lufraki

Lid

Bekijk profiel Bekijk hun activiteit

Items
97
Registratiedatum
12 januari 2009
Laatst bezocht
5 juni 2016

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door lufraki

Hotmail

lufraki reageerde op Noël 14-9's topic in Archief Andere software

Misschien: 1. Rechter muisknop 2. Opslaan als 3. Opslaan 4. Bestand openen op plek waar je het hebt opgeslagen.
- 16 april 2009
- 7 antwoorden
[OPGELOST] visual basic: van listbox naar textbox???

lufraki plaatste een topic in Archief Andere software

Hallo, ik ben met visual basic 2008 express edition een programma aan het schrijven waarmee je jezelf overhoort.... Alleen nu moet er voor zorgen, dat een willekeurig item uit een listbox in een texbox geplaatst word. Weet iemand hoe dat werkt?
- 3 maart 2009
- 1 antwoord
- - express
  - geplaatst
  - (en 8 meer)
    Getagd met:
    
    express
    
    geplaatst
    
    item
    
    opgelost
    
    probleem
    
    programma
    
    software
    
    weet
    
    werkt
    
    word
[OPGELOST] Visual Basic publishing en properties probleem

lufraki reageerde op lufraki's topic in Archief Andere software

ja dat kan wel
- 19 februari 2009
- 3 antwoorden
[OPGELOST] Visual Basic publishing en properties probleem

lufraki plaatste een topic in Archief Andere software

Hallo, ik gebruik Visual Basic 2008 Express Edition en sinds een tijdje als ik een project wil publishen krijg ik dit: KIJK BIJ BIJLAGEN ''Melding publish'' Hetzelfde bericht krijg ik als ik bij de properties van een project kijk. Kan iemand mij helpen?????
- 18 februari 2009
- 3 antwoorden
map niet te openen

lufraki reageerde op johnh's topic in Archief Windows Algemeen

Download CCleaner. Klik op Scan naar problemen. Herstel geselecteerde problemen Nu zou hij het moeten doen. Installeer anders PC Tools Internet Security Register je product en scan voor virussen. Hoop dat dit werkt.
- 17 februari 2009
- 3 antwoorden
- - bestand
  - dezelfde
  - (en 8 meer)
    Getagd met:
    
    bestand
    
    dezelfde
    
    krijgt
    
    onbekend
    
    openen
    
    probleem
    
    programma
    
    schijf
    
    venster
    
    windows
[OPGELOST] Geen toegang tot lokaal station (C:) en backup (D:)

lufraki reageerde opeen topic in Archief Hardware algemeen

Download CCleaner. Klik op Registry Scan op problemen Herstel problemen Hoop dat dit werkt.
- 17 februari 2009
- 3 antwoorden
- - backup
  - hardware
  - (en 7 meer)
    Getagd met:
    
    backup
    
    hardware
    
    opgelost
    
    pchelpforum
    
    probleem
    
    schijf
    
    snapshot
    
    toegang
    
    verschijnt
Te donker beeld!

lufraki plaatste een topic in Archief Hardware algemeen

Help, ik heb te donker beeld! Wat is er aan de hand? ik zou het liefst gewoon een programmatje gebruiken!
- 9 februari 2009
- 1 antwoord
- - beeld
  - gebruiken
  - (en 6 meer)
    Getagd met:
    
    beeld
    
    gebruiken
    
    gewoon
    
    hardware
    
    help
    
    liefst
    
    probleem
    
    programma
[OPGELOST] Visual Basic antivirus

lufraki plaatste een topic in Archief Andere software

Hallo, ik wil graag een antivirus schrijven met Visual Basic 2008 Express edition. Weet iemand hoe dit moet? Ik wil graag geen antwoord waarin staat dat dat te moeilijk is, maar echt een stukje code. Alvast bedankt
- 1 februari 2009
- 1 antwoord
- - antivirus
  - code
  - (en 7 meer)
    Getagd met:
    
    antivirus
    
    code
    
    express
    
    graag
    
    opgelost
    
    probleem
    
    software
    
    stukje
    
    weet
[OPGELOST] Visual Basic : Identifier expected?

lufraki reageerde op lufraki's topic in Archief Andere software

Ja, hij hoort hem wel te kennen want ik heb daarna form2 aangemaakt en hij geeft nog steeds dezelfde foutmelding.
- 18 januari 2009
- 4 antwoorden
[OPGELOST] Visual Basic : Identifier expected?

lufraki plaatste een topic in Archief Andere software

Hallo, ik heb het volgende stukje code in visual basic 2008 express edition geschreven: PublicClass Form1 sub If FileExists("C:\1clickpcfix") Then form2.show() EndSub EndClass Maar nu geeft vb aan: Identifier expected, hoe los ik dit op? Error: De error zit blijkbaar in line 2 , column 7
- 18 januari 2009
- 4 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Het is gelukt, bedankt maar ehh... Kan deze hele procedure de meeste soorten virussen van de pc afhalen???
- 14 januari 2009
- 16 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Die bestandjes waren leeg, 0 kb gewoon dus die heb ik verwijderd. De PC werkt weer goed en hier is dat logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:01:53, on 13-1-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\Norman\nse\bin\NSESVC.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Npm\bin\ZLH.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\Dit.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\AGRSMMSG.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Program Files\NCSoft\Launcher\NCLauncher.exe C:\WINDOWS\system32\ctfmon.exe C:\Norman\Nvc\bin\cclaw.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Norman\Nvc\BIN\nvcod.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Enigma Browser\Enigma.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [norman zanda] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe" O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKCU\..\Run: [PlayNC Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231779294921 O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: Pml Driver HPZ12 (pml driver hpz12) - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Unknown owner - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (file missing) -- End of file - 6476 bytes Ik denk dat het nu klaar is?
- 13 januari 2009
- 16 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Hallo kape, Norman was deze keer rustig en er gebeurde niets, hier is het ComboFix logje: ComboFix 09-01-11.04 - Eigenaar 2009-01-13 15:49:53.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.164 [GMT 1:00] Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\Norman\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Eigenaar\Bureaublad\CFScript.txt AV: Norman Virus Control ver. 5.99 *On-access scanning enabled* (Updated) AV: PC Tools AntiVirus 5.0.1.1 *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt * Resident AV is active FILE :: C:\found.000 c:\windows\system32\TDSSoiqh.dll c:\windows\system32\tmp1EDF8.FOT c:\windows\system32\tmp39DF8.FOT c:\windows\system32\tmp54DF8.FOT c:\windows\system32\tmp7DCF8.FOT c:\windows\system32\tmpD7EF8.FOT c:\windows\system32\tmpF2EF8.FOT . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\NormanVundoBackup c:\windows\system32\TDSSoiqh.dll c:\windows\system32\tmp1EDF8.FOT c:\windows\system32\tmp39DF8.FOT c:\windows\system32\tmp54DF8.FOT c:\windows\system32\tmp7DCF8.FOT c:\windows\system32\tmpD7EF8.FOT c:\windows\system32\tmpF2EF8.FOT . (((((((((((((((((((( Bestanden Gemaakt van 2008-12-13 to 2009-01-13 )))))))))))))))))))))))))))))) . 2009-01-13 15:17 . 2009-01-13 15:22 <DIR> d-------- c:\documents and settings\Eigenaar\.housecall6.6 2009-01-13 14:05 . 2009-01-13 14:05 <DIR> d--hs---- C:\found.000 2009-01-13 07:58 . 2009-01-13 07:58 544 --a------ c:\windows\system32\MRT.INI 2009-01-13 07:52 . 2009-01-13 07:59 1,374 --a------ c:\windows\imsins.BAK 2009-01-12 18:15 . 2008-08-14 14:27 2,193,536 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,149,888 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,070,400 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,028,544 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2009-01-12 17:56 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\Malwarebytes 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-12 16:59 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-12 16:59 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-12 16:36 . 2009-01-12 16:36 <DIR> d-------- c:\program files\Common Files\PC Tools 2009-01-12 16:36 . 2009-01-12 16:36 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\PC Tools 2009-01-12 16:35 . 2009-01-12 16:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools 2009-01-12 16:14 . 2009-01-12 16:14 <DIR> d-------- c:\program files\Trend Micro 2009-01-12 10:59 . 2009-01-12 10:59 4,128 --a------ C:\INFCACHE.1 2009-01-11 19:36 . 2009-01-12 10:42 4,206 --a------ C:\WINSYS.DLL 2009-01-11 10:48 . 2004-03-09 09:30 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX 2009-01-11 10:48 . 2000-05-22 10:30 608,448 --a------ c:\windows\system32\COMCTL32.OCX 2009-01-11 10:48 . 1998-06-24 00:00 164,144 --a------ c:\windows\system32\COMCT232.OCX 2009-01-11 10:48 . 2000-05-22 15:58 83,144 --a------ c:\windows\system32\PICCLP32.OCX 2009-01-11 10:37 . 2009-01-11 10:37 <DIR> d-------- c:\program files\Recuva 2009-01-11 10:36 . 2009-01-13 15:47 <DIR> dr-h----- c:\documents and settings\Eigenaar\Onlangs geopend 2009-01-11 10:24 . 2009-01-11 10:24 176 --a------ c:\windows\wininit.ini 2009-01-10 19:35 . 2009-01-10 19:35 214 --a------ c:\windows\HP_48BitScanUpdatePatch.ini 2009-01-10 19:34 . 2009-01-10 19:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\HP Product Assistant 2009-01-10 19:28 . 2009-01-10 19:28 234 --a------ c:\windows\PrnHlpLogConfig.ini 2009-01-10 19:27 . 2009-01-10 19:27 217 --a------ c:\windows\HP_IZClosingDiscErrorPatch.ini 2009-01-10 19:27 . 2009-01-10 19:27 214 --a------ c:\windows\HP_InstantSHareJPG.ini 2009-01-10 19:25 . 2009-01-10 19:25 221 --a------ c:\windows\HP_RedboxHprblog_HPSU.ini 2009-01-10 18:33 . 2009-01-10 18:33 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\Netscape 2009-01-10 16:51 . 2009-01-12 17:09 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\Twain 2009-01-10 16:39 . 2009-01-11 09:14 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\cogad 2009-01-10 15:35 . 2009-01-10 15:35 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\cogad 2009-01-10 14:07 . 2009-01-10 14:07 <DIR> d-------- c:\program files\Netscape 2009-01-10 14:07 . 2009-01-10 14:07 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\Netscape 2009-01-10 13:21 . 2009-01-10 13:21 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\Thunderbird 2009-01-10 09:11 . 2009-01-10 09:11 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\SecondLife 2009-01-09 17:41 . 2009-01-11 10:24 <DIR> d-------- c:\program files\Mozilla Thunderbird 2009-01-09 17:41 . 2009-01-09 17:41 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Thunderbird 2009-01-09 17:41 . 2009-01-09 17:41 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Talkback 2009-01-09 17:41 . 2009-01-09 17:41 3,473 --a------ c:\windows\mozver.dat 2009-01-09 17:41 . 2009-01-09 17:41 0 --a------ c:\windows\nsreg.dat 2009-01-09 17:38 . 2009-01-09 18:28 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2009-01-09 17:38 . 2009-01-09 18:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-09 17:01 . 2009-01-09 17:01 <DIR> d-------- c:\program files\Common Files\AVSMedia 2009-01-09 17:01 . 2009-01-09 17:03 <DIR> d-------- c:\program files\AVSMedia 2009-01-09 17:01 . 2003-05-22 13:26 638,976 --a------ c:\windows\system32\divx.dll 2009-01-09 17:01 . 2004-07-03 21:59 524,288 --a------ c:\windows\system32\xvidcore.dll 2009-01-09 17:01 . 2003-05-22 00:50 261,632 --a------ c:\windows\system32\mcdvd_32.dll 2009-01-09 17:01 . 2003-05-22 13:26 221,215 --a------ c:\windows\system32\divxdec.ax 2009-01-09 17:01 . 2003-05-22 00:50 156,910 --a------ c:\windows\WMSysPr8.prx 2009-01-09 17:01 . 2004-07-03 22:08 139,264 --a------ c:\windows\system32\xvidvfw.dll 2009-01-09 17:01 . 2003-05-22 00:50 82,944 --a------ c:\windows\system32\vct3216.acm 2009-01-09 17:01 . 2004-02-04 22:11 81,920 --a------ c:\windows\system32\AC3ACM.acm 2009-01-09 17:01 . 2004-09-06 17:06 53,248 --a------ c:\windows\system32\xvid.ax 2009-01-09 17:01 . 2003-05-22 00:50 38,912 --a------ c:\windows\system32\alf2cd.acm 2009-01-09 17:01 . 2000-03-14 21:55 13,239 --a------ c:\windows\system32\Scg726.acm 2009-01-08 17:06 . 2009-01-08 17:06 <DIR> d-------- c:\program files\software 2009-01-08 16:58 . 2009-01-08 16:58 <DIR> dr-h----- c:\documents and settings\Gaming Account\Onlangs geopend 2009-01-07 17:57 . 2009-01-07 17:57 65,536 --a------ c:\windows\IFinst27.exe 2009-01-06 17:18 . 2009-01-09 19:17 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Enigma Browser 2009-01-06 17:17 . 2008-08-09 15:05 <DIR> d--h----- c:\documents and settings\Administrator\Sjablonen 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d--h----- c:\documents and settings\Administrator\Onlangs geopend 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d--h----- c:\documents and settings\Administrator\Netwerkprinteromgeving 2009-01-06 17:17 . 2009-01-10 18:48 <DIR> d-------- c:\documents and settings\Administrator\Mijn documenten 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> dr------- c:\documents and settings\Administrator\Menu Start 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d-------- c:\documents and settings\Administrator\Favorieten 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d-------- c:\documents and settings\Administrator\Bureaublad 2009-01-06 17:17 . 2009-01-06 17:17 <DIR> d-------- c:\documents and settings\Administrator 2009-01-06 17:17 . 2009-01-06 17:18 373,760 --ahs---- c:\windows\system32\38.tmp 2009-01-06 17:10 . 2009-01-06 17:10 59,904 --------- c:\windows\system32\drivers\TDSSmqlt.sys 2009-01-05 16:36 . 2009-01-10 19:49 <DIR> d-------- c:\windows\system32\whSLD02 2009-01-04 10:01 . 2003-07-24 10:24 237,568 --a------ c:\windows\system32\demoover.exe 2009-01-04 10:01 . 2004-05-29 17:52 91,072 --------- c:\windows\system32\RoseCo2.dll 2009-01-04 10:01 . 2004-05-29 17:53 82,896 --------- c:\windows\system32\KickCom2.dll 2009-01-04 10:00 . 2009-01-04 10:44 <DIR> d-------- C:\moove 2009-01-04 10:00 . 2001-10-12 15:44 3,310 --------- c:\windows\system32\advanced.ico 2009-01-04 10:00 . 1998-04-24 00:00 1,078 --------- c:\windows\system32\rosewaste.ico 2009-01-03 11:11 . 2009-01-02 21:56 8,094 --a------ c:\windows\NPFFILE.NDF_B 2009-01-02 11:41 . 2009-01-02 11:41 147,456 --a------ c:\windows\system32\vbzip10.dll 2009-01-02 11:37 . 2009-01-02 11:38 <DIR> d-------- c:\windows\system32\R 2009-01-01 20:38 . 2009-01-01 20:38 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Ahead 2009-01-01 20:32 . 2009-01-01 20:33 <DIR> d-------- c:\documents and settings\School - Werk\Shared 2009-01-01 20:32 . 2009-01-01 20:33 <DIR> d-------- c:\documents and settings\School - Werk\Incomplete 2009-01-01 20:32 . 2009-01-01 20:32 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Morpheus PRO 2009-01-01 20:17 . 2009-01-09 17:42 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\LimeWire 2009-01-01 10:43 . 2008-06-28 00:43 430,080 --a------ c:\windows\system32\cmcs21.ocx 2009-01-01 10:43 . 2008-06-28 00:43 224,016 --a------ c:\windows\system32\tabctl32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 212,240 --a------ c:\windows\system32\richtx32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 109,248 --a------ c:\windows\system32\mswinsck.ocx 2009-01-01 10:43 . 2008-06-28 00:43 103,744 --a------ c:\windows\system32\mscomm32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 53,248 --a------ c:\windows\system32\zlib.dll 2008-12-31 14:00 . 2008-12-31 14:00 <DIR> d-------- c:\program files\Burn4Free 2008-12-31 13:53 . 2008-12-31 13:53 <DIR> d-------- c:\program files\DVD Decrypter 2008-12-30 14:36 . 2008-12-30 14:36 0 --------- c:\windows\WB.ini 2008-12-30 11:12 . 2008-04-26 16:14 42,672 --------- c:\windows\system32\wbsys.dll 2008-12-30 10:52 . 2009-01-07 08:04 <DIR> d-------- c:\program files\Common Files\stardock 2008-12-30 09:45 . 2008-12-30 10:16 <DIR> d-------- c:\documents and settings\Gaming Account\Downloads 2008-12-30 09:45 . 2008-12-30 09:45 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\NewsLeecher 2008-12-27 13:45 . 2008-12-27 13:45 <DIR> d-------- c:\program files\Norman 2008-12-27 13:45 . 2009-01-03 11:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\NPF 2008-12-27 11:16 . 2008-12-27 11:16 <DIR> d-------- c:\documents and settings\LocalService\Menu Start 2008-12-27 11:14 . 2008-09-02 12:48 19,512 --a------ c:\windows\system32\drivers\nvcw32mf.sys 2008-12-27 11:08 . 2009-01-13 14:15 <DIR> d-------- C:\Norman 2008-12-22 10:33 . 2009-01-05 18:42 26,056 --a------ c:\windows\system32\drivers\hamachi.sys 2008-12-22 10:28 . 2008-12-22 10:28 <DIR> d-------- c:\program files\MoparScape 2008-12-22 10:25 . 2008-12-22 10:27 <DIR> d-------- c:\windows\.mpr_file_store_32 2008-12-21 12:12 . 2008-12-21 12:12 230 --a------ c:\windows\system32\spupdsvc.inf 2008-12-18 17:23 . 2008-12-18 17:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Blizzard 2008-12-14 13:34 . 2008-12-14 13:34 <DIR> d-------- c:\program files\QuickTime . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-13 14:40 --------- d-----w c:\documents and settings\Eigenaar\Application Data\Enigma Browser 2009-01-13 14:26 --------- d-----w c:\program files\Hitman Pro 2009-01-13 13:49 --------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org2 2009-01-13 13:39 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-01-13 13:23 17,408 ----a-w c:\windows\system32\drivers\USBCRFT.SYS 2009-01-13 13:23 --------- d-----w c:\program files\PC Tools Antivirus 2009-01-13 06:47 14,336 ----a-w c:\windows\system32\svchost.exe 2009-01-12 18:42 --------- d-----w c:\program files\Enigma Browser 2009-01-12 17:38 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-01-11 08:19 --------- d-----w c:\documents and settings\Gaming Account\Application Data\Enigma Browser 2009-01-10 18:38 --------- d-----w c:\program files\HP 2009-01-10 13:30 --------- d-----w c:\program files\Microsoft Visual Studio 9.0 2009-01-10 08:39 --------- d-----w c:\program files\NCSoft 2009-01-09 17:28 --------- d-----w c:\program files\ESET 2009-01-09 17:19 --------- d-----w c:\documents and settings\School - Werk\Application Data\Enigma Browser 2009-01-07 16:52 --------- d-----w c:\program files\Common Files\Adobe 2009-01-07 16:48 --------- d-----w c:\program files\Microsoft Games 2009-01-04 09:00 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-02 10:50 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-12-27 12:53 --------- d-----w c:\program files\CCleaner 2008-12-22 09:04 --------- d-----w c:\program files\World of Warcraft 2008-12-18 16:13 --------- d-----w c:\program files\Common Files\Blizzard Entertainment 2008-12-16 16:25 --------- d-----w c:\program files\GameSpy Arcade 2008-12-12 14:24 --------- d-----w c:\program files\Eidos 2008-12-11 15:10 --------- d-----w c:\program files\Sierra 2008-12-07 11:49 --------- d-----w c:\program files\AVIConverter 2008-12-03 07:20 --------- d-----w c:\documents and settings\School - Werk\Application Data\Lavasoft 2008-11-30 07:25 --------- d-----w c:\documents and settings\Eigenaar\Application Data\GetRightToGo 2008-11-29 17:18 --------- d-----w c:\documents and settings\School - Werk\Application Data\Xfire 2008-11-29 17:17 --------- d-----w c:\program files\CyberLink 2008-11-29 17:17 --------- d-----w c:\documents and settings\LocalService\Application Data\Xfire 2008-11-29 17:17 --------- d-----w c:\documents and settings\Gaming Account\Application Data\Xfire 2008-11-29 17:16 --------- d-----w c:\program files\Windows Live 2008-11-29 17:15 --------- d-----w c:\program files\Adobe(2) 2008-11-29 17:12 --------- d-----w c:\program files\Microsoft Works 2008-11-29 14:01 --------- d-----w c:\documents and settings\Bente\Application Data\Webroot 2008-11-25 14:28 223,128 ----a-w c:\windows\system32\drivers\vaxscsi.sys 2008-11-25 14:28 --------- d-----w c:\program files\Alcohol Soft 2008-11-25 14:24 96,384 ----a-w c:\windows\system32\drivers\sptd3117.sys 2008-11-24 15:53 --------- d-----w c:\documents and settings\Gaming Account\Application Data\Gearbox Software 2008-11-23 08:37 --------- d-----w c:\program files\The Creative Assembly 2008-11-10 17:24 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-10-23 12:43 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-22 15:34 66,872 ----a-w c:\windows\system32\PnkBstrA.exe 2008-10-22 15:34 182,928 ----a-w c:\windows\system32\PnkBstrB.exe 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:12 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-16 01:02 669,184 ----a-w c:\windows\system32\wininet.dll 2008-08-13 07:11 24 ----a-w c:\documents and settings\Eigenaar\jagex_runescape_preferences.dat 2008-09-15 13:05 56 --sh--r c:\windows\system32\60AF2ED151.sys 2008-10-07 15:44 1,890 --sha-w c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2009-01-13_ 8.49.05.96 ))))))))))))))))))))))))))))))))))))))))) . + 2008-12-24 14:38:24 386,048 ----a-w c:\windows\Downloaded Program Files\Housecall_ActiveX.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PlayNC Launcher"="c:\program files\NCSoft\Launcher\NCLauncher.exe" [2008-06-09 38128] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-14 413696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "norman zanda"="c:\norman\Npm\bin\ZLH.EXE" [2008-06-02 273520] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Hitman Pro Expiration Helper"="c:\program files\Hitman Pro\xphelper.exe" [2007-01-30 596760] "PCTAVApp"="c:\program files\PC Tools AntiVirus\PCTAV.exe" [2008-12-04 1370000] "nwiz"="nwiz.exe" [2006-10-22 c:\windows\system32\nwiz.exe] "Dit"="Dit.exe" [2004-07-20 c:\windows\Dit.exe] "Cmaudio"="cmicnfg.cpl" [bU] "AGRSMMSG"="AGRSMMSG.exe" [2005-03-08 c:\windows\AGRSMMSG.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264] c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\ OpenOffice.org 2.4 .lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624] Ralink Wireless Utility.lnk - c:\program files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [2008-08-09 638976] Snelstart HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 73728] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\World of Warcraft\\WoW-2.4.2-enGB-downloader.exe"= "c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"= "c:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"= "c:\\Program Files\\Sierra\\FEARCombat\\fpupdate.exe"= "c:\\Program Files\\Sierra\\FEARCombat\\FEARServer.exe"= "c:\\Program Files\\Sierra\\FEAR\\fpupdate.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEARServer.exe"= "c:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEARXP\\FEARXP.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEAR.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEARMP.exe"= "c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6112:TCP"= 6112:TCP:Wow downloader "6881:TCP"= 6881:TCP:Wow "6999:TCP"= 6999:TCP:download wow "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "24800:TCP"= 24800:TCP:*:Disabled:SolidNetworkManager "24800:UDP"= 24800:UDP:*:Disabled:SolidNetworkManager "61655:TCP"= 61655:TCP:*:Disabled:SolidNetworkManager "61655:UDP"= 61655:UDP:*:Disabled:SolidNetworkManager R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2008-05-07 1287296] R3 nsesvc;Norman Scanner Engine Service;c:\norman\Nse\Bin\Nsesvc.exe [2008-12-27 322616] R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2008-12-27 19512] R3 nvcoas;Norman Virus Control on-access component;c:\norman\NVC\Bin\Nvcoas.exe [2008-12-27 183352] R3 NVCScheduler;Norman Virus Control Scheduler;c:\norman\NVC\Bin\Nvcsched.exe [2008-12-27 146488] R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [2008-08-09 19928] R4 Ndiskio;Ndiskio;c:\norman\Nse\Bin\Ndiskio.sys [2008-12-27 20448] S0 gsbidin;gsbidin;c:\windows\system32\drivers\ttcek.sys --> c:\windows\system32\drivers\ttcek.sys [?] S0 rseb;rseb; [x] S1 34884e3f;34884e3f;c:\windows\system32\drivers\34884e3f.sys --> c:\windows\system32\drivers\34884e3f.sys [?] S1 839e9b08;839e9b08;c:\windows\system32\drivers\839e9b08.sys --> c:\windows\system32\drivers\839e9b08.sys [?] S1 a68ba1c9;a68ba1c9;c:\windows\system32\drivers\a68ba1c9.sys --> c:\windows\system32\drivers\a68ba1c9.sys [?] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [2008-08-09 17408] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-01-12 38496] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mchInjDrv [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae1a1cf8-e08f-11dd-8d02-00110951a57e}] \shell\autorun\command - M:\PPTVIEW.EXE /L "playlist.txt" \shell\startwdh\command - M:\PPTVIEW.EXE /L "playlist.txt" . Inhoud van de 'Gedeelde Taken' map 2009-01-12 c:\windows\Tasks\HPpromotions journeysoftware.job - c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-13 15:55:15 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-839522115-920026266-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:81,57,4d,21,a6,76,47,ee,8a,6c,cb,1a,e9,e6,89,e1,10,ff,98,66,c0,e0,ec, db,e2,07,d2,cb,11,84,b4,47,11,5d,8d,ca,2a,23,bd,4b,83,ff,de,dd,0a,6d,ae,eb,\ "??"=hex:7f,2a,d1,18,fd,cd,d1,9e,1a,a9,e5,a4,81,4a,bd,2b . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(680) c:\program files\PC Tools AntiVirus\PCTAVHook.dll - - - - - - - > 'lsass.exe'(736) c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll c:\program files\PC Tools AntiVirus\PCTAVHook.dll - - - - - - - > 'explorer.exe'(3664) c:\program files\PC Tools AntiVirus\PCTAVHook.dll c:\norman\nvc\bin\Niphk.dll - - - - - - - > 'csrss.exe'(656) c:\program files\PC Tools AntiVirus\PCTAVHook.dll . Voltooingstijd: 2009-01-13 15:59:01 ComboFix-quarantined-files.txt 2009-01-13 14:58:55 ComboFix2.txt 2009-01-13 13:51:54 Pre-Run: 42.804.346.880 bytes beschikbaar Post-Run: 42,956,304,384 bytes beschikbaar Current=1 Default=1 Failed=4 LastKnownGood=5 Sets=1,2,3,4,5 346 --- E O F --- 2009-01-13 06:59:38
- 13 januari 2009
- 16 antwoorden
Geen geluid meer.

lufraki reageerde op Broereman's topic in Archief Multimedia

Hallo, ik zou als eerste met HiJackThis een logje maken zodat we je verder kunnen helpen.
- 13 januari 2009
- 1 antwoord
Overzetten gegevens usb stick

lufraki reageerde opeen topic in Archief Multimedia

Ik zou beginnen met Windows Media Player te downloaden, dit programma staat standaard op elke computer dus dat zal die school dan ook wel hebben. Nu klik je met de rechter muisknop op die filmpjes en klik je op: Openen met. Dan selecteer je Windows Media Player in die lijst. Start vervolgens het filmpje en kijk of het opent in Windows Media Player. PS: Als dit heeft geholpen zou ik graag een bedankje willen.
- 13 januari 2009
- 1 antwoord
- - afspelen
  - beste
  - (en 8 meer)
    Getagd met:
    
    afspelen
    
    beste
    
    filmpje
    
    gegevens
    
    geluid
    
    multimedia
    
    player
    
    probleem
    
    stick
    
    video
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Hier zijn ze weer, maar wat me opvalt is dat elke keer dat de computer opstart Norman Virus Control aangeeft dat hij trojans heeft gevonden en ze in quarantaine heeft geplaatst. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:53:18, on 13-1-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\System32\alg.exe C:\Norman\nse\bin\NSESVC.EXE C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Norman\Npm\bin\ZLH.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\Dit.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\ctfmon.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Norman\Nvc\bin\cclaw.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Enigma Browser\Enigma.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [norman zanda] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe" O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN O4 - HKCU\..\Run: [PlayNC Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231779294921 O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: PC Tools AntiVirus Engine (pctavsvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe O23 - Service: Pml Driver HPZ12 (pml driver hpz12) - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Unknown owner - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (file missing) -- End of file - 6502 bytes ComboFix 09-01-11.04 - Eigenaar 2009-01-13 14:42:09.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.187 [GMT 1:00] Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\Norman\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Eigenaar\Bureaublad\CFScript.txt AV: Norman Virus Control ver. 5.99 *On-access scanning disabled* (Updated) AV: PC Tools AntiVirus 5.0.1.1 *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt * Resident AV is active FILE :: c:\documents and settings\Eigenaar\CloXjzMdqOc.exe c:\documents and settings\Eigenaar\IMchXj.bat c:\documents and settings\Eigenaar\mXBDslr.exe c:\documents and settings\Eigenaar\pkKgOrzDm.exe c:\documents and settings\Eigenaar\PpkKgNrZDm.exe c:\documents and settings\Eigenaar\SwfQHtKX.exe c:\documents and settings\Eigenaar\TweIRdtF.exe c:\documents and settings\Eigenaar\WbEaUA.exe c:\documents and settings\Eigenaar\WcEaUBl.exe c:\documents and settings\Eigenaar\zGQvxmf.exe c:\documents and settings\Gaming Account\MmhHdKNWAj.exe c:\documents and settings\Gaming Account\TyAxQX.exe c:\windows\aptt85451.exe c:\windows\dfmrc1737.exe c:\windows\fnmw7870.exe c:\windows\isgca5720.exe c:\windows\qxkk13828.exe c:\windows\system32\34.tmp c:\windows\system32\aseogvhd.dll c:\windows\system32\ayfyjqsm.dll c:\windows\system32\bgbrvbij.dll c:\windows\system32\cvfhrehh.dll c:\windows\system32\dbscme.dll c:\windows\system32\drivers\839e9b08.sys c:\windows\system32\drivers\a68ba1c9.sys c:\windows\system32\ehkifmdr.dll c:\windows\system32\ermhvd.dll c:\windows\system32\fqkuxw.dll c:\windows\system32\gajjmqwl.dll c:\windows\system32\ggrumgcl.dll c:\windows\system32\gyudolyf.dll c:\windows\system32\hixvzj.dll c:\windows\system32\hohtfkrj.dll c:\windows\system32\ihgslxjo.dll c:\windows\system32\inkgpjka.dll c:\windows\system32\ipqwwd.dll c:\windows\system32\kcsfptkb.dll c:\windows\system32\kfdbhd.dll c:\windows\system32\kjslbu.dll c:\windows\system32\knansetu.dll c:\windows\system32\lbqjbh.dll c:\windows\system32\lcaqms.dll c:\windows\system32\mfwysqst.dll c:\windows\system32\oibbzo.dll c:\windows\system32\pcdycoea.dll c:\windows\system32\rehhxqnm.dll c:\windows\system32\rwcdxuiw.dll c:\windows\system32\svzrxb.dll c:\windows\system32\tmmkba.dll c:\windows\system32\trajpdtg.dll c:\windows\system32\vfrtvqhq.dll c:\windows\system32\wmchicay.dll c:\windows\system32\woaowurg.dll c:\windows\system32\xfgbxi.dll c:\windows\system32\xlihje.dll c:\windows\Tasks\tdifbpdh.job . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Eigenaar\CloXjzMdqOc.exe c:\documents and settings\Eigenaar\IMchXj.bat c:\documents and settings\Eigenaar\Local Settings\Temporary Internet Files\fbk.sts c:\documents and settings\Eigenaar\mXBDslr.exe c:\documents and settings\Eigenaar\pkKgOrzDm.exe c:\documents and settings\Eigenaar\PpkKgNrZDm.exe c:\documents and settings\Eigenaar\SwfQHtKX.exe c:\documents and settings\Eigenaar\TweIRdtF.exe c:\documents and settings\Eigenaar\WbEaUA.exe c:\documents and settings\Eigenaar\WcEaUBl.exe c:\documents and settings\Eigenaar\zGQvxmf.exe c:\documents and settings\Gaming Account\MmhHdKNWAj.exe c:\documents and settings\Gaming Account\TyAxQX.exe c:\windows\aptt85451.exe c:\windows\dfmrc1737.exe c:\windows\fnmw7870.exe c:\windows\isgca5720.exe c:\windows\qxkk13828.exe c:\windows\system32\34.tmp c:\windows\system32\aseogvhd.dll c:\windows\system32\ayfyjqsm.dll c:\windows\system32\bgbrvbij.dll c:\windows\system32\cvfhrehh.dll c:\windows\system32\dbscme.dll c:\windows\system32\drivers\839e9b08.sys c:\windows\system32\drivers\a68ba1c9.sys c:\windows\system32\Drivers\UACd.sys c:\windows\system32\ehkifmdr.dll c:\windows\system32\ermhvd.dll c:\windows\system32\fqkuxw.dll c:\windows\system32\gajjmqwl.dll c:\windows\system32\ggrumgcl.dll c:\windows\system32\gyudolyf.dll c:\windows\system32\hixvzj.dll c:\windows\system32\hohtfkrj.dll c:\windows\system32\ihgslxjo.dll c:\windows\system32\inkgpjka.dll c:\windows\system32\ipqwwd.dll c:\windows\system32\kcsfptkb.dll c:\windows\system32\kfdbhd.dll c:\windows\system32\kjslbu.dll c:\windows\system32\knansetu.dll c:\windows\system32\lbqjbh.dll c:\windows\system32\lcaqms.dll c:\windows\system32\mfwysqst.dll c:\windows\system32\oibbzo.dll c:\windows\system32\pcdycoea.dll c:\windows\system32\rehhxqnm.dll c:\windows\system32\rwcdxuiw.dll c:\windows\system32\svzrxb.dll c:\windows\system32\tmmkba.dll c:\windows\system32\trajpdtg.dll c:\windows\system32\vfrtvqhq.dll c:\windows\system32\wmchicay.dll c:\windows\system32\woaowurg.dll c:\windows\system32\xfgbxi.dll c:\windows\system32\xlihje.dll c:\windows\Tasks\tdifbpdh.job . ---- Voorgaande Run ------- . c:\documents and settings\Administrator\Application Data\020000005bbf72ba511C.manifest c:\documents and settings\Administrator\Application Data\020000005bbf72ba511O.manifest c:\documents and settings\Administrator\Application Data\020000005bbf72ba511P.manifest c:\documents and settings\Administrator\Application Data\020000005bbf72ba511S.manifest c:\documents and settings\Eigenaar\Application Data\020000005bbf72ba511C.manifest c:\documents and settings\Eigenaar\Application Data\020000005bbf72ba511O.manifest c:\documents and settings\Eigenaar\Application Data\020000005bbf72ba511P.manifest c:\documents and settings\Eigenaar\Application Data\020000005bbf72ba511S.manifest c:\documents and settings\Eigenaar\Local Settings\Temporary Internet Files\bestwiner.stt c:\documents and settings\Gaming Account\Application Data\020000005bbf72ba511C.manifest c:\documents and settings\Gaming Account\Application Data\020000005bbf72ba511O.manifest c:\documents and settings\Gaming Account\Application Data\020000005bbf72ba511P.manifest c:\documents and settings\Gaming Account\Application Data\020000005bbf72ba511S.manifest c:\documents and settings\Gaming Account\Local Settings\Temporary Internet Files\bestwiner.stt c:\documents and settings\Gaming Account\Local Settings\Temporary Internet Files\CPV.stt c:\documents and settings\Gaming Account\Local Settings\Temporary Internet Files\fbk.sts c:\documents and settings\School - Werk\Application Data\020000005bbf72ba511C.manifest c:\documents and settings\School - Werk\Application Data\020000005bbf72ba511O.manifest c:\documents and settings\School - Werk\Application Data\020000005bbf72ba511P.manifest c:\documents and settings\School - Werk\Application Data\020000005bbf72ba511S.manifest c:\windows\config\svchost.exe c:\windows\Fonts\a.zip c:\windows\GnuHashes.ini c:\windows\system32\cbbaGfhk.ini2 c:\windows\system32\cuflsewx.dll c:\windows\system32\ddcDtSkL.dll c:\windows\system32\fci.exe.exe c:\windows\system32\gcdrkyje.dll c:\windows\system32\gqyyidjb.dll c:\windows\system32\GroupPolicy000.dat c:\windows\system32\GroupPolicyManifest c:\windows\system32\GroupPolicyManifest\14.music.mp3 c:\windows\system32\GroupPolicyManifest\14.music.mp3.kwd c:\windows\system32\GroupPolicyManifest\15.crack.zip c:\windows\system32\GroupPolicyManifest\15.crack.zip.kwd c:\windows\system32\GroupPolicyManifest\16.video.zip c:\windows\system32\GroupPolicyManifest\16.video.zip.kwd c:\windows\system32\GroupPolicyManifest\17.setup.zip c:\windows\system32\GroupPolicyManifest\17.setup.zip.kwd c:\windows\system32\GroupPolicyManifest\18.unpack.zip c:\windows\system32\GroupPolicyManifest\18.unpack.zip.kwd c:\windows\system32\GroupPolicyManifest\19.keygen.zip c:\windows\system32\GroupPolicyManifest\19.keygen.zip.kwd c:\windows\system32\GroupPolicyManifest\20.serial.zip c:\windows\system32\GroupPolicyManifest\20.serial.zip.kwd c:\windows\system32\GroupPolicyManifest\22.mpgvideo.mpg c:\windows\system32\GroupPolicyManifest\22.mpgvideo.mpg.kwd c:\windows\system32\guopnz.dll c:\windows\system32\haheug.dll c:\windows\system32\hwhtfn.dll c:\windows\system32\jiueem.dll c:\windows\system32\lsprst7.dll c:\windows\system32\mpg4c32.dll c:\windows\system32\NnpVDcfe.ini2 c:\windows\system32\oedtmbnn.dll c:\windows\system32\plnfauwp.dll c:\windows\system32\prihsrhj.dll c:\windows\system32\sqdyyw.dll c:\windows\system32\ssprs.dll c:\windows\system32\vbtlms32.dll c:\windows\system32\vkckagxm.dll c:\windows\system32\yayvUNEV.dll c:\windows\system32\yayyXQkh.dll D:\resycled d:\resycled\boot.com E:\resycled e:\resycled\boot.com c:\windows\system32\drivers\tdssserv.sys . . . . konden niet verwijderd worden . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BOONTY_GAMES -------\Legacy_icf -------\Service_Boonty Games -------\Service_FCI -------\Service_ICF -------\Service_uacd.sys (((((((((((((((((((( Bestanden Gemaakt van 2008-12-13 to 2009-01-13 )))))))))))))))))))))))))))))) . 2009-01-13 14:05 . 2009-01-13 14:05 <DIR> d--hs---- C:\found.000 2009-01-13 07:58 . 2009-01-13 07:58 544 --a------ c:\windows\system32\MRT.INI 2009-01-13 07:52 . 2009-01-13 07:59 1,374 --a------ c:\windows\imsins.BAK 2009-01-12 18:15 . 2008-08-14 14:27 2,193,536 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,149,888 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,070,400 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,028,544 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2009-01-12 17:56 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\Malwarebytes 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-12 16:59 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-12 16:59 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-12 16:36 . 2009-01-12 16:36 <DIR> d-------- c:\program files\Common Files\PC Tools 2009-01-12 16:36 . 2009-01-12 16:36 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\PC Tools 2009-01-12 16:35 . 2009-01-12 16:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools 2009-01-12 16:22 . 2009-01-12 16:22 <DIR> d-------- C:\NormanVundoBackup 2009-01-12 16:14 . 2009-01-12 16:14 <DIR> d-------- c:\program files\Trend Micro 2009-01-12 10:59 . 2009-01-12 10:59 4,128 --a------ C:\INFCACHE.1 2009-01-11 19:36 . 2009-01-12 10:42 4,206 --a------ C:\WINSYS.DLL 2009-01-11 10:48 . 2004-03-09 09:30 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX 2009-01-11 10:48 . 2000-05-22 10:30 608,448 --a------ c:\windows\system32\COMCTL32.OCX 2009-01-11 10:48 . 1998-06-24 00:00 164,144 --a------ c:\windows\system32\COMCT232.OCX 2009-01-11 10:48 . 2000-05-22 15:58 83,144 --a------ c:\windows\system32\PICCLP32.OCX 2009-01-11 10:37 . 2009-01-11 10:37 <DIR> d-------- c:\program files\Recuva 2009-01-11 10:36 . 2009-01-13 14:38 <DIR> dr-h----- c:\documents and settings\Eigenaar\Onlangs geopend 2009-01-11 10:24 . 2009-01-11 10:24 176 --a------ c:\windows\wininit.ini 2009-01-10 19:35 . 2009-01-10 19:35 214 --a------ c:\windows\HP_48BitScanUpdatePatch.ini 2009-01-10 19:34 . 2009-01-10 19:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\HP Product Assistant 2009-01-10 19:28 . 2009-01-10 19:28 234 --a------ c:\windows\PrnHlpLogConfig.ini 2009-01-10 19:27 . 2009-01-10 19:27 217 --a------ c:\windows\HP_IZClosingDiscErrorPatch.ini 2009-01-10 19:27 . 2009-01-10 19:27 214 --a------ c:\windows\HP_InstantSHareJPG.ini 2009-01-10 19:25 . 2009-01-10 19:25 221 --a------ c:\windows\HP_RedboxHprblog_HPSU.ini 2009-01-10 18:33 . 2009-01-10 18:33 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\Netscape 2009-01-10 16:51 . 2009-01-12 17:09 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\Twain 2009-01-10 16:39 . 2009-01-11 09:14 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\cogad 2009-01-10 15:35 . 2009-01-10 15:35 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\cogad 2009-01-10 14:07 . 2009-01-10 14:07 <DIR> d-------- c:\program files\Netscape 2009-01-10 14:07 . 2009-01-10 14:07 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\Netscape 2009-01-10 13:21 . 2009-01-10 13:21 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\Thunderbird 2009-01-10 09:11 . 2009-01-10 09:11 <DIR> d-------- c:\documents and settings\Eigenaar\Application Data\SecondLife 2009-01-09 18:40 . 2009-01-09 18:40 27,136 --a------ c:\windows\system32\TDSSoiqh.dll 2009-01-09 18:37 . 2009-01-09 18:37 <DIR> d-------- c:\windows\system32\m3V02 2009-01-09 18:37 . 2009-01-11 09:10 <DIR> d-------- c:\windows\system32\LNR 2009-01-09 17:41 . 2009-01-11 10:24 <DIR> d-------- c:\program files\Mozilla Thunderbird 2009-01-09 17:41 . 2009-01-09 17:41 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Thunderbird 2009-01-09 17:41 . 2009-01-09 17:41 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Talkback 2009-01-09 17:41 . 2009-01-09 17:41 3,473 --a------ c:\windows\mozver.dat 2009-01-09 17:41 . 2009-01-09 17:41 0 --a------ c:\windows\nsreg.dat 2009-01-09 17:38 . 2009-01-09 18:28 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2009-01-09 17:38 . 2009-01-09 18:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-09 17:01 . 2009-01-09 17:01 <DIR> d-------- c:\program files\Common Files\AVSMedia 2009-01-09 17:01 . 2009-01-09 17:03 <DIR> d-------- c:\program files\AVSMedia 2009-01-09 17:01 . 2003-05-22 13:26 638,976 --a------ c:\windows\system32\divx.dll 2009-01-09 17:01 . 2004-07-03 21:59 524,288 --a------ c:\windows\system32\xvidcore.dll 2009-01-09 17:01 . 2003-05-22 00:50 261,632 --a------ c:\windows\system32\mcdvd_32.dll 2009-01-09 17:01 . 2003-05-22 13:26 221,215 --a------ c:\windows\system32\divxdec.ax 2009-01-09 17:01 . 2003-05-22 00:50 156,910 --a------ c:\windows\WMSysPr8.prx 2009-01-09 17:01 . 2004-07-03 22:08 139,264 --a------ c:\windows\system32\xvidvfw.dll 2009-01-09 17:01 . 2003-05-22 00:50 82,944 --a------ c:\windows\system32\vct3216.acm 2009-01-09 17:01 . 2004-02-04 22:11 81,920 --a------ c:\windows\system32\AC3ACM.acm 2009-01-09 17:01 . 2004-09-06 17:06 53,248 --a------ c:\windows\system32\xvid.ax 2009-01-09 17:01 . 2003-05-22 00:50 38,912 --a------ c:\windows\system32\alf2cd.acm 2009-01-09 17:01 . 2000-03-14 21:55 13,239 --a------ c:\windows\system32\Scg726.acm 2009-01-08 17:06 . 2009-01-08 17:06 <DIR> d-------- c:\program files\software 2009-01-08 16:58 . 2009-01-08 16:58 <DIR> dr-h----- c:\documents and settings\Gaming Account\Onlangs geopend 2009-01-07 17:57 . 2009-01-07 17:57 65,536 --a------ c:\windows\IFinst27.exe 2009-01-06 17:18 . 2009-01-09 19:17 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Enigma Browser 2009-01-06 17:17 . 2008-08-09 15:05 <DIR> d--h----- c:\documents and settings\Administrator\Sjablonen 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d--h----- c:\documents and settings\Administrator\Onlangs geopend 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d--h----- c:\documents and settings\Administrator\Netwerkprinteromgeving 2009-01-06 17:17 . 2009-01-10 18:48 <DIR> d-------- c:\documents and settings\Administrator\Mijn documenten 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> dr------- c:\documents and settings\Administrator\Menu Start 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d-------- c:\documents and settings\Administrator\Favorieten 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d-------- c:\documents and settings\Administrator\Bureaublad 2009-01-06 17:17 . 2009-01-06 17:17 <DIR> d-------- c:\documents and settings\Administrator 2009-01-06 17:17 . 2009-01-06 17:18 373,760 --ahs---- c:\windows\system32\38.tmp 2009-01-06 17:10 . 2009-01-06 17:10 59,904 --------- c:\windows\system32\drivers\TDSSmqlt.sys 2009-01-05 16:36 . 2009-01-10 19:49 <DIR> d-------- c:\windows\system32\whSLD02 2009-01-04 10:01 . 2003-07-24 10:24 237,568 --a------ c:\windows\system32\demoover.exe 2009-01-04 10:01 . 2004-05-29 17:52 91,072 --------- c:\windows\system32\RoseCo2.dll 2009-01-04 10:01 . 2004-05-29 17:53 82,896 --------- c:\windows\system32\KickCom2.dll 2009-01-04 10:00 . 2009-01-04 10:44 <DIR> d-------- C:\moove 2009-01-04 10:00 . 2001-10-12 15:44 3,310 --------- c:\windows\system32\advanced.ico 2009-01-04 10:00 . 1998-04-24 00:00 1,078 --------- c:\windows\system32\rosewaste.ico 2009-01-03 11:11 . 2009-01-02 21:56 8,094 --a------ c:\windows\NPFFILE.NDF_B 2009-01-02 11:41 . 2009-01-02 11:41 147,456 --a------ c:\windows\system32\vbzip10.dll 2009-01-02 11:37 . 2009-01-02 11:38 <DIR> d-------- c:\windows\system32\R 2009-01-01 20:38 . 2009-01-01 20:38 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Ahead 2009-01-01 20:32 . 2009-01-01 20:33 <DIR> d-------- c:\documents and settings\School - Werk\Shared 2009-01-01 20:32 . 2009-01-01 20:33 <DIR> d-------- c:\documents and settings\School - Werk\Incomplete 2009-01-01 20:32 . 2009-01-01 20:32 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\Morpheus PRO 2009-01-01 20:17 . 2009-01-09 17:42 <DIR> d-------- c:\documents and settings\School - Werk\Application Data\LimeWire 2009-01-01 10:43 . 2008-06-28 00:43 430,080 --a------ c:\windows\system32\cmcs21.ocx 2009-01-01 10:43 . 2008-06-28 00:43 224,016 --a------ c:\windows\system32\tabctl32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 212,240 --a------ c:\windows\system32\richtx32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 109,248 --a------ c:\windows\system32\mswinsck.ocx 2009-01-01 10:43 . 2008-06-28 00:43 103,744 --a------ c:\windows\system32\mscomm32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 53,248 --a------ c:\windows\system32\zlib.dll 2008-12-31 14:00 . 2008-12-31 14:00 <DIR> d-------- c:\program files\Burn4Free 2008-12-31 13:53 . 2008-12-31 13:53 <DIR> d-------- c:\program files\DVD Decrypter 2008-12-30 14:36 . 2008-12-30 14:36 0 --------- c:\windows\WB.ini 2008-12-30 11:12 . 2008-04-26 16:14 42,672 --------- c:\windows\system32\wbsys.dll 2008-12-30 10:52 . 2009-01-07 08:04 <DIR> d-------- c:\program files\Common Files\stardock 2008-12-30 09:45 . 2008-12-30 10:16 <DIR> d-------- c:\documents and settings\Gaming Account\Downloads 2008-12-30 09:45 . 2008-12-30 09:45 <DIR> d-------- c:\documents and settings\Gaming Account\Application Data\NewsLeecher 2008-12-27 13:45 . 2008-12-27 13:45 <DIR> d-------- c:\program files\Norman 2008-12-27 13:45 . 2009-01-03 11:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\NPF 2008-12-27 11:16 . 2008-12-27 11:16 <DIR> d-------- c:\documents and settings\LocalService\Menu Start 2008-12-27 11:14 . 2008-09-02 12:48 19,512 --a------ c:\windows\system32\drivers\nvcw32mf.sys 2008-12-27 11:08 . 2009-01-13 14:15 <DIR> d-------- C:\Norman 2008-12-27 11:04 . 2008-12-27 11:04 1,409 --a------ c:\windows\system32\tmpF2EF8.FOT 2008-12-27 11:04 . 2008-12-27 11:04 1,409 --a------ c:\windows\system32\tmpD7EF8.FOT 2008-12-27 11:04 . 2008-12-27 11:04 1,409 --a------ c:\windows\system32\tmp7DCF8.FOT 2008-12-27 11:04 . 2008-12-27 11:04 1,409 --a------ c:\windows\system32\tmp54DF8.FOT 2008-12-27 11:04 . 2008-12-27 11:04 1,409 --a------ c:\windows\system32\tmp39DF8.FOT 2008-12-27 11:04 . 2008-12-27 11:04 1,409 --a------ c:\windows\system32\tmp1EDF8.FOT 2008-12-22 10:33 . 2009-01-05 18:42 26,056 --a------ c:\windows\system32\drivers\hamachi.sys 2008-12-22 10:28 . 2008-12-22 10:28 <DIR> d-------- c:\program files\MoparScape 2008-12-22 10:25 . 2008-12-22 10:27 <DIR> d-------- c:\windows\.mpr_file_store_32 2008-12-21 12:12 . 2008-12-21 12:12 230 --a------ c:\windows\system32\spupdsvc.inf 2008-12-18 17:23 . 2008-12-18 17:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Blizzard 2008-12-14 13:34 . 2008-12-14 13:34 <DIR> d-------- c:\program files\QuickTime . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-13 13:43 --------- d-----w c:\documents and settings\Eigenaar\Application Data\Enigma Browser 2009-01-13 13:39 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-01-13 13:24 --------- d-----w c:\documents and settings\Eigenaar\Application Data\OpenOffice.org2 2009-01-13 13:23 17,408 ----a-w c:\windows\system32\drivers\USBCRFT.SYS 2009-01-13 13:23 --------- d-----w c:\program files\PC Tools Antivirus 2009-01-13 13:22 --------- d-----w c:\program files\Hitman Pro 2009-01-13 06:47 14,336 ----a-w c:\windows\system32\svchost.exe 2009-01-12 18:42 --------- d-----w c:\program files\Enigma Browser 2009-01-12 17:38 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-01-11 08:19 --------- d-----w c:\documents and settings\Gaming Account\Application Data\Enigma Browser 2009-01-10 18:38 --------- d-----w c:\program files\HP 2009-01-10 13:30 --------- d-----w c:\program files\Microsoft Visual Studio 9.0 2009-01-10 08:39 --------- d-----w c:\program files\NCSoft 2009-01-09 17:28 --------- d-----w c:\program files\ESET 2009-01-09 17:19 --------- d-----w c:\documents and settings\School - Werk\Application Data\Enigma Browser 2009-01-07 16:52 --------- d-----w c:\program files\Common Files\Adobe 2009-01-07 16:48 --------- d-----w c:\program files\Microsoft Games 2009-01-04 09:00 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-02 10:50 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-12-27 12:53 --------- d-----w c:\program files\CCleaner 2008-12-22 09:04 --------- d-----w c:\program files\World of Warcraft 2008-12-18 16:13 --------- d-----w c:\program files\Common Files\Blizzard Entertainment 2008-12-16 16:25 --------- d-----w c:\program files\GameSpy Arcade 2008-12-12 14:24 --------- d-----w c:\program files\Eidos 2008-12-11 15:10 --------- d-----w c:\program files\Sierra 2008-12-07 11:49 --------- d-----w c:\program files\AVIConverter 2008-12-03 07:20 --------- d-----w c:\documents and settings\School - Werk\Application Data\Lavasoft 2008-11-30 07:25 --------- d-----w c:\documents and settings\Eigenaar\Application Data\GetRightToGo 2008-11-29 17:18 --------- d-----w c:\documents and settings\School - Werk\Application Data\Xfire 2008-11-29 17:17 --------- d-----w c:\program files\CyberLink 2008-11-29 17:17 --------- d-----w c:\documents and settings\LocalService\Application Data\Xfire 2008-11-29 17:17 --------- d-----w c:\documents and settings\Gaming Account\Application Data\Xfire 2008-11-29 17:16 --------- d-----w c:\program files\Windows Live 2008-11-29 17:15 --------- d-----w c:\program files\Adobe(2) 2008-11-29 17:12 --------- d-----w c:\program files\Microsoft Works 2008-11-29 14:01 --------- d-----w c:\documents and settings\Bente\Application Data\Webroot 2008-11-25 14:28 223,128 ----a-w c:\windows\system32\drivers\vaxscsi.sys 2008-11-25 14:28 --------- d-----w c:\program files\Alcohol Soft 2008-11-25 14:24 96,384 ----a-w c:\windows\system32\drivers\sptd3117.sys 2008-11-24 15:53 --------- d-----w c:\documents and settings\Gaming Account\Application Data\Gearbox Software 2008-11-23 08:37 --------- d-----w c:\program files\The Creative Assembly 2008-11-10 17:24 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-10-23 12:43 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-22 15:34 66,872 ----a-w c:\windows\system32\PnkBstrA.exe 2008-10-22 15:34 182,928 ----a-w c:\windows\system32\PnkBstrB.exe 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:12 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-16 01:02 669,184 ----a-w c:\windows\system32\wininet.dll 2008-08-13 07:11 24 ----a-w c:\documents and settings\Eigenaar\jagex_runescape_preferences.dat 2008-09-15 13:05 56 --sh--r c:\windows\system32\60AF2ED151.sys 2008-10-07 15:44 1,890 --sha-w c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PlayNC Launcher"="c:\program files\NCSoft\Launcher\NCLauncher.exe" [2008-06-09 38128] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-14 413696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "norman zanda"="c:\norman\Npm\bin\ZLH.EXE" [2008-06-02 273520] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Hitman Pro Expiration Helper"="c:\program files\Hitman Pro\xphelper.exe" [2007-01-30 596760] "PCTAVApp"="c:\program files\PC Tools AntiVirus\PCTAV.exe" [2008-12-04 1370000] "nwiz"="nwiz.exe" [2006-10-22 c:\windows\system32\nwiz.exe] "Dit"="Dit.exe" [2004-07-20 c:\windows\Dit.exe] "Cmaudio"="cmicnfg.cpl" [bU] "AGRSMMSG"="AGRSMMSG.exe" [2005-03-08 c:\windows\AGRSMMSG.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264] c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\ OpenOffice.org 2.4 .lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624] Ralink Wireless Utility.lnk - c:\program files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [2008-08-09 638976] Snelstart HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 73728] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\World of Warcraft\\WoW-2.4.2-enGB-downloader.exe"= "c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"= "c:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"= "c:\\Program Files\\Sierra\\FEARCombat\\fpupdate.exe"= "c:\\Program Files\\Sierra\\FEARCombat\\FEARServer.exe"= "c:\\Program Files\\Sierra\\FEAR\\fpupdate.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEARServer.exe"= "c:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEARXP\\FEARXP.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEAR.exe"= "c:\\Program Files\\Sierra\\FEAR\\FEARMP.exe"= "c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6112:TCP"= 6112:TCP:Wow downloader "6881:TCP"= 6881:TCP:Wow "6999:TCP"= 6999:TCP:download wow "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "24800:TCP"= 24800:TCP:*:Disabled:SolidNetworkManager "24800:UDP"= 24800:UDP:*:Disabled:SolidNetworkManager "61655:TCP"= 61655:TCP:*:Disabled:SolidNetworkManager "61655:UDP"= 61655:UDP:*:Disabled:SolidNetworkManager R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2008-05-07 1287296] R3 nsesvc;Norman Scanner Engine Service;c:\norman\Nse\Bin\Nsesvc.exe [2008-12-27 322616] R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2008-12-27 19512] R3 nvcoas;Norman Virus Control on-access component;c:\norman\NVC\Bin\Nvcoas.exe [2008-12-27 183352] R3 NVCScheduler;Norman Virus Control Scheduler;c:\norman\NVC\Bin\Nvcsched.exe [2008-12-27 146488] R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [2008-08-09 19928] R4 Ndiskio;Ndiskio;c:\norman\Nse\Bin\Ndiskio.sys [2008-12-27 20448] S0 gsbidin;gsbidin;c:\windows\system32\drivers\ttcek.sys --> c:\windows\system32\drivers\ttcek.sys [?] S0 rseb;rseb; [x] S1 34884e3f;34884e3f;c:\windows\system32\drivers\34884e3f.sys --> c:\windows\system32\drivers\34884e3f.sys [?] S1 839e9b08;839e9b08;c:\windows\system32\drivers\839e9b08.sys --> c:\windows\system32\drivers\839e9b08.sys [?] S1 a68ba1c9;a68ba1c9;c:\windows\system32\drivers\a68ba1c9.sys --> c:\windows\system32\drivers\a68ba1c9.sys [?] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [2008-08-09 17408] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-01-12 38496] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mchInjDrv [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae1a1cf8-e08f-11dd-8d02-00110951a57e}] \shell\autorun\command - M:\PPTVIEW.EXE /L "playlist.txt" \shell\startwdh\command - M:\PPTVIEW.EXE /L "playlist.txt" . Inhoud van de 'Gedeelde Taken' map 2009-01-12 c:\windows\Tasks\HPpromotions journeysoftware.job - c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36] . - - - - ORPHANS VERWIJDERD - - - - ShellExecuteHooks-{04578D8D-6130-411B-BEE5-DFF22903F732} - (no file) . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-13 14:48:07 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-839522115-920026266-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:81,57,4d,21,a6,76,47,ee,8a,6c,cb,1a,e9,e6,89,e1,10,ff,98,66,c0,e0,ec, db,e2,07,d2,cb,11,84,b4,47,11,5d,8d,ca,2a,23,bd,4b,83,ff,de,dd,0a,6d,ae,eb,\ "??"=hex:7f,2a,d1,18,fd,cd,d1,9e,1a,a9,e5,a4,81,4a,bd,2b . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(680) c:\program files\PC Tools AntiVirus\PCTAVHook.dll - - - - - - - > 'lsass.exe'(736) c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll c:\program files\PC Tools AntiVirus\PCTAVHook.dll - - - - - - - > 'explorer.exe'(3988) c:\program files\PC Tools AntiVirus\PCTAVHook.dll c:\norman\nvc\bin\Niphk.dll - - - - - - - > 'csrss.exe'(656) c:\program files\PC Tools AntiVirus\PCTAVHook.dll . Voltooingstijd: 2009-01-13 14:51:49 ComboFix-quarantined-files.txt 2009-01-13 13:51:41 Pre-Run: 43,029,909,504 bytes beschikbaar Post-Run: 43,024,547,840 bytes beschikbaar Current=1 Default=1 Failed=4 LastKnownGood=5 Sets=1,2,3,4,5 529 --- E O F --- 2009-01-13 06:59:38
- 13 januari 2009
- 16 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Hier zijn ze: ComboFix 09-01-11.04 - Eigenaar 2009-01-13 8:32:44.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.142 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Eigenaar\Bureaublad\Norman\ComboFix.exe * Resident AV is active . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrator\Application Data\020000005bbf72ba511C.manifest C:\Documents and Settings\Administrator\Application Data\020000005bbf72ba511O.manifest C:\Documents and Settings\Administrator\Application Data\020000005bbf72ba511P.manifest C:\Documents and Settings\Administrator\Application Data\020000005bbf72ba511S.manifest C:\Documents and Settings\Eigenaar\Application Data\020000005bbf72ba511C.manifest C:\Documents and Settings\Eigenaar\Application Data\020000005bbf72ba511O.manifest C:\Documents and Settings\Eigenaar\Application Data\020000005bbf72ba511P.manifest C:\Documents and Settings\Eigenaar\Application Data\020000005bbf72ba511S.manifest C:\Documents and Settings\Eigenaar\Local Settings\Temporary Internet Files\bestwiner.stt C:\Documents and Settings\Gaming Account\Application Data\020000005bbf72ba511C.manifest C:\Documents and Settings\Gaming Account\Application Data\020000005bbf72ba511O.manifest C:\Documents and Settings\Gaming Account\Application Data\020000005bbf72ba511P.manifest C:\Documents and Settings\Gaming Account\Application Data\020000005bbf72ba511S.manifest C:\Documents and Settings\Gaming Account\Local Settings\Temporary Internet Files\bestwiner.stt C:\Documents and Settings\Gaming Account\Local Settings\Temporary Internet Files\CPV.stt C:\Documents and Settings\Gaming Account\Local Settings\Temporary Internet Files\fbk.sts C:\Documents and Settings\School - Werk\Application Data\020000005bbf72ba511C.manifest C:\Documents and Settings\School - Werk\Application Data\020000005bbf72ba511O.manifest C:\Documents and Settings\School - Werk\Application Data\020000005bbf72ba511P.manifest C:\Documents and Settings\School - Werk\Application Data\020000005bbf72ba511S.manifest C:\WINDOWS\config\svchost.exe C:\WINDOWS\Fonts\a.zip C:\WINDOWS\GnuHashes.ini C:\WINDOWS\system32\cbbaGfhk.ini2 C:\WINDOWS\system32\cuflsewx.dll C:\WINDOWS\system32\ddcDtSkL.dll C:\WINDOWS\system32\fci.exe.exe C:\WINDOWS\system32\gcdrkyje.dll C:\WINDOWS\system32\gqyyidjb.dll C:\WINDOWS\system32\GroupPolicy000.dat C:\WINDOWS\system32\GroupPolicyManifest C:\WINDOWS\system32\GroupPolicyManifest\14.music.mp3 C:\WINDOWS\system32\GroupPolicyManifest\14.music.mp3.kwd C:\WINDOWS\system32\GroupPolicyManifest\15.crack.zip C:\WINDOWS\system32\GroupPolicyManifest\15.crack.zip.kwd C:\WINDOWS\system32\GroupPolicyManifest\16.video.zip C:\WINDOWS\system32\GroupPolicyManifest\16.video.zip.kwd C:\WINDOWS\system32\GroupPolicyManifest\17.setup.zip C:\WINDOWS\system32\GroupPolicyManifest\17.setup.zip.kwd C:\WINDOWS\system32\GroupPolicyManifest\18.unpack.zip C:\WINDOWS\system32\GroupPolicyManifest\18.unpack.zip.kwd C:\WINDOWS\system32\GroupPolicyManifest\19.keygen.zip C:\WINDOWS\system32\GroupPolicyManifest\19.keygen.zip.kwd C:\WINDOWS\system32\GroupPolicyManifest\20.serial.zip C:\WINDOWS\system32\GroupPolicyManifest\20.serial.zip.kwd C:\WINDOWS\system32\GroupPolicyManifest\22.mpgvideo.mpg C:\WINDOWS\system32\GroupPolicyManifest\22.mpgvideo.mpg.kwd C:\WINDOWS\system32\guopnz.dll C:\WINDOWS\system32\haheug.dll C:\WINDOWS\system32\hwhtfn.dll C:\WINDOWS\system32\jiueem.dll C:\WINDOWS\system32\lsprst7.dll C:\WINDOWS\system32\mpg4c32.dll C:\WINDOWS\system32\NnpVDcfe.ini2 C:\WINDOWS\system32\oedtmbnn.dll C:\WINDOWS\system32\plnfauwp.dll C:\WINDOWS\system32\prihsrhj.dll C:\WINDOWS\system32\sqdyyw.dll C:\WINDOWS\system32\ssprs.dll C:\WINDOWS\system32\vbtlms32.dll C:\WINDOWS\system32\vkckagxm.dll C:\WINDOWS\system32\yayvUNEV.dll C:\WINDOWS\system32\yayyXQkh.dll D:\resycled D:\resycled\boot.com E:\resycled E:\resycled\boot.com C:\WINDOWS\system32\drivers\tdssserv.sys . . . . konden niet verwijderd worden . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BOONTY_GAMES -------\Legacy_icf -------\Service_Boonty Games -------\Service_FCI -------\Service_ICF -------\Service_uacd.sys (((((((((((((((((((( Bestanden Gemaakt van 2008-12-13 to 2009-01-13 )))))))))))))))))))))))))))))) . 2009-01-13 07:58 . 2009-01-13 07:58 544 --a------ C:\WINDOWS\system32\MRT.INI 2009-01-13 07:52 . 2009-01-13 07:59 1,374 --a------ C:\WINDOWS\imsins.BAK 2009-01-12 18:15 . 2008-08-14 14:27 2,193,536 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,149,888 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,070,400 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2009-01-12 18:15 . 2008-08-14 14:27 2,028,544 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2009-01-12 17:56 . 2008-10-16 14:08 27,672 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Malwarebytes 2009-01-12 16:59 . 2009-01-12 16:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-01-12 16:59 . 2009-01-04 18:38 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2009-01-12 16:59 . 2009-01-04 18:38 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2009-01-12 16:36 . 2009-01-12 16:36 <DIR> d-------- C:\Program Files\Common Files\PC Tools 2009-01-12 16:36 . 2009-01-12 16:36 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\PC Tools 2009-01-12 16:35 . 2009-01-12 16:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools 2009-01-12 16:22 . 2009-01-12 16:22 <DIR> d-------- C:\NormanVundoBackup 2009-01-12 16:14 . 2009-01-12 16:14 <DIR> d-------- C:\Program Files\Trend Micro 2009-01-12 10:59 . 2009-01-12 10:59 4,128 --a------ C:\INFCACHE.1 2009-01-11 19:36 . 2009-01-12 10:42 4,206 --a------ C:\WINSYS.DLL 2009-01-11 11:09 . 2009-01-11 11:09 112,356 --a------ C:\Documents and Settings\Eigenaar\WbEaUA.exe 2009-01-11 11:09 . 2009-01-11 11:09 40,960 --a------ C:\Documents and Settings\Eigenaar\PpkKgNrZDm.exe 2009-01-11 10:48 . 2004-03-09 09:30 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX 2009-01-11 10:48 . 2000-05-22 10:30 608,448 --a------ C:\WINDOWS\system32\COMCTL32.OCX 2009-01-11 10:48 . 1998-06-24 00:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX 2009-01-11 10:48 . 2000-05-22 15:58 83,144 --a------ C:\WINDOWS\system32\PICCLP32.OCX 2009-01-11 10:37 . 2009-01-11 10:37 <DIR> d-------- C:\Program Files\Recuva 2009-01-11 10:36 . 2009-01-12 21:21 <DIR> dr-h----- C:\Documents and Settings\Eigenaar\Onlangs geopend 2009-01-11 10:24 . 2009-01-11 10:24 176 --a------ C:\WINDOWS\wininit.ini 2009-01-11 09:26 . 2009-01-11 09:26 112,356 --a------ C:\Documents and Settings\Eigenaar\mXBDslr.exe 2009-01-11 09:26 . 2009-01-11 09:26 40,960 --a------ C:\Documents and Settings\Eigenaar\CloXjzMdqOc.exe 2009-01-11 09:20 . 2009-01-11 09:20 112,356 --a------ C:\Documents and Settings\Gaming Account\TyAxQX.exe 2009-01-11 09:20 . 2009-01-11 09:20 40,960 --a------ C:\Documents and Settings\Gaming Account\MmhHdKNWAj.exe 2009-01-10 19:35 . 2009-01-10 19:35 214 --a------ C:\WINDOWS\HP_48BitScanUpdatePatch.ini 2009-01-10 19:34 . 2009-01-10 19:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant 2009-01-10 19:28 . 2009-01-10 19:28 234 --a------ C:\WINDOWS\PrnHlpLogConfig.ini 2009-01-10 19:27 . 2009-01-10 19:27 217 --a------ C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini 2009-01-10 19:27 . 2009-01-10 19:27 214 --a------ C:\WINDOWS\HP_InstantSHareJPG.ini 2009-01-10 19:25 . 2009-01-10 19:25 221 --a------ C:\WINDOWS\HP_RedboxHprblog_HPSU.ini 2009-01-10 18:33 . 2009-01-10 18:33 <DIR> d-------- C:\Documents and Settings\Gaming Account\Application Data\Netscape 2009-01-10 16:52 . 2009-01-11 09:04 0 --a------ C:\WINDOWS\system32\drivers\a68ba1c9.sys 2009-01-10 16:51 . 2009-01-12 17:09 <DIR> d-------- C:\Documents and Settings\Gaming Account\Application Data\Twain 2009-01-10 16:39 . 2009-01-11 09:14 <DIR> d-------- C:\Documents and Settings\Gaming Account\Application Data\cogad 2009-01-10 16:39 . 2009-01-11 09:21 0 --a------ C:\WINDOWS\system32\drivers\839e9b08.sys 2009-01-10 15:35 . 2009-01-10 15:35 40,960 --a------ C:\Documents and Settings\Eigenaar\SwfQHtKX.exe 2009-01-10 14:51 . 2009-01-10 14:51 112,356 --a------ C:\Documents and Settings\Eigenaar\WcEaUBl.exe 2009-01-10 14:51 . 2009-01-10 14:51 40,960 --a------ C:\Documents and Settings\Eigenaar\pkKgOrzDm.exe 2009-01-10 14:07 . 2009-01-10 14:07 <DIR> d-------- C:\Program Files\Netscape 2009-01-10 14:07 . 2009-01-10 14:07 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Netscape 2009-01-10 13:21 . 2009-01-10 13:21 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Thunderbird 2009-01-10 13:12 . 2009-01-10 13:12 112,356 --a------ C:\Documents and Settings\Eigenaar\zGQvxmf.exe 2009-01-10 13:12 . 2009-01-10 13:12 40,960 --a------ C:\Documents and Settings\Eigenaar\TweIRdtF.exe 2009-01-10 13:12 . 2009-01-10 13:12 409 --a------ C:\Documents and Settings\Eigenaar\IMchXj.bat 2009-01-10 09:11 . 2009-01-10 09:11 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\SecondLife 2009-01-09 18:37 . 2009-01-09 18:37 <DIR> d-------- C:\WINDOWS\system32\m3V02 2009-01-09 18:37 . 2009-01-11 09:10 <DIR> d-------- C:\WINDOWS\system32\LNR 2009-01-09 17:41 . 2009-01-11 10:24 <DIR> d-------- C:\Program Files\Mozilla Thunderbird 2009-01-09 17:41 . 2009-01-09 17:41 <DIR> d-------- C:\Documents and Settings\School - Werk\Application Data\Thunderbird 2009-01-09 17:41 . 2009-01-09 17:41 <DIR> d-------- C:\Documents and Settings\School - Werk\Application Data\Talkback 2009-01-09 17:41 . 2009-01-09 17:41 3,473 --a------ C:\WINDOWS\mozver.dat 2009-01-09 17:41 . 2009-01-09 17:41 0 --a------ C:\WINDOWS\nsreg.dat 2009-01-09 17:38 . 2009-01-09 18:28 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2009-01-09 17:38 . 2009-01-09 18:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-09 17:01 . 2009-01-09 17:01 <DIR> d-------- C:\Program Files\Common Files\AVSMedia 2009-01-09 17:01 . 2009-01-09 17:03 <DIR> d-------- C:\Program Files\AVSMedia 2009-01-09 17:01 . 2003-05-22 13:26 638,976 --a------ C:\WINDOWS\system32\divx.dll 2009-01-09 17:01 . 2004-07-03 21:59 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll 2009-01-09 17:01 . 2003-05-22 00:50 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll 2009-01-09 17:01 . 2003-05-22 13:26 221,215 --a------ C:\WINDOWS\system32\divxdec.ax 2009-01-09 17:01 . 2003-05-22 00:50 156,910 --a------ C:\WINDOWS\WMSysPr8.prx 2009-01-09 17:01 . 2004-07-03 22:08 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll 2009-01-09 17:01 . 2003-05-22 00:50 82,944 --a------ C:\WINDOWS\system32\vct3216.acm 2009-01-09 17:01 . 2004-02-04 22:11 81,920 --a------ C:\WINDOWS\system32\AC3ACM.acm 2009-01-09 17:01 . 2004-09-06 17:06 53,248 --a------ C:\WINDOWS\system32\xvid.ax 2009-01-09 17:01 . 2003-05-22 00:50 38,912 --a------ C:\WINDOWS\system32\alf2cd.acm 2009-01-09 17:01 . 2000-03-14 21:55 13,239 --a------ C:\WINDOWS\system32\Scg726.acm 2009-01-08 17:06 . 2009-01-08 17:06 <DIR> d-------- C:\Program Files\software 2009-01-08 16:58 . 2009-01-08 16:58 <DIR> dr-h----- C:\Documents and Settings\Gaming Account\Onlangs geopend 2009-01-07 17:57 . 2009-01-07 17:57 65,536 --a------ C:\WINDOWS\IFinst27.exe 2009-01-06 17:18 . 2009-01-09 19:17 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Enigma Browser 2009-01-06 17:17 . 2008-08-09 15:05 <DIR> d--h----- C:\Documents and Settings\Administrator\Sjablonen 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d--h----- C:\Documents and Settings\Administrator\Onlangs geopend 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving 2009-01-06 17:17 . 2009-01-10 18:48 <DIR> d-------- C:\Documents and Settings\Administrator\Mijn documenten 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d-------- C:\Documents and Settings\Administrator\Favorieten 2009-01-06 17:17 . 2008-08-09 16:54 <DIR> d-------- C:\Documents and Settings\Administrator\Bureaublad 2009-01-06 17:17 . 2009-01-06 17:17 <DIR> d-------- C:\Documents and Settings\Administrator 2009-01-06 17:17 . 2009-01-06 17:18 373,760 --ahs---- C:\WINDOWS\system32\38.tmp 2009-01-06 17:10 . 2009-01-06 17:10 59,904 --------- C:\WINDOWS\system32\drivers\TDSSserv.sys 2009-01-05 16:36 . 2009-01-10 19:49 <DIR> d-------- C:\WINDOWS\system32\whSLD02 2009-01-04 10:01 . 2003-07-24 10:24 237,568 --a------ C:\WINDOWS\system32\demoover.exe 2009-01-04 10:01 . 2004-05-29 17:52 91,072 --------- C:\WINDOWS\system32\RoseCo2.dll 2009-01-04 10:01 . 2004-05-29 17:53 82,896 --------- C:\WINDOWS\system32\KickCom2.dll 2009-01-04 10:00 . 2009-01-04 10:44 <DIR> d-------- C:\moove 2009-01-04 10:00 . 2001-10-12 15:44 3,310 --------- C:\WINDOWS\system32\advanced.ico 2009-01-04 10:00 . 1998-04-24 00:00 1,078 --------- C:\WINDOWS\system32\rosewaste.ico 2009-01-03 11:11 . 2009-01-02 21:56 8,094 --a------ C:\WINDOWS\NPFFILE.NDF_B 2009-01-02 11:41 . 2009-01-02 11:41 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll 2009-01-02 11:37 . 2009-01-02 11:38 <DIR> d-------- C:\WINDOWS\system32\R 2009-01-02 11:35 . 2009-01-02 11:35 373,760 --ahs---- C:\WINDOWS\system32\34.tmp 2009-01-02 11:33 . 2009-01-02 11:33 905,320 --a------ C:\WINDOWS\isgca5720.exe 2009-01-02 11:33 . 2009-01-02 11:33 197,185 --a------ C:\WINDOWS\qxkk13828.exe 2009-01-02 11:33 . 2009-01-02 11:33 195,666 --a------ C:\WINDOWS\fnmw7870.exe 2009-01-02 11:33 . 2009-01-02 11:33 85,460 --a------ C:\WINDOWS\dfmrc1737.exe 2009-01-02 11:33 . 2009-01-02 11:33 69,686 --a------ C:\WINDOWS\aptt85451.exe 2009-01-01 20:38 . 2009-01-01 20:38 <DIR> d-------- C:\Documents and Settings\School - Werk\Application Data\Ahead 2009-01-01 20:32 . 2009-01-01 20:33 <DIR> d-------- C:\Documents and Settings\School - Werk\Shared 2009-01-01 20:32 . 2009-01-01 20:33 <DIR> d-------- C:\Documents and Settings\School - Werk\Incomplete 2009-01-01 20:32 . 2009-01-01 20:32 <DIR> d-------- C:\Documents and Settings\School - Werk\Application Data\Morpheus PRO 2009-01-01 20:17 . 2009-01-09 17:42 <DIR> d-------- C:\Documents and Settings\School - Werk\Application Data\LimeWire 2009-01-01 10:43 . 2008-06-28 00:43 430,080 --a------ C:\WINDOWS\system32\cmcs21.ocx 2009-01-01 10:43 . 2008-06-28 00:43 224,016 --a------ C:\WINDOWS\system32\tabctl32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 212,240 --a------ C:\WINDOWS\system32\richtx32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 109,248 --a------ C:\WINDOWS\system32\mswinsck.ocx 2009-01-01 10:43 . 2008-06-28 00:43 103,744 --a------ C:\WINDOWS\system32\mscomm32.ocx 2009-01-01 10:43 . 2008-06-28 00:43 53,248 --a------ C:\WINDOWS\system32\zlib.dll 2008-12-31 14:00 . 2008-12-31 14:00 <DIR> d-------- C:\Program Files\Burn4Free 2008-12-31 13:53 . 2008-12-31 13:53 <DIR> d-------- C:\Program Files\DVD Decrypter 2008-12-30 14:36 . 2008-12-30 14:36 0 --------- C:\WINDOWS\WB.ini 2008-12-30 11:12 . 2008-04-26 16:14 42,672 --------- C:\WINDOWS\system32\wbsys.dll 2008-12-30 10:52 . 2009-01-07 08:04 <DIR> d-------- C:\Program Files\Common Files\stardock 2008-12-30 09:45 . 2008-12-30 10:16 <DIR> d-------- C:\Documents and Settings\Gaming Account\Downloads 2008-12-30 09:45 . 2008-12-30 09:45 <DIR> d-------- C:\Documents and Settings\Gaming Account\Application Data\NewsLeecher 2008-12-27 13:45 . 2008-12-27 13:45 <DIR> d-------- C:\Program Files\Norman 2008-12-27 13:45 . 2009-01-03 11:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NPF . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-13 07:44 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS 2009-01-13 07:44 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2009-01-13 07:44 --------- d-----w C:\Program Files\Hitman Pro 2009-01-13 07:44 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\OpenOffice.org2 2009-01-13 07:43 --------- d-----w C:\Program Files\PC Tools Antivirus 2009-01-13 07:20 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Enigma Browser 2009-01-13 06:47 14,336 ----a-w C:\WINDOWS\system32\svchost.exe 2009-01-12 18:42 --------- d-----w C:\Program Files\Enigma Browser 2009-01-12 17:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-01-11 08:19 --------- d-----w C:\Documents and Settings\Gaming Account\Application Data\Enigma Browser 2009-01-10 18:38 --------- d-----w C:\Program Files\HP 2009-01-10 13:30 --------- d-----w C:\Program Files\Microsoft Visual Studio 9.0 2009-01-10 08:39 --------- d-----w C:\Program Files\NCSoft 2009-01-09 17:28 --------- d-----w C:\Program Files\ESET 2009-01-09 17:19 --------- d-----w C:\Documents and Settings\School - Werk\Application Data\Enigma Browser 2009-01-07 16:52 --------- d-----w C:\Program Files\Common Files\Adobe 2009-01-07 16:48 --------- d-----w C:\Program Files\Microsoft Games 2009-01-04 09:00 --------- d--h--w C:\Program Files\InstallShield Installation Information 2009-01-02 10:50 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-12-27 12:53 --------- d-----w C:\Program Files\CCleaner 2008-12-22 09:04 --------- d-----w C:\Program Files\World of Warcraft 2008-12-18 16:13 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment 2008-12-16 16:25 --------- d-----w C:\Program Files\GameSpy Arcade 2008-12-12 14:24 --------- d-----w C:\Program Files\Eidos 2008-12-11 15:10 --------- d-----w C:\Program Files\Sierra 2008-12-07 11:49 --------- d-----w C:\Program Files\AVIConverter 2008-12-03 07:20 --------- d-----w C:\Documents and Settings\School - Werk\Application Data\Lavasoft 2008-12-01 13:29 124,928 ----a-w C:\WINDOWS\system32\woaowurg.dll 2008-12-01 13:29 124,928 ----a-w C:\WINDOWS\system32\kjslbu.dll 2008-11-30 10:57 75,776 ----a-w C:\WINDOWS\system32\kcsfptkb.dll 2008-11-30 10:54 123,904 ----a-w C:\WINDOWS\system32\hixvzj.dll 2008-11-30 10:54 123,904 ----a-w C:\WINDOWS\system32\ggrumgcl.dll 2008-11-30 07:25 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\GetRightToGo 2008-11-29 17:18 --------- d-----w C:\Documents and Settings\School - Werk\Application Data\Xfire 2008-11-29 17:17 --------- d-----w C:\Program Files\CyberLink 2008-11-29 17:17 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Xfire 2008-11-29 17:17 --------- d-----w C:\Documents and Settings\Gaming Account\Application Data\Xfire 2008-11-29 17:16 --------- d-----w C:\Program Files\Windows Live 2008-11-29 17:15 --------- d-----w C:\Program Files\Adobe(2) 2008-11-29 17:12 --------- d-----w C:\Program Files\Microsoft Works 2008-11-29 14:01 --------- d-----w C:\Documents and Settings\Bente\Application Data\Webroot 2008-11-28 07:02 124,416 ----a-w C:\WINDOWS\system32\pcdycoea.dll 2008-11-28 07:02 124,416 ----a-w C:\WINDOWS\system32\fqkuxw.dll 2008-11-26 17:32 76,288 ----a-w C:\WINDOWS\system32\vfrtvqhq.dll 2008-11-26 17:29 120,832 ----a-w C:\WINDOWS\system32\ipqwwd.dll 2008-11-26 17:29 120,832 ----a-w C:\WINDOWS\system32\ayfyjqsm.dll 2008-11-26 17:25 76,288 ----a-w C:\WINDOWS\system32\aseogvhd.dll 2008-11-26 17:22 120,832 ----a-w C:\WINDOWS\system32\rwcdxuiw.dll 2008-11-26 17:22 120,832 ----a-w C:\WINDOWS\system32\oibbzo.dll 2008-11-25 14:28 223,128 ----a-w C:\WINDOWS\system32\drivers\vaxscsi.sys 2008-11-25 14:28 --------- d-----w C:\Program Files\Alcohol Soft 2008-11-25 14:24 96,384 ----a-w C:\WINDOWS\system32\drivers\sptd3117.sys 2008-11-24 15:53 --------- d-----w C:\Documents and Settings\Gaming Account\Application Data\Gearbox Software 2008-11-24 13:10 120,832 ----a-w C:\WINDOWS\system32\xfgbxi.dll 2008-11-24 13:10 120,832 ----a-w C:\WINDOWS\system32\knansetu.dll 2008-11-23 08:37 --------- d-----w C:\Program Files\The Creative Assembly 2008-11-21 17:49 120,832 ----a-w C:\WINDOWS\system32\svzrxb.dll 2008-11-21 17:49 120,832 ----a-w C:\WINDOWS\system32\gajjmqwl.dll 2008-11-21 17:46 75,776 ----a-w C:\WINDOWS\system32\ehkifmdr.dll 2008-11-20 17:46 120,832 ----a-w C:\WINDOWS\system32\hohtfkrj.dll 2008-11-19 13:47 120,832 ----a-w C:\WINDOWS\system32\ermhvd.dll 2008-11-19 13:47 120,832 ----a-w C:\WINDOWS\system32\cvfhrehh.dll 2008-11-10 17:24 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-11-03 13:50 113,152 ----a-w C:\WINDOWS\system32\dbscme.dll 2008-11-03 13:50 113,152 ----a-w C:\WINDOWS\system32\bgbrvbij.dll 2008-10-29 18:37 113,152 ----a-w C:\WINDOWS\system32\xlihje.dll 2008-10-29 18:37 113,152 ----a-w C:\WINDOWS\system32\wmchicay.dll 2008-10-24 14:16 72,192 ----a-w C:\WINDOWS\system32\trajpdtg.dll 2008-10-24 14:14 113,664 ----a-w C:\WINDOWS\system32\kfdbhd.dll 2008-10-24 14:14 113,664 ----a-w C:\WINDOWS\system32\inkgpjka.dll 2008-10-23 12:43 286,720 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-10-22 15:34 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2008-10-22 15:34 182,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-10-21 14:07 120,320 ----a-w C:\WINDOWS\system32\lcaqms.dll 2008-10-21 14:07 120,320 ----a-w C:\WINDOWS\system32\gyudolyf.dll 2008-10-21 12:48 120,320 ----a-w C:\WINDOWS\system32\lbqjbh.dll 2008-10-21 12:48 120,320 ----a-w C:\WINDOWS\system32\ihgslxjo.dll 2008-10-20 08:01 114,176 ----a-w C:\WINDOWS\system32\tmmkba.dll 2008-10-20 08:01 114,176 ----a-w C:\WINDOWS\system32\mfwysqst.dll 2008-10-20 07:59 73,216 ----a-w C:\WINDOWS\system32\rehhxqnm.dll 2008-10-16 13:13 1,809,944 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-10-16 13:12 202,776 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-10-16 13:09 92,696 ----a-w C:\WINDOWS\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w C:\WINDOWS\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w C:\WINDOWS\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w C:\WINDOWS\system32\muweb.dll 2008-10-16 01:02 669,184 ----a-w C:\WINDOWS\system32\wininet.dll 2008-08-13 07:11 24 ----a-w C:\Documents and Settings\Eigenaar\jagex_runescape_preferences.dat 2008-09-15 13:05 56 --sh--r C:\WINDOWS\system32\60AF2ED151.sys 2008-10-07 15:44 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PlayNC Launcher"="C:\Program Files\NCSoft\Launcher\NCLauncher.exe" [2008-06-09 13:23 38128] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 21:32 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 03:27 144784] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-12-14 13:34 413696] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 11:22 86016] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 11:22 7700480] "norman zanda"="C:\Norman\Npm\bin\ZLH.EXE" [2008-06-02 14:46 273520] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840] "Hitman Pro Expiration Helper"="C:\Program Files\Hitman Pro\xphelper.exe" [2007-01-30 13:41 596760] "PCTAVApp"="C:\Program Files\PC Tools AntiVirus\PCTAV.exe" [2008-12-04 08:54 1370000] "nwiz"="nwiz.exe" [2006-10-22 11:22 1622016 C:\WINDOWS\system32\nwiz.exe] "Dit"="Dit.exe" [2004-07-20 17:18 90112 C:\WINDOWS\Dit.exe] "AGRSMMSG"="AGRSMMSG.exe" [2005-03-08 14:53 88203 C:\WINDOWS\AGRSMMSG.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 21:32 15360] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264] C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Opstarten\ OpenOffice.org 2.4 .lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 14:41:28 393216] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 22:23:26 282624] Ralink Wireless Utility.lnk - C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [2008-08-09 15:55:01 638976] Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 23:49:24 73728] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\World of Warcraft\\WoW-2.4.2-enGB-downloader.exe"= "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"= "C:\\Program Files\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"= "C:\\Program Files\\Sierra\\FEARCombat\\fpupdate.exe"= "C:\\Program Files\\Sierra\\FEARCombat\\FEARServer.exe"= "C:\\Program Files\\Sierra\\FEAR\\fpupdate.exe"= "C:\\Program Files\\Sierra\\FEAR\\FEARServer.exe"= "C:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"= "C:\\Program Files\\Sierra\\FEAR\\FEARXP\\FEARXP.exe"= "C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"= "C:\\Program Files\\Sierra\\FEAR\\FEARMP.exe"= "C:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6112:TCP"= 6112:TCP:Wow downloader "6881:TCP"= 6881:TCP:Wow "6999:TCP"= 6999:TCP:download wow "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "24800:TCP"= 24800:TCP:*:Disabled:SolidNetworkManager "24800:UDP"= 24800:UDP:*:Disabled:SolidNetworkManager "61655:TCP"= 61655:TCP:*:Disabled:SolidNetworkManager "61655:UDP"= 61655:UDP:*:Disabled:SolidNetworkManager R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2008-05-07 15:06:47 1287296] R3 nsesvc;Norman Scanner Engine Service;C:\Norman\Nse\Bin\Nsesvc.exe [2008-12-27 11:14:40 322616] R3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\drivers\nvcw32mf.sys [2008-12-27 11:14:26 19512] R3 nvcoas;Norman Virus Control on-access component;C:\Norman\NVC\Bin\Nvcoas.exe [2008-12-27 11:14:26 183352] R3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\NVC\Bin\Nvcsched.exe [2008-12-27 11:14:26 146488] R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys [2008-08-09 15:52:21 19928] R4 Ndiskio;Ndiskio;C:\Norman\Nse\Bin\Ndiskio.sys [2008-12-27 11:14:40 20448] S0 gsbidin;gsbidin;C:\WINDOWS\system32\drivers\ttcek.sys --> C:\WINDOWS\system32\drivers\ttcek.sys [?] S0 rseb;rseb; [x] S1 34884e3f;34884e3f;C:\WINDOWS\system32\drivers\34884e3f.sys --> C:\WINDOWS\system32\drivers\34884e3f.sys [?] S1 839e9b08;839e9b08;C:\WINDOWS\system32\drivers\839e9b08.sys [2009-01-10 16:39:18 0] S1 a68ba1c9;a68ba1c9;C:\WINDOWS\system32\drivers\a68ba1c9.sys [2009-01-10 16:52:21 0] S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\drivers\USBCRFT.SYS [2008-08-09 15:51:29 17408] S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2009-01-12 16:59:37 38496] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mchInjDrv [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae1a1cf8-e08f-11dd-8d02-00110951a57e}] \shell\autorun\command - M:\PPTVIEW.EXE /L "playlist.txt" \shell\startwdh\command - M:\PPTVIEW.EXE /L "playlist.txt" . Inhoud van de 'Gedeelde Taken' map 2009-01-12 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36] 2009-01-13 C:\WINDOWS\Tasks\tdifbpdh.job - C:\WINDOWS\system32\rundll32.exe [2008-04-14 21:33] . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-Cmaudio - cmicnfg.cpl ShellExecuteHooks-{04578D8D-6130-411B-BEE5-DFF22903F732} - (no file) . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.hetnet.nl/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s LSP: C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll . Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:51, on 2009-01-13 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\System32\alg.exe C:\Norman\nse\bin\NSESVC.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Norman\Npm\bin\ZLH.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\Dit.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\NCSoft\Launcher\NCLauncher.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Norman\Nvc\bin\cclaw.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Enigma Browser\Enigma.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Net - Vandaag op Het Net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [norman zanda] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe" O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN O4 - HKCU\..\Run: [PlayNC Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231779294921 O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: PC Tools AntiVirus Engine (pctavsvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe O23 - Service: Pml Driver HPZ12 (pml driver hpz12) - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Unknown owner - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (file missing) -- End of file - 7184 bytes
- 13 januari 2009
- 16 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Het is gelukt, heel erg bedankt!
- 12 januari 2009
- 16 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Ik heb de stappen uitgevoerd, ik kon die ICF en FCI dingen in dat Hijackthis logje niet vinden dus heb ik ze niet aangevinkt. Met die scanner had hij 54 virussen ofzo gevonden en na herstart gaf Norman Virus Control aan dat er allemaal trojans binnenkwamen een stuk of 7. Maarr goed... Hier zijn de logjes: Hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:22:10, on 12-1-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\System32\alg.exe C:\Norman\nse\bin\NSESVC.EXE C:\WINDOWS\system32\svchost.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\WINDOWS\Explorer.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\TEMP\BN3.tmp C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Norman\Npm\bin\ZLH.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\Dit.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\PC Tools AntiVirus\PCTAV.exe C:\Program Files\NCSoft\Launcher\NCLauncher.exe C:\WINDOWS\system32\ctfmon.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Enigma Browser\Enigma.exe C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Net - Vandaag op Het Net R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {00CBD2E9-4B32-468C-97F4-D04C26454074} - (no file) O2 - BHO: (no name) - {02ABF62E-D5EC-4069-BA98-75CE5306742F} - (no file) O2 - BHO: (no name) - {02d1d660-366c-4816-8bd9-841aa0cc567e} - (no file) O2 - BHO: (no name) - {04578D8D-6130-411B-BEE5-DFF22903F732} - C:\WINDOWS\system32\yayyWnkh.dll (file missing) O2 - BHO: (no name) - {04B9DD96-B706-4896-9C4D-F472AEA1D970} - (no file) O2 - BHO: (no name) - {0d258113-c2f0-42c2-9f25-751812a35cee} - (no file) O2 - BHO: (no name) - {12AFD10D-E5B1-4FEB-9FCC-DE0BF395C859} - (no file) O2 - BHO: (no name) - {14E61F94-2410-4FF6-A4FB-6C946FFF0910} - (no file) O2 - BHO: (no name) - {15B0DF91-3E7C-469F-919D-FD7CB54DD7EF} - (no file) O2 - BHO: (no name) - {185fa643-4361-46e9-b0c0-98b31d6046cf} - (no file) O2 - BHO: (no name) - {18E65993-B815-45D8-87B0-910E46CD6596} - (no file) O2 - BHO: (no name) - {293368ac-b485-4139-ad1a-798c0e89d659} - (no file) O2 - BHO: (no name) - {29f9f1b5-2c64-48cb-b436-38f5d8475ba5} - (no file) O2 - BHO: (no name) - {2a36d16d-188e-46e7-9a00-fc7f8fab95fa} - C:\WINDOWS\system32\ddcCSIYR.dll (file missing) O2 - BHO: (no name) - {2F334FCA-CFCD-4516-A345-7532A84A6383} - (no file) O2 - BHO: (no name) - {339ae631-8a4e-4ffb-bd81-289a8a1721ca} - (no file) O2 - BHO: (no name) - {3675aecc-6572-4d27-bb2b-476fd11b6548} - (no file) O2 - BHO: (no name) - {36d6b878-b640-4996-bb3e-e010ad0eb895} - (no file) O2 - BHO: (no name) - {3ede4402-3a9e-4008-9030-931dc480f6b9} - (no file) O2 - BHO: (no name) - {40D02709-172D-4D29-AE10-A74815C75B4B} - (no file) O2 - BHO: (no name) - {41b59e29-a31f-4ee3-bc56-03589f11a6d1} - (no file) O2 - BHO: (no name) - {4879D1B4-8AF6-489B-BD97-D88B404AC661} - (no file) O2 - BHO: (no name) - {4d54c90e-3f12-4fe5-bd72-947aa330b39a} - (no file) O2 - BHO: (no name) - {551ccd00-2f5d-40ee-bb05-588c66f7439b} - (no file) O2 - BHO: (no name) - {595492AB-7553-4BC5-A01A-1D3DB12F2FB6} - (no file) O2 - BHO: (no name) - {660BCD40-7750-484A-BE64-8DD6D62AA471} - (no file) O2 - BHO: (no name) - {66D73A2A-1BD9-44C9-BCDC-E0A035D210B4} - (no file) O2 - BHO: (no name) - {67259ADE-BDF9-44EA-9D9D-3D8BC6686EAA} - (no file) O2 - BHO: (no name) - {68CB75EE-F5AB-4FA2-955B-7F907283EA62} - (no file) O2 - BHO: (no name) - {6F9EBC00-46F0-4562-A3B1-1BDEA5B27432} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {763FF21B-0D09-4AB8-8032-E9996BC76C97} - (no file) O2 - BHO: (no name) - {803F9654-6153-4ED3-8081-DDCEA1F3F779} - (no file) O2 - BHO: (no name) - {80D3B21C-13D5-46B5-B47A-8D0B12145451} - (no file) O2 - BHO: (no name) - {80E86B5B-DDA3-4A01-96B6-5EAA5F204314} - (no file) O2 - BHO: (no name) - {816DA4D1-2019-4942-9A2A-17F84E3AC032} - (no file) O2 - BHO: (no name) - {81D16261-4171-46DB-9E76-0EC579D335EE} - (no file) O2 - BHO: (no name) - {875f1284-2a15-4c30-ae6d-c0026e5d9a4d} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {94F97081-8839-4873-9B22-8AA9DCC00192} - (no file) O2 - BHO: (no name) - {95C62D67-246A-4DD6-A20F-AA734B122536} - (no file) O2 - BHO: (no name) - {9653FC67-D83B-4ADB-8AEF-89456E14AAA3} - (no file) O2 - BHO: (no name) - {96B9E713-43EA-422E-95A0-3007BA3700B8} - (no file) O2 - BHO: (no name) - {9828CE7D-CD4C-4FCD-A8F8-A3AFFF9699B4} - (no file) O2 - BHO: (no name) - {997034F6-5ECB-4C44-89A3-03B773EF22AE} - (no file) O2 - BHO: (no name) - {9b37f930-b8eb-41a4-a3dd-ebb406e1deb9} - (no file) O2 - BHO: (no name) - {9E0BD41B-4CA9-4D9A-9275-5A40E2771AC4} - (no file) O2 - BHO: (no name) - {a578256b-c61e-4919-b1b3-42bd44c625f4} - (no file) O2 - BHO: (no name) - {A5F1E95D-201F-4DEB-B24C-E1F70E2A3B96} - (no file) O2 - BHO: (no name) - {A6B1D865-D339-4D29-B1FF-B8536B768862} - (no file) O2 - BHO: (no name) - {A793575F-4587-4855-89CB-2CEDD34C4B35} - (no file) O2 - BHO: (no name) - {A95ED814-43CD-4833-9C01-E6ED78988117} - (no file) O2 - BHO: (no name) - {AFE1AA34-4635-4D26-8A67-4DB000407EE7} - (no file) O2 - BHO: (no name) - {B3E936AB-2006-4F02-B155-37FA28F4A77A} - (no file) O2 - BHO: (no name) - {C0172BB7-04A8-4392-BDF3-EA33C41271BB} - (no file) O2 - BHO: (no name) - {C29B735F-13AB-4532-AC5F-28EA0752F8BE} - (no file) O2 - BHO: (no name) - {c2dcad99-a5f5-4c6e-9b08-f4268b65f690} - (no file) O2 - BHO: (no name) - {c32282ce-901c-4393-8300-44dca55f9a71} - (no file) O2 - BHO: (no name) - {C5F1FA5C-5744-4623-A8E2-B115EBC27816} - (no file) O2 - BHO: (no name) - {D14B29E2-F610-40DC-B701-A594B2872BDB} - (no file) O2 - BHO: (no name) - {D264881A-6653-4568-93D0-B5F821A251F2} - (no file) O2 - BHO: (no name) - {E73CF733-9351-4F0A-9A2B-255B69CC5B58} - (no file) O2 - BHO: (no name) - {FD1C7923-0D25-4FB6-9E3E-9F9DA354E941} - (no file) O3 - Toolbar: Earn2Life Bar - {93344865-74BD-4873-BE65-56539D41A65C} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [norman zanda] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe" O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN O4 - HKCU\..\Run: [PlayNC Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: *.moove.com O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - http://www.activeworlds.com/products/ActiveWorldsDownload.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab O16 - DPF: {93344865-74BD-4873-BE65-56539D41A65C} (Earn2Life Bar) - http://www.earn2life.com/plugin/Earn2Life.cab O20 - Winlogon Notify: vbtlms - C:\WINDOWS\SYSTEM32\vbtlms.dll O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: PC Tools AntiVirus Engine (pctavsvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe O23 - Service: Pml Driver HPZ12 (pml driver hpz12) - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Unknown owner - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (file missing) -- End of file - 12397 bytes MBAM LOG: Malwarebytes' Anti-Malware 1.32 Database versie: 1646 Windows 5.1.2600 Service Pack 3 12-1-2009 17:10:29 mbam-log-2009-01-12 (17-10-29).txt Scan type: Snelle Scan Objecten gescand: 69605 Verstreken tijd: 7 minute(s), 24 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 2 Registersleutels geïnfecteerd: 49 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 4 Bestanden geïnfecteerd: 92 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: C:\WINDOWS\system32\dpwsockx32.dll (Trojan.Downloader) -> Delete on reboot. C:\WINDOWS\system32\crypts.dll (Trojan.Agent) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\58a6a323511 (Trojan.Downloader) -> Delete on reboot. HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8cbb349a-6b7b-445b-8296-1586b859e942} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a85ca9ae-00b0-49c3-ba80-bac3084e433e} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e67d5bc7-7129-493e-9281-f47bdaface4f} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{2ee92bca-74c4-4d4b-88da-db9f9e3c9f93} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab59b4-55a3-4737-9fd5-b93c6430bf78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ati4rwxx (Rootkit.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ati4rwxx (Rootkit.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ati4rwxx (Rootkit.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ati4rwxx (Rootkit.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ati4rwxx (Rootkit.Agent) -> Delete on reboot. HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedRunner (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\VnrBlock (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fci (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully. C:\WINDOWS\Fonts\' (Trojan.Agent) -> Files: 23356 -> Quarantined and deleted successfully. C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\WINDOWS\system32\eubgftcy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yctfgbue.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uwfrqtci.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ictqrfwu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\aqxwdnqa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dpwsockx32.dll (Trojan.Downloader) -> Delete on reboot. C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ickwadux.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cjqiikwc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pmdesrrs.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vleqqvgc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dstaqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\krgafkqk.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\msqpdxebxumqlv.dll (Trojan.TDSS) -> Delete on reboot. C:\WINDOWS\system32\jamqrkjj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jbrgavrj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sinjmj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bvgpoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nxrycb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nzmlzg.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ocdtbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jyksdlrd.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dcxkhlvk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xwebphso.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xyxpgc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\gdoucpgh.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kglmjw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kllxqc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qplqdyxl.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\34884e3f.sys (Rootkit.Agent) -> Delete on reboot. C:\WINDOWS\system32\drivers\ati4rwxx.sys (Rootkit.Agent) -> Delete on reboot. C:\Documents and Settings\Gaming Account\Local Settings\Temp\__1A.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Local Settings\Temp\__1B.tmp (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\Documents and Settings\Eigenaar\Local Settings\Temp\Temporary Internet Files\Content.IE5\SXIJ4T2N\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Application Data\Microsoft\Windows\iqgcm.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Application Data\speedrunner\config.cfg (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Application Data\speedrunner\SRUninstall.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\Server.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\1.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\msqpdxwkkypkhb.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\winhelp.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\TDSSserv.sys (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\crypts.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\beep.sys (Fake.Beep.Sys) -> Delete on reboot. C:\WINDOWS\system32\svchost.exe:ext.exe (Rootkit.ADS) -> Quarantined and deleted successfully. C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ljJDwxur.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM5b959010.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM5b959010.txt (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Application Data\Twain\Twain.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN2.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN4.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN5.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN6.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN7.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN8.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN9.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Local Settings\Temp\TDSS31b0.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Local Settings\Temp\TDSS31bf.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Local Settings\Temp\TDSS53be.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Local Settings\Temp\TDSS7af9.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN10.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN11.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN12.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN13.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN14.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN15.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN16.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN17.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN18.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN19.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1A.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1B.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1D.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1E.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1F.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN20.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN21.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN22.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN23.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN26.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN40.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Local Settings\Temp\TDSSfe66.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\Local Settings\Temp\TDSSfeb4.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Gaming Account\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. Is het nu klaar of moet ik nog iets doen?
- 12 januari 2009
- 16 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki reageerde op lufraki's topic in Archief Bestrijding malware & virussen

Hier is het logje. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:15:05, on 12-1-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\Norman\nse\bin\NSESVC.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\System32\rs32net.exe C:\WINDOWS\Config\svchost.exe C:\Norman\Npm\bin\ZLH.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\Dit.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\Config\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\TEMP\vvu22.tmp C:\Documents and Settings\Gaming Account\Application Data\Twain\Twain.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Gaming Account\Application Data\SpeedRunner\SpeedRunner.exe C:\Documents and Settings\Gaming Account\Application Data\Microsoft\Windows\iqgcm.exe C:\Program Files\NCSoft\Launcher\NCLauncher.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\rs32net.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Enigma Browser\Enigma.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Net - Vandaag op Het Net R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: Earn2Life Bar - {93344865-74BD-4873-BE65-56539D41A65C} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll O4 - HKLM\..\Run: [tvdkoogmbgxp] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\doousebqwdccpvio.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [norman zanda] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [host process] C:\WINDOWS\Fonts\svchost.exe O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe" O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Asavofihu] rundll32.exe "C:\WINDOWS\Alunapevafiy.dll",e O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKCU\..\Run: [twain] C:\Documents and Settings\Gaming Account\Application Data\Twain\Twain.exe O4 - HKCU\..\Run: [speedrunner] C:\Documents and Settings\Gaming Account\Application Data\SpeedRunner\SpeedRunner.exe O4 - HKCU\..\Run: [sfkg6wip] C:\Documents and Settings\Gaming Account\Application Data\Microsoft\Windows\iqgcm.exe O4 - HKCU\..\Run: [PlayNC Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe O4 - HKLM\..\Policies\Explorer\Run: [CnfgWLAN] C:\WINDOWS\Config\svchost.exe O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O9 - Extra button: Earn2Life Bar - {07328B93-AFD8-4c6a-99E9-D0B3B5D6DAD9} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll O9 - Extra 'Tools' menuitem: Earn2Life Bar - {07328B93-AFD8-4c6a-99E9-D0B3B5D6DAD9} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eigenaar\Menu Start\Programma's\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: *.moove.com O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - http://www.activeworlds.com/products/ActiveWorldsDownload.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab O16 - DPF: {93344865-74BD-4873-BE65-56539D41A65C} (Earn2Life Bar) - http://www.earn2life.com/plugin/Earn2Life.cab O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - Unknown owner - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 (pml driver hpz12) - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Unknown owner - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (file missing) -- End of file - 9034 bytes
- 12 januari 2009
- 16 antwoorden
[OPGELOST] Ik zoek hulp voor computer herstart virus!

lufraki plaatste een topic in Archief Bestrijding malware & virussen

Hallo, ik gebruik Visual Basic 2008 express edition en altijd als ik een nieuw project wil openen wordt de computer afgesloten! Ik heb de computer al heel vaak met Norman Virus Control gescand maar daarnee lukt het niet. Weet hier iemand met welk virus ik te maken heb of hoe ik dit virus eraf kan krijgen? (Ik gebruik een windows xp) Alvast bedankt
- 12 januari 2009
- 16 antwoorden

Inloggen

lufraki

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Alles dat geplaatst werd door lufraki

Hotmail

[OPGELOST] visual basic: van listbox naar textbox???

[OPGELOST] Visual Basic publishing en properties probleem

[OPGELOST] Visual Basic publishing en properties probleem

map niet te openen

[OPGELOST] Geen toegang tot lokaal station (C:) en backup (D:)

Te donker beeld!

[OPGELOST] Visual Basic antivirus

[OPGELOST] Visual Basic : Identifier expected?

[OPGELOST] Visual Basic : Identifier expected?

[OPGELOST] Ik zoek hulp voor computer herstart virus!

[OPGELOST] Ik zoek hulp voor computer herstart virus!

[OPGELOST] Ik zoek hulp voor computer herstart virus!

Geen geluid meer.

Overzetten gegevens usb stick

[OPGELOST] Ik zoek hulp voor computer herstart virus!

[OPGELOST] Ik zoek hulp voor computer herstart virus!

[OPGELOST] Ik zoek hulp voor computer herstart virus!

[OPGELOST] Ik zoek hulp voor computer herstart virus!

[OPGELOST] Ik zoek hulp voor computer herstart virus!

[OPGELOST] Ik zoek hulp voor computer herstart virus!

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie