Ga naar inhoud

MafkeesZ

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    9

  • Registratiedatum

  • Laatst bezocht

MafkeesZ's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. MafkeesZ
    Ik had namelijk nog een probleem, dat was namelijk dat er in de text op elke internetsite een paar woorden waren onderstreept en als ik daar met me muis overheen ging kreeg ik reclame te zien. Dat probleem heb ik gegoogled en toen bleek ik iets aan te hebben staan in de instellingen (Bflix extensions) bij extensies. (Google Chrome aanpassen en beheren ---> extra ---> extensies) Daar heb ik toen 2 dingen verwijderd en daarna had ik geen last meer van die onderstreepte woorden en kreeg ook bij het openen van een nieuw tabblad geen Mystart meer.
  2. MafkeesZ
    Het probleem is opgelost. Bedankt voor het helpen!!! Groet Nico
  3. MafkeesZ
    Nou ik heb het gedaan en heb 2 dingen verwijderd, maar heb nog steeds als ik een tabblad open dat hij naar mystart gaat :s Kan dit veel kwaad?
  4. MafkeesZ
    Het is volgens mij nog steeds niet helemaal weg. Als ik namelijk in google chrome een nieuw tabblad aanklik opent hij nog steeds: MyStart by IncrediBar.com inplaats van google.nl :s Heb bij instellingen wel mystart verwijderd en google ingesteld, maar toch opent hij nog steeds mystart.. Bij start en dan zoeken heb ik ook gezocht op mystart incredibar maar dan kan hij ook niks vinden? Weet jij nog iets wat ik kan proberen?
  5. MafkeesZ
    Dan krijg ik dit te zien: ComboFix 12-07-10.01 - Nico Visser 10-07-2012 21:08:39.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.503.265 [GMT 2:00] Gestart vanuit: c:\documents and settings\Nico Visser\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Nico Visser\Bureaublad\CFScript.txt AV: Ziggo uitgebreide internetbeveiliging 9.01 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: Ziggo uitgebreide internetbeveiliging 9.01 *Enabled* {D4747503-0346-49EB-9262-997542F79BF4} . FILE :: "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\116cbe41a8383bfcf42b c:\116cbe41a8383bfcf42b\amd64\filterpipelineprintproc.dll c:\116cbe41a8383bfcf42b\amd64\msxpsdrv.cat c:\116cbe41a8383bfcf42b\amd64\msxpsdrv.inf c:\116cbe41a8383bfcf42b\amd64\msxpsinc.gpd c:\116cbe41a8383bfcf42b\amd64\msxpsinc.ppd c:\116cbe41a8383bfcf42b\amd64\mxdwdrv.dll c:\116cbe41a8383bfcf42b\amd64\xpssvcs.dll c:\116cbe41a8383bfcf42b\i386\filterpipelineprintproc.dll c:\116cbe41a8383bfcf42b\i386\msxpsdrv.cat c:\116cbe41a8383bfcf42b\i386\msxpsdrv.inf c:\116cbe41a8383bfcf42b\i386\msxpsinc.gpd c:\116cbe41a8383bfcf42b\i386\msxpsinc.ppd c:\116cbe41a8383bfcf42b\i386\mxdwdrv.dll c:\116cbe41a8383bfcf42b\i386\xpssvcs.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-10 to 2012-07-10 )))))))))))))))))))))))))))))) . . 2012-06-23 21:35 . 2012-06-23 21:35 -------- d-----w- C:\HP 2012-06-23 21:35 . 2012-06-23 21:35 -------- d-----w- C:\temp 2012-06-23 21:27 . 2012-06-23 21:27 -------- d-----w- C:\swsetup 2012-06-23 13:55 . 2012-06-23 13:55 -------- d-----w- C:\Intel 2012-06-23 02:47 . 2012-07-07 18:36 1929 ----a-w- C:\user.js 2012-06-22 10:10 . 2012-06-22 10:10 -------- d-----r- C:\MSOCache . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-04 15:35 . 2009-08-06 17:23 222448 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:19 . 2012-06-02 13:19 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2012-06-02 13:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2002-09-11 12:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2012-06-02 13:19 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2012-06-02 13:19 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2012-06-02 13:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-05-31 13:22 . 2002-09-11 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2002-09-11 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:55 . 2002-09-11 12:00 1863296 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:44 . 2002-09-11 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2002-09-11 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-05 03:15 . 2002-09-11 12:00 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2002-09-09 13:18 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-20 19:31 . 2012-04-20 19:31 81920 ------w- c:\windows\system32\ieencode.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="c:\program files\Internetbeveiliging\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Internetbeveiliging\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-15 1040384] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [21-6-2012 21:44 44184] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [21-6-2012 21:43 82120] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Internetbeveiliging\HIPS\drivers\fshs.sys [21-6-2012 21:43 68064] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8-7-2012 13:02 654408] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Internetbeveiliging\Anti-Virus\minifilter\fsgk.sys [21-6-2012 21:43 149672] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8-7-2012 13:02 22344] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [22-6-2012 0:42 257224] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Internetbeveiliging\ORSP Client\fsorsp.exe [21-6-2012 21:43 61088] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Internetbeveiliging\Anti-Virus\win2k\fsfilter.sys [21-6-2012 21:43 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Internetbeveiliging\Anti-Virus\win2k\fsrec.sys [21-6-2012 21:43 25184] . Inhoud van de 'Gedeelde Taken' map . 2012-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 22:42] . 2012-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-1004Core.job - c:\documents and settings\Nico Visser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-06 05:34] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-1004UA.job - c:\documents and settings\Nico Visser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-06 05:34] . 2012-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-500Core.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-21 22:17] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-500UA.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-21 22:17] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\program files\Internetbeveiliging\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 212.54.40.25 192.168.123.254 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-10 21:15 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(672) c:\program files\internetbeveiliging\hips\fshook32.dll c:\program files\Internetbeveiliging\FWES\Program\fsdc32.dll . - - - - - - - > 'lsass.exe'(728) c:\program files\Internetbeveiliging\FSPS\program\FSLSP.DLL c:\program files\internetbeveiliging\hips\fshook32.dll c:\program files\Internetbeveiliging\FWES\Program\fsdc32.dll . - - - - - - - > 'csrss.exe'(648) c:\program files\Internetbeveiliging\FWES\Program\fsdc32.dll . Voltooingstijd: 2012-07-10 21:17:50 ComboFix-quarantined-files.txt 2012-07-10 19:17 ComboFix2.txt 2012-07-10 18:37 . Pre-Run: 214.120.001.536 bytes beschikbaar Post-Run: 214.100.488.192 bytes beschikbaar . - - End Of File - - E49DEA24065F74D6D24F49A1584C9EF2
  6. MafkeesZ
    Dit stond er in het logbestand: ComboFix 12-07-10.01 - Nico Visser 10-07-2012 20:25:53.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.503.222 [GMT 2:00] Gestart vanuit: c:\documents and settings\Nico Visser\Mijn documenten\Downloads\ComboFix.exe AV: Ziggo uitgebreide internetbeveiliging 9.01 *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: Ziggo uitgebreide internetbeveiliging 9.01 *Enabled* {D4747503-0346-49EB-9262-997542F79BF4} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Nico Visser\WINDOWS c:\windows\fspscprereqmsiinst.log c:\windows\system32\SET530.tmp c:\windows\system32\SET534.tmp c:\windows\system32\SET535.tmp c:\windows\system32\SET53C.tmp c:\windows\unin0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-10 to 2012-07-10 )))))))))))))))))))))))))))))) . . 2012-06-23 21:35 . 2012-06-23 21:35 -------- d-----w- C:\HP 2012-06-23 21:35 . 2012-06-23 21:35 -------- d-----w- C:\temp 2012-06-23 21:27 . 2012-06-23 21:27 -------- d-----w- C:\swsetup 2012-06-23 13:55 . 2012-06-23 13:55 -------- d-----w- C:\Intel 2012-06-23 02:47 . 2012-07-07 18:36 1929 ----a-w- C:\user.js 2012-06-23 01:52 . 2012-06-23 01:53 -------- d-----w- C:\116cbe41a8383bfcf42b 2012-06-22 10:10 . 2012-06-22 10:10 -------- d-----r- C:\MSOCache . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-04 15:35 . 2009-08-06 17:23 222448 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:19 . 2012-06-02 13:19 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2012-06-02 13:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2002-09-11 12:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2012-06-02 13:19 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2012-06-02 13:19 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2012-06-02 13:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-05-31 13:22 . 2002-09-11 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2002-09-11 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:55 . 2002-09-11 12:00 1863296 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:44 . 2002-09-11 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2002-09-11 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-05 03:15 . 2002-09-11 12:00 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2002-09-09 13:18 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-20 19:31 . 2012-04-20 19:31 81920 ------w- c:\windows\system32\ieencode.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="c:\program files\Internetbeveiliging\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Internetbeveiliging\FSGUI\TNBUtil.exe" [2009-08-05 2349664] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-15 1040384] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [21-6-2012 21:44 44184] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [21-6-2012 21:43 82120] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Internetbeveiliging\HIPS\drivers\fshs.sys [21-6-2012 21:43 68064] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8-7-2012 13:02 654408] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Internetbeveiliging\Anti-Virus\minifilter\fsgk.sys [21-6-2012 21:43 149672] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8-7-2012 13:02 22344] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [22-6-2012 0:42 257224] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Internetbeveiliging\ORSP Client\fsorsp.exe [21-6-2012 21:43 61088] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Internetbeveiliging\Anti-Virus\win2k\fsfilter.sys [21-6-2012 21:43 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Internetbeveiliging\Anti-Virus\win2k\fsrec.sys [21-6-2012 21:43 25184] . Inhoud van de 'Gedeelde Taken' map . 2012-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 22:42] . 2012-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-1004Core.job - c:\documents and settings\Nico Visser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-06 05:34] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-1004UA.job - c:\documents and settings\Nico Visser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-06 05:34] . 2012-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-500Core.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-21 22:17] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-764733703-725345543-500UA.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-21 22:17] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\program files\Internetbeveiliging\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 212.54.40.25 192.168.123.254 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-Easy Driver Pro - c:\program files\Probit Software\Easy Driver Pro\DPLauncher.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-10 20:34 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(672) c:\program files\internetbeveiliging\hips\fshook32.dll c:\program files\Internetbeveiliging\FWES\Program\fsdc32.dll . - - - - - - - > 'lsass.exe'(728) c:\program files\Internetbeveiliging\FSPS\program\FSLSP.DLL c:\program files\internetbeveiliging\hips\fshook32.dll c:\program files\Internetbeveiliging\FWES\Program\fsdc32.dll . - - - - - - - > 'csrss.exe'(648) c:\program files\Internetbeveiliging\FWES\Program\fsdc32.dll . Voltooingstijd: 2012-07-10 20:37:05 ComboFix-quarantined-files.txt 2012-07-10 18:37 . Pre-Run: 212.966.301.696 bytes beschikbaar Post-Run: 214.109.519.872 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn . - - End Of File - - E843ED2840C9BE7517108ABC895D8DE3
  7. MafkeesZ
    Ik heb adwcleaner gedownload en uitgevoerd en krijg dan dit in de logfile te zien: # AdwCleaner v1.701 - Logfile created 07/10/2012 at 19:56:14# Updated 02/07/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Nico Visser - NICO # Running from : C:\Documents and Settings\Nico Visser\Bureaublad\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [Registre - GUID] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Google Chrome v19.0.1084.56 File : C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [10184 octets] - [08/07/2012 11:28:14] AdwCleaner[s1].txt - [10559 octets] - [08/07/2012 11:28:40] AdwCleaner[R2].txt - [1155 octets] - [08/07/2012 11:42:28] AdwCleaner[s2].txt - [1215 octets] - [08/07/2012 11:43:16] AdwCleaner[s3].txt - [294 octets] - [10/07/2012 19:54:47] AdwCleaner[R3].txt - [1315 octets] - [10/07/2012 19:56:03] AdwCleaner[s4].txt - [1246 octets] - [10/07/2012 19:56:14] ########## EOF - C:\AdwCleaner[s4].txt - [1374 octets] ##########
  8. MafkeesZ
    Kape bedankt voor het snelle reageren! Dit is wat in het kladblok staat: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:15:04, on 8-7-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Internetbeveiliging\Common\FSM32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\HP\KBD\KBD.EXE C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Internetbeveiliging\Anti-Virus\fsgk32st.exe C:\Program Files\Internetbeveiliging\Common\FSMA32.EXE C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Internetbeveiliging\Anti-Virus\FSGK32.EXE C:\Program Files\Internetbeveiliging\Common\FSHDLL32.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internetbeveiliging\FWES\Program\fsdfwd.exe C:\Program Files\Internetbeveiliging\Anti-Virus\fssm32.exe C:\Program Files\Internetbeveiliging\Anti-Virus\fsav32.exe C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Internetbeveiliging\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Internetbeveiliging\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Easy Driver Pro] C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nico Visser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340426277234 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Internetbeveiliging\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\ORSP Client\fsorsp.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe -- End of file - 8035 bytes Hoop dat je me verder kan helpen!
  9. MafkeesZ
    Hoi hoi, Sinds een paar dagen heb ik last van mystart incredibar op mijn computer. Ik heb van alles geprobeerd maar krijg het niet van mijn computer af Kan iemand mij helpen om dit helemaal van mij computer te verwijderen? Als vast bedankt! Groet Nico
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.