pgmjans

Hallo ik kan deze link niet openen.

Hallo, als ik google chrome opstart krijg ik steeds een privacyfoutmelding. https://support.google.com/websearch/answer/463?hl=nl en ook wordt vaak onderstaande link geopend. https://mysearch.avg.com/tab?sap=nt&rvt=1&pid=wtu&cid={2DE4C627-68A8-4C35-B9DF-1817C1F891ED}&mid=f800c85538b047cda17a1176934f6c6d-3e89f345db953b4ff33c11e12c34dea8f7145a42&ds=AVG&v=4.1.6.294〈=nl&pr=fr&d=2015/05/30%2011:59:45&ud=10/9/2015%2016:45:37&cmpid=0915tb MvG Ronald

Ik krijg geen knop om te verwijderen. Ik heb wel malwarebytes op mij pc geïnstalleerd (betaalde versie). Kun je daar mss iets me?

Hallo 2x laten doen maar ik krijg niets om te verwijderen...

bij deze het log bestandje. AdwCleanerS1.txt

Het is gelukt. Bij deze het bestandje. zoek-results.txt

Hallo, sorry dat ik pas zo laat reageer maar zoek.exe start niet op op mijn pc.

nee helaas geen kopie... pfff

Bij deze het log bestand. info.txt log.txt

Hallo, sinds vrijdag hebben alle bestanden op mijn usb stick de volgende extensie gekregen. .doc.ylamwrl ik kan ze dus niet meer openen. Ik heb een paar proberen te hernoemen naar ,doc maar dan krijg ik allemaal rare tekens. Zie bijlage. Ik heb de usb stick gescand en geen virus geconstateerd. Enig idee hoe ik die terug krijg? melding Word.docx

Ik wil als ik op "Aan" klik om een adres te kiezen in outlook alle adressen zien met de adresgroepen erbij. Hoe krijg ik dit voor elkaar? Dat is mijn vraag.

Ja dat kan maar ik wil ze allemaal in een lijst hebben staan en daar ook de mailgroepen in. Hoe krijg ik dit voor elkaar.

Hallo, Ik probeer de outlook contactgegevens (adresbroek) over te zetten maar dat lukt niet helemaal. Ik heb een kopie gemaakt op de oude pc en geimporteerd op de nieuwe. Dit gaat helaas niet zoals ik het gedacht had. Ik krijg de contactpersonen niet te zien als ik in een mail op "AAN" klik. Als ik echter naar het tab contactpersonen ga dan zie ik ze daar allemaal staan. Ik krijg ze dus op de een of andere manier niet gekoppeld. Wat doe ik fout? Office 2010 Zie bijlagen 1 en 2 Gr. Peter

Hallo ik heb een probleem. Er wordt vanuit een bedrijf dagelijks een mail met bijlage pdf gestuurd naar een klant. Echter van die betreffende persoon komt het pdf bestand niet binnen. Van andere komen de pdf's wel binnen. Vraagje hoe kan dit en hoe kan het dat alleen van deze klant de mails met de pdf bijlage niet binnen komt. Het email programma is outlook expres. Anders mail programma's geven hetzelfde probleem. Ergens moet de bijlage waroden tegen gehouden. BVD Peter

Hallo via een collega kreeg ik een meldingen dat mijn test site als onveilig aangemerkt is. Nl de siteadvisor geeft aan de site als onveilig /riskant staat aangemeld. Hoe kan ik deze melding weg krijgen? het is gewwon een test site waar ik vaker wel eens een test site plaats. de link is www.hotelsin.be

Hallo, ik weet niet of ik hier goed ben maar ik heb het volgende probleem. Ik heb een website die verhuisd is naar een nieuw ipadres. De dns gegevens (nameservers) zijn aangepast. Nu zie ik echter soms de oude site nog en soms de nieuwe site. Ik heb met ipconfig /flushdns de dns gegevens verwijderd. Hoe kan het dat ik soms de nieuwe en soms de oude nog zie? De oude dns is ook nog in de lucht op een ipadres maar de nieuwe ook oop een ander ipadres. Andere zie ook soms de oude site nog staan. Hoe kan ik er voor zorgen dat ze alleen de nieuwe zien zonder de oude meteen te moeten verwijderen...

Hoi Kape, hier heb je de opnieuw de logfile. ComboFix 12-07-16.01 - applbeheer 16-07-2012 19:54:31.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2038.1258 [GMT 2:00] Gestart vanuit: c:\documents and settings\applbeheer\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\applbeheer\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . Besmet exemplaar van c:\windows\system32\Services.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\windows\erdnt\cache\services.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))) . . 2012-07-13 17:21 . 2012-07-16 17:49 -------- d--h--r- c:\documents and settings\applbeheer\Onlangs geopend 2012-07-13 10:24 . 2012-07-13 10:43 -------- d-----w- C:\downloads joomla 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Malwarebytes 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\DriverCure 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\SpeedyPC Software 2012-07-06 14:52 . 2012-07-09 16:52 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-07-06 08:49 . 2012-07-06 08:49 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-07-06 08:48 . 2012-07-06 08:48 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-07-06 08:48 . 2012-07-06 08:48 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll 2012-07-06 08:48 . 2012-07-06 08:48 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-07-06 08:48 . 2012-07-06 08:48 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-07-06 08:37 . 2012-07-06 08:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters 2012-07-06 08:29 . 2012-07-06 08:59 -------- d-----w- c:\documents and settings\All Users\Application Data\clp 2012-07-06 08:29 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Fighters 2012-07-06 08:28 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Fighters 2012-07-06 08:27 . 2012-07-06 08:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Toolkit Suite 2012-07-06 08:27 . 2012-07-06 09:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2012-07-06 08:25 . 2012-07-06 09:06 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Systweak 2012-07-06 08:09 . 2012-07-06 08:11 -------- d-----w- C:\hijackthis 2012-07-04 19:30 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2012-07-04 19:29 . 2012-07-04 19:29 -------- d-----w- c:\program files\Panda Security 2012-07-04 19:28 . 2012-07-04 19:28 -------- d-----w- c:\program files\Common Files\Bitdefender 2012-07-04 19:24 . 2012-07-04 19:24 -------- d-----w- c:\documents and settings\applbeheer\Application Data\QuickScan 2012-07-03 21:03 . 2012-07-03 21:03 -------- d-----w- c:\program files\ESET 2012-06-28 15:15 . 2012-06-28 15:15 -------- d-----w- c:\documents and settings\applbeheer\Local Settings\Application Data\MetaGeek,_LLC 2012-06-28 15:11 . 2012-06-28 15:11 -------- d-----w- c:\program files\MetaGeek . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-16 18:02 . 2008-06-05 09:49 0 ----a-w- c:\documents and settings\applbeheer\Local Settings\Application Data\WavXMapDrive.bat 2012-07-13 07:14 . 2012-04-27 17:46 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-13 07:14 . 2012-01-18 06:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-03 16:21 . 2008-10-23 07:49 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2012-04-15 10:12 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-07-03 16:21 . 2012-01-18 14:49 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2008-10-23 07:49 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2008-10-23 07:49 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-07-03 16:21 . 2008-10-23 07:49 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-07-03 16:21 . 2008-10-23 07:49 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2008-10-23 07:49 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2008-10-23 07:49 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-07-03 16:21 . 2012-01-18 14:48 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2008-10-23 07:49 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-13 13:55 . 2004-09-13 13:52 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2007-05-15 15:43 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2004-09-13 13:52 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2004-09-13 13:52 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2007-07-30 17:18 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2004-09-13 14:05 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2004-09-13 14:05 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2007-07-30 17:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2004-09-13 14:05 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2004-09-13 14:05 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2004-09-13 13:52 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2004-09-13 14:05 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2007-07-30 17:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2008-10-23 11:38 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2008-10-23 11:38 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2007-07-30 17:18 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2004-09-13 13:52 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2004-09-13 13:52 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-11 14:44 . 2004-09-13 13:52 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2004-09-13 13:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2004-09-13 13:52 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 03:15 . 2004-09-13 13:52 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2004-08-04 00:58 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:47 . 2004-09-13 14:03 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-06 08:48 . 2012-01-18 20:53 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2011-11-11 59240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-12-05 405504] "PMX Daemon"="ICO.EXE" [2006-11-08 49152] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2007-09-10 92160] "SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2007-09-14 218424] "KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-10 30192] "TrayServer"="c:\program files\MAGIX\Film_op_DVD_8\TrayServer.exe" [2008-01-30 90112] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-3-18 50688] Printkey2000.lnk - c:\program files\PrintKey2000\Printkey2000.exe [2009-2-26 869376] Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2012-1-18 1622016] Sweex utility.lnk - c:\program files\Sweex\LW153\Utility\UI.exe [2012-1-18 1314816] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2012-1-18 118784] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gemsafe] 2006-11-16 15:20 73728 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2007-09-19 18:25 159744 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] 2007-07-20 16:55 1228800 ----a-w- c:\program files\Dell\QuickSet\quickset.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] 2006-08-17 09:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\applbeheer\\Application Data\\Spotify\\spotify.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= . R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [4-7-2012 21:30 28552] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [15-4-2012 12:12 18544] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18-1-2012 16:49 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23-10-2008 9:49 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23-10-2008 9:49 21256] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [25-12-2009 13:29 38144] R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [18-1-2012 17:43 19072] R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30-5-2012 13:56 3048136] R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [13-9-2004 15:52 5120] R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2-11-2006 14:32 97536] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29-2-2012 9:50 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27-4-2012 19:46 250056] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [9-8-2010 14:19 1527900] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18-3-2008 10:43 30192] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-7-2012 10:49 129976] S3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [23-10-2008 8:43 18432] S3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [23-10-2008 8:43 14336] S3 RTL8187B;Wireless Network USB Adapter 54g WL-169;c:\windows\system32\DRIVERS\RTL8187B.sys --> c:\windows\system32\DRIVERS\RTL8187B.sys [?] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [9-8-2010 14:21 544768] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys --> c:\windows\system32\Drivers\VMUVC.sys [?] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys --> c:\windows\system32\drivers\vvftUVC.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 07:14] . 2012-07-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2012-07-16 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-03 16:21] . 2012-07-16 c:\windows\Tasks\User_Feed_Synchronization-{E3121B44-F8B2-4411-80AE-F1187474AF03}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: {16BC6A51-9F62-49E3-9F96-C842EF2FFE3E} - file:///D:/WebPlayer.cab FF - ProfilePath - c:\documents and settings\applbeheer\Application Data\Mozilla\Firefox\Profiles\t0aa9isq.default\ FF - prefs.js: browser.search.selectedEngine - midicair Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&SearchSource=2&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111805&tt=100512_1_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.hardId - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15471 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:46 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-16 20:03 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'lsass.exe'(972) c:\windows\system32\wvauth.dll c:\windows\system32\biolsp.dll . - - - - - - - > 'explorer.exe'(2804) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Roxio\Drag-to-Disc\Shellex.dll c:\windows\system32\DLAAPI_W.DLL c:\windows\system32\CDRTC.DLL c:\program files\Roxio\Drag-to-Disc\ShellRes.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\System32\SCardSvr.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Dell\QuickSet\NICCONFIGSVC.exe c:\program files\Ralink\Common\RaRegistry.exe c:\windows\system32\StacSV.exe c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe c:\windows\system32\msdtc.exe c:\windows\system32\ICO.EXE c:\windows\system32\igfxsrvc.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2012-07-16 20:07:35 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-16 18:07 ComboFix2.txt 2012-07-14 22:19 ComboFix3.txt 2012-07-09 17:11 ComboFix4.txt 2012-07-04 19:11 . Pre-Run: 48.620.777.472 bytes beschikbaar Post-Run: 48.786.526.208 bytes beschikbaar . - - End Of File - - 86890056A5043A399A2E1C82F1E3D0AB

Hoi Kape, ik hhet uitgevoerd. zie onderstaande de logfile: ComboFix 12-07-14.01 - applbeheer 15-07-2012 0:12.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2038.1380 [GMT 2:00] Gestart vanuit: c:\documents and settings\applbeheer\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\applbeheer\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . FILE :: "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\caption.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\core.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-core.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-more.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\jquery.cycle.all.2.74." "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.end.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.start.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.end.js" "e:\website joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.start.js" . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-14 to 2012-07-14 )))))))))))))))))))))))))))))) . . 2012-07-13 17:21 . 2012-07-14 22:06 -------- d--h--r- c:\documents and settings\applbeheer\Onlangs geopend 2012-07-13 10:24 . 2012-07-13 10:43 -------- d-----w- C:\downloads joomla 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Malwarebytes 2012-07-09 16:48 . 2012-07-09 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\DriverCure 2012-07-06 14:52 . 2012-07-06 14:52 -------- d-----w- c:\documents and settings\applbeheer\Application Data\SpeedyPC Software 2012-07-06 14:52 . 2012-07-09 16:52 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-07-06 08:49 . 2012-07-06 08:49 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-07-06 08:48 . 2012-07-06 08:48 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-07-06 08:48 . 2012-07-06 08:48 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll 2012-07-06 08:48 . 2012-07-06 08:48 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-07-06 08:48 . 2012-07-06 08:48 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-07-06 08:37 . 2012-07-06 08:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters 2012-07-06 08:29 . 2012-07-06 08:59 -------- d-----w- c:\documents and settings\All Users\Application Data\clp 2012-07-06 08:29 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Fighters 2012-07-06 08:28 . 2012-07-06 08:29 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Fighters 2012-07-06 08:27 . 2012-07-06 08:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Toolkit Suite 2012-07-06 08:27 . 2012-07-06 09:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2012-07-06 08:25 . 2012-07-06 09:06 -------- d-----w- c:\documents and settings\applbeheer\Application Data\Systweak 2012-07-06 08:09 . 2012-07-06 08:11 -------- d-----w- C:\hijackthis 2012-07-04 19:30 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2012-07-04 19:29 . 2012-07-04 19:29 -------- d-----w- c:\program files\Panda Security 2012-07-04 19:28 . 2012-07-04 19:28 -------- d-----w- c:\program files\Common Files\Bitdefender 2012-07-04 19:24 . 2012-07-04 19:24 -------- d-----w- c:\documents and settings\applbeheer\Application Data\QuickScan 2012-07-03 21:03 . 2012-07-03 21:03 -------- d-----w- c:\program files\ESET 2012-06-28 15:15 . 2012-06-28 15:15 -------- d-----w- c:\documents and settings\applbeheer\Local Settings\Application Data\MetaGeek,_LLC 2012-06-28 15:11 . 2012-06-28 15:11 -------- d-----w- c:\program files\MetaGeek . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-14 06:10 . 2008-06-05 09:49 0 ----a-w- c:\documents and settings\applbeheer\Local Settings\Application Data\WavXMapDrive.bat 2012-07-13 07:14 . 2012-04-27 17:46 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-13 07:14 . 2012-01-18 06:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-03 16:21 . 2008-10-23 07:49 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2012-04-15 10:12 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-07-03 16:21 . 2012-01-18 14:49 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2008-10-23 07:49 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2008-10-23 07:49 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-07-03 16:21 . 2008-10-23 07:49 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-07-03 16:21 . 2008-10-23 07:49 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2008-10-23 07:49 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2008-10-23 07:49 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-07-03 16:21 . 2012-01-18 14:48 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2008-10-23 07:49 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-13 13:55 . 2004-09-13 13:52 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2007-05-15 15:43 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2004-09-13 13:52 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2004-09-13 13:52 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2007-07-30 17:18 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2004-09-13 14:05 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2004-09-13 14:05 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2007-07-30 17:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2004-09-13 14:05 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2004-09-13 14:05 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2004-09-13 13:52 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2004-09-13 14:05 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2007-07-30 17:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2004-09-13 14:05 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2008-10-23 11:38 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2008-10-23 11:38 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2007-07-30 17:18 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2004-09-13 13:52 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2004-09-13 13:52 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-11 14:44 . 2004-09-13 13:52 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2004-09-13 13:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2004-09-13 13:52 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 03:15 . 2004-09-13 13:52 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2004-08-04 00:58 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:47 . 2004-09-13 14:03 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-06 08:48 . 2012-01-18 20:53 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-04_19.06.18 ))))))))))))))))))))))))))))))))))))))))) . - 2008-10-23 07:10 . 2012-05-10 06:48 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2008-10-23 07:10 . 2012-07-11 21:10 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2008-10-23 07:10 . 2012-05-10 06:48 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2008-10-23 07:10 . 2012-07-11 21:10 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2008-10-23 07:10 . 2012-07-11 21:10 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2008-10-23 07:10 . 2012-05-10 06:48 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2008-10-23 07:10 . 2012-07-11 21:10 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2012-07-13 07:14 . 2012-07-13 07:14 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe + 2012-07-11 20:14 . 2012-07-11 20:14 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe + 2012-07-11 20:14 . 2012-07-11 20:14 465096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.dll - 2012-04-27 17:46 . 2012-07-01 16:53 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe + 2012-04-27 17:46 . 2012-07-13 07:14 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe + 2004-09-13 13:58 . 2012-07-11 21:31 298048 c:\windows\system32\FNTCACHE.DAT - 2004-09-13 13:58 . 2012-06-14 05:16 298048 c:\windows\system32\FNTCACHE.DAT + 2008-12-05 06:58 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll + 2010-11-09 14:52 . 2012-05-28 18:17 536576 c:\windows\system32\dllcache\msado15.dll - 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll - 2008-10-23 07:10 . 2012-05-10 06:48 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2008-10-23 07:10 . 2012-07-11 21:10 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2008-10-23 07:10 . 2012-07-11 21:10 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2008-10-23 07:10 . 2012-05-10 06:48 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2008-10-23 07:10 . 2012-07-11 21:10 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2008-10-23 07:10 . 2012-05-10 06:48 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2008-10-23 07:10 . 2012-07-11 21:10 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe - 2008-10-23 07:10 . 2012-05-10 06:48 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe + 2008-10-23 07:10 . 2012-07-11 21:10 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe - 2008-10-23 07:10 . 2012-05-10 06:48 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2012-06-26 14:09 . 2012-06-26 14:09 731688 c:\windows\Downloaded Program Files\qsax.dll + 2009-08-04 12:06 . 2009-08-04 12:06 132352 c:\windows\Downloaded Program Files\as2stubie.dll + 2004-09-13 13:52 . 2012-06-08 14:25 8509952 c:\windows\system32\shell32.dll + 2012-07-13 07:14 . 2012-07-13 07:14 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll + 2008-10-23 06:50 . 2012-06-13 13:55 1866240 c:\windows\system32\dllcache\win32k.sys + 2008-06-17 19:03 . 2012-06-08 14:25 8509952 c:\windows\system32\dllcache\shell32.dll + 2008-10-23 06:03 . 2012-06-05 15:49 1372672 c:\windows\system32\dllcache\msxml6.dll - 2008-10-23 06:03 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll + 2008-11-14 13:36 . 2012-06-05 15:49 1172480 c:\windows\system32\dllcache\msxml3.dll - 2008-11-14 13:36 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll + 2012-06-29 12:33 . 2012-06-29 12:33 6063616 c:\windows\Installer\56df06.msp + 2008-10-23 06:53 . 2012-07-11 21:11 57442464 c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] 2012-01-11 14:29 241872 ----a-w- c:\program files\Softonic\softonic\1.5.11.5\bh\softonic.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files\Softonic\softonic\1.5.11.5\softonicTlbr.dll" [2012-01-11 250064] . [HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}] [HKEY_CLASSES_ROOT\Softonic.dskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\Softonic.dskBnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2011-11-11 59240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-12-05 405504] "PMX Daemon"="ICO.EXE" [2006-11-08 49152] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2007-09-10 92160] "SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2007-09-14 218424] "KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-10 30192] "TrayServer"="c:\program files\MAGIX\Film_op_DVD_8\TrayServer.exe" [2008-01-30 90112] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-3-18 50688] Printkey2000.lnk - c:\program files\PrintKey2000\Printkey2000.exe [2009-2-26 869376] Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2012-1-18 1622016] Sweex utility.lnk - c:\program files\Sweex\LW153\Utility\UI.exe [2012-1-18 1314816] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2012-1-18 118784] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gemsafe] 2006-11-16 15:20 73728 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2007-09-19 18:25 159744 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] 2007-07-20 16:55 1228800 ----a-w- c:\program files\Dell\QuickSet\quickset.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] 2006-08-17 09:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\applbeheer\\Application Data\\Spotify\\spotify.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= . R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [4-7-2012 21:30 28552] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [15-4-2012 12:12 18544] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18-1-2012 16:49 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23-10-2008 9:49 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23-10-2008 9:49 21256] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [25-12-2009 13:29 38144] R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [18-1-2012 17:43 19072] R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [13-9-2004 15:52 5120] R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2-11-2006 14:32 97536] S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30-5-2012 13:56 3048136] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29-2-2012 9:50 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27-4-2012 19:46 250056] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [9-8-2010 14:19 1527900] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18-3-2008 10:43 30192] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-7-2012 10:49 129976] S3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [23-10-2008 8:43 18432] S3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [23-10-2008 8:43 14336] S3 RTL8187B;Wireless Network USB Adapter 54g WL-169;c:\windows\system32\DRIVERS\RTL8187B.sys --> c:\windows\system32\DRIVERS\RTL8187B.sys [?] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [9-8-2010 14:21 544768] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys --> c:\windows\system32\Drivers\VMUVC.sys [?] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys --> c:\windows\system32\drivers\vvftUVC.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2012-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 07:14] . 2012-07-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2012-07-14 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-03 16:21] . 2012-07-14 c:\windows\Tasks\User_Feed_Synchronization-{E3121B44-F8B2-4411-80AE-F1187474AF03}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: {16BC6A51-9F62-49E3-9F96-C842EF2FFE3E} - file:///D:/WebPlayer.cab FF - ProfilePath - c:\documents and settings\applbeheer\Application Data\Mozilla\Firefox\Profiles\t0aa9isq.default\ FF - prefs.js: browser.search.selectedEngine - midicair Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&SearchSource=2&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111805&tt=100512_1_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.hardId - 78c6d48c00000000000000160a1814e7 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15471 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:46 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-!{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-15 00:18 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(912) c:\windows\system32\igfxdev.dll . - - - - - - - > 'lsass.exe'(968) c:\windows\system32\wvauth.dll c:\windows\system32\biolsp.dll . - - - - - - - > 'explorer.exe'(248) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-07-15 00:19:58 ComboFix-quarantined-files.txt 2012-07-14 22:19 ComboFix2.txt 2012-07-09 17:11 ComboFix3.txt 2012-07-04 19:11 . Pre-Run: 48.476.004.352 bytes beschikbaar Post-Run: 48.823.713.792 bytes beschikbaar . - - End Of File - - F7AFA0E32F717947E37C8B02853BFB62

Ok ik heb gevonden hoe ik de externe HD kan scannen maar krijg een paar virussen niet verwijderd via emisoft. Er staat bij vraag het de expert. Weet jij hoe ik onderstaande kan verwijderen? Deze worden nl niet automatisch verwijderd. E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\caption.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\core.js - File not found :\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-core.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-more.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\jquery.cycle.all.2.74.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.start.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.start.js - File not found

Hallo kape, onderstaande files kreeg ik niet verwijderd met emisoft. Weet jij hoe ik deze kan verwijderen? E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\caption.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\core.js - File not found :\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-core.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\media\system\js\mootools-more.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\jquery.cycle.all.2.74.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejquery.start.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.end.js - File not found E:\Website Joomla 2.5\aan de watermolen\bck van hotelsin\modules\mod_ppc_simple_spotlight\js\ppc.safejqueryplugin.start.js - File not found

Hallo Kape, Mijn pc heeft problemen met Emisoft Emergency kit. Hij loopt nl naa een tijd je vast. Mijn laptop heb ik wel gescand en deze is nu "virus vrij" hoop ik. Ik heb nl alles verwijderd. Moet ik nu nog iets doen of is dit alles. Dan heb ik nog een vraag: is er ook een mogelijkheid om een externe harddisk te scannen? Aan mij pc hangt nl een externe HD, deze wil ik graag scannen vermodelijk zit daar ook nog iets op want ik schrijf nl alles weg naar mijn (mirror) harddisk. Ik heb de site perterjanssens.nl terug gezet en kan geen virus meer ontdekken met avast. ik zal je het log bestandje nog sturen.

Hallo, de hele site door jotti halen is onbegonnen werk. De site heeft duizende files. Alles opnieuw installeren heeft ook niet mij voorkeur... Dan ben ik nl een dag bezig met istalleren... Zijn er nog andere optie's?

Ik denk niet dat dit het enige is... Er zullen er wel nog veel meer zijn. Hoe krijg ik deaze pc ooit nog schoon? Geen idee..

Ik heb het laten scannen.... hier wordt je niet vrolijk van.. zie bijlage

Hoi Kape, wat moet ik dan doen... Ik kreeg vanmiddag nog geen virusmelding..