Elke twee minuten opent IE nieuw venster met spam

anoniem · 26 januari 2011

Mijn IE opent elke twee minuten een nieuw venster met reclame. Win een Iphone, gratis spellen etc. Ik heb getracht om dit op te laten houden door een Hijackthis log te maken. Hier heb ik enkele dingen uitgehaald maar dit verhelpt het probleem niet. Weet iemand hoe ik hiervan af kan komen?

anoniem · 28 januari 2011

Hallo Ben, je mag onderstaande gaan uitvoeren: open een nieuw kladblok bestand, via Start>Alle programma’s>Bureau-accessoires>Kladblok. Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:d91828589d][color=Blue:d91828589d]File:: C:\STF1DF2.tmp Folder:: C:\32788R22FWJFW Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001[/color:d91828589d][/b:d91828589d] Sla dit kladblokbestand op je bureaublad op als [b:d91828589d]CFScript.txt[/b:d91828589d]. [b:d91828589d][COLOR="Red"]Nu eerst de antivirus deaktiveren![/COLOR][/b:d91828589d] Sleep CFScript.txt in ComboFix.exe [img:d91828589d]http://home.kpn.nl/~stefsmeenk/CFScript.gif[/img:d91828589d] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!

anoniem · 29 januari 2011

Ik heb het de laatste dagen behoorlijk druk gehad waardoor ik er niet aan toe ben gekomen om combofix te runnen. Ik ga er vanavond mee bezig.

anoniem · 30 januari 2011

Hoi Ben, wil het een beetje lukken?

anoniem · 1 februari 2011

Hallo Abraham Het is zeker gelukt, alleen beetje druk gehad waardoor ik geen tijd heb gehad voor een combo run! Nu heb ik tijd gevonden en een log gemaakt, zie hier het resultaat: ComboFix 11-01-26.04 - Boltjes 01-02-2011 18:02:57.6.1 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.1961 [GMT 1:00] Gestart vanuit: D:\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: D:\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6} SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FILE :: "C:\STF1DF2.tmp" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\STF1DF2.tmp . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-01 to 2011-02-01 )))))))))))))))))))))))))))))) . 2011-02-01 17:31:21 . 2011-02-01 17:31:21 -------- d-----w- C:\Users\Default\AppData\Local\temp 2011-02-01 16:03:28 . 2011-01-13 09:41:52 5890896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7CF3FE41-D6DE-46E6-8C64-22D0D4F2FF0F}\mpengine.dll 2011-01-27 21:38:43 . 2011-01-27 21:38:43 -------- d-----w- C:\Program Files\DDR - Memory Card Recovery(Demo) 2011-01-27 21:38:43 . 2010-07-01 02:32:00 67312 ----a-w- C:\Windows\UnDeployV.exe 2011-01-27 13:07:07 . 2011-01-27 13:07:57 -------- d-----w- C:\Users\Boltjes\AppData\Roaming\Belastingdienst 2011-01-27 13:03:52 . 2011-01-27 13:03:52 -------- d-----w- C:\Program Files\Belastingdienst 2011-01-26 21:48:31 . 2011-01-26 21:48:31 -------- d-----w- C:\Users\Boltjes\AppData\Roaming\mkvtoolnix 2011-01-26 21:47:51 . 2011-01-26 21:47:57 -------- d-----w- C:\Program Files\MKVtoolnix 2011-01-26 21:26:24 . 2009-09-02 11:44:56 65602 ----a-w- C:\Windows\system32\cook3260.dll 2011-01-26 21:26:24 . 2009-09-02 11:44:56 217127 ----a-w- C:\Windows\system32\drv43260.dll 2011-01-26 21:26:24 . 2009-09-02 11:44:56 208935 ----a-w- C:\Windows\system32\drv33260.dll 2011-01-26 21:26:24 . 2009-09-02 11:44:56 176165 ----a-w- C:\Windows\system32\drv23260.dll 2011-01-26 21:26:24 . 2009-09-02 11:44:56 102439 ----a-w- C:\Windows\system32\sipr3260.dll 2011-01-26 21:26:20 . 2009-09-02 11:44:56 626688 ----a-w- C:\Windows\system32\vp7vfw.dll 2011-01-26 21:26:19 . 2009-09-02 11:44:56 1184984 ----a-w- C:\Windows\system32\wvc1dmod.dll 2011-01-26 15:59:57 . 2011-01-26 15:59:57 -------- d-----w- C:\Program Files\Innovative Solutions 2011-01-26 15:00:35 . 2011-01-26 15:00:35 -------- d-----w- C:\Program Files\Activision 2011-01-26 10:31:26 . 2010-12-20 17:09:00 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys 2011-01-26 10:31:22 . 2011-01-26 10:31:30 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2011-01-26 10:31:22 . 2010-12-20 17:08:40 20952 ----a-w- C:\Windows\system32\drivers\mbam.sys 2011-01-26 10:00:38 . 2011-01-26 10:00:38 388096 ----a-r- C:\Users\Boltjes\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-26 10:00:37 . 2011-01-26 10:00:37 -------- d-----w- C:\Program Files\Trend Micro 2011-01-24 19:00:26 . 2011-01-24 19:00:29 -------- d-----w- C:\Program Files\Uninstall Gold 2011-01-23 14:23:45 . 2011-01-23 14:23:45 -------- d-----w- C:\Users\Public\CyberLink 2011-01-21 21:43:41 . 2011-01-21 21:43:57 84718440 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\wlcBEDD.tmp 2011-01-20 16:19:10 . 2011-01-20 16:19:10 -------- d-----w- C:\ProgramData\FLEXnet 2011-01-20 15:54:40 . 2011-01-20 15:59:55 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared 2011-01-20 15:54:40 . 2011-01-20 15:59:55 -------- d-----w- C:\Program Files\AutoCAD 2010 2011-01-20 15:25:17 . 2011-01-20 15:25:17 -------- d-----w- C:\Program Files\Autodesk 2011-01-18 20:25:18 . 2011-01-24 07:27:04 -------- d-----w- C:\Users\Boltjes\AppData\Roaming\skypePM 2011-01-18 20:24:11 . 2011-01-18 20:24:11 -------- d-----w- C:\Program Files\Common Files\Skype 2011-01-18 20:24:08 . 2011-01-24 07:46:24 -------- d-----w- C:\Users\Boltjes\AppData\Roaming\Skype 2011-01-18 20:24:08 . 2011-01-18 20:24:22 -------- d-----r- C:\Program Files\Skype 2011-01-18 20:24:05 . 2011-01-18 20:24:08 -------- d-----w- C:\ProgramData\Skype 2011-01-12 20:58:03 . 2011-01-26 13:23:05 -------- d-----w- C:\Users\Boltjes\AppData\Roaming\vlc 2011-01-12 20:04:48 . 2011-01-12 20:04:48 -------- d-----w- C:\Program Files\Movie Subtitles Searcher 2011-01-12 16:18:22 . 2010-12-28 15:55:03 413696 ----a-w- C:\Windows\system32\odbc32.dll 2011-01-12 16:18:22 . 2010-12-28 15:53:56 253952 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2011-01-12 16:18:22 . 2010-12-28 15:53:56 241664 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2011-01-12 16:18:22 . 2010-12-28 15:53:55 708608 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2011-01-12 16:18:21 . 2010-12-28 15:53:55 57344 ----a-w- C:\Program Files\Common Files\System\msadc\msadcs.dll 2011-01-12 16:18:21 . 2010-12-28 15:53:55 180224 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2011-01-12 16:18:15 . 2010-12-14 14:49:23 1169408 ----a-w- C:\Windows\system32\sdclt.exe 2011-01-08 08:58:59 . 2011-01-25 09:57:14 -------- d-----w- C:\Program Files\Google . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-30 22:16:03 . 2008-09-22 13:50:30 45056 ----a-w- C:\Windows\system32\acovcnt.exe 2011-01-26 21:21:08 . 2010-10-21 17:17:02 47360 ----a-w- C:\Users\Boltjes\AppData\Roaming\pcouffin.sys 2011-01-24 10:55:01 . 2009-07-21 16:55:29 214816 ----a-w- C:\Windows\system32\PnkBstrB.xtr 2011-01-24 10:55:01 . 2008-09-23 08:36:44 214816 ----a-w- C:\Windows\system32\PnkBstrB.exe 2011-01-24 10:54:37 . 2008-09-23 08:36:50 138328 ----a-w- C:\Windows\system32\drivers\PnkBstrK.sys 2011-01-13 08:47:35 . 2010-07-03 08:43:48 38848 ----a-w- C:\Windows\avastSS.scr 2011-01-13 08:47:32 . 2010-02-21 19:45:58 188216 ----a-w- C:\Windows\system32\aswBoot.exe 2011-01-13 08:41:16 . 2010-02-21 19:46:04 294608 ----a-w- C:\Windows\system32\drivers\aswSP.sys 2011-01-13 08:40:16 . 2010-02-21 19:46:03 47440 ----a-w- C:\Windows\system32\drivers\aswTdi.sys 2011-01-13 08:37:30 . 2010-02-21 19:46:03 23632 ----a-w- C:\Windows\system32\drivers\aswRdr.sys 2011-01-13 08:37:19 . 2010-02-21 19:46:02 51280 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys 2011-01-13 08:37:09 . 2010-02-21 19:46:04 17744 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys 2010-12-28 11:56:04 . 2010-12-28 11:59:09 29480 ----a-w- C:\Windows\system32\msxml3a.dll 2010-12-28 11:55:58 . 2008-09-12 20:11:10 353576 ----a-w- C:\Windows\system32\msvcr71.dll 2010-12-28 11:55:55 . 2008-09-12 20:11:10 505128 ----a-w- C:\Windows\system32\msvcp71.dll 2010-12-15 16:46:37 . 2010-06-22 10:07:19 420920 ----a-w- C:\Windows\system32\drivers\sptd.sys 2010-11-30 19:42:21 . 2009-08-18 09:30:38 564632 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll 2010-11-30 19:42:16 . 2010-06-24 09:33:56 17816 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2010-11-05 11:25:10 . 2010-08-30 16:30:21 98392 ----a-w- C:\Windows\system32\drivers\SBREDrv.sys 2010-11-04 18:56:07 . 2010-12-19 12:58:43 345600 ----a-w- C:\Windows\system32\wmicmiplugin.dll 2010-11-04 18:55:38 . 2010-12-19 12:58:44 352768 ----a-w- C:\Windows\system32\taskschd.dll 2010-11-04 18:55:38 . 2010-12-19 12:58:41 270336 ----a-w- C:\Windows\system32\taskcomp.dll 2010-11-04 18:55:12 . 2010-12-19 12:58:46 601600 ----a-w- C:\Windows\system32\schedsvc.dll 2010-11-04 16:34:06 . 2010-12-19 12:58:41 171520 ----a-w- C:\Windows\system32\taskeng.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19:44 94208 ----a-w- C:\Users\Boltjes\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19:44 94208 ----a-w- C:\Users\Boltjes\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19:44 94208 ----a-w- C:\Users\Boltjes\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-18 21:33:10 125952] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 21:12:58 3872080] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 21:33:40 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-27 05:10:20 4702208] "avast5"="C:\Program Files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 08:47:34 3396624] "Skytel"="Skytel.exe" [2007-08-03 05:22:02 1826816] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 02:12:38 76304] "CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 17:52:16 104936] "UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 20:15:16 218408] "UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-01-05 17:27:48 210216] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 02:47:04 35760] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 21:07:44 932288] "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 02:44:40 500208] "SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 12:37:14 517096] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 21:33:40 202240] C:\Users\Boltjes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - C:\Users\Boltjes\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk backup=C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Boltjes^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4 .lnk] path=C:\Users\Boltjes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4 .lnk backup=C:\Windows\pss\OpenOffice.org 2.4 .lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] 2010-07-22 21:10:47 402432 ----a-w- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver] 2008-09-22 13:37:25 37232 ----a-w- C:\Windows\ASScrProlog.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] 2008-09-22 13:37:26 33136 ----a-w- C:\Windows\ASScrPro.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA] 2006-11-02 06:27:32 61440 ----a-w- C:\Program Files\ASUS\ATK Media\DMedia.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2010-12-28 11:53:49 75048 ------w- C:\Program Files\CyberLink\Shared files\brs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-01-03 18:23:02 342848 ----a-w- C:\Program Files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] 2010-11-11 08:27:46 570688 ----a-w- C:\Program Files\DAEMON Tools Pro\DTAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44:34 31072 ----a-w- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] 2008-02-29 02:12:38 76304 ----a-w- C:\Windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App] 2009-10-12 15:51:28 692321 ----a-w- C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTV4Me] 2008-04-21 04:48:32 1445888 ----a-w- C:\Program Files\PCTV4Me\PCTV4Me.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone] 2007-07-19 10:18:48 778240 ----a-w- C:\Program Files\P4P\P4P.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2010-04-12 08:40:16 180224 ----a-w- C:\Program Files\PowerISO\PWRISOVM.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-05 00:54:42 417792 ----a-w- C:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10] 2010-02-02 23:08:56 87336 ------w- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-01-03 14:44:14 15028104 ----a-r- C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-08-03 05:22:02 1826816 ----a-w- C:\Windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion] 2010-11-16 10:07:32 422912 ----a-w- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-12-15 19:31:53 1242448 ----a-w- C:\Program Files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-03-02 21:24:26 857648 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2009-10-26 07:33:41 15872 ----a-w- C:\Program Files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UsbBoost] 2009-12-03 16:14:19 3788800 ----a-w- C:\Program Files\UsbBoost\TurboHddUsb.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2008-08-03 23:02:20 36352 ----a-w- C:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2314126100-972619266-2034270587-1000] "EnableNotificationsRef"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384] R2 gupdate;Google Updateservice (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-08 08:59:07 136176] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-26 13:24:31 1375992] R2 SBSDWSCService;SBSD Security Center Service;D:\Virus programma's\Spybot - Search & Destroy\SDWinSec.exe [x] R3 FNETTBOH;FNETTBOH;C:\Windows\system32\drivers\FNETTBOH.SYS [2009-12-03 16:14:19 23680] R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 08:43:28 1131136] R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 07:22:48 86824] R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 07:22:48 15016] R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 07:22:48 114600] R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 07:22:48 108328] R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 07:22:48 104616] R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 07:22:48 109736] R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 15:05:24 155344] R3 SwitchBoard;SwitchBoard;C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 12:37:14 517096] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 11:16:28 753504] S0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys [2010-08-12 12:15:20 64288] S0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys [2007-09-26 13:03:42 15416] S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2010-12-15 16:46:37 420920] S1 aswSP;aswSP; [x] S1 FNETURPX;FNETURPX;C:\Windows\system32\drivers\FNETURPX.SYS [2009-12-03 16:14:19 7936] S1 ItSDisk;ItSDisk;C:\Windows\system32\Drivers\ItSDisk.sys [2006-05-16 17:14:00 23232] S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/28 13:11:23];C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 11:58:52 87536] S2 ASBroker;Logon Session Broker;C:\Windows\System32\svchost.exe [2008-01-18 21:33:34 21504] S2 ASChannel;Local Communication Channel;C:\Windows\System32\svchost.exe [2008-01-18 21:33:34 21504] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 08:37:19 51280] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 10:46:40 369256] S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\l160x86.sys [2007-10-31 11:56:00 46592] S3 DCamUSBET;USB2.0 1.3M UVC WebCam;C:\Windows\system32\DRIVERS\etDevice.sys [2007-09-06 08:43:50 474624] S3 FiltUSBET;ET USB Device Lower Filter;C:\Windows\system32\DRIVERS\etFilter.sys [2007-10-15 07:39:26 206336] S3 ScanUSBET;ET USB Still Image Capture Device;C:\Windows\system32\DRIVERS\etScan.sys [2007-09-06 15:45:22 6656] --- Andere Services/Drivers In Geheugen --- *Deregistered* - Lavasoft Kernexplorer [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map 2011-02-01 C:\Windows\Tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 12:15:19 . 2010-11-26 13:24:33] 2011-02-01 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-08 08:59:19 . 2011-01-08 08:59:07] 2011-02-01 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-08 08:59:19 . 2011-01-08 08:59:07] 2011-02-01 C:\Windows\Tasks\User_Feed_Synchronization-{1958A1E7-76A0-4944-BD82-950BCB7EF054}.job - C:\Windows\system32\msfeedssync.exe [2010-12-19 12:56:41 . 2010-11-02 04:25:18] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - C:\Users\Boltjes\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - C:\Users\Boltjes\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html FF - ProfilePath - C:\Users\Boltjes\AppData\Roaming\Mozilla\Firefox\Profiles\sv48yz8i.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849859&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ost FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591} FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Messenger Plus Live Netherlands Toolbar: {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - %profile%\extensions\{d2ab2732-a124-4fb2-8da5-4a6a9e379331} FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-02-01 18:31:47 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AIFF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AIFF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AIFF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASX" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AU" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.avi" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.CDA" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.M3U" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MIDI" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MIDI" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MP3" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MIDI" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AU" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WAV" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WAX" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMA" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMD" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMS" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMV" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASX" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMZ" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WPL" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WVX" [HKEY_USERS\S-1-5-21-2314126100-972619266-2034270587-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{16B6D388-56B8-BCA6-85D0-5D3CEC9C14FC}*] "jagonmaciplglaaldepe"=hex:66,61,64,61,69,6b,69,65,70,6b,70,66,00,51 "paonmngannpdlpcinnibebjckbmaamhj"=hex:62,61,63,61,00,6b "hagonmaciplglaal"=hex:6e,62,64,61,67,6b,64,6b,65,69,6d,6c,6d,62,63,64,67,70, 64,61,62,63,6f,6d,67,62,62,66,6b,66,70,6d,6d,6e,6c,6a,62,66,61,6a,64,6d,6d,\ [HKEY_USERS\S-1-5-21-2314126100-972619266-2034270587-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59F70E37-45CE-1310-26BA-7C2069B5492F}*] "haiplbmllijlnnjo"=hex:61,61,00,00 "jaiplbmllijlnnjobfmo"=hex:63,61,6a,66,65,61,00,00 "paaaiahijjiiehodfdemkdogaeomenac"=hex:64,61,6c,66,6a,67,68,61,00,f8 [HKEY_USERS\S-1-5-21-2314126100-972619266-2034270587-1000\Software\SecuROM\License information*] "datasecu"=hex:72,99,fb,a8,3c,95,5e,49,5d,65,1a,63,6d,ff,41,0b,41,54,c2,49,d1, 13,2e,0a,77,51,e3,63,63,e1,7c,21,1b,c6,11,b0,31,b9,b5,aa,19,c0,d5,11,95,3f,\ "rkeysecu"=hex:7e,5c,8e,46,26,9a,71,09,dd,bb,84,ad,8f,04,c5,d0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2011-02-01 18:35:42 ComboFix-quarantined-files.txt 2011-02-01 17:35:40 ComboFix2.txt 2011-01-27 18:16:18 ComboFix3.txt 2011-01-26 12:28:41 Pre-Run: 24.113.225.728 bytes beschikbaar Post-Run: 24.128.716.800 bytes beschikbaar Current=2 Default=2 Failed=1 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10 - - End Of File - - 774FEA60B9292C62DB3F3A4CEF7BFA9E

anoniem · 2 februari 2011

Hoe gaat het nu dan met jouw Windows?

anoniem · 2 februari 2011

Windows loopt soepel. heb ook geen internetproblemen meer. Wel worden sommige programma's niet meteen opgestart.. Autocad, Excel, Word etc. Als ik op het word symbool druk (snelkoppeling) start Word niet op. Ik moet dan een bestaand bestand openen en vervolgens een nieuw bestand openen. Weet niet of dat aan een virus of iets dergelijks ligt.. Voor de rest loopt het soepeltjes. Thanks!

anoniem · 2 februari 2011

Hmmm, dat zijn toch vervelende dingen! Doe het volgende: [b:fab7c56051]Welk programma[/b:fab7c56051]: Trend Micro [b:fab7c56051]Hijack This Versie 2.0.4[/b:fab7c56051] [b:fab7c56051]Waarvoor/waarom[/b:fab7c56051]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:fab7c56051]Moeilijkheidsgraad[/b:fab7c56051]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:fab7c56051]Download[/b:fab7c56051] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:fab7c56051]HijackThis Installer[/b:fab7c56051][/url] [b:fab7c56051]Installatie[/b:fab7c56051]: [list:fab7c56051][*:fab7c56051]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:fab7c56051] Gebruikers van [b:fab7c56051]Windows Vista[/b:fab7c56051] en [b:fab7c56051]Windows 7[/b:fab7c56051] gaan daarna naar de installatielokatie van HijackThis. [list:fab7c56051][*:fab7c56051]Vervolgens met rechts hijackthis.exe aanklikken en dan Eigenschappen kiezen. [*:fab7c56051]Klik nu op de tab Comptabiliteit en zet dan een vinkje bij Als Administrator uitvoeren. [*:fab7c56051]Als laatste wordt dan nog op [b:fab7c56051]Toepassen[/b:fab7c56051] en [b:fab7c56051]OK[/b:fab7c56051] geklikt[/list:u:fab7c56051] [b:fab7c56051]Hijack This gebruiken[/b:fab7c56051]: [list:fab7c56051][*:fab7c56051]Sluit eerst alle openstaande programma's en de webbrowsers. [*:fab7c56051]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [*:fab7c56051]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:fab7c56051]Kopieer en plak inhoud van het Hijack This-logfile in je aansluitende bericht. [*:fab7c56051]Hierna mag je Hijack This weer sluiten[/list:u:fab7c56051] [b:fab7c56051]Welk programma[/b:fab7c56051]: Malwarebytes MBAM [b:fab7c56051]Waarvoor/waarom[/b:fab7c56051]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:fab7c56051]Moeilijkheidsgraad[/b:fab7c56051]: geen. [b:fab7c56051]Download Malwarebytes MBAM via één van deze locaties[/b:fab7c56051]: [list:fab7c56051] [*:fab7c56051][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:fab7c56051]Download.com[/b:fab7c56051][/url] [*:fab7c56051][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:fab7c56051]Softpedia.com[/b:fab7c56051][/url][*:fab7c56051][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:fab7c56051]Majorgeeks.com[/b:fab7c56051][/url][/list:u:fab7c56051] [b:fab7c56051]Allereerst[/b:fab7c56051]:[list:fab7c56051][*:fab7c56051] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:fab7c56051] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:fab7c56051] [b:fab7c56051]Malwarebytes MBAM opstarten[/b:fab7c56051]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [b:fab7c56051]Scannen[/b:fab7c56051]: [list:fab7c56051][*:fab7c56051] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:fab7c56051]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:fab7c56051]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:fab7c56051] [b:fab7c56051]Infecties gevonden[/b:fab7c56051]: [list:fab7c56051][*:fab7c56051]Klik nu eerst op OK om de melding weg te klikken [*:fab7c56051]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:fab7c56051]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:fab7c56051]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:fab7c56051]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:fab7c56051]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:fab7c56051] [b:fab7c56051]MBAM-Log[/b:fab7c56051]: [list:fab7c56051][*:fab7c56051] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:fab7c56051] [b:fab7c56051]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:fab7c56051] [b:fab7c56051]Als laatste post je aansluitend de inhoud van de volgende logs:[/b:fab7c56051] [list:fab7c56051][*:fab7c56051] het Hijackthis-log [*:fab7c56051] MBAM scanlog[/list:u:fab7c56051] Tevens een Uninstall-lijst posten: [list:fab7c56051][*:fab7c56051] start HijackThis, [*:fab7c56051] klik op de knop Open the Misc Tools section, [*:fab7c56051] klik op de knop Open Uninstall Manager, [*:fab7c56051] Klik op de knop Save.[/list:u:fab7c56051]

anoniem · 2 februari 2011

Hier alvast het Hijack logje! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:13:18, on 2-2-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Users\Boltjes\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\BitTorrent\bittorrent.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Boltjes\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Boltjes\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Boltjes\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Unknown owner - D:\Virus programma's\Spybot - Search & Destroy\SDWinSec.exe (file missing) O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 9085 bytes

anoniem · 2 februari 2011

Dat log ziet er prima uit!

anoniem · 2 februari 2011

MBAM log Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 5658 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 2-2-2011 15:27:46 mbam-log-2011-02-02 (15-27-46).txt Scantype: Snelle scan Objecten gescand: 160856 Verstreken tijd: 5 minuut/minuten, 4 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)

anoniem · 2 februari 2011

Hier de uninstall log: Aangifte inkomstenbelasting 2009 Aanmeldhulp voor Windows Live ID AC3File 0.7b AC3Filter 1.63b Ad-Aware Ad-Aware Adobe AIR Adobe AIR Adobe Community Help Adobe Community Help Adobe Creative Suite 5 Master Collection Adobe Flash Player 10 ActiveX Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Media Player Adobe Media Player Adobe Photoshop CS5 Adobe Reader 9.4.1 - Nederlands Adobe Shockwave Player 11.5 Apple Application Support Apple Mobile Device Support Apple Software Update ASIO4ALL ASUS CopyProtect ASUS InstantFun ASUS LifeFrame3 ASUS Live Update ASUS MultiFrame ASUS Security Protect Manager ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera Asus_Camera_ScreenSaver ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 AuthenTec Fingerprint Sensor Minimum Install AutoCAD 2010 - English AutoCAD 2010 - English Avanquest update avast! Free Antivirus Avi Player AviSynth 2.5 BitTorrent Blu-ray to DVD 1.1.0.0 BS Hacker (remove only) BurnOn CD&DVD, Version 3.1.3 ( Build 2009-2-22, Win32, ) Call of Duty: Black Ops CCE Basic Trial Version CCleaner (remove only) CDDRV_Installer Compatibility Pack for the 2007 Office system Conduit Engine ConvertXtoDVD 4.1.10.348 CoolPack CyberLink DVD Suite CyberLink DVD Suite CyberLink Power2Go CyberLink Power2Go CyberLink PowerDVD 10 CyberLink PowerDVD 10 DDR - Memory Card Recovery(Demo) 4.0.1.6 Deckadance doPDF 6.1 printer DriverAgent by TouchStone Software DriverMax 5 ffdshow [rev 3154] [2009-12-09] Free Studio version 4.9.12 Free YouTube to Mp3 Converter version 3.1 FW LiveUpdate Google Update Helper HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) IsoBuster 2.8 Java 2 Runtime Environment, SE v1.4.2_04 Java(TM) 6 Update 13 Java(TM) 6 Update 7 KhalInstallWrapper K-Lite Codec Pack 6.4.0 (Basic) Logitech SetPoint Malwarebytes' Anti-Malware Messenger Plus! Live Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 MKVtoolnix 4.4.0 Motorola SM56 Speakerphone Modem Movie Subtitles Searcher 1.0 Mozilla Firefox (3.6.8) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NB Probe neroxml NVIDIA 3D Vision stuurprogramma 260.99 NVIDIA Grafisch stuurprogramma 260.99 NVIDIA PhysX NVIDIA PhysX systeemsoftware 260.99 NVIDIA Stereoscopic 3D Driver OGA Notifier 2.0.0048.0 P4P PCTV4Me (remove only) PDF Settings CS5 PlayStation(R)Network Downloader PlayStation(R)Store Power4Gear eXtreme PowerISO PxMergeModule QuickTime Real Alternative 1.9.0 Lite Realtek High Definition Audio Driver RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office PowerPoint Viewer (KB2413381) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Skype Toolbars Skype™ 5.1 Smireboule Camtrace3D v0.9 b356 Sony Ericsson PC Companion 2.01.078 SopCast 3.2.4 Steam Synaptics Pointing Device Driver System Requirements Lab Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD TFM Audio Tool 1.2.0.0 Beta Uninstall 1.0.0.1 Uninstall Gold 2.0.2.302 Unlocker 1.8.8 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2412171) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Outlook 2007 Junk Email Filter (KB2483110) USB2.0 1.3M UVC WebCam UsbBoost VistaFeaturePack Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 1.1.5 Winamp Windows Live - Hulpprogramma voor uploaden Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Messenger Windows Media Player Firefox Plugin Windows-stuurprogrammapakket - NVIDIA (nvlddmkm) Display (08/24/2008 7.15.11.7798) WinFlash WinRAR Wireless Console 2 Wolfenstein - Enemy Territory Xfire (remove only)

anoniem · 3 februari 2011

Hoi Ben, je hebt drie oude tot antieke Java runtimes in jouw Windows zitten! Daardoor is jouw Windows zeer onveilig, want malware houdt ervan om in oude Java's te hoeken! Oplossing: - in het vervolg maar één Java runtime in jouw Windows houden en dan altijd de meest recente versie! - download de nieuwste versie alvast naar je bureaublad: http://javadl.sun.com/webapps/download/AutoDL?BundleId=45824 - deïnstalleer nu via Configuratiescherm\Programma's en onderdelen de volgende onderdelen: [b:4502640cf3]Java 2 Runtime Environment, SE v1.4.2_04 Java(TM) 6 Update 13 Java(TM) 6 Update 7 [/b:4502640cf3] - na het deïnstalleren van deze drie onderdelen dien je eerst je PC opnieuw op te starten. Daarna mag je de nieuwste versie installeren!

anoniem · 3 februari 2011

Ik ga de andere java's nu verwijderen. Is er nog iets anders wat ik moet doen? Ps: Ik ga Avast 6 beta downloaden en instaleren.

anoniem · 3 februari 2011

Dat jij voor de nieuwste Avast versie gaat is prima! Als je Java ook hebt gemoderniseerd, doe dan het volgende: een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is. Download naar je bureaublad [url=http://screen317.spywareinfoforum.org/SecurityCheck.exe][b:91a3772fa1][COLOR="Navy"]Security Check[/COLOR][/b:91a3772fa1][/url]. [list:91a3772fa1][*:91a3772fa1] Klik/dubbelklik op [b:91a3772fa1]SecurityCheck.exe[/b:91a3772fa1] en let op de instrukties in het zwarte vesnter. [*:91a3772fa1] Een Kladblok document genaamd [b:91a3772fa1]checkup.txt[/b:91a3772fa1] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad. [*:91a3772fa1] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:91a3772fa1] Post de inhoud van [b:91a3772fa1]checkup.txt [/b:91a3772fa1]in je volgende post.

anoniem · 3 februari 2011

Results of screen317's Security Check version 0.99.8 Windows Vista Service Pack 2 [color=red:d14d07dd53][b:d14d07dd53](UAC is disabled!)[/b:d14d07dd53][/color:d14d07dd53] Internet Explorer 8 [b:d14d07dd53]`````````````````````````````` [u:d14d07dd53]Antivirus/Firewall Check:[/u:d14d07dd53][/b:d14d07dd53] avast! Free Antivirus [size=1:d14d07dd53]WMI entry may not exist for antivirus; attempting automatic update.[/size:d14d07dd53] [b:d14d07dd53]``````````````````````````````` [u:d14d07dd53]Anti-malware/Other Utilities Check:[/u:d14d07dd53][/b:d14d07dd53] Ad-Aware Malwarebytes' Anti-Malware CCleaner (remove only) Java(TM) 6 Update 23 Adobe Flash Player 10.2.152.21 Adobe Reader 9.4.1 - Nederlands [color=red:d14d07dd53][b:d14d07dd53]Out of date Adobe Reader installed![/b:d14d07dd53][/color:d14d07dd53] [b:d14d07dd53]```````````````````````````````` Process Check: [u:d14d07dd53]objlist.exe by Laurent[/u:d14d07dd53][/b:d14d07dd53] Ad-Aware AAWService.exe Ad-Aware AAWTray.exe Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe [b:d14d07dd53]``````````End of Log````````````[/b:d14d07dd53]

anoniem · 4 februari 2011

MS Word en MS Excel kan ik niet via de snelkoppeling openen. Deze moet ik openen door middel van een bestand te openen..

anoniem · 5 februari 2011

Ik weet niet waar jij die snelkoppelingen hebt staan. Maar via [b:66bfed573f]Alle programma's\Microsoft Office[/b:66bfed573f] - lukt het dan wel lege dokumenten te openen?

anoniem · 6 februari 2011

Via Alle programma's\Microsoft Office kan ik word wel openen. Vista maakt snelkoppelingen van programma's die je vaak gebruikt, snel opstarten menu. Deze doen het dus niet. Heb deze al weer verwijdert en opnieuw erin gezet maar dan opent word niet. Dat is ook niet een vraag voor dit forum, deze stel ik wel even in het OS Windows forum. Zijn er nog dingen die ik moet doen voor de voltooiing van het verwijderen van virussen? Combofix nog verwijderen?

anoniem · 6 februari 2011

Hoi Ben, ook in verband met die snelkoppeling problemen: laat ComboFix nog maar weer een keer scannen! Let op: het tool zal aangegeven dat het of geupdated moet worden, of opnieuw gedownload dient te worden! Geef daaraan dus gevolg.

anoniem · 6 februari 2011

Hier de log: Voor de eerste keer dat mijn windows verkenner het ook doet na het runnen van combofix! ComboFix 11-02-05.01 - Boltjes 06-02-2011 12:45:15.7.1 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.1644 [GMT 1:00] Gestart vanuit: d:\bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-06 to 2011-02-06 )))))))))))))))))))))))))))))) . 2011-02-06 12:13 . 2011-02-06 12:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-02-04 16:19 . 2011-02-04 16:19 -------- d-----w- c:\users\Boltjes\AppData\Roaming\Unity 2011-02-04 16:18 . 2011-02-04 16:18 -------- d-----w- c:\users\Boltjes\AppData\Local\Unity 2011-02-04 12:02 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B1E20A44-F5BE-4EC9-B567-14AA950B8C56}\mpengine.dll 2011-02-04 09:45 . 2008-01-18 21:34 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL 2011-02-04 09:41 . 2011-02-01 21:34 297432 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-04 09:41 . 2011-02-01 21:33 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-04 09:41 . 2011-02-01 21:30 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-04 09:41 . 2011-02-01 21:30 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-04 09:41 . 2011-02-01 21:34 362328 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-02-04 09:41 . 2011-02-01 21:30 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-02-04 09:40 . 2011-02-01 21:40 40648 ----a-w- c:\windows\avastSS.scr 2011-02-04 09:40 . 2011-02-01 21:40 190016 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-04 09:40 . 2011-02-04 09:40 -------- d-----w- c:\programdata\AVAST Software 2011-02-04 09:40 . 2011-02-04 09:40 -------- d-----w- c:\program files\AVAST Software 2011-02-04 09:16 . 2011-02-04 09:16 -------- d-----w- c:\program files\Sibelius Software 2011-02-03 16:30 . 2011-02-03 16:30 -------- d-----w- c:\program files\Common Files\Java 2011-02-03 16:26 . 2011-02-03 16:25 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-02-03 16:26 . 2011-02-03 16:25 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-02 13:57 . 2011-02-02 13:57 388096 ----a-r- c:\users\Boltjes\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-27 21:38 . 2011-01-27 21:38 -------- d-----w- c:\program files\DDR - Memory Card Recovery(Demo) 2011-01-27 21:38 . 2010-07-01 02:32 67312 ----a-w- c:\windows\UnDeployV.exe 2011-01-27 13:07 . 2011-01-27 13:07 -------- d-----w- c:\users\Boltjes\AppData\Roaming\Belastingdienst 2011-01-27 13:03 . 2011-01-27 13:03 -------- d-----w- c:\program files\Belastingdienst 2011-01-26 21:48 . 2011-01-26 21:48 -------- d-----w- c:\users\Boltjes\AppData\Roaming\mkvtoolnix 2011-01-26 21:47 . 2011-01-26 21:47 -------- d-----w- c:\program files\MKVtoolnix 2011-01-26 21:26 . 2009-09-02 11:44 65602 ----a-w- c:\windows\system32\cook3260.dll 2011-01-26 21:26 . 2009-09-02 11:44 217127 ----a-w- c:\windows\system32\drv43260.dll 2011-01-26 21:26 . 2009-09-02 11:44 208935 ----a-w- c:\windows\system32\drv33260.dll 2011-01-26 21:26 . 2009-09-02 11:44 176165 ----a-w- c:\windows\system32\drv23260.dll 2011-01-26 21:26 . 2009-09-02 11:44 102439 ----a-w- c:\windows\system32\sipr3260.dll 2011-01-26 21:26 . 2009-09-02 11:44 626688 ----a-w- c:\windows\system32\vp7vfw.dll 2011-01-26 21:26 . 2009-09-02 11:44 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll 2011-01-26 15:59 . 2011-01-26 15:59 -------- d-----w- c:\program files\Innovative Solutions 2011-01-26 15:00 . 2011-01-26 15:00 -------- d-----w- c:\program files\Activision 2011-01-26 10:31 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-26 10:31 . 2011-01-26 10:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-26 10:31 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-26 10:00 . 2011-01-26 10:00 -------- d-----w- c:\program files\Trend Micro 2011-01-24 19:00 . 2011-01-24 19:00 -------- d-----w- c:\program files\Uninstall Gold 2011-01-23 14:23 . 2011-01-23 14:23 -------- d-----w- c:\users\Public\CyberLink 2011-01-21 21:43 . 2011-01-21 21:43 84718440 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcBEDD.tmp 2011-01-20 16:19 . 2011-01-20 16:19 -------- d-----w- c:\programdata\FLEXnet 2011-01-20 15:54 . 2011-01-20 15:59 -------- d-----w- c:\program files\Common Files\Autodesk Shared 2011-01-20 15:54 . 2011-01-20 15:59 -------- d-----w- c:\program files\AutoCAD 2010 2011-01-20 15:25 . 2011-01-20 15:25 -------- d-----w- c:\program files\Autodesk 2011-01-18 20:25 . 2011-01-24 07:27 -------- d-----w- c:\users\Boltjes\AppData\Roaming\skypePM 2011-01-18 20:24 . 2011-01-18 20:24 -------- d-----w- c:\program files\Common Files\Skype 2011-01-18 20:24 . 2011-01-24 07:46 -------- d-----w- c:\users\Boltjes\AppData\Roaming\Skype 2011-01-18 20:24 . 2011-01-18 20:24 -------- d-----r- c:\program files\Skype 2011-01-18 20:24 . 2011-01-18 20:24 -------- d-----w- c:\programdata\Skype 2011-01-12 20:58 . 2011-02-04 18:51 -------- d-----w- c:\users\Boltjes\AppData\Roaming\vlc 2011-01-12 20:04 . 2011-01-12 20:04 -------- d-----w- c:\program files\Movie Subtitles Searcher 2011-01-12 16:18 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 16:18 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-01-12 16:18 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-01-12 16:18 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-01-12 16:18 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll 2011-01-12 16:18 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-01-12 16:18 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-01-08 08:58 . 2011-01-25 09:57 -------- d-----w- c:\program files\Google . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-06 08:38 . 2008-09-22 13:50 45056 ----a-w- c:\windows\system32\acovcnt.exe 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRSTITL.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRSTEXT.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRSSTMP.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRSSPEC.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRSREH_.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRSMET_.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRSCHOR.FOT 2011-02-04 09:16 . 2009-02-21 13:27 1409 ----a-w- c:\windows\Fonts\RPRSSCRP.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\RPRS____.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSTEXT.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSROMC.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSPC__.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSNN__.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSM___.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSFS__.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSFBE_.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSFB__.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSCSC_.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSCS__.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUSC___.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\OPUS____.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\INK2TEXT.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\INK2SCRI.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\INK2METR.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\INK2CHOR.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\HELST___.FOT 2011-02-04 09:16 . 2011-02-04 09:16 1409 ----a-w- c:\windows\Fonts\HELSM___.FOT 2011-01-26 21:21 . 2010-10-21 17:17 47360 ----a-w- c:\users\Boltjes\AppData\Roaming\pcouffin.sys 2011-01-24 10:55 . 2009-07-21 16:55 214816 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-01-24 10:55 . 2008-09-23 08:36 214816 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-01-24 10:54 . 2008-09-23 08:36 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-12-28 11:56 . 2010-12-28 11:59 29480 ----a-w- c:\windows\system32\msxml3a.dll 2010-12-28 11:55 . 2008-09-12 20:11 353576 ----a-w- c:\windows\system32\msvcr71.dll 2010-12-28 11:55 . 2008-09-12 20:11 505128 ----a-w- c:\windows\system32\msvcp71.dll 2010-12-15 16:46 . 2010-06-22 10:07 420920 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-11-30 19:42 . 2009-08-18 09:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll 2010-11-30 19:42 . 2010-06-24 09:33 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] 2011-02-01 21:40 745704 ----a-w- c:\program files\AVAST Software\Avast\aswWebRepIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"= "c:\program files\AVAST Software\Avast\aswWebRepIE.dll" [2011-02-01 745704] [HKEY_CLASSES_ROOT\clsid\{8e5e2654-ad2d-48bf-ac2d-d17f00898d06}] [HKEY_CLASSES_ROOT\Avast.WrcBar.1] [HKEY_CLASSES_ROOT\TypeLib\{CD3AF781-AF1F-4400-9A30-15470BE43AD9}] [HKEY_CLASSES_ROOT\Avast.WrcBar] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-02-01 21:40 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Boltjes\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Boltjes\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Boltjes\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-27 4702208] "Skytel"="Skytel.exe" [2007-08-03 1826816] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408] "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-01-05 210216] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-01 3429848] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] c:\users\Boltjes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Boltjes\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Boltjes^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4 .lnk] path=c:\users\Boltjes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4 .lnk backup=c:\windows\pss\OpenOffice.org 2.4 .lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] 2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver] 2008-09-22 13:37 37232 ----a-w- c:\windows\ASScrProlog.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] 2008-09-22 13:37 33136 ----a-w- c:\windows\ASScrPro.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA] 2006-11-02 06:27 61440 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2010-12-28 11:53 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-01-03 18:23 342848 ----a-w- c:\program files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] 2010-11-11 08:27 570688 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] 2008-02-29 02:12 76304 ----a-w- c:\windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App] 2009-10-12 15:51 692321 ----a-w- c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTV4Me] 2008-04-21 04:48 1445888 ----a-w- c:\program files\PCTV4Me\PCTV4Me.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone] 2007-07-19 10:18 778240 ----a-w- c:\program files\P4P\P4P.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-05 00:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10] 2010-02-02 23:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-01-03 14:44 15028104 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-08-03 05:22 1826816 ----a-w- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion] 2010-11-16 10:07 422912 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-12-15 19:31 1242448 ----a-w- c:\program files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-03-02 21:24 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2009-10-26 07:33 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UsbBoost] 2009-12-03 16:14 3788800 ----a-w- c:\program files\UsbBoost\TurboHddUsb.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2314126100-972619266-2034270587-1000] "EnableNotificationsRef"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 136176] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-26 1375992] R2 SBSDWSCService;SBSD Security Center Service;d:\virus programma's\Spybot - Search & Destroy\SDWinSec.exe [x] R3 FNETTBOH;FNETTBOH;c:\windows\system32\drivers\FNETTBOH.SYS [2009-12-03 23680] R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136] R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824] R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016] R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600] R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328] R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616] R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736] R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288] S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2007-09-26 15416] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-15 420920] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2009-12-03 7936] S1 ItSDisk;ItSDisk;c:\windows\system32\Drivers\ItSDisk.sys [2006-05-16 23232] S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/28 13:11];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 11:58 87536] S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-18 21504] S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-18 21504] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-01 53592] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256] S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2007-10-31 46592] S3 DCamUSBET;USB2.0 1.3M UVC WebCam;c:\windows\system32\DRIVERS\etDevice.sys [2007-09-06 474624] S3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\DRIVERS\etFilter.sys [2007-10-15 206336] S3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\DRIVERS\etScan.sys [2007-09-06 6656] --- Andere Services/Drivers In Geheugen --- *Deregistered* - Lavasoft Kernexplorer [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map 2011-02-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 13:24] 2011-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 08:59] 2011-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 08:59] 2011-02-06 c:\windows\Tasks\User_Feed_Synchronization-{1958A1E7-76A0-4944-BD82-950BCB7EF054}.job - c:\windows\system32\msfeedssync.exe [2010-12-19 04:25] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Boltjes\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\Boltjes\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html FF - ProfilePath - c:\users\Boltjes\AppData\Roaming\Mozilla\Firefox\Profiles\sv48yz8i.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849859&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ost FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591} FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Messenger Plus Live Netherlands Toolbar: {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - %profile%\extensions\{d2ab2732-a124-4fb2-8da5-4a6a9e379331} FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF . . ------- Bestandsassociaties ------- . .scr=AutoCADScriptFile . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-02-06 13:13 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... ? [8676] ? [38628] ? [37092] ? [38816] ? [36560] ? [37872] ? [33656] scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AIFF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AIFF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AIFF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASX" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AU" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.avi" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.CDA" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.M3U" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MIDI" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MIDI" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MP3" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MPEG" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.MIDI" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.AU" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WAV" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WAX" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASF" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMA" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMD" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMS" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMV" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.ASX" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WMZ" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WPL" [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WMP11.AssocFile.WVX" [HKEY_USERS\S-1-5-21-2314126100-972619266-2034270587-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{16B6D388-56B8-BCA6-85D0-5D3CEC9C14FC}*] "jagonmaciplglaaldepe"=hex:66,61,64,61,69,6b,69,65,70,6b,70,66,00,51 "paonmngannpdlpcinnibebjckbmaamhj"=hex:62,61,63,61,00,6b "hagonmaciplglaal"=hex:6e,62,64,61,67,6b,64,6b,65,69,6d,6c,6d,62,63,64,67,70, 64,61,62,63,6f,6d,67,62,62,66,6b,66,70,6d,6d,6e,6c,6a,62,66,61,6a,64,6d,6d,\ [HKEY_USERS\S-1-5-21-2314126100-972619266-2034270587-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59F70E37-45CE-1310-26BA-7C2069B5492F}*] "haiplbmllijlnnjo"=hex:61,61,00,00 "jaiplbmllijlnnjobfmo"=hex:63,61,6a,66,65,61,00,00 "paaaiahijjiiehodfdemkdogaeomenac"=hex:64,61,6c,66,6a,67,68,61,00,f8 [HKEY_USERS\S-1-5-21-2314126100-972619266-2034270587-1000\Software\SecuROM\License information*] "datasecu"=hex:72,99,fb,a8,3c,95,5e,49,5d,65,1a,63,6d,ff,41,0b,41,54,c2,49,d1, 13,2e,0a,77,51,e3,63,63,e1,7c,21,1b,c6,11,b0,31,b9,b5,aa,19,c0,d5,11,95,3f,\ "rkeysecu"=hex:7e,5c,8e,46,26,9a,71,09,dd,bb,84,ad,8f,04,c5,d0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(364240) c:\program files\ASUS\Asus MultiFrame\HookTitle.dll c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll c:\users\Boltjes\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll . Voltooingstijd: 2011-02-06 13:18:10 ComboFix-quarantined-files.txt 2011-02-06 12:18 ComboFix2.txt 2011-02-01 17:35 ComboFix3.txt 2011-01-27 18:16 ComboFix4.txt 2011-01-26 12:28 Pre-Run: 18.676.834.304 bytes beschikbaar Post-Run: 22.253.600.768 bytes beschikbaar - - End Of File - - 25273CFBE6DE1BCF7A0BBC36E00FA6E1

Elke twee minuten opent IE nieuw venster met spam

Vraag

Link naar reactie

Beste reacties voor deze vraag

Populaire dagen

Beste reacties voor deze vraag

Populaire dagen

70 antwoorden op deze vraag

Aanbevolen berichten

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Populaire leden

Leden

Recente topics