Marcel VD

5 juni 2009

Veld Waarde

Computer

Besturingssysteem Microsoft Windows XP Home Edition

OS Service Pack Service Pack 3

DirectX 4.09.00.0904 (DirectX 9.0c)

Computernaam MARCEL-946000E7

Naam gebruiker Marcel

Moederbord

CPU Type Intel Pentium 4 630, 3000 MHz (15 x 200)

Moederbordnaam Onbekend

Moederbord Chipset VIA P4M800 Pro

Systeemgeheugen 512 MB

BIOS Type Award Modular (11/10/05)

Communicatiepoort Communicatiepoort (COM1)

Communicatiepoort Communicatiepoort (COM2)

Communicatiepoort Printerpoort (LPT1)

Scherm

Video kaart RADEON 9200 PRO Family (Microsoft Corporation) (128 MB)

Video kaart RADEON 9200 PRO SEC Family (Microsoft Corporation) (128 MB)

3D-Versneller ATI Radeon 9250 (RV280)

Monitor Plug en Play-monitor [NoDB] (HMDLA02782)

Multimedia

Geluidskaart VIA AC'97 Enhanced Audio Controller

Opslag

IDE apparaat VIA Bus Master IDE Controller

Diskettestation Diskettestation

Harde schijf ST3200822A (200 GB, 7200 RPM, Ultra-ATA/100)

Harde schijf Generic USB SD Reader USB Device

Harde schijf Generic USB MS Reader USB Device

Harde schijf Generic USB SM Reader USB Device

Harde schijf Generic USB CF Reader USB Device

Optische Station BENQ DVD DD DW1650 (DVD+R9:4x, DVD-R9:4x, DVD+RW:16x/8x, DVD-RW:16x/6x, DVD-ROM:16x, CD:48x/32x/48x DVD+RW/DVD-RW)

SMART Status harde schijf OK

Partities

C: (NTFS) 190779 MB (108741 MB vrij)

Invoerapparaten

Toetsenbord Standaardtoetsenbord (101/102 toetsen) of Microsoft Natural PS/2-toetsenbord

Muis HID-compliant muis

Netwerk

Netwerkkaart Realtek RTL8139 Family PCI Fast Ethernet NIC (192.168.1.4)

Peripherieapparaten

USB1 apparaat VIA VT83C572 PCI-USB Controller

USB2 apparaat VIA USB 2.0 Enhanced Host Controller

USB-apparaat USB-apparaat voor massaopslag

USB-apparaat USB-HID

5 juni 2009

BitDefender Log File

Product: BitDefender Total Security 2010

Version: BitDefender Antivirus Scanner

Scanning task: Deep System Scan

Log date: 5/06/2009 20:18:52

Log path: C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1244225932_1_01.xml

Scan paths:

Path 0000: C:\

Scan options:

Scan for viruses: Yes

Scan for adware: Yes

Scan for spyware: Yes

Scan for applications: Yes

Scan for dialers: Yes

Scan for rootkits: Yes

Scan for keyloggers: Yes

Options:

Scan registry keys: Yes

Scan cookies: Yes

Scan boot sectors: Yes

Scan memory processes: Yes

Scan archives: Yes

Scan runtime packers: Yes

Scan e-mails: No

Scan all files: Yes

Heuristic Scan: Yes

Scanned extensions:

Excluded extensions:

Target Processing:

Default first action for infected objects: Disinfect

Default second action for infected objects: None

Default first action for suspect objects : None

Default second action for suspicious objects: None

Default action for hidden objects: None

Default first action for encrypted infected objects: Disinfect

Default second action for encrypted infected objects: None

Default first action for encrypted suspicious objects: None

Default second action for encrypted suspicious objects: None

Default action for password-protected objects: Log only

Scan Engines Summary

Virus signatures: 2666124

Archive plugins: 43

E-mail plugins: 6

Scan plugins: 12

System plugins: 5

Unpack plugins: 7

Overall Scan Summary

Scanned items: 215770

Skipped items: 0

Infected items: 28

Suspect items: 0

Resolved items: 28

Unresolved items: 0

Password-protected items: 16

Over-compressed items: 2

Individual viruses found: 11

Scanned folders: 8154

Scanned boot sectors: 2

Scanned archives: 1207

Input-output errors: 0

Scan time: 00:55:09

Files per second: 62

Scanned Processes Summary

Scanned: 28

Infected: 0

Scanned registry keys summary

Scanned: 749

Infected: 0

Scanned cookies summary

Scanned: 75

Infected: 0

Resolved issues:

Object Path Threat Name Final Status C:\Documents and Settings\Marcel.MARCEL-946000E7\Local Settings\Temp\BItDef-www.warezraid.com.rar=]Patches__BitDefender Total Security 2008\Patch.exe Trojan.Qhost.AKR Deleted archive C:\Program Files\MicPhone\antit.dll Gen:Trojan.Heur.1058A78C8C Moved to Quarantine C:\Program Files\MicPhone\antit.exe Gen:Trojan.Heur.30708F9494 Moved to Quarantine C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc675\crack\AGE3.EXE Gen:Trojan.Heur.FFAF507272 Moved to Quarantine C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc836.exe Gen:Adware.Heur.4174151515 Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000080.exe Gen:Trojan.Heur.80B04F6D6D Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000094.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000095.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000096.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000097.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000098.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000099.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000100.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000101.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000102.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000103.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000104.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000105.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000106.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000107.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000111.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000275.exe Gen:Malware.Heur.1020DFCFCF Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000114.exe Gen:Trojan.Heur.2010EFCDCD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000126.exe Gen:Trojan.Heur.2010EFCDCD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000115.exe Gen:Trojan.Heur.40708FADAD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000125.EXE Gen:Trojan.Heur.40708FADAD Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000167.exe Gen:Trojan.Heur.7040BF9D9D Moved to Quarantine C:\System Volume Information\_restore{96BF8599-4DAE-4762-B526-342DB407A0B9}\RP3\A0000168.exe Gen:Trojan.Heur.5010EFCDCD Moved to Quarantine

Not scanned objects:

> Object Path Reason: Final Status C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\!! Read Me First !!.txt Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\01-peter_doherty-arcady.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\02-peter_doherty-last_of_the_english_roses.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\03-peter_doherty-1939_returning.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\04-peter_doherty-a_little_death_around_the_eyes.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\05-peter_doherty-salome.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\06-peter_doherty-i_am_the_rain.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\07-peter_doherty-sweet_by_and_by.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\08-peter_doherty-palace_of_bone.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\09-peter_doherty-sheepskin_tearaway.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\10-peter_doherty-broken_love_song.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\11-peter_doherty-new_love_grows_on_trees.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\12-peter_doherty-lady_dont_fall_backwards.mp3 Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\Front.jpg Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\More Great Downloads at Kurds Portal.url Password-protected: Not scanned: (file was password-protected) C:\RECYCLER\S-1-5-21-839522115-616249376-1177238915-1003\Dc856.rar=]Peter Dohert - Grace Wastelands (2009)\Thumbs.db Password-protected: Not scanned: (file was password-protected) C:\Documents and Settings\Eigenaar\Local Settings\Temp\GLB19.tmp=](Dropped 0) Over-compressed archives: Not scanned: (over-compressed file) C:\Documents and Settings\Eigenaar\Local Settings\Temp\GLB46.tmp=](Dropped 0) Over-compressed archives: Not scanned: (over-compressed file)

5 juni 2009

Hallo,

ik had een virus op mijn computer en was verplicht om Windows opnieuw te installeren maar nu heb ik geen geluid meer en mijn computer zegt dan er geen audio apparaten zijn aangesloten, maar mijn boxen zitten in he juiste(groen) gaatje.

kan iemand mij helpen?

groet

3 juni 2009

oke ik heb alles gedaan wat jullie zeiden, maar bitdefender zegt dat er nog steeds een virus op mijn pc zit wat nu.

25 mei 2009

en een back up maken hoe doe ik dat precies?

---------- Bericht toegevoegd om 16:13 ---------- Vorig bericht was om 16:09 ----------

(zijn MP3, MP4 en wma bestanden geinfecteerd?)

25 mei 2009

Zou je eens stap voor stap willen uitleggen hoe ik dit alles moet doen ik heb namelijk geen zin dat ik het helemaal verknoei.(Kan ik bijvoorbeeld: muziek en word bestanden en foto's behouden??)

23 mei 2009

wat bedoel je precies?

---------- Bericht toegevoegd om 18:39 ---------- Vorig bericht was om 18:34 ----------

Als ik het open met avg op dan krijg ik dit.

"C:\WINDOWS\system32\notepad.exe";"Virus found Win32/Virut";"Object is white-listed (critical/system file that should not be removed)"

---------- Bericht toegevoegd om 18:39 ---------- Vorig bericht was om 18:39 ----------

zonder avg gebeurt er gewoon niets

23 mei 2009

leverde niets op.

En nu???

23 mei 2009

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:31:22, on 23/05/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\TEMP\BN1.tmp

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Eigenaar\Bureaublad\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab

O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: uhuzbuc - uhuzbuc32.dll (file missing)

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Indexing-service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe

O23 - Service: COM+-systeemtoepassing (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: COM-service voor IMAPI cd-branders (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Delen van Extern bureaublad met NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: Helpsessiebeheer voor Extern bureaublad (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe

O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe

O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe

O23 - Service: WMI-prestatieadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--

End of file - 9035 bytes

---------- Bericht toegevoegd om 17:45 ---------- Vorig bericht was om 17:43 ----------

ik heb een bijkomend probleempje: ik slaag er niet in die malwarebytes logfile te openen avg blokkeert dit , Wat raad je me aan?

22 mei 2009

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:18:07, on 22/05/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Eigenaar\Bureaublad\HiJackThis.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\TEMP\BN4.tmp