Discussie gesloten
Pagina 3 van 4 EersteEerste 1234 LaatsteLaatste
Resultaten: 21 t/m 30 van 34
Overzicht bedankjes3Bedankjes

onverklaarbare snelkoppelingen

Dit is een discussie over onverklaarbare snelkoppelingen in het forum Archief Internet & Netwerk , en maakt deel van de Internet & Netwerk categorie; hallo, scan zal nog even aanhouden, ik vermoed dat het niet voor vandaag zal zijn. mvg...

  1. #21
    Lid
    Geregistreerd
    20 augustus 2010
    Berichten
    85

    Standaard

    hallo,
    scan zal nog even aanhouden,
    ik vermoed dat het niet voor vandaag zal zijn.

    mvg

  2. #22
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.898

    Standaard

    Citaat Oorspronkelijk geplaatst door fusionfreak Bekijk bericht
    hallo,
    scan zal nog even aanhouden,
    ik vermoed dat het niet voor vandaag zal zijn.
    Geen probleem ... later is ook goed

  3. #23
    Lid
    Geregistreerd
    20 augustus 2010
    Berichten
    85

    Standaard

    ok hier is ie dan, let vooral op de zivet en moipee en miaku

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7.0: scan report
    Tuesday, August 24, 2010
    Operating system: Microsoft Professional (build 7600)
    Kaspersky Online Scanner version: 7.0.26.13
    Last database update: Sunday, August 22, 2010 08:08:49
    Records in database: 4134357
    --------------------------------------------------------------------------------

    Scan settings:
    scan using the following database: extended
    Scan archives: yes
    Scan e-mail databases: yes

    Scan area - My Computer:
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\

    Scan statistics:
    Objects scanned: 856168
    Threats found: 27
    Infected objects found: 113
    Suspicious objects found: 0
    Scan duration: 47:24:15


    File name / Threat / Threats count
    G:\zivet.scr/G:\zivet.scr Infected: Worm.Win32.VBNA.b 1
    C:\Users\***\geuuwo.exe/C:\Users\***\geuuwo.exe Infected: Worm.Win32.VBNA.b 1
    C:\Program Files\EASEUS\Data Recovery Wizard Professional 3.3.4\OfficeViewer.exe Infected: Trojan-Mailfinder.Win32.Blen.xd 1
    C:\Program Files\FindyKill\Tools\hldrrr.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1
    C:\Users\***\alg.exe Infected: Worm.Win32.VBNA.b 1
    C:\Users\***\AppData\Local\Opera\Opera\cache\g_0071\opr00B77.tmp Infected: not-a-virus:RiskTool.Win32.PsKill.k 1
    C:\Users\***\AppData\Local\Opera\Opera\temporary_downloads\FindyKill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1
    C:\Users\***\Documents\Downloads\u995 (1).zip Infected: not-a-virus:NetTool.Win32.Proxy.h 1
    C:\Users\***\Documents\Downloads\u995.zip Infected: not-a-virus:NetTool.Win32.Proxy.h 1
    C:\Users\***\Documents\FindyKill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1
    C:\Users\***\Downloads\Activation\7Loader_Release_4\7Loader Release 4.exe Infected: Trojan.Win32.VB.uci 1
    C:\Users\***\Downloads\Activation\7Loader_Release_4\7Loader Release 4.exe Infected: Trojan.Win32.Swisyn.tpo 1
    C:\Users\***\Downloads\Activation\7Loader_Release_4\7Loader Release 4.zip Infected: Trojan.Win32.VB.uci 1
    C:\Users\***\Downloads\Activation\7Loader_Release_4\7Loader Release 4.zip Infected: Trojan.Win32.Swisyn.tpo 1
    C:\Users\J***\Downloads\Activation\Windows 7 rtm x86 32bit activator\7Loader_Release_4.exe Infected: Trojan.Win32.Swisyn.tpo 1
    C:\Users\***\Downloads\Celeb - Jennifer Love Hewitt Photos\Celeb - Jennifer Love Hewitt Photos\#1 Money Making Trick\Grand Master Blackjack - ROBOT.exe Infected: Worm.Win32.AutoIt.wa 1
    C:\Users\***s\Downloads\Celeb - Jennifer Love Hewitt Photos .zip Infected: Worm.Win32.AutoIt.wa 1
    C:\Users\J***\Downloads\Hirens BootCD 10.6\Hiren's.BootCD.10.6\HBCD\konboot.gz Infected: not-a-virusSWTool.Boot.KonBoot.a 1
    C:\Users\***\Downloads\Win.BootUSB\Win.BootUSB\OPTION - 2 for XP and Vista\MULTI_CONTENT\wintools\commandline\MbrFix.exe Infected: not-a-virus:RiskTool.Win32.MBRFix.a 1
    C:\Users\***\Downloads\Win.BootUSB\Win.BootUSB\OPTION - 2 for XP and Vista\MULTI_CONTENT\wintools\othertools\ProduKey.exe Infected: not-a-virusSWTool.Win32.ProductKey.i 1
    C:\Users\***\Downloads\Win.BootUSB.rar Infected: not-a-virus:RiskTool.Win32.MBRFix.a 1
    C:\Users\***\Downloads\Win.BootUSB.rar Infected: not-a-virusSWTool.Win32.ProductKey.i 1
    C:\Users\***\geuuwo.exe Infected: Worm.Win32.VBNA.b 1
    C:\Users\***\nzqif.exe Infected: Worm.Win32.VBNA.b 1
    D:\Downloads\Windows 7 Ultimate Activator (32 and 64 bit!)\Windows 7 Ultimate Activator (32 and 64 bit!).zip Infected: Worm.Win32.VBNA.b 1
    D:\Downloads\Windows 7 Ultimate Keygen (32 bits) (100% Working) (Clean) - CaZoR.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    D:\Downloads\Windows7 Activation Patch For ALL VERSIONS FINAL-RTM {DIBYA}[H33T]\Win7 Activation Patch ALL VERSIONS FINAL-RTM{DIBYA}[H33T].rar Infected: Trojan.BAT.Agent.wq 2
    D:\Users\Downloads\Windows 7 Ultimate Activator (32 and 64 bit!)\Windows 7 Ultimate Activator (32 and 64 bit!).zip Infected: Worm.Win32.VBNA.b 1
    D:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\39c05850-3782ad9c Infected: Exploit.Java.Agent.f 1
    D:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\39c05850-3782ad9c Infected: Trojan-Downloader.Java.Agent.ax 2
    D:\Users\***AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\2a9ab7ae-23a245dc Infected: Trojan-Downloader.Java.Agent.aw 1
    D:\Users\****\Documents\Windows XP Ultimate Edition (by Johnny) [January2010-R4.7]\Windows XP Ultimate Edition (by Johnny) [January2010-R4.7].iso Infected: Trojan.Win32.Swisyn.agfe 1
    D:\Users\***\Documents\Windows XP Ultimate Edition (by Johnny) [January2010-R4.7]\Windows XP Ultimate Edition (by Johnny) [January2010-R4.7].iso Infected: Trojan.Win32.DelfInject.pb 1
    D:\Users\***Downloads\Windows 7 Ultimate Keygen (32 bits) (100% Working) (Clean) - CaZoR.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    D:\Users\***\Downloads\Windows7 Activation Patch For ALL VERSIONS FINAL-RTM {DIBYA}[H33T]\Win7 Activation Patch ALL VERSIONS FINAL-RTM{DIBYA}[H33T].rar Infected: Trojan.BAT.Agent.wq 2
    F:\ert.dll Infected: Trojan.Win32.Zapchast.bro 1
    F:\miaku.exe Infected: Worm.Win32.VBNA.b 1
    F:\miakux.exe Infected: Worm.Win32.VBNA.b 1
    F:\x.exe Infected: Worm.Win32.VBNA.b 1
    G:\moipee.exe Infected: Worm.Win32.VBNA.b 1
    G:\moipeex.exe Infected: Worm.Win32.VBNA.b 1
    G:\x.exe Infected: Worm.Win32.VBNA.b 1
    G:\zivet.exe Infected: Worm.Win32.VBNA.b 1
    G:\moipee.scr Infected: Worm.Win32.VBNA.b 1
    G:\zivetx.exe Infected: Worm.Win32.VBNA.b 1
    G:\zivet.scr Infected: Worm.Win32.VBNA.b 1
    G:\***S\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 53.zip Infected: Exploit.Java.Agent.f 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 53.zip Infected: Trojan-Downloader.Java.Agent.ax 2
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 53.zip Infected: Trojan-Downloader.Java.Agent.aw 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 217.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 217.zip Infected: Worm.Win32.VBNA.b 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 217.zip Infected: Trojan.BAT.Agent.wq 2
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 231.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    G:\***Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 231.zip Infected: Worm.Win32.VBNA.b 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 231.zip Infected: Trojan.BAT.Agent.wq 2
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 294.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-04-11 190009\Backup files 453.zip Infected: Trojan.BAT.Agent.wq 2
    G:\****S\Backup Set 2010-04-11 190009\Backup Files 2010-05-27 231829\Backup files 4.zip Infected: Exploit.Java.Agent.f 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-05-27 231829\Backup files 4.zip Infected: Trojan-Downloader.Java.Agent.ax 2
    G:\**010-04-11 190009\Backup Files 2010-05-27 231829\Backup files 4.zip Infected: Trojan-Downloader.Java.Agent.aw 1
    G:\***\Backup Set 2010-04-11 190009\Backup Files 2010-05-27 231829\Backup files 150.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    G:\Software and Documents\Windows 7 Loader v1.8.9.rar Infected: Trojan-Spy.Win32.Agent.birt 1
    G:\Software and Documents\Windows 7 Ultimate Keygen (32 bits) (100% Working) (Clean) - CaZoR.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    G:\Software and Documents\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch.rar Infected: Packed.Win32.TDSS.z 2
    G:\Software and Documents\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch.rar Infected: Trojan-PSW.Win32.Dybalom.bkn 1
    G:\Software and Documents\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Plus v5.1.3533.1731.exe Infected: Packed.Win32.TDSS.z 1
    G:\Software and Documents\NORTON GHOST v14.0 SYSTEM RECOVERY DISK\NORTON GHOST v14.0 SYSTEM RECOVERY DISK (2).iso Infected: Trojan.Win32.Chifrax.d 1
    G:\Software and Documents\NORTON GHOST v14.0 SYSTEM RECOVERY DISK\NORTON GHOST v14.0 SYSTEM RECOVERY DISK (2).iso Infected: Trojan-Downloader.Win32.Zlob.auvj 1
    G:\Software and Documents\Windows 7 Activator Tested And Working All Version (x86 x64)\Windows 7 Activator Tested And Working All Version (x86 x64).rar Infected: Packed.Win32.TDSS.z 1
    G:\Software and Documents\Ultimate DVD & Video Converter Suite v8.03 + Serial\Ultimate DVD & Video Converter Suite v8.03 + Serial.rar Infected: Packed.Win32.TDSS.z 1
    H:\Software and Documents\Windows 7 Loader v1.8.9.rar Infected: Trojan-Spy.Win32.Agent.birt 1
    H:\Software and Documents\Windows 7 Ultimate Keygen (32 bits) (100% Working) (Clean) - CaZoR.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    H:\Software and Documents\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch.rar Infected: Packed.Win32.TDSS.z 2
    H:\Software and Documents\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch.rar Infected: Trojan-PSW.Win32.Dybalom.bkn 1
    H:\Software and Documents\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Pro (Plus) 2010 v5.1.3533 Incl Patch\Google Earth Plus v5.1.3533.1731.exe Infected: Packed.Win32.TDSS.z 1
    H:\Software and Documents\NORTON GHOST v14.0 SYSTEM RECOVERY DISK\NORTON GHOST v14.0 SYSTEM RECOVERY DISK (2).iso Infected: Trojan.Win32.Chifrax.d 1
    H:\Software and Documents\NORTON GHOST v14.0 SYSTEM RECOVERY DISK\NORTON GHOST v14.0 SYSTEM RECOVERY DISK (2).iso Infected: Trojan-Downloader.Win32.Zlob.auvj 1
    H:\Software and Documents\Windows 7 Activator Tested And Working All Version (x86 x64)\Windows 7 Activator Tested And Working All Version (x86 x64).rar Infected: Packed.Win32.TDSS.z 1
    H:\Software and Documents\Ultimate DVD & Video Converter Suite v8.03 + Serial\Ultimate DVD & Video Converter Suite v8.03 + Serial.rar Infected: Packed.Win32.TDSS.z 1
    H:\New250\FSP_klite27rc1.exe Infected: not-a-virus:AdWare.Win32.Altnet.e 1
    H:\xX\Films\Lesbian.Short.Film.Festival-TBMs\Tiny18 Premium Content - Horney Girl\Tiny18 Premium Content - Horney Girl.rar Infected: Trojan.Win32.VBKrypt.adi 1
    H:\xX\Films\* - Clio and Sascha - Lets shoot\Tiny American School Model Princess- Very hot shoots\Tiny American School Model Princess- Very hot shoots.rar Infected: Trojan.Win32.VBKrypt.adi 1
    H:\pics\varia\Sandra Beach\ teenhig resh pics.EXE Infected: Trojan.Win32.VBKrypt.adi 1
    H:\pics\varia\Sandra Beach\ teen resh pics.EXE Infected: Virus.Win32.Parite.b 1
    H:\X\Films\Lesbian.Short.Film.Festival-TBMs\Tiny18 Premium Content - Horney Girl\Tiny18 Premium Content - Horney Girl.rar Infected: Trojan.Win32.VBKrypt.adi 1
    H:\X\Films\Seductive18 - Clio and Sascha - Lets shoot\Tiny American School Model Princess- Very hot shoots\ American Model Princess- Very hot shoots.rar Infected: Trojan.Win32.VBKrypt.adi 1
    H:\x.exe Infected: Worm.Win32.VBNA.b 1
    H:\moipee.scr Infected: Worm.Win32.VBNA.b 1
    H:\usb stick vdab\Verwisselbare schijf\moipee.exe Infected: Worm.Win32.VBNA.b 1
    H:\usb stick vdab\Verwisselbare schijf\moipeex.exe Infected: Worm.Win32.VBNA.b 1
    H:\usb stick vdab\Verwisselbare schijf\x.exe Infected: Worm.Win32.VBNA.b 1
    H:\usb stick II\nero 7 ultra crack.zip Infected: P2P-Worm.Win32.Agent.v 3
    H:\moipee.exe Infected: Worm.Win32.VBNA.b 1
    H:\moipeex.exe Infected: Worm.Win32.VBNA.b 1
    H:\Downloads\Windows 7 Ultimate Keygen (32 bits) (100% Working) (Clean) - CaZoR.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    H:\Downloads\Windows 7 Ultimate Activator (32 and 64 bit!)\Windows 7 Ultimate Activator (32 and 64 bit!).zip Infected: Worm.Win32.VBNA.b 1
    H:\Downloads\Windows7 Activation Patch For ALL VERSIONS FINAL-RTM {DIBYA}[H33T]\Win7 Activation Patch ALL VERSIONS FINAL-RTM{DIBYA}[H33T].rar Infected: Trojan.BAT.Agent.wq 2
    H:\Downloads\Downloads\Windows 7 Ultimate Keygen (32 bits) (100% Working) (Clean) - CaZoR.zip Infected: Backdoor.Win32.Bifrose.bxeo 1
    H:\Downloads\Downloads\Windows7 Activation Patch For ALL VERSIONS FINAL-RTM {DIBYA}[H33T]\Win7 Activation Patch ALL VERSIONS FINAL-RTM{DIBYA}[H33T].rar Infected: Trojan.BAT.Agent.wq 2

    Selected area has been scanned.
    Laatst gewijzigd door fusionfreak; 24 augustus 2010 om 21:49

  4. #24
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.898

    Standaard

    Een illegale Windows 7 binnengehaald, neem ik aan ?

  5. #25
    Lid
    Geregistreerd
    20 augustus 2010
    Berichten
    85

    Standaard

    ja voorlopig,
    mijn budget laat t niet toe.
    de xp versie is wel legaal.
    welk programma gebruik ik best om
    de virussen en wormen te verwijderen?

    mvg

  6. #26
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.898

    Standaard

    Download ComboFix van één van deze locaties:

    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

    Lees hier meer over correct gebruik van Combofix.

    • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: Klik hier Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
    • Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
    • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd. Als deze Recovery Console al is geïnstalleerd zal ComboFix automatisch verder gaan met het scannen naar malware
    • Volg anders de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren. Wanneer de Recovery Console succesvol is geïnstalleerd, klik je op “JA” om verder te gaan met het scannen naar malware.

    NOTA: Wanneer ComboFix start, kan het zijn dat je een foutmelding krijgt dat “De inhoud van het ComboFix pakket werd gewijzigd”. Ga dan niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer. Blijf je die melding krijgen dan meld je dit.

    Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

  7. #27
    Lid
    Geregistreerd
    20 augustus 2010
    Berichten
    85

    Standaard

    de mappen vertonen zich weer normaal,
    echter de snelkoppelingen zijn ook blijven staan,
    raar hoor,
    maar ik kan de data toch weer gebruiken..
    ik zie ook nergens dat zivet maiku of moipee daadwerkelijk
    verwijderd is...


    ComboFix 10-08-23.05 - *** 24/08/2010 17:31:12.1.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1043.18.3070.1808 [GMT 2:00]
    Gestart vanuit: c:\users\***\Desktop\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\ErrLog.txt
    c:\users\alg.exe
    c:\users\AppData\Local\Windows Server
    c:\users\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp
    c:\users\geuuwo.exe
    c:\users\nzqif.exe
    F:\Autorun.inf
    F:\x.exe
    G:\Autorun.inf
    G:\x.exe
    H:\Autorun.inf
    H:\x.exe

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2010-07-24 to 2010-08-24 ))))))))))))))))))))))))))))))
    .

    2010-08-24 15:41 . 2010-08-24 15:41 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-08-24 15:25 . 2010-08-24 15:26 -------- d-----w- C:\32788R22FWJFW
    2010-08-22 12:41 . 2010-08-22 12:41 -------- d-----w- c:\users\\jks
    2010-08-22 12:40 . 2010-08-22 12:40 -------- d-----w- c:\program files\Common Files\Java
    2010-08-22 12:39 . 2010-08-22 12:39 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-08-22 12:39 . 2010-08-22 12:39 -------- d-----w- c:\program files\Java
    2010-08-22 12:04 . 2010-08-22 12:04 -------- d-----w- c:\program files\FindyKill
    2010-08-20 23:11 . 2010-08-20 23:11 -------- d-----w- c:\users\AppData\Roaming\Malwarebytes
    2010-08-20 23:11 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-20 23:11 . 2010-08-22 10:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-20 23:11 . 2010-08-20 23:11 -------- d-----w- c:\programdata\Malwarebytes
    2010-08-20 23:11 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-20 23:09 . 2010-08-20 23:09 -------- d-----w- c:\users\AppData\Roaming\Registry Mechanic
    2010-08-20 23:07 . 2010-08-05 06:46 37336 ----a-w- c:\windows\system32\CleanMFT32.exe
    2010-08-20 23:07 . 2004-08-04 05:00 506368 ----a-w- c:\windows\system32\msxml.dll
    2010-08-20 23:07 . 2010-08-20 23:07 -------- d-----w- c:\program files\Common Files\PC Tools
    2010-08-17 13:26 . 2010-08-17 13:26 -------- d-----w- c:\users\AppData\Local\Opera
    2010-08-17 13:26 . 2010-08-17 13:26 -------- d-----w- c:\program files\Opera
    2010-08-14 10:59 . 2010-08-14 10:59 -------- d-----w- c:\program files\Hamster Soft
    2010-08-11 13:47 . 2010-08-11 13:47 -------- d-----w- c:\program files\Xvid
    2010-08-11 13:39 . 2010-08-11 13:39 -------- d-----w- c:\users\AppData\Roaming\F-Secure
    2010-08-11 11:27 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
    2010-08-11 11:27 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
    2010-08-11 11:27 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-11 11:26 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
    2010-08-11 11:25 . 2010-06-08 06:02 1233920 ----a-w- c:\windows\system32\msxml3.dll
    2010-08-11 11:25 . 2010-06-30 06:25 978432 ----a-w- c:\windows\system32\wininet.dll
    2010-08-11 11:24 . 2010-06-19 06:33 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-08-11 11:24 . 2010-06-19 06:33 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-08-11 11:24 . 2010-06-22 02:47 310784 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-08-11 11:24 . 2010-06-22 02:47 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-08-11 11:24 . 2010-06-22 02:47 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-08-11 11:24 . 2010-06-16 05:48 224256 ----a-w- c:\windows\system32\schannel.dll
    2010-08-11 11:22 . 2010-06-19 04:07 2326016 ----a-w- c:\windows\system32\win32k.sys
    2010-08-07 01:51 . 2010-08-07 01:51 -------- d-----w- c:\users\AppData\Local\Nero_AG
    2010-08-03 12:04 . 2010-08-03 12:12 41256 ----a-w- c:\windows\system32\drivers\fsbts.sys
    2010-08-03 12:03 . 2009-08-05 15:57 35680 ----a-w- c:\windows\system32\drivers\fses.sys
    2010-08-03 12:03 . 2009-08-05 15:57 71040 ----a-w- c:\windows\system32\drivers\fsdfw.sys
    2010-08-03 12:02 . 2010-08-03 12:12 -------- d-----w- c:\program files\Telenet Security Pack
    2010-08-03 11:58 . 2010-08-03 12:01 -------- d-----w- c:\programdata\fssg
    2010-08-03 11:58 . 2010-08-03 12:03 -------- d-----w- c:\programdata\f-secure
    2010-07-31 20:43 . 2010-07-31 20:43 -------- d-----w- c:\users\AppData\Roaming\J River
    2010-07-28 21:46 . 2010-08-09 14:24 -------- d-----w- C:\Download
    2010-07-28 17:30 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-07-28 17:30 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2010-07-28 17:30 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
    2010-07-28 17:30 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-07-28 17:30 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2010-07-28 17:28 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
    2010-07-28 17:27 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-07-28 17:27 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll
    2010-07-28 17:27 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
    2010-07-27 18:38 . 2010-07-27 18:38 -------- d-----w- c:\program files\P2PFilter
    2010-07-27 18:37 . 2010-07-27 18:37 -------- d-----w- c:\windows\system32\TVUAx
    2010-07-27 16:54 . 2010-07-27 16:54 5430 ----a-r- c:\users\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_BBC8D813A8F14BA749114F.exe
    2010-07-27 16:54 . 2010-07-27 16:54 5430 ----a-r- c:\users\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_44F622AA395D57B9743A14.exe
    2010-07-27 15:48 . 2010-07-27 18:25 -------- d-----w- c:\users\AppData\Local\Readon_Technology
    2010-07-27 15:47 . 2010-07-27 16:54 -------- d-----w- c:\program files\Readon Technology
    2010-07-26 14:44 . 2010-07-26 14:44 -------- d-----w- c:\program files\DVD Decrypter
    2010-07-26 09:21 . 2010-07-26 09:21 -------- d-----w- c:\users\AppData\Local\ZattooPlayer
    2010-07-26 09:21 . 2010-07-26 09:21 -------- d-----w- c:\users\AppData\Local\Zattoo
    2010-07-25 20:31 . 2010-07-25 20:31 -------- d-----w- c:\programdata\Kaspersky Lab
    2010-07-25 20:16 . 2010-07-25 20:16 -------- d-----w- c:\users\\AppData\Roaming\JLC's Software
    2010-07-25 20:15 . 2010-07-25 20:15 -------- d-----w- c:\program files\JLC's Software

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-08-24 00:38 . 2010-05-11 22:56 -------- d-----w- c:\users\\AppData\Roaming\vlc
    2010-08-23 22:10 . 2010-07-02 07:39 -------- d-----w- c:\users\\AppData\Roaming\XBMC
    2010-08-22 11:17 . 2010-05-11 21:40 -------- d-----w- c:\users\AppData\Roaming\SOUNDGRAPH
    2010-08-21 03:36 . 2010-07-11 14:16 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2010-08-21 03:36 . 2010-05-11 20:55 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2010-08-20 18:20 . 2010-05-15 10:55 -------- d-----w- c:\users\AppData\Roaming\BitTorrent
    2010-08-20 17:52 . 2010-05-13 15:13 691884 ----a-w- c:\windows\system32\perfh00C.dat
    2010-08-20 17:52 . 2010-05-13 15:13 690930 ----a-w- c:\windows\system32\perfh00A.dat
    2010-08-20 17:52 . 2010-05-13 15:13 136750 ----a-w- c:\windows\system32\perfc00A.dat
    2010-08-20 17:52 . 2010-05-13 15:13 130116 ----a-w- c:\windows\system32\perfc00C.dat
    2010-08-20 17:52 . 2009-07-14 08:27 698618 ----a-w- c:\windows\system32\perfh013.dat
    2010-08-20 17:52 . 2009-07-14 08:27 133270 ----a-w- c:\windows\system32\perfc013.dat
    2010-08-17 23:48 . 2010-05-12 13:53 -------- d-----w- c:\users\\AppData\Roaming\dvdcss
    2010-08-17 11:00 . 2010-07-06 16:04 -------- d-----w- c:\program files\RAR Password Recovery Magic
    2010-08-09 14:25 . 2010-06-25 10:38 -------- d-----w- c:\program files\Star Downloader
    2010-08-03 12:01 . 2010-05-11 19:51 -------- d-----w- c:\programdata\avg9
    2010-07-28 16:54 . 2010-07-28 16:54 16 ----a-w- c:\users\AppData\Roaming\mbsvil.dat
    2010-07-28 10:18 . 2010-05-30 16:01 -------- d-----w- c:\program files\SlySoft
    2010-07-27 16:59 . 2010-07-19 14:02 -------- d-----w- c:\program files\Spyware Doctor
    2010-07-27 16:30 . 2010-05-13 08:22 -------- d-----w- c:\program files\McAfee Security Scan
    2010-07-20 17:35 . 2010-07-20 17:35 1615200 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
    2010-07-20 17:35 . 2010-07-20 17:35 1107296 ----a-w- c:\programdata\avg9\update\backup\avgxpl.dll
    2010-07-20 17:35 . 2010-07-20 17:35 921440 ----a-w- c:\programdata\avg9\update\backup\avgemc.exe
    2010-07-20 17:35 . 2010-07-20 17:35 4368224 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
    2010-07-17 17:17 . 2010-05-12 12:46 -------- d-----w- c:\programdata\DVD Shrink
    2010-07-17 12:52 . 2010-07-17 12:52 -------- d-----w- c:\program files\Uninstall Password Protect USB
    2010-07-16 13:07 . 2010-07-16 13:07 242896 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
    2010-07-16 13:07 . 2010-07-16 13:07 216200 ----a-w- c:\programdata\avg9\update\backup\avgldx86.sys
    2010-07-16 13:05 . 2010-07-16 13:05 813336 ----a-w- c:\programdata\avg9\update\backup\avginet.dll
    2010-07-16 13:05 . 2010-07-16 13:05 624920 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
    2010-07-16 13:05 . 2010-07-16 13:05 1690464 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
    2010-07-16 13:05 . 2010-07-16 13:05 1038688 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
    2010-07-13 16:20 . 2010-07-13 16:20 -------- d-----w- c:\programdata\McAfee
    2010-07-12 12:37 . 2010-05-11 20:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2010-07-12 12:37 . 2010-07-12 12:37 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2010-07-07 14:38 . 2010-07-07 14:36 -------- d-----w- c:\program files\Clarus
    2010-07-07 14:38 . 2010-05-11 20:08 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-07-02 07:43 . 2010-07-02 07:39 -------- d-----w- c:\program files\XBMC
    2010-06-28 16:31 . 2010-06-28 16:28 -------- d-----w- c:\program files\Lexmark X1100 Series
    2010-06-27 11:55 . 2010-06-27 11:55 -------- d-----w- c:\program files\Video Thumbnails Maker
    2010-06-25 10:05 . 2010-06-25 10:05 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
    2010-06-25 10:05 . 2010-06-25 10:05 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
    2010-06-25 10:05 . 2010-06-25 10:05 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-06-25 10:03 . 2010-06-25 10:05 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
    2010-06-25 10:03 . 2010-06-25 10:05 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
    2010-06-05 17:26 . 2010-06-05 17:26 37632 ----a-w- c:\windows\system32\drivers\a38usb.sys
    2010-06-05 17:26 . 2010-06-05 17:26 110592 ----a-w- c:\windows\system32\usbr38.dll
    2010-06-02 02:55 . 2010-07-02 07:42 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
    2010-06-02 02:55 . 2010-07-02 07:42 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
    2010-06-02 02:55 . 2010-07-02 07:42 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
    2010-05-28 10:27 . 2010-05-28 10:27 56912 ----a-w- c:\windows\system32\drivers\partmgr.sys
    2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
    2005-08-24 21:10 . 2010-07-17 12:52 174592 --sha-w- c:\windows\System32\ncfpsys.exe
    2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Google Update"="c:\users\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-05-11 136176]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-11 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "iMON"="c:\program files\SOUNDGRAPH\iMON\iMON.exe" [2010-06-25 2990080]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
    "NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
    "lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
    "Password Protect USB 3.6.1"="c:\windows\system32\ncfpsys.exe" [2005-08-24 174592]
    "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264]
    "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
    "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MScommt]
    c:\users\JOACHI~1\AppData\Local\Temp [X]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]
    2010-02-05 11:29 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
    2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    2009-06-17 10:13 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 136176]
    R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [2009-12-30 114688]
    R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-06-05 37632]
    R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [2010-08-03 57008]
    R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-15 1343400]
    R4 F-Secure Filter;F-Secure File System Filter;c:\program files\Telenet Security Pack\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
    R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Telenet Security Pack\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
    S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2010-08-03 41256]
    S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 68064]
    S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-08-05 35680]
    S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-08-05 71040]
    S1 fsvista;F-Secure Vista Support Driver;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
    S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
    S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
    S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
    S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2010-08-03 124072]
    S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Inhoud van de 'Gedeelde Taken' map

    2010-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 20:17]

    2010-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 20:17]

    2010-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-242032662-382453786-369927515-1000Core.job
    - c:\users\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-11 20:15]

    2010-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-242032662-382453786-369927515-1000UA.job
    - c:\users\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-11 20:15]

    2010-08-24 c:\windows\Tasks\Scheduled scanning task.job
    - c:\progra~1\TELENE~1\ANTI-V~1\fsav.exe [2010-08-03 15:56]
    .
    .
    ------- Bijkomende Scan -------
    .
    uStart Page = https://www.telenet.be/mijntelenet/n...tifier=DEFAULT
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL
    Trusted Zone: entriq.net\man
    Trusted Zone: kbc.be\www
    Trusted Zone: telenet.be\messagent
    Trusted Zone: telenet.be\pctv
    Trusted Zone: telenet.be\www
    .
    - - - - ORPHANS VERWIJDERD - - - -

    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    HKCU-Run-geuuwo - c:\users\geuuwo.exe
    MSConfigStartUp-cwvvuptt - c:\users\AppData\Local\gwkofaiym\hydtprhtssd.exe
    MSConfigStartUp-dadlcomi - c:\users\AppData\Local\rpbxjvnwl\jtrdvvgtssd.exe
    MSConfigStartUp-gtmgdsxi - c:\users\AppData\Local\nbgldaqvq\warjjlitssd.exe
    MSConfigStartUp-Halo2 - c:\users\AppData\Local\Temp\sshnas21.dll
    MSConfigStartUp-JDK5SWFMZY - c:\users\AppData\Local\Temp\Jcs.exe
    MSConfigStartUp-ykojthrh - c:\users\AppData\Local\rbphpnixp\ixrgmxptssd.exe
    MSConfigStartUp-zivet - c:\users\zivet.exe


    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- DLLs Geladen Onder Lopende Processen ---------------------

    - - - - - - - > 'winlogon.exe'(584)
    c:\program files\telenet security pack\hips\fshook32.dll

    - - - - - - - > 'lsass.exe'(500)
    c:\program files\telenet security pack\hips\fshook32.dll
    .
    Voltooingstijd: 2010-08-24 17:45:08
    ComboFix-quarantined-files.txt 2010-08-24 15:45

    Pre-Run: 7.813.263.360 bytes beschikbaar
    Post-Run: 10.992.922.624 bytes beschikbaar

    - - End Of File - - B9817C72F876D6260A42CCF542535F24

    ---------- Post toegevoegd om 15:54 ---------- Vorige post was om 15:50 ----------

    haja toch onder orphans is zivet.exe verwijderd,
    wat is een orphan?
    ik zie dat google earth ook voor veel problemen zorgt,
    zal ik dat maar deinstalleren?

    mvg

    ---------- Post toegevoegd om 16:02 ---------- Vorige post was om 15:54 ----------

    verder vind ik zivet.exe nog is terug op G:
    is het voldoende dit te verwijderen en prullenbak
    leeg te maken?

    mvg
    Laatst gewijzigd door fusionfreak; 25 augustus 2010 om 10:57

  8. #28
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.898

    Standaard

    Tja, cracks en keygens zorgen voor heel wat rommel op je PC Daar is dit weer een schitterend voorbeeld van (en dan hebben we het niet alleen over die illegale Windows 7). Google Earth kan je inderdaad best verwijderen, ook die Norton GHost is van twijfelachtig allooi (ook een illegaaltje ?).

    Om de rest van de rommel op te ruimen mag je dit doen :

    Open een kladblokbestand.

    Kopieer en plak daarin de onderstaande vetgedrukte tekst.

    File::
    c:\users\Joachim Bellems\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_BBC8D813A8F14BA749114F.exe

    c:\users\Joachim Bellems\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_44F622AA395D57B9743A14.exe

    Folder::
    c:\program files\FindyKill
    c:\program files\McAfee Security Scan
    c:\programdata\McAfee

    Registry::
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MScommt]

    Sla dit bestand op je bureaublad op als CFScript.txt.

    Sleep CFScript.txt in ComboFix.exe
    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

    Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

    Die gegevens op je G-partitie mag je inderdaad verwijderen langs de Prullenbak. Maak die daarna leeg en laat dan Kaspersky (maak daar de quarantaine eerst leeg) nog eens scannen.
    Laatst gewijzigd door kape; 24 augustus 2010 om 18:23

  9. #29
    Lid
    Geregistreerd
    20 augustus 2010
    Berichten
    85

    Standaard

    ComboFix 10-08-23.05 - 24/08/2010 18:51:16.3.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1043.18.3070.1872 [GMT 2:00]
    Gestart vanuit: c:\users\\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Desktop\CFScript.txt

    FILE ::
    "c:\users\\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_44F622AA395D57B9743A14.exe"
    "c:\users\\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_BBC8D813A8F14BA749114F.exe"
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\FindyKill
    c:\program files\FindyKill\FindyKill.cmd
    c:\program files\FindyKill\FixReg\FixSrosa.reg
    c:\program files\FindyKill\FixReg\Limpia
    c:\program files\FindyKill\FixReg\Limpia.reg
    c:\program files\FindyKill\FixReg\Mse.reg
    c:\program files\FindyKill\FixReg\Repair.reg
    c:\program files\FindyKill\FixReg\Wvista.reg
    c:\program files\FindyKill\FixReg\Wxp.reg
    c:\program files\FindyKill\Tools\hldrrr.exe
    c:\program files\FindyKill\Tools\Icone.ico
    c:\program files\FindyKill\Tools\mdelk.exe
    c:\program files\FindyKill\Tools\swreg.exe
    c:\program files\FindyKill\Tools\wintems.exe
    c:\program files\FindyKill\Uninstal.exe
    c:\program files\McAfee Security Scan
    c:\programdata\McAfee
    c:\programdata\McAfee\MCLOGS\Common\McUICnt\McUICnt000.log
    c:\programdata\McAfee\MCLOGS\McUICnt\McUICnt\McUICnt000.log
    c:\programdata\McAfee\MCLOGS\PartnerCustom\McCHSvc\McCHSvc000.log
    c:\programdata\McAfee\MCLOGS\PartnerCustom\McUICnt\McUICnt000.log
    c:\programdata\McAfee\MCLOGS\PartnerCustom\SSScheduler\SSScheduler000.log
    c:\programdata\McAfee\MCLOGS\SecurityScanner\McUICnt\McUICnt000.log
    c:\users\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_44F622AA395D57B9743A14.exe
    c:\users\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_BBC8D813A8F14BA749114F.exe

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2010-07-24 to 2010-08-24 ))))))))))))))))))))))))))))))
    .

    2010-08-24 17:00 . 2010-08-24 17:00 -------- d-----w- c:\users\Public\AppData\Local\temp
    2010-08-24 17:00 . 2010-08-24 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-08-24 16:49 . 2010-08-24 16:49 -------- d-----w- C:\32788R22FWJFW
    2010-08-22 12:41 . 2010-08-22 12:41 -------- d-----w- c:\users\\jks
    2010-08-22 12:40 . 2010-08-22 12:40 -------- d-----w- c:\program files\Common Files\Java
    2010-08-22 12:39 . 2010-08-22 12:39 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-08-22 12:39 . 2010-08-22 12:39 -------- d-----w- c:\program files\Java
    2010-08-20 23:11 . 2010-08-20 23:11 -------- d-----w- c:\users\\AppData\Roaming\Malwarebytes
    2010-08-20 23:11 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-20 23:11 . 2010-08-22 10:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-20 23:11 . 2010-08-20 23:11 -------- d-----w- c:\programdata\Malwarebytes
    2010-08-20 23:11 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-20 23:09 . 2010-08-20 23:09 -------- d-----w- c:\users\AppData\Roaming\Registry Mechanic
    2010-08-20 23:07 . 2010-08-05 06:46 37336 ----a-w- c:\windows\system32\CleanMFT32.exe
    2010-08-20 23:07 . 2004-08-04 05:00 506368 ----a-w- c:\windows\system32\msxml.dll
    2010-08-20 23:07 . 2010-08-20 23:07 -------- d-----w- c:\program files\Common Files\PC Tools
    2010-08-17 13:26 . 2010-08-17 13:26 -------- d-----w- c:\users\\AppData\Local\Opera
    2010-08-17 13:26 . 2010-08-17 13:26 -------- d-----w- c:\program files\Opera
    2010-08-14 10:59 . 2010-08-14 10:59 -------- d-----w- c:\program files\Hamster Soft
    2010-08-11 13:47 . 2010-08-11 13:47 -------- d-----w- c:\program files\Xvid
    2010-08-11 13:39 . 2010-08-11 13:39 -------- d-----w- c:\users\\AppData\Roaming\F-Secure
    2010-08-11 11:27 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
    2010-08-11 11:27 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
    2010-08-11 11:27 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-11 11:26 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
    2010-08-11 11:25 . 2010-06-08 06:02 1233920 ----a-w- c:\windows\system32\msxml3.dll
    2010-08-11 11:25 . 2010-06-30 06:25 978432 ----a-w- c:\windows\system32\wininet.dll
    2010-08-11 11:24 . 2010-06-19 06:33 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-08-11 11:24 . 2010-06-19 06:33 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-08-11 11:24 . 2010-06-22 02:47 310784 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-08-11 11:24 . 2010-06-22 02:47 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-08-11 11:24 . 2010-06-22 02:47 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-08-11 11:24 . 2010-06-16 05:48 224256 ----a-w- c:\windows\system32\schannel.dll
    2010-08-11 11:22 . 2010-06-19 04:07 2326016 ----a-w- c:\windows\system32\win32k.sys
    2010-08-07 01:51 . 2010-08-07 01:51 -------- d-----w- c:\users\AppData\Local\Nero_AG
    2010-08-03 12:04 . 2010-08-03 12:12 41256 ----a-w- c:\windows\system32\drivers\fsbts.sys
    2010-08-03 12:03 . 2009-08-05 15:57 35680 ----a-w- c:\windows\system32\drivers\fses.sys
    2010-08-03 12:03 . 2009-08-05 15:57 71040 ----a-w- c:\windows\system32\drivers\fsdfw.sys
    2010-08-03 12:02 . 2010-08-03 12:12 -------- d-----w- c:\program files\Telenet Security Pack
    2010-08-03 11:58 . 2010-08-03 12:01 -------- d-----w- c:\programdata\fssg
    2010-08-03 11:58 . 2010-08-03 12:03 -------- d-----w- c:\programdata\f-secure
    2010-07-31 20:43 . 2010-07-31 20:43 -------- d-----w- c:\users\AppData\Roaming\J River
    2010-07-28 21:46 . 2010-08-09 14:24 -------- d-----w- C:\Download
    2010-07-28 17:30 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-07-28 17:30 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2010-07-28 17:30 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
    2010-07-28 17:30 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-07-28 17:30 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2010-07-28 17:28 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
    2010-07-28 17:27 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-07-28 17:27 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll
    2010-07-28 17:27 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
    2010-07-27 19:03 . 2010-07-27 19:03 -------- d-----w- c:\programdata\Readon
    2010-07-27 18:38 . 2010-07-27 18:38 -------- d-----w- c:\program files\P2PFilter
    2010-07-27 18:37 . 2010-07-27 18:37 -------- d-----w- c:\windows\system32\TVUAx
    2010-07-27 15:48 . 2010-07-27 18:25 -------- d-----w- c:\users\\AppData\Local\Readon_Technology
    2010-07-27 15:47 . 2010-07-27 16:54 -------- d-----w- c:\program files\Readon Technology
    2010-07-26 14:44 . 2010-07-26 14:44 -------- d-----w- c:\program files\DVD Decrypter
    2010-07-26 09:21 . 2010-07-26 09:21 -------- d-----w- c:\users\AppData\Local\ZattooPlayer
    2010-07-26 09:21 . 2010-07-26 09:21 -------- d-----w- c:\users\Zattoo
    2010-07-25 20:31 . 2010-07-25 20:31 -------- d-----w- c:\programdata\Kaspersky Lab
    2010-07-25 20:16 . 2010-07-25 20:16 -------- d-----w- c:\users\AppData\Roaming\JLC's Software
    2010-07-25 20:15 . 2010-07-25 20:15 -------- d-----w- c:\program files\JLC's Software

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-08-24 15:52 . 2010-05-11 22:56 -------- d-----w- c:\users\AppData\Roaming\vlc
    2010-08-23 22:10 . 2010-07-02 07:39 -------- d-----w- c:\users\AppData\Roaming\XBMC
    2010-08-22 11:17 . 2010-05-11 21:40 -------- d-----w- c:\users\\AppData\Roaming\SOUNDGRAPH
    2010-08-21 03:36 . 2010-07-11 14:16 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2010-08-21 03:36 . 2010-05-11 20:55 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2010-08-20 18:20 . 2010-05-15 10:55 -------- d-----w- c:\users\\AppData\Roaming\BitTorrent
    2010-08-20 17:52 . 2010-05-13 15:13 691884 ----a-w- c:\windows\system32\perfh00C.dat
    2010-08-20 17:52 . 2010-05-13 15:13 690930 ----a-w- c:\windows\system32\perfh00A.dat
    2010-08-20 17:52 . 2010-05-13 15:13 136750 ----a-w- c:\windows\system32\perfc00A.dat
    2010-08-20 17:52 . 2010-05-13 15:13 130116 ----a-w- c:\windows\system32\perfc00C.dat
    2010-08-20 17:52 . 2009-07-14 08:27 698618 ----a-w- c:\windows\system32\perfh013.dat
    2010-08-20 17:52 . 2009-07-14 08:27 133270 ----a-w- c:\windows\system32\perfc013.dat
    2010-08-17 23:48 . 2010-05-12 13:53 -------- d-----w- c:\users\AppData\Roaming\dvdcss
    2010-08-17 11:00 . 2010-07-06 16:04 -------- d-----w- c:\program files\RAR Password Recovery Magic
    2010-08-09 14:25 . 2010-06-25 10:38 -------- d-----w- c:\program files\Star Downloader
    2010-08-03 12:01 . 2010-05-11 19:51 -------- d-----w- c:\programdata\avg9
    2010-07-28 16:54 . 2010-07-28 16:54 16 ----a-w- c:\users\\AppData\Roaming\mbsvil.dat
    2010-07-28 10:18 . 2010-05-30 16:01 -------- d-----w- c:\program files\SlySoft
    2010-07-27 16:59 . 2010-07-19 14:02 -------- d-----w- c:\program files\Spyware Doctor
    2010-07-20 17:35 . 2010-07-20 17:35 1615200 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
    2010-07-20 17:35 . 2010-07-20 17:35 1107296 ----a-w- c:\programdata\avg9\update\backup\avgxpl.dll
    2010-07-20 17:35 . 2010-07-20 17:35 921440 ----a-w- c:\programdata\avg9\update\backup\avgemc.exe
    2010-07-20 17:35 . 2010-07-20 17:35 4368224 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
    2010-07-17 17:17 . 2010-05-12 12:46 -------- d-----w- c:\programdata\DVD Shrink
    2010-07-17 12:52 . 2010-07-17 12:52 -------- d-----w- c:\program files\Uninstall Password Protect USB
    2010-07-16 13:07 . 2010-07-16 13:07 242896 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
    2010-07-16 13:07 . 2010-07-16 13:07 216200 ----a-w- c:\programdata\avg9\update\backup\avgldx86.sys
    2010-07-16 13:05 . 2010-07-16 13:05 813336 ----a-w- c:\programdata\avg9\update\backup\avginet.dll
    2010-07-16 13:05 . 2010-07-16 13:05 624920 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
    2010-07-16 13:05 . 2010-07-16 13:05 1690464 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
    2010-07-16 13:05 . 2010-07-16 13:05 1038688 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
    2010-07-12 12:37 . 2010-05-11 20:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2010-07-12 12:37 . 2010-07-12 12:37 704320 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2010-07-07 14:38 . 2010-07-07 14:36 -------- d-----w- c:\program files\Clarus
    2010-07-07 14:38 . 2010-05-11 20:08 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-07-02 07:43 . 2010-07-02 07:39 -------- d-----w- c:\program files\XBMC
    2010-06-28 16:31 . 2010-06-28 16:28 -------- d-----w- c:\program files\Lexmark X1100 Series
    2010-06-27 11:55 . 2010-06-27 11:55 -------- d-----w- c:\program files\Video Thumbnails Maker
    2010-06-25 10:05 . 2010-06-25 10:05 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
    2010-06-25 10:05 . 2010-06-25 10:05 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
    2010-06-25 10:05 . 2010-06-25 10:05 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-06-25 10:03 . 2010-06-25 10:05 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
    2010-06-25 10:03 . 2010-06-25 10:05 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
    2010-06-05 17:26 . 2010-06-05 17:26 37632 ----a-w- c:\windows\system32\drivers\a38usb.sys
    2010-06-05 17:26 . 2010-06-05 17:26 110592 ----a-w- c:\windows\system32\usbr38.dll
    2010-06-02 02:55 . 2010-07-02 07:42 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
    2010-06-02 02:55 . 2010-07-02 07:42 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
    2010-06-02 02:55 . 2010-07-02 07:42 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
    2010-05-28 10:27 . 2010-05-28 10:27 56912 ----a-w- c:\windows\system32\drivers\partmgr.sys
    2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
    2005-08-24 21:10 . 2010-07-17 12:52 174592 --sha-w- c:\windows\System32\ncfpsys.exe
    2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
    .

    ((((((((((((((((((((((((((((( SnapShot@2010-08-24_15.42.11 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2010-05-12 01:05 . 2010-08-24 15:10 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
    + 2010-05-12 01:05 . 2010-08-24 16:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
    - 2010-05-12 01:05 . 2010-08-24 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
    + 2010-05-12 01:05 . 2010-08-24 16:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
    + 2010-05-12 01:05 . 2010-08-24 16:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
    - 2010-05-12 01:05 . 2010-08-24 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
    + 2010-05-11 19:40 . 2010-08-24 16:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-05-11 19:40 . 2010-08-24 15:10 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Google Update"="c:\users\Joachim Bellems\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-05-11 136176]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-11 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "iMON"="c:\program files\SOUNDGRAPH\iMON\iMON.exe" [2010-06-25 2990080]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
    "NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
    "lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
    "Password Protect USB 3.6.1"="c:\windows\system32\ncfpsys.exe" [2005-08-24 174592]
    "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264]
    "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
    "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]
    2010-02-05 11:29 2056192 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
    2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    2009-06-17 10:13 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 136176]
    R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [2009-12-30 114688]
    R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-06-05 37632]
    R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [2010-08-03 57008]
    R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-15 1343400]
    R4 F-Secure Filter;F-Secure File System Filter;c:\program files\Telenet Security Pack\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
    R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Telenet Security Pack\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
    S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2010-08-03 41256]
    S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 68064]
    S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-08-05 35680]
    S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-08-05 71040]
    S1 fsvista;F-Secure Vista Support Driver;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
    S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
    S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
    S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
    S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2010-08-03 124072]
    S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Inhoud van de 'Gedeelde Taken' map

    2010-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 20:17]

    2010-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 20:17]

    2010-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-242032662-382453786-369927515-1000Core.job
    - c:\users\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-11 20:15]

    2010-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-242032662-382453786-369927515-1000UA.job
    - c:\users\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-11 20:15]

    2010-08-24 c:\windows\Tasks\Scheduled scanning task.job
    - c:\progra~1\TELENE~1\ANTI-V~1\fsav.exe [2010-08-03 15:56]
    .
    .
    ------- Bijkomende Scan -------
    .
    uStart Page = https://www.telenet.be/mijntelenet/n...tifier=DEFAULT
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL
    Trusted Zone: entriq.net\man
    Trusted Zone: kbc.be\www
    Trusted Zone: telenet.be\messagent
    Trusted Zone: telenet.be\pctv
    Trusted Zone: telenet.be\www
    .
    - - - - ORPHANS VERWIJDERD - - - -

    AddRemove-FindyKill - c:\program files\FindyKill\Uninstal.exe


    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- DLLs Geladen Onder Lopende Processen ---------------------

    - - - - - - - > 'winlogon.exe'(584)
    c:\program files\telenet security pack\hips\fshook32.dll

    - - - - - - - > 'lsass.exe'(500)
    c:\program files\telenet security pack\hips\fshook32.dll
    .
    Voltooingstijd: 2010-08-24 19:05:22
    ComboFix-quarantined-files.txt 2010-08-24 17:05
    ComboFix2.txt 2010-08-24 16:46
    ComboFix3.txt 2010-08-24 15:45

    Pre-Run: 10.875.379.712 bytes beschikbaar
    Post-Run: 10.821.046.272 bytes beschikbaar

    - - End Of File - - 155617E1B47E582C44A947368F96A3A3





    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:20:50, on 24/08/2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
    C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
    C:\Windows\System32\ncfpsys.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    G:\zivet.scr
    C:\Program Files\Telenet Security Pack\Common\FSLAUNCH.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\notepad.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Opera\Opera.exe
    C:\Program Files\Registry Mechanic\Alert.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Users\Documents\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.telenet.be/mijntelenet/n...tifier=DEFAULT
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
    O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll
    O4 - HKLM\..\Run: [iMON] C:\Program Files\SOUNDGRAPH\iMON\iMON.exe /startup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
    O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [Password Protect USB 3.6.1] C:\Windows\system32\ncfpsys.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O15 - Trusted Zone: Media Authorization Network
    O15 - Trusted Zone: KBC Bank & Verzekering
    O15 - Trusted Zone: http://messagent.telenet.be
    O15 - Trusted Zone: http://pctv.telenet.be
    O15 - Trusted Zone: Telenet
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
    O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
    O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

    --
    End of file - 7416 bytes
    Laatst gewijzigd door fusionfreak; 24 augustus 2010 om 22:04

  10. #30
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.898

    Standaard

    En hoe gedraagt de PC zich nu ?

Discussie gesloten
Pagina 3 van 4 EersteEerste 1234 LaatsteLaatste

Soortgelijke discussies

  1. [OPGELOST] rare snelkoppelingen
    door misteragga in forum Archief Bestrijding malware & virussen
    Reacties: 11
    Laatste bericht: 17 juli 2010, 11:50
  2. [OPGELOST] openen snelkoppelingen
    door sigfriedlynje in forum Archief Internet & Netwerk
    Reacties: 0
    Laatste bericht: 23 januari 2010, 16:09
  3. snelkoppelingen win 7
    door frans1 in forum Archief Windows
    Reacties: 1
    Laatste bericht: 13 januari 2010, 15:52
  4. snelkoppelingen
    door snorry in forum Archief Microsoft Office
    Reacties: 3
    Laatste bericht: 4 april 2009, 22:09

Labels voor deze discussie

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •