (KB2718704)
Update voor Windows XP (KB2736233)
Update voor Windows XP (KB2749655)
VideoToolkit01
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
WinRAR
.
==== End Of File ===========================

Attached Files

  • Attached File  dds.txt   10.39KB   1 downloads

Edited by ArjanRossum, 18 December 2012 - 11:30 AM.


BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:54 AM

Posted 17 December 2012 - 03:07 PM

Good evening. :)

Will you please post the contents of Attach.txt that should have been created when you ran DDS originally - if you didn't save a copy, simply run DDS again.

So long, and thanks for all the fish.

 

 


#3 ArjanRossum

ArjanRossum
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:54 PM

Posted 18 December 2012 - 11:31 AM

Good evening. :)

Will you please post the contents of Attach.txt that should have been created when you ran DDS originally - if you didn't save a copy, simply run DDS again.


Check :)

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 17-9-2009 19:11:20
System Uptime: 17-12-2012 19:21:35 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5QPL-AM
Processor: Intel Pentium III Xeon-processor | LGA775 | 2793/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 80,343 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1012: 19-9-2012 12:47:39 - Controlepunt van systeem
RP1013: 20-9-2012 13:23:59 - Controlepunt van systeem
RP1014: 21-9-2012 13:44:50 - Controlepunt van systeem
RP1015: 22-9-2012 13:47:04 - Controlepunt van systeem
RP1016: 23-9-2012 3:00:18 - Software Distribution Service 3.0
RP1017: 24-9-2012 10:31:13 - Controlepunt van systeem
RP1018: 25-9-2012 10:59:09 - Controlepunt van systeem
RP1019: 26-9-2012 11:19:32 - Controlepunt van systeem
RP1020: 27-9-2012 11:30:03 - Controlepunt van systeem
RP1021: 28-9-2012 11:59:23 - Controlepunt van systeem
RP1022: 29-9-2012 12:58:01 - Controlepunt van systeem
RP1023: 30-9-2012 13:59:06 - Controlepunt van systeem
RP1024: 1-10-2012 14:58:01 - Controlepunt van systeem
RP1025: 2-10-2012 16:07:42 - Controlepunt van systeem
RP1026: 3-10-2012 16:37:41 - Controlepunt van systeem
RP1027: 4-10-2012 17:46:18 - Controlepunt van systeem
RP1028: 5-10-2012 18:14:46 - Controlepunt van systeem
RP1029: 6-10-2012 19:13:50 - Controlepunt van systeem
RP1030: 8-10-2012 11:18:52 - Controlepunt van systeem
RP1031: 9-10-2012 11:30:30 - Controlepunt van systeem
RP1032: 10-10-2012 20:37:36 - Controlepunt van systeem
RP1033: 11-10-2012 3:00:39 - Software Distribution Service 3.0
RP1034: 12-10-2012 3:26:46 - Controlepunt van systeem
RP1035: 13-10-2012 4:26:45 - Controlepunt van systeem
RP1036: 14-10-2012 5:26:46 - Controlepunt van systeem
RP1037: 15-10-2012 6:08:18 - Controlepunt van systeem
RP1038: 16-10-2012 7:06:55 - Controlepunt van systeem
RP1039: 17-10-2012 8:54:03 - Controlepunt van systeem
RP1040: 17-10-2012 14:54:53 - Installed Call of Duty - World at War
RP1041: 17-10-2012 15:13:57 - DirectX is geïnstalleerd.
RP1042: 17-10-2012 15:38:11 - Configured Call of Duty - World at War
RP1043: 17-10-2012 15:49:08 - DirectX is geïnstalleerd.
RP1044: 17-10-2012 16:24:39 - Installed Call of Duty - World at War
RP1045: 17-10-2012 16:27:45 - DirectX is geïnstalleerd.
RP1046: 18-10-2012 17:23:42 - Controlepunt van systeem
RP1047: 18-10-2012 20:58:07 - Installed Call of Duty - World at War
RP1048: 18-10-2012 20:59:02 - DirectX is geïnstalleerd.
RP1049: 19-10-2012 21:49:38 - Controlepunt van systeem
RP1050: 20-10-2012 22:24:02 - Controlepunt van systeem
RP1051: 22-10-2012 20:31:22 - Controlepunt van systeem
RP1052: 24-10-2012 8:59:26 - Controlepunt van systeem
RP1053: 25-10-2012 10:29:34 - Controlepunt van systeem
RP1054: 26-10-2012 11:10:20 - Controlepunt van systeem
RP1055: 27-10-2012 11:14:50 - Controlepunt van systeem
RP1056: 28-10-2012 13:05:39 - Controlepunt van systeem
RP1057: 29-10-2012 13:17:39 - Controlepunt van systeem
RP1058: 30-10-2012 13:43:05 - Controlepunt van systeem
RP1059: 31-10-2012 14:02:10 - Controlepunt van systeem
RP1060: 1-11-2012 15:12:32 - Controlepunt van systeem
RP1061: 2-11-2012 15:24:32 - Controlepunt van systeem
RP1062: 3-11-2012 15:52:23 - Controlepunt van systeem
RP1063: 4-11-2012 16:12:24 - Controlepunt van systeem
RP1064: 5-11-2012 17:30:48 - Controlepunt van systeem
RP1065: 6-11-2012 18:49:11 - Controlepunt van systeem
RP1066: 7-11-2012 21:13:18 - Controlepunt van systeem
RP1067: 8-11-2012 21:36:37 - Controlepunt van systeem
RP1068: 9-11-2012 22:19:15 - Controlepunt van systeem
RP1069: 10-11-2012 23:57:51 - Controlepunt van systeem
RP1070: 13-11-2012 17:44:32 - Controlepunt van systeem
RP1071: 14-11-2012 19:01:14 - Controlepunt van systeem
RP1072: 15-11-2012 20:01:17 - Controlepunt van systeem
RP1073: 16-11-2012 21:00:49 - Controlepunt van systeem
RP1074: 16-11-2012 23:27:49 - Software Distribution Service 3.0
RP1075: 18-11-2012 12:19:14 - Controlepunt van systeem
RP1076: 19-11-2012 12:58:13 - Controlepunt van systeem
RP1077: 20-11-2012 14:55:31 - Controlepunt van systeem
RP1078: 21-11-2012 21:03:54 - Controlepunt van systeem
RP1079: 22-11-2012 22:02:41 - Controlepunt van systeem
RP1080: 23-11-2012 22:43:26 - Controlepunt van systeem
RP1081: 25-11-2012 9:21:05 - Controlepunt van systeem
RP1082: 26-11-2012 10:48:02 - Controlepunt van systeem
RP1083: 27-11-2012 11:12:22 - Controlepunt van systeem
RP1084: 28-11-2012 12:09:29 - Controlepunt van systeem
RP1085: 29-11-2012 12:24:42 - Controlepunt van systeem
RP1086: 30-11-2012 18:46:11 - Controlepunt van systeem
RP1087: 2-12-2012 12:52:10 - Controlepunt van systeem
RP1088: 3-12-2012 13:32:35 - Controlepunt van systeem
RP1089: 4-12-2012 13:53:47 - Controlepunt van systeem
RP1090: 5-12-2012 14:54:52 - Controlepunt van systeem
RP1091: 6-12-2012 15:43:10 - Controlepunt van systeem
RP1092: 7-12-2012 16:13:31 - Controlepunt van systeem
RP1093: 8-12-2012 17:04:06 - Controlepunt van systeem
RP1094: 9-12-2012 17:21:13 - Controlepunt van systeem
RP1095: 10-12-2012 19:24:11 - Controlepunt van systeem
RP1096: 11-12-2012 19:58:34 - Controlepunt van systeem
RP1097: 12-12-2012 20:56:45 - Controlepunt van systeem
RP1098: 13-12-2012 3:00:41 - Software Distribution Service 3.0
RP1099: 14-12-2012 3:28:02 - Controlepunt van systeem
RP1100: 15-12-2012 21:18:53 - Controlepunt van systeem
RP1101: 16-12-2012 22:06:20 - Controlepunt van systeem
.
==== Installed Programs ======================
.
1ClickDownloader
32 Bit HP CIO Components Installer
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.5.2 - Nederlands
Adobe Shockwave Player 11.5
µTorrent
Beveiligingsupdate voor Microsoft Windows (KB2564958)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2416400)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)
Beveiligingsupdate voor Windows XP (KB2476490)
Beveiligingsupdate voor Windows XP (KB2503665)
Beveiligingsupdate voor Windows XP (KB2507938)
Beveiligingsupdate voor Windows XP (KB2535512)
Beveiligingsupdate voor Windows XP (KB2536276-v2)
Beveiligingsupdate voor Windows XP (KB2536276)
Beveiligingsupdate voor Windows XP (KB2544893-v2)
Beveiligingsupdate voor Windows XP (KB2544893)
Beveiligingsupdate voor Windows XP (KB2555917)
Beveiligingsupdate voor Windows XP (KB2562937)
Beveiligingsupdate voor Windows XP (KB2566454)
Beveiligingsupdate voor Windows XP (KB2567053)
Beveiligingsupdate voor Windows XP (KB2567680)
Beveiligingsupdate voor Windows XP (KB2570222)
Beveiligingsupdate voor Windows XP (KB2570947)
Beveiligingsupdate voor Windows XP (KB2584146)
Beveiligingsupdate voor Windows XP (KB2585542)
Beveiligingsupdate voor Windows XP (KB2592799)
Beveiligingsupdate voor Windows XP (KB2598479)
Beveiligingsupdate voor Windows XP (KB2603381)
Beveiligingsupdate voor Windows XP (KB2618451)
Beveiligingsupdate voor Windows XP (KB2619339)
Beveiligingsupdate voor Windows XP (KB2620712)
Beveiligingsupdate voor Windows XP (KB2621440)
Beveiligingsupdate voor Windows XP (KB2624667)
Beveiligingsupdate voor Windows XP (KB2631813)
Beveiligingsupdate voor Windows XP (KB2633171)
Beveiligingsupdate voor Windows XP (KB2639417)
Beveiligingsupdate voor Windows XP (KB2641653)
Beveiligingsupdate voor Windows XP (KB2646524)
Beveiligingsupdate voor Windows XP (KB2647518)
Beveiligingsupdate voor Windows XP (KB2653956)
Beveiligingsupdate voor Windows XP (KB2655992)
Beveiligingsupdate voor Windows XP (KB2659262)
Beveiligingsupdate voor Windows XP (KB2660465)
Beveiligingsupdate voor Windows XP (KB2676562)
Beveiligingsupdate voor Windows XP (KB2685939)
Beveiligingsupdate voor Windows XP (KB2686509)
Beveiligingsupdate voor Windows XP (KB2691442)
Beveiligingsupdate voor Windows XP (KB2695962)
Beveiligingsupdate voor Windows XP (KB2698365)
Beveiligingsupdate voor Windows XP (KB2705219)
Beveiligingsupdate voor Windows XP (KB2707511)
Beveiligingsupdate voor Windows XP (KB2709162)
Beveiligingsupdate voor Windows XP (KB2712808)
Beveiligingsupdate voor Windows XP (KB2718523)
Beveiligingsupdate voor Windows XP (KB2719985)
Beveiligingsupdate voor Windows XP (KB2723135)
Beveiligingsupdate voor Windows XP (KB2724197)
Beveiligingsupdate voor Windows XP (KB2727528)
Beveiligingsupdate voor Windows XP (KB2731847)
Beveiligingsupdate voor Windows XP (KB2753842)
Beveiligingsupdate voor Windows XP (KB2758857)
Beveiligingsupdate voor Windows XP (KB2761226)
Beveiligingsupdate voor Windows XP (KB2770660)
Beveiligingsupdate voor Windows XP (KB2779030)
BufferChm
C4400
C4400_Help
Call of Duty - World at War
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Copy
CustomerResearchQFolder
CyberLink PowerDVD 9
Defraggler (remove only)
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
eSupportQFolder
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix voor Windows XP (KB2570791)
Hotfix voor Windows XP (KB2633952)
Hotfix voor Windows XP (KB2756822)
Hotfix voor Windows XP (KB2779562)
HP Customer Participation Program 10.0
HP Imaging Device Functions 10.0
HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
HP Photosmart Essential 2.5
HP Smart Web Printing 4.60
HP Solution Center 10.0
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
IncrediMail
Incredimail Backup Pro V3.4
Intel® Graphics Media Accelerator Driver
Java Auto Updater
Java™ 6 Update 30
Junk Mail filter update
Malwarebytes Anti-Malware versie 1.65.1.1000
MarketResearch
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Dutch Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Language Pack - NLD
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2000 Premium
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (Dutch) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Dutch) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
Norman Security Suite
OCR Software by I.R.I.S. 10.0
Opera 12.11
Pakket voor de provider van Microsoft Base-smartcardcryptografieservice
PanoStandAlone
PS_AIO_03_C4400_ProductContext
PS_AIO_03_C4400_Software
PS_AIO_03_C4400_Software_Min
PSSWCORE
PunkBuster Services
Realtek High Definition Audio Driver
Scan
Secunia PSI (3.0.0.6001)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Segoe UI
Shop for HP Supplies
SmartCard Reader Driver Installation
SmartWebPrinting
SolutionCenter
Status
Toolbox
TP-LINK Wireless Client Utility
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
Update voor Windows Internet Explorer 8 (KB973874)
Update voor Windows Internet Explorer 8 (KB976662)
Update voor Windows Internet Explorer 8 (KB976749)
Update voor Windows Internet Explorer 8 (KB980182)
Update voor Windows XP (KB2541763)
Update voor Windows XP (KB2616676-v2)
Update voor Windows XP (KB2616676)
Update voor Windows XP (KB2641690)
Update voor Windows XP (KB2661254-v2)
Update voor Windows XP (KB2718704)
Update voor Windows XP (KB2736233)
Update voor Windows XP (KB2749655)
VideoToolkit01
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
WinRAR
.
==== End Of File ===========================

Attached Files


Edited by Noviciate, 18 December 2012 - 02:50 PM.
Log added from attachment


#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:54 AM

Posted 18 December 2012 - 03:02 PM

Good evening. :)

Take a trip to this webpage for download links and instructions for running Combofix by sUBs: http://www.bleepingcomputer.com/combofix/how-to-use-combofix *

  • When prompted to save Combofix, change the filename BEFORE saving it - any name will do, as long as it has .exe at the end.
  • Please be aware that this tool may require the PC to be rebooted so close any programs you have open before you start.
  • When CF has finished, it will produce a log - C:\ComboFix.txt - copy and paste
  • Let me know how the PC is behaving.
* There are two points to note from the instructions page:

1) The Recovery Console.

It is recommended that you install this as, in certain circumstances, it may be the difference between a successful repair and a reformat. If you are uncertain as to whether or not you already have the Recovery Console installed, simply run CF and it will prompt you if it does not detect it.
CF will complete some, but not all, of it's removal tasks without the installation of the Console, so you are free to choose whether you want to complete this step, but it is in your interests to do so.

2) Disabling your Anti-Virus.

CF has been the victim of false-positive detections on occasion and a resident AV may incorrectly identify and delete part of the tool which won't do it much good. If you don't disable your AV, you may not get the results you hoped for!

So long, and thanks for all the fish.

 

 


#5 ArjanRossum

ArjanRossum
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:54 PM

Posted 22 December 2012 - 01:42 PM

Sorry for the late reply.
I'm now going to check if my PC works normal without safe-mode


ComboFix 12-12-22.01 - Van Rossum 22-12-2012 19:30:39.2.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2013.1680 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Van Rossum\Bureaublad\ComboFix.exe
AV: Norman Security Suite *Disabled/Updated* {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
c:\documents and settings\Van Rossum\Application Data\Ipycl
c:\documents and settings\Van Rossum\Application Data\Ipycl\urzaa.gye
c:\documents and settings\Van Rossum\Application Data\PriceGong
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\2229.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\2258.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\4489.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Van Rossum\Application Data\PriceGong\Data\z.txt
c:\documents and settings\Van Rossum\Local Settings\Application Data\yvmgbuobwf.exe
c:\windows\system32\athgina.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-11-22 to 2012-12-22 ))))))))))))))))))))))))))))))
.
.
2012-12-17 19:05 . 2012-12-17 19:05 -------- d-----w- c:\windows\LastGood
2012-12-17 18:13 . 2012-12-17 18:13 -------- d-----w- c:\documents and settings\Van Rossum\Local Settings\Application Data\Secunia PSI
2012-12-17 18:01 . 2012-12-17 18:01 -------- d-----w- c:\program files\Secunia
2012-12-17 16:53 . 2012-12-22 18:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-17 16:53 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-02 02:24 . 2012-12-22 09:31 -------- d--h--r- c:\documents and settings\Van Rossum\Onlangs geopend
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-13 11:55 . 2008-04-15 12:00 1866496 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 00:41 . 2008-04-15 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 02:03 . 2008-04-15 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2008-04-15 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2008-04-15 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:12 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2008-04-15 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-10-18 19:11 . 2011-04-15 21:07 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-10-18 19:03 . 2011-04-15 21:07 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-10-02 18:04 . 2008-04-15 12:00 58368 ----a-w- c:\windows\system32\synceng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-12-10 969104]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-10-17 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2012-12-03 350120]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-09-29 766536]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-11-26 573024]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56875:TCP"= 56875:TCP:Pando Media Booster
"56875:UDP"= 56875:UDP:Pando Media Booster
"58870:TCP"= 58870:TCP:Pando Media Booster
"58870:UDP"= 58870:UDP:Pando Media Booster
.
R0 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [17-9-2009 18:32 46816]
R1 NPROSEC;Norman Security driver;c:\program files\Norman\Ngs\Bin\nprosec.sys [17-8-2010 11:52 91136]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [1-7-2010 12:04 1668352]
S1 NGS;Norman General Security Driver;c:\program files\Norman\Ngs\Bin\ngs.sys [17-8-2010 11:52 26744]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/09/17 19:39];c:\program files\CyberLink\PowerDVD9\000.fcl [7-5-2009 20:05 87536]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [17-12-2012 17:53 399432]
S2 Ndiskio;Ndiskio;c:\program files\Norman\Nse\Bin\ndiskio.sys [16-10-2009 15:36 22880]
S2 NHS;Norman Hash Server;c:\program files\Norman\nvc\bin\nhs.exe [14-5-2012 15:07 793520]
S2 NNFSVC;Norman Network Filtering service;c:\program files\Norman\Ngs\Bin\nnf.exe [17-8-2010 11:52 231216]
S2 NPROSECSVC;Norman Security service;c:\program files\Norman\Ngs\Bin\nprosec.exe [17-8-2010 11:52 90144]
S2 nregsec;Norman Registry Security driver;c:\program files\Norman\Ngs\Bin\nregsec.sys [17-8-2010 11:52 61496]
S2 NVOY;Norman Resource Provider;c:\program files\Norman\Npm\Bin\nvoy.exe [17-9-2009 18:32 100936]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [26-11-2012 15:09 1225312]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17-9-2009 18:22 1684736]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 EMVSCARD;EMVSCARD;c:\windows\system32\drivers\EMVSCARD.sys [17-9-2009 19:26 20178]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15-1-2010 13:49 227232]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 nsesvc;Norman Scanner Engine Service;c:\program files\Norman\Nse\Bin\nsesvc.exe [22-8-2012 19:23 288104]
S3 nvcoas;Norman Virus Control on-access component;c:\program files\Norman\nvc\bin\nvcoas.exe [4-7-2012 13:34 287312]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1-9-2010 9:30 15544]
S3 Scheduler;Norman Scheduler Service;c:\program files\Norman\Npm\Bin\scheduler.exe [17-9-2009 18:32 99312]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2012-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-24 07:42]
.
2012-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-24 07:42]
.
2012-12-17 c:\windows\Tasks\User_Feed_Synchronization-{02EB562A-8F8F-4BAB-B80C-D32E2781EC6E}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.254
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-Izaqa - c:\documents and settings\Van Rossum\Application Data\Yxevy\ecwaa.exe
AddRemove-1ClickDownloader - c:\program files\1ClickDownload\uninstall.exe
AddRemove-PunkBusterSvc - c:\program files\EA Games\Battlefield Play4Free\pbsvc_p4f.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-22 19:35
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
Voltooingstijd: 2012-12-22 19:38:43 - machine werd herstart
ComboFix-quarantined-files.txt 2012-12-22 18:38
.
Pre-Run: 87.338.348.544 bytes beschikbaar
Post-Run: 87.545.196.544 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /safeboot:network
.
- - End Of File - - 8B51C2989429FE097F7170362B9B4FC9

Attached Files



#6 ArjanRossum

ArjanRossum
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:54 PM

Posted 22 December 2012 - 01:59 PM

I started my computer without safe-mode on.
Security Shield seems to be gone!!
I'm very gratefull tot you that you managed this.
One thing I read is that I shouldn't remove the programms until you're (the helper) permission.
I would like to, because for instance Malwarebytes anti-malware keeps poping up messages saying it blocked a possible evil website.
Also PSIsetup didn't seem to update at all on my PC, so I guess it isn't usefull.
Let me know if I can delete certain programmes or if I should do anything else.
I'm glad you could help, If not, I would probably have called the guy that installed the PC for me, and he would charge a big amount of money for this.
Thanks a lot, this website is amazing!
Arjan

#7 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:54 AM

Posted 22 December 2012 - 02:03 PM

Good evening. :)

I would like to, because for instance Malwarebytes anti-malware keeps poping up messages saying it blocked a possible evil website.

Is it doing this now after ComboFix has been run?

So long, and thanks for all the fish.

 

 


#8 ArjanRossum

ArjanRossum
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:54 PM

Posted 22 December 2012 - 02:04 PM

Good evening. :)

I would like to, because for instance Malwarebytes anti-malware keeps poping up messages saying it blocked a possible evil website.

Is it doing this now after ComboFix has been run?

Yes it does, I thought I should let you know, I'm a little suspicious about it too.

#9 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:54 AM

Posted 22 December 2012 - 04:50 PM

Update MBAM, run a full scan and let me have the log that it produces.

So long, and thanks for all the fish.

 

 


#10 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:54 AM

Posted 27 December 2012 - 05:35 PM

As there has been no response for five days this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users