Marcel VD
-
Items
11 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Marcel VD
-
-
BitDefender Log File
Product: BitDefender Total Security 2010
Version: BitDefender Antivirus Scanner
Scanning task: Deep System Scan
Log date: 5/06/2009 20:18:52
Log path: C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1244225932_1_01.xml
Scan paths:
Path 0000: C:\
Scan options:
Scan for viruses: Yes
Scan for adware: Yes
Scan for spyware: Yes
Scan for applications: Yes
Scan for dialers: Yes
Scan for rootkits: Yes
Scan for keyloggers: Yes
Options:
Scan registry keys: Yes
Scan cookies: Yes
Scan boot sectors: Yes
Scan memory processes: Yes
Scan archives: Yes
Scan runtime packers: Yes
Scan e-mails: No
Scan all files: Yes
Heuristic Scan: Yes
Scanned extensions:
Excluded extensions:
Target Processing:
Default first action for infected objects: Disinfect
Default second action for infected objects: None
Default first action for suspect objects : None
Default second action for suspicious objects: None
Default action for hidden objects: None
Default first action for encrypted infected objects: Disinfect
Default second action for encrypted infected objects: None
Default first action for encrypted suspicious objects: None
Default second action for encrypted suspicious objects: None
Default action for password-protected objects: Log only
Scan Engines Summary
Virus signatures: 2666124
Archive plugins: 43
E-mail plugins: 6
Scan plugins: 12
System plugins: 5
Unpack plugins: 7
Overall Scan Summary
Scanned items: 215770
Skipped items: 0
Infected items: 28
Suspect items: 0
Resolved items: 28
Unresolved items: 0
Password-protected items: 16
Over-compressed items: 2
Individual viruses found: 11
Scanned folders: 8154
Scanned boot sectors: 2
Scanned archives: 1207
Input-output errors: 0
Scan time: 00:55:09
Files per second: 62
Scanned Processes Summary
Scanned: 28
Infected: 0
Scanned registry keys summary
Scanned: 749
Infected: 0
Scanned cookies summary
Scanned: 75
Infected: 0
Resolved issues:
Object Path Threat Name Final Status C:\Documents and Settings\Marcel.MARCEL-946000E7\Local Settings\Temp\BItDef-www.warezraid.com.rar=]Patches__BitDefender Total Security 2008\Patch.exe Trojan.Qhost.AKR Deleted archive C:\Program Files\MicPhone\antit.dll Gen:Trojan.Heur.1058A78C8C Moved to Quarantine C:\Program Files\MicPhone\antit.exe Gen:Trojan.Heur.30708F9494 Moved to Quarantine C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc675\crack\AGE3.EXE Gen:Trojan.Heur.FFAF507272 Moved to Quarantine C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc836.exe Gen:Adware.Heur.4174151515 Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000080.exe Gen:Trojan.Heur.80B04F6D6D Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000094.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000095.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000096.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000097.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000098.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000099.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000100.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000101.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000102.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000103.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000104.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000105.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000106.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000107.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000111.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000275.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000114.exe Gen:Trojan.Heur.2010EFCDCD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000126.exe Gen:Trojan.Heur.2010EFCDCD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000115.exe Gen:Trojan.Heur.40708FADAD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000125.EXE Gen:Trojan.Heur.40708FADAD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000167.exe Gen:Trojan.Heur.7040BF9D9D Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000168.exe Gen:Trojan.Heur.5010EFCDCD Moved to Quarantine
Not scanned objects:
> Object Path Reason: Final Status C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\!! Read Me First !!.txt Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\01-peter_doherty-arcady.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\02-peter_doherty-last_of_the_english_roses.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\03-peter_doherty-1939_returning.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\04-peter_doherty-a_little_death_around_the_eyes.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\05-peter_doherty-salome.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\06-peter_doherty-i_am_the_rain.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\07-peter_doherty-sweet_by_and_by.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\08-peter_doherty-palace_of_bone.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\09-peter_doherty-sheepskin_tearaway.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\10-peter_doherty-broken_love_song.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\11-peter_doherty-new_love_grows_on_trees.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\12-peter_doherty-lady_dont_fall_backwards.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\Front.jpg Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\More Great Downloads at Kurds Portal.url Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\Thumbs.db Password-protected: Not scanned: (file was password-protected) C:\Documents and Settings\Eigenaar\Local Settings\Temp\GLB19.tmp=](Dropped 0) Over-compressed archives: Not scanned: (over-compressed file) C:\Documents and Settings\Eigenaar\Local Settings\Temp\GLB46.tmp=](Dropped 0) Over-compressed archives: Not scanned: (over-compressed file)
-
Hallo,
ik had een virus op mijn computer en was verplicht om Windows opnieuw te installeren maar nu heb ik geen geluid meer en mijn computer zegt dan er geen audio apparaten zijn aangesloten, maar mijn boxen zitten in he juiste(groen) gaatje.
kan iemand mij helpen?
groet
-
oke ik heb alles gedaan wat jullie zeiden, maar bitdefender zegt dat er nog steeds een virus op mijn pc zit wat nu.
-
en een back up maken hoe doe ik dat precies?
---------- Bericht toegevoegd om 16:13 ---------- Vorig bericht was om 16:09 ----------
(zijn MP3, MP4 en wma bestanden geinfecteerd?)
-
Zou je eens stap voor stap willen uitleggen hoe ik dit alles moet doen ik heb namelijk geen zin dat ik het helemaal verknoei.(Kan ik bijvoorbeeld: muziek en word bestanden en foto's behouden??)
-
wat bedoel je precies?
---------- Bericht toegevoegd om 18:39 ---------- Vorig bericht was om 18:34 ----------
Als ik het open met avg op dan krijg ik dit.
"C:\WINDOWS\system32\notepad.exe";"Virus found Win32/Virut";"Object is white-listed (critical/system file that should not be removed)"
"C:\WINDOWS\system32\notepad.exe";"Virus found Win32/Virut";"Object is white-listed (critical/system file that should not be removed)"
---------- Bericht toegevoegd om 18:39 ---------- Vorig bericht was om 18:39 ----------
zonder avg gebeurt er gewoon niets
-
leverde niets op.
En nu???
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:22, on 23/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\BN1.tmp
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Eigenaar\Bureaublad\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: uhuzbuc - uhuzbuc32.dll (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing-service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: COM+-systeemtoepassing (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: COM-service voor IMAPI cd-branders (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Delen van Extern bureaublad met NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Helpsessiebeheer voor Extern bureaublad (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe
O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe
O23 - Service: WMI-prestatieadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 9035 bytes
---------- Bericht toegevoegd om 17:45 ---------- Vorig bericht was om 17:43 ----------
ik heb een bijkomend probleempje: ik slaag er niet in die malwarebytes logfile te openen avg blokkeert dit , Wat raad je me aan?
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:18:07, on 22/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Eigenaar\Bureaublad\HiJackThis.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\BN4.tmp
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Turbine Download Manager Tray Icon] "C:\Program Files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Malware Doctor] C:\Documents and Settings\LocalService\Application Data\916653139.exe
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Malware Doctor] C:\Documents and Settings\LocalService\Application Data\916653139.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: uhuzbuc - C:\WINDOWS\SYSTEM32\uhuzbuc.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AshEvtSvc - Unknown owner - C:\WINDOWS\System32\AshEvtSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing-service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: COM+-systeemtoepassing (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: COM-service voor IMAPI cd-branders (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Delen van Extern bureaublad met NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Helpsessiebeheer voor Extern bureaublad (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe
O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe
O23 - Service: WMI-prestatieadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 9739 bytes
-
Hallo,
ik vroeg mij af of er iemand was die mij kon helpen om mijn computer weer virus vrij te maken. Ik weet totaal niet hoe te beginnen. Ik kan niet meer in mijn taakbeheer, en ik krijg vervelende pop-ups ectr.(Malware Doctor).
Is er iemand die het ziet zitten om mij uit te problemen te helpen laat dan iets weten aub.
groet
Geluidsprobleem
in Archief Hardware algemeen
Geplaatst:
Veld Waarde
Computer
Besturingssysteem Microsoft Windows XP Home Edition
OS Service Pack Service Pack 3
DirectX 4.09.00.0904 (DirectX 9.0c)
Computernaam MARCEL-946000E7
Naam gebruiker Marcel
Moederbord
CPU Type Intel Pentium 4 630, 3000 MHz (15 x 200)
Moederbordnaam Onbekend
Moederbord Chipset VIA P4M800 Pro
Systeemgeheugen 512 MB
BIOS Type Award Modular (11/10/05)
Communicatiepoort Communicatiepoort (COM1)
Communicatiepoort Communicatiepoort (COM2)
Communicatiepoort Printerpoort (LPT1)
Scherm
Video kaart RADEON 9200 PRO Family (Microsoft Corporation) (128 MB)
Video kaart RADEON 9200 PRO SEC Family (Microsoft Corporation) (128 MB)
3D-Versneller ATI Radeon 9250 (RV280)
Monitor Plug en Play-monitor [NoDB] (HMDLA02782)
Multimedia
Geluidskaart VIA AC'97 Enhanced Audio Controller
Opslag
IDE apparaat VIA Bus Master IDE Controller
Diskettestation Diskettestation
Harde schijf ST3200822A (200 GB, 7200 RPM, Ultra-ATA/100)
Harde schijf Generic USB SD Reader USB Device
Harde schijf Generic USB MS Reader USB Device
Harde schijf Generic USB SM Reader USB Device
Harde schijf Generic USB CF Reader USB Device
Optische Station BENQ DVD DD DW1650 (DVD+R9:4x, DVD-R9:4x, DVD+RW:16x/8x, DVD-RW:16x/6x, DVD-ROM:16x, CD:48x/32x/48x DVD+RW/DVD-RW)
SMART Status harde schijf OK
Partities
C: (NTFS) 190779 MB (108741 MB vrij)
Invoerapparaten
Toetsenbord Standaardtoetsenbord (101/102 toetsen) of Microsoft Natural PS/2-toetsenbord
Muis HID-compliant muis
Netwerk
Netwerkkaart Realtek RTL8139 Family PCI Fast Ethernet NIC (192.168.1.4)
Peripherieapparaten
USB1 apparaat VIA VT83C572 PCI-USB Controller
USB1 apparaat VIA VT83C572 PCI-USB Controller
USB1 apparaat VIA VT83C572 PCI-USB Controller
USB1 apparaat VIA VT83C572 PCI-USB Controller
USB2 apparaat VIA USB 2.0 Enhanced Host Controller
USB-apparaat USB-apparaat voor massaopslag
USB-apparaat USB-HID