djgerben

Bedankt; alles is opgelost!!!

snap niet wat er nu bedoelt word met vinkje terug weg halen. Moet ik hem dan weer aanvinken ofzo of juist niet???

wat bedoel je met vinkje terug weg halen.????? snapp dat niet:s

en dan????

a.u.b.!!!!

Ok hier dan: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:07:45, on 9-3-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230575499969 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5CAE600A-8021-468C-BB7D-E1FB36D1EC2E}: NameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{5CAE600A-8021-468C-BB7D-E1FB36D1EC2E}: NameServer = 192.168.2.1 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 5261 bytes EN ComboFix 09-03-06.02 - Gurpzz 2009-03-09 19:14:40.1 - NTFSx86 Microsoft Windows XP Professional Gestart vanuit: c:\documents and settings\Gurpzz\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . H:\DESKTOP.EXE . (((((((((((((((((((( Bestanden Gemaakt van 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))) . 2009-03-09 14:22 . 2009-03-09 14:22 <DIR> d-------- c:\documents and settings\Gurpzz\Application Data\DivX 2009-03-09 14:21 . 2009-03-09 14:21 <DIR> d-------- c:\program files\DivX 2009-03-08 19:13 . 2009-03-08 19:13 <DIR> d-------- c:\program files\Trend Micro 2009-03-08 18:50 . 2009-03-09 13:48 <DIR> d-------- c:\windows\system32\drivers\Avg 2009-03-08 18:50 . 2009-03-08 18:57 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys 2009-03-08 18:50 . 2009-03-08 18:57 10,520 --a------ c:\windows\system32\avgrsstx.dll 2009-03-08 18:49 . 2009-03-08 18:49 <DIR> d-------- c:\program files\AVG 2009-03-08 17:02 . 2009-03-08 17:02 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-08 17:02 . 2009-03-08 17:02 <DIR> d-------- c:\documents and settings\Gurpzz\Application Data\Malwarebytes 2009-03-08 17:02 . 2009-03-08 17:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-03-08 17:02 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-03-08 17:02 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-03-07 18:00 . 2009-03-09 16:40 <DIR> dr-h----- c:\documents and settings\Gurpzz\Onlangs geopend 2009-03-07 16:01 . 2009-03-08 19:54 1,659 --a------ C:\VirtualDJ Local Database v5.xml 2009-03-01 20:19 . 2009-03-01 20:19 <DIR> d-------- c:\windows\Sun 2009-02-28 15:40 . 2009-03-07 16:08 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP 2009-02-26 19:05 . 2009-03-09 15:44 <DIR> dr------- c:\documents and settings\Gurpzz\Mijn documenten 2009-02-26 10:36 . 2009-02-26 10:36 294,229 --a------ c:\windows\system32\VTHAIA.dat 2009-02-24 19:55 . 2001-09-06 21:27 238,592 --a------ c:\windows\system32\sisgrv.dll 2009-02-24 19:55 . 2001-09-06 21:27 238,592 --a--c--- c:\windows\system32\dllcache\sisgrv.dll 2009-02-24 16:00 . 2009-03-05 16:03 <DIR> d-------- C:\MUSIC!!! 2009-02-21 15:52 . 1997-12-23 02:00 48,128 --a------ c:\windows\system32\WNASPI32.DLL 2009-02-21 15:52 . 2001-10-16 11:58 47,104 --a------ c:\windows\system32\TDXMW32.DLL 2009-02-21 15:52 . 2001-05-28 15:29 28,448 --a------ c:\windows\system32\drivers\CBUSB.SYS 2009-02-21 15:52 . 1997-12-23 02:00 23,936 --a------ c:\windows\system32\drivers\ASPI32.SYS 2009-02-21 15:52 . 2001-05-28 15:30 8,864 --a------ c:\windows\system32\drivers\MARXDEV3.SYS 2009-02-21 15:52 . 2001-05-28 15:30 8,864 --a------ c:\windows\system32\drivers\MARXDEV2.SYS 2009-02-21 15:52 . 2001-05-28 15:30 8,864 --a------ c:\windows\system32\drivers\MARXDEV1.SYS 2009-02-21 15:52 . 2001-10-16 11:58 8,012 --a------ c:\windows\system32\drivers\TDLPT.SYS 2009-02-21 15:52 . 1997-12-23 02:00 5,600 --a------ c:\windows\system\WNASPI32.NT 2009-02-21 15:52 . 1997-12-23 02:00 4,672 --a------ c:\windows\system\WOWPOST.EXE 2009-02-21 15:51 . 2001-11-05 11:56 32,960 --a------ c:\windows\system32\drivers\mmrtkrnl.sys 2009-02-21 15:51 . 2009-02-21 15:51 0 --a------ c:\windows\PROTOCOL.INI 2009-02-21 15:50 . 2009-02-21 15:50 <DIR> d-------- c:\program files\ALCATech 2009-02-21 15:50 . 1999-03-23 09:12 299,520 --a------ c:\windows\uninst.exe 2009-02-21 15:49 . 2009-02-21 15:49 <DIR> d-------- c:\documents and settings\Gurpzz\WINDOWS 2009-02-21 13:54 . 2009-03-08 19:13 <DIR> dr------- C:\Documents 2009-02-20 18:48 . 2009-02-20 18:48 268 --ah----- C:\sqmdata02.sqm 2009-02-20 18:48 . 2009-02-20 18:48 244 --ah----- C:\sqmnoopt02.sqm 2009-02-17 15:22 . 2009-02-17 15:23 <DIR> d-------- c:\program files\QuickTime 2009-02-12 17:33 . 2009-02-12 17:33 <DIR> d-------- c:\documents and settings\Gurpzz\driver 2009-02-10 17:22 . 2009-02-10 17:22 <DIR> d-------- c:\program files\uTorrent 2009-02-10 17:22 . 2009-03-08 19:04 <DIR> d-------- c:\documents and settings\Gurpzz\Application Data\uTorrent . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-08 17:58 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-03-08 17:38 --------- d-----w c:\program files\NCH Swift Sound 2009-03-07 08:41 --------- d-----w c:\program files\Messenger Plus! Live 2009-03-05 15:20 --------- d-----w c:\documents and settings\Gurpzz\Application Data\LimeWire 2009-02-28 14:04 --------- d-----w c:\program files\Windows Live 2009-02-28 12:25 --------- d-----w c:\program files\Common Files\Adobe 2009-02-18 20:40 --------- d-----w c:\program files\Image-Line 2009-02-18 19:44 --------- d-----w c:\program files\LimeWire 2009-02-12 16:29 --------- d-----w c:\documents and settings\All Users\Application Data\WinZip 2009-01-29 19:15 --------- d-----w c:\program files\Outsim 2009-01-27 16:35 --------- d-----w c:\program files\Xvid 2009-01-27 16:28 --------- d-----w c:\program files\Windows Media Connect 2 2009-01-25 18:15 --------- d-----w c:\documents and settings\All Users\Application Data\Adobe Systems 2009-01-25 17:54 --------- d-----w c:\program files\SimpleCheck 2009-01-22 12:39 --------- d-----w c:\documents and settings\Gurpzz\Application Data\NCH Swift Sound 2009-01-21 11:16 --------- d-----w c:\program files\GPLGS 2009-01-21 11:16 --------- d-----w c:\program files\Acro Software 2009-01-21 11:13 --------- d-----w c:\program files\Java 2009-01-20 15:28 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound 2009-01-20 14:45 --------- d-----w c:\program files\NCH Software 2009-01-11 15:46 410,984 ----a-w c:\windows\system32\deploytk.dll 2009-01-10 20:25 446,464 ----a-w c:\windows\system32\hrlhllnk.exe 2009-01-10 20:25 446,464 ----a-w c:\windows\system32\dtshsmon.exe 2009-01-10 20:24 69,686 ----a-w c:\windows\jaeee8785.exe 2009-01-10 20:24 69,686 ----a-w c:\windows\iwddc8784.exe 2009-01-10 20:24 197,450 ----a-w c:\windows\mutfq2134.exe 2009-01-10 20:24 197,450 ----a-w c:\windows\ajhs5668.exe 2009-01-10 20:17 --------- d-----w c:\documents and settings\All Users\Application Data\Trymedia 2009-01-10 20:13 135,168 ----a-w c:\windows\system32\devmgr32.dll 2008-12-28 20:55 558,142 ----a-w c:\windows\java\Packages\L7PRZB13.ZIP 2008-12-28 20:55 155,995 ----a-w c:\windows\java\Packages\466ICO6K.ZIP 2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll 2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-11 136600] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-02-17 413696] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-08 1601304] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Gurpzz\Menu Start\Programma's\Opstarten\ OpenOffice.org 3.0 .lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-03-08 18:57 10520 c:\windows\system32\avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1198:UDP"= 1198:UDP:Windows Media Format SDK (iexplore.exe) "1199:UDP"= 1199:UDP:Windows Media Format SDK (iexplore.exe) R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-08 325128] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-08 298264] R2 MarxDev1;MarxDev1;c:\windows\system32\drivers\MARXDEV1.SYS [2009-02-21 8864] R2 MarxDev2;MarxDev2;c:\windows\system32\drivers\MARXDEV2.SYS [2009-02-21 8864] R2 MarxDev3;MarxDev3;c:\windows\system32\drivers\MARXDEV3.SYS [2009-02-21 8864] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592] S3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);c:\windows\system32\drivers\es1370mp.sys [2009-01-31 37120] . Inhoud van de 'Gedeelde Taken' map 2009-03-09 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20] 2009-03-08 c:\windows\Tasks\Schedule Task Weekly.job - c:\program files\Registry Easy\RE.exe [] . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-AVG8_TRAY - c:\progra~1\AVG8\avgtray.exe . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ TCP: {5CAE600A-8021-468C-BB7D-E1FB36D1EC2E} = 192.168.2.1 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-09 19:18:03 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140311900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" "AB141C35E9F4BF344B9FC010BB17F68A"="" . Voltooingstijd: 2009-03-09 19:20:36 ComboFix-quarantined-files.txt 2009-03-09 18:20:28 Pre-Run: 19.520.061.440 bytes beschikbaar Post-Run: 20,573,405,184 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn 176 --- E O F --- 2009-03-06 08:53:35

Bedankt heb mn bureaublad al weer terug........ moet je dat raport nog of is dat niet meer nodig?? denk het niet.... Bedankt...

heb nog een probleem. ik heb geen icoontjes meer op mn bureaublad. vermoedelijk door een vbs die een ander heeft geopend. Dit VBS'je: Set shl = CreateObject("Wscript.shell") Shl.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop","1" Heb jij een tegenmiddel???

De reactie van Malwarebytes' Anti-Malware: Malwarebytes' Anti-Malware 1.34 Database versie: 1826 Windows 5.1.2600 Service Pack 3 9-3-2009 15:46:53 mbam-log-2009-03-09 (15-46-53).txt Scan type: Volledige Scan (C:\|F:\|) Objecten gescand: 102038 Verstreken tijd: 1 hour(s), 36 minute(s), 21 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden)

Weten jullie die van mij ook??? Heb het zelfde probleem... alvast bedankt.xD mvg, Gerben (p.s. heb Malwarebytes' Anti-Malware al!!) Raport van HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:13:57, on 8-3-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\hrlhllnk.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer (by GURPZZ) R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F3 - REG:win.ini: load=C:\DOCUME~1\Gurpzz\LOCALS~1\netdetect.exe O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3250EBBA-2B50-FE1B-6DE7-B48CE997DBA2} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {8ab6ee6b-1051-6672-9224-5e7c146292e5} - (no file) O2 - BHO: (no name) - {A5EA1B01-18CE-683A-E2FE-A79DC5352A3D} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [hrlhllnk] "C:\WINDOWS\system32\hrlhllnk.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230575499969 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5CAE600A-8021-468C-BB7D-E1FB36D1EC2E}: NameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{5CAE600A-8021-468C-BB7D-E1FB36D1EC2E}: NameServer = 192.168.2.1 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 6322 bytes