Ga naar inhoud

west

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    21

  • Registratiedatum

  • Laatst bezocht

Over west

  • Verjaardag 22-09-1978

west's prestaties

Leerling

Leerling (3/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. west
    zal ik zekers doen. maar deze zal voor morgen zijn vrees ik . hou jullie zekers op de hoogte. grts west
  2. west
    het lijkt me dus beter om die handel gewoon van de pc te verwijderen en er terug mijn vertouwd prog op te steken. alvast bedankt iedereen ! ps @ Asus , ik hou je op de hoogte of de verwijdering goed is gelukt . grts west
  3. west
    Ik zit namelijk of liever gezegd heb ik avast internet security
  4. west
    dat dacht ik ook dat die te basic is , maar het is de eerste maal dat ik er in contackt me kom dus bij deze de vraag . ps ;weet er iemand of ik deze ook zo gewoon verwijderen via config of heb ik een uninstaler nodig voor deze a-v grts west ---------- Post toegevoegd om 17:45 ---------- Vorige post was om 17:43 ---------- ben namelijk ook een Avast gebruiker
  5. west
    bedankt voor de reactie , maar wou gewoon eens luisteren of er iemand deze kent en of ie goed is . heb namelijk de anti-virus test van hier gedaan en hij reageerde meteen . En wou weten of het veilig genoeg is deze te laten staan. grts west
  6. west
    Hallo iedereen Bij deze heb ik een vraagje of er iemand is die microsoft security essentials heeft en wat jullie ervaringen er mee zijn als anti-virus prog . Heb namelijk een nieuwe win 7 versie erop geplaatst en deze staat er namelijk op . had er eerst geen erg in , tot ik mijn eigen anti-virus prog er wilde opsteken , dan blokkeerde alles . Zo ben ik het teweten gekomen dat deze er opzit Alvast bedankt grts west
  7. west
    Alles is terug tiptop in orde heel veel dank !!! @clarkie hartelijk bedankt !!!!!
  8. west
    @clarkie bedankt voor de hulp deze laatste heeft geholpen ,youtube enz.. gaat terug hoop dat het zo blijf als deze middag mijn zoontje een online game speelt . Alvast bedankt grts west
  9. west
    dit zou kunnen helpen , maar telkens ik een site open om dan de instellingen te gaan veranderen zoals vermeld staat loopt deze site al vast. grts west ---------- Post toegevoegd om 15:02 ---------- Vorige post was om 14:57 ---------- ben nu eens op een andere site gegaan en gedaan wat er stond maar dit help ook niet
  10. west
    Hallo Kan er mij iemand helpen aub , ik zit namelijk met het volgende probleem. ik werk al jaren met mozilla firefox en onlangs heeft ie een update gedaan van add-on adobe flash player namelijk naar versie 11.1.102.55. En nu loopt ff steeds vast gelijk op site's als youtube en zo. Heb al geprobeerd met de nieuwe firefox 9.0.1 te installeren maar dit help niet , ook al geprobeerd om een oudere versie van adobe flash player te downloaden maar dit helpt namelijk ook niet ! weet er iemand hoe ik dit probleem kan verhelpen ? alvast bedankt grts west
  11. west
    Nog steeds niet opgelost , ik krijg nog altijd deze foutmelding : http://img19.imageshack.us/img19/9295/schermedited.jpg op het einde van de instalatie . grts west
  12. west
    combifix = ComboFix 09-09-23.02 - steve 09/25/2009 12:34.2.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.447.174 [GMT 2:00] Running from: c:\documents and settings\steve\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\steve\Desktop\CFScript.txt..txt AV: avast! antivirus 4.8.1351 [VPS 090924-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "c:\windows\system32\pxcpyi64.exe" "c:\windows\system32\pxinsi64.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\pxcpyi64.exe c:\windows\system32\pxinsi64.exe K:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2009-08-25 to 2009-09-25 ))))))))))))))))))))))))))))))) . 2009-09-24 06:50 . 2009-09-24 06:50 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\MiTAC_International_Corpo 2009-09-24 06:42 . 2009-09-24 06:42 -------- d-----w- c:\program files\Mio Technology 2009-09-24 06:40 . 2009-09-24 06:40 -------- d-----w- c:\documents and settings\steve\Application Data\InstallShield 2009-09-22 18:33 . 2009-09-22 18:33 -------- d-----w- c:\documents and settings\All Users\Application Data\espionServerData 2009-09-22 15:52 . 2009-09-22 15:52 -------- d-----w- c:\documents and settings\steve\Application Data\Bandoo 2009-09-22 15:51 . 2009-09-22 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Bandoo 2009-09-22 15:50 . 2009-09-22 15:51 -------- d-----w- c:\program files\Bandoo 2009-09-22 11:34 . 2009-09-22 11:34 -------- d-----w- c:\program files\Corel 2009-09-12 05:52 . 2009-09-12 05:52 -------- d-----w- c:\documents and settings\steve\Application Data\Ahead 2009-09-12 05:51 . 2009-09-12 05:51 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\Ahead 2009-09-12 05:42 . 2004-10-13 12:28 2277376 ------w- c:\windows\UNNMP.exe 2009-09-12 05:40 . 2004-03-02 14:37 125184 ------w- c:\windows\system32\drivers\imagesrv.sys 2009-09-12 05:40 . 2004-03-02 14:37 5504 ------w- c:\windows\system32\drivers\imagedrv.sys 2009-09-12 05:39 . 2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe 2009-09-12 05:33 . 2004-10-22 15:12 2293760 ------w- c:\windows\UNNeroVision.exe 2009-09-12 05:33 . 2001-03-08 16:30 24064 ------w- c:\windows\system32\msxml3a.dll 2009-09-12 05:32 . 2009-09-12 05:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead 2009-09-12 05:32 . 2004-07-09 06:43 364544 ------w- c:\windows\system32\TwnLib4.dll 2009-09-12 05:32 . 2004-07-26 14:16 471040 ------w- c:\windows\system32\ImagXRA7.dll 2009-09-12 05:32 . 2004-07-26 14:16 476320 ------w- c:\windows\system32\ImagXpr7.dll 2009-09-12 05:32 . 2004-07-26 14:16 262144 ------w- c:\windows\system32\ImagXR7.dll 2009-09-12 05:32 . 2004-07-26 14:16 1568768 ------w- c:\windows\system32\ImagX7.dll 2009-09-12 05:32 . 2001-06-26 05:15 38912 ------w- c:\windows\system32\picn20.dll 2009-09-12 05:32 . 2000-06-26 08:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll 2009-09-12 05:32 . 2009-09-12 05:38 -------- d-----w- c:\program files\Common Files\Ahead 2009-09-12 05:32 . 2009-09-12 05:41 -------- d-----w- c:\program files\Ahead 2009-09-09 11:36 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2009-08-27 17:25 . 2008-04-13 22:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-24 06:42 . 2009-07-19 07:27 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-22 22:01 . 2009-07-19 10:22 -------- d-----w- c:\documents and settings\steve\Application Data\Skype 2009-09-22 22:01 . 2009-07-19 10:27 -------- d-----w- c:\documents and settings\steve\Application Data\skypePM 2009-09-22 17:09 . 2009-07-19 16:30 -------- d-----w- c:\documents and settings\steve\Application Data\vlc 2009-09-22 15:53 . 2009-07-18 20:14 72000 ----a-w- c:\documents and settings\steve\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-22 13:54 . 2009-07-19 12:24 -------- d-----w- c:\program files\Common Files\Adobe 2009-09-10 15:15 . 2009-07-18 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-23 11:07 . 2009-08-23 11:07 -------- d-----w- c:\program files\Alwil Software 2009-08-23 10:42 . 2009-07-19 07:46 -------- d-----w- c:\program files\Common Files\Symantec Shared 2009-08-17 16:10 . 2009-08-23 11:07 1279456 ----a-w- c:\windows\system32\aswBoot.exe 2009-08-17 16:06 . 2009-08-23 11:07 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-08-17 16:06 . 2009-08-23 11:07 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-08-17 16:05 . 2009-08-23 11:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-08-17 16:05 . 2009-08-23 11:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-08-17 16:04 . 2009-08-23 11:07 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-08-17 16:04 . 2009-08-23 11:07 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-08-17 16:03 . 2009-08-23 11:07 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-08-17 16:02 . 2009-08-23 11:07 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-08-14 18:58 . 2009-07-21 19:14 -------- d-----w- c:\documents and settings\steve\Application Data\dvdcss 2009-08-13 08:53 . 2009-08-13 08:53 -------- d-----w- c:\program files\Microsoft Works 2009-08-13 08:53 . 2009-07-18 19:39 -------- d-----w- c:\program files\MSBuild 2009-08-13 08:52 . 2009-08-13 08:52 -------- d-----w- c:\program files\Microsoft.NET 2009-08-13 08:49 . 2009-08-13 08:49 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2009-08-09 16:05 . 2009-07-19 10:45 -------- d-----w- c:\documents and settings\steve\Application Data\Uniblue 2009-08-09 16:05 . 2009-07-19 10:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-08-09 16:04 . 2009-07-19 10:42 -------- d-----w- c:\program files\Uniblue 2009-08-06 15:36 . 2009-08-06 15:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Bluetooth 2009-08-06 15:31 . 2009-08-06 15:31 -------- d-----w- c:\program files\IVT Corporation 2009-08-05 09:01 . 2008-04-14 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-02 09:35 . 2009-08-02 09:35 -------- d-----w- c:\program files\GPLGS 2009-08-02 09:27 . 2009-08-02 09:27 -------- d-----w- c:\program files\Acro Software 2009-08-02 08:13 . 2009-08-02 08:13 -------- d-----w- c:\program files\microsoft frontpage 2009-07-29 04:37 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-07-29 04:37 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-21 16:33 . 2009-07-21 16:33 164 ----a-w- c:\windows\install.dat 2009-07-21 15:46 . 2009-07-21 15:33 104676 ----a-w- c:\windows\hpoins04.dat 2009-07-19 10:39 . 2009-07-19 10:29 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-07-19 10:29 . 2009-07-19 10:29 128 ----a-w- c:\documents and settings\steve\Local Settings\Application Data\fusioncache.dat 2009-07-19 10:27 . 2009-07-19 10:27 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-07-19 07:49 . 2009-07-19 07:49 10344 ----a-w- c:\windows\system32\drivers\symlcbrd.sys 2009-07-19 07:37 . 2009-07-19 07:38 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-07-18 20:21 . 2009-07-18 20:21 0 ----a-w- c:\windows\nsreg.dat 2009-07-18 20:20 . 2009-07-18 20:20 552 ----a-w- c:\windows\system32\d3d8caps.dat 2009-07-18 19:45 . 2009-09-22 11:10 71680 ----a-w- c:\documents and settings\Administrator\GLB2ABB.tmp 2009-07-18 19:45 . 2009-07-18 20:12 71680 ----a-w- c:\documents and settings\steve\GLB2ABB.tmp 2009-07-18 19:45 . 2009-07-18 20:07 71680 ----a-w- c:\windows\system32\config\systemprofile\GLB2ABB.tmp 2009-07-18 19:45 . 2009-07-18 19:45 71680 ----a-w- c:\documents and settings\Default User\GLB2ABB.tmp 2009-07-18 19:24 . 2009-07-18 19:24 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-07-17 19:01 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 21:43 . 2008-07-30 19:24 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-06-29 16:23 . 2008-07-30 19:29 828928 ------w- c:\windows\system32\wininet.dll 2009-06-29 16:23 . 2008-07-30 19:29 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-06-29 16:23 . 2008-07-30 19:28 17408 ----a-w- c:\windows\system32\corpol.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-06-16 1277440] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-06-07 251264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-19 148888] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-04 344064] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2009-05-13 6345840] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-05-21 17881600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-06-29 124928] c:\documents and settings\steve\Start Menu\Programs\Startup\ Styler.lnk - c:\documents and settings\steve\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-7-18 15086] c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [4/21/2009 6:27 PM 29808] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [8/23/2009 1:07 PM 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/23/2009 1:07 PM 20560] R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [7/21/2009 6:36 PM 1205760] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}] RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register . Contents of the 'Scheduled Tasks' folder 2009-09-24 c:\windows\Tasks\User_Feed_Synchronization-{747EFB34-D356-4DC9-BF68-5700ED1A0A45}.job - c:\windows\system32\msfeedssync.exe [2009-07-18 16:36] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\steve\Application Data\Mozilla\Firefox\Profiles\jizk43nh.default\ FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-09-25 12:39 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(992) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-09-25 12:40 ComboFix-quarantined-files.txt 2009-09-25 10:40 ComboFix2.txt 2009-09-25 09:13 Pre-Run: 167,946,702,848 bytes free Post-Run: 167,943,512,064 bytes free 199 --- E O F --- 2009-09-25 05:47 Hijackthis = Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:51:13 PM, on 9/25/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21073) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Styler\Styler.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\WINDOWS\eHome\ehmsas.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [LClock] "C:\Program Files\LClock\LClock.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE" O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avast!] "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe" O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKCU\..\Run: [incrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: Styler.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\PROGRA~1\Bandoo\BndHook.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (Award-winning Security Software for Home and Business Computers) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- End of file - 7445 bytes
  13. west
    hier is het log van combofix . ComboFix 09-09-23.02 - steve 09/25/2009 11:06.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.447.102 [GMT 2:00] Running from: c:\documents and settings\steve\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1351 [VPS 090924-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\progra~1\Webroot\WEBROO~1\Backup\ntSVc.ocx c:\windows\Installer\a7e09.msi . ((((((((((((((((((((((((( Files Created from 2009-08-25 to 2009-09-25 ))))))))))))))))))))))))))))))) . 2009-09-24 06:50 . 2009-09-24 06:50 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\MiTAC_International_Corpo 2009-09-24 06:42 . 2009-09-24 06:42 -------- d-----w- c:\program files\Mio Technology 2009-09-24 06:40 . 2009-09-24 06:40 -------- d-----w- c:\documents and settings\steve\Application Data\InstallShield 2009-09-22 18:33 . 2009-09-22 18:33 -------- d-----w- c:\documents and settings\All Users\Application Data\espionServerData 2009-09-22 15:52 . 2009-09-22 15:52 -------- d-----w- c:\documents and settings\steve\Application Data\Bandoo 2009-09-22 15:51 . 2009-09-22 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Bandoo 2009-09-22 15:50 . 2009-09-22 15:51 -------- d-----w- c:\program files\Bandoo 2009-09-22 13:46 . 2009-09-22 13:46 108544 ------w- c:\windows\system32\pxcpyi64.exe 2009-09-22 13:46 . 2009-09-22 13:46 109568 ------w- c:\windows\system32\pxinsi64.exe 2009-09-22 11:34 . 2009-09-22 11:34 -------- d-----w- c:\program files\Corel 2009-09-12 05:52 . 2009-09-12 05:52 -------- d-----w- c:\documents and settings\steve\Application Data\Ahead 2009-09-12 05:51 . 2009-09-12 05:51 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\Ahead 2009-09-12 05:42 . 2004-10-13 12:28 2277376 ------w- c:\windows\UNNMP.exe 2009-09-12 05:40 . 2004-03-02 14:37 125184 ------w- c:\windows\system32\drivers\imagesrv.sys 2009-09-12 05:40 . 2004-03-02 14:37 5504 ------w- c:\windows\system32\drivers\imagedrv.sys 2009-09-12 05:39 . 2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe 2009-09-12 05:33 . 2004-10-22 15:12 2293760 ------w- c:\windows\UNNeroVision.exe 2009-09-12 05:33 . 2001-03-08 16:30 24064 ------w- c:\windows\system32\msxml3a.dll 2009-09-12 05:32 . 2009-09-12 05:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead 2009-09-12 05:32 . 2004-07-09 06:43 364544 ------w- c:\windows\system32\TwnLib4.dll 2009-09-12 05:32 . 2004-07-26 14:16 471040 ------w- c:\windows\system32\ImagXRA7.dll 2009-09-12 05:32 . 2004-07-26 14:16 476320 ------w- c:\windows\system32\ImagXpr7.dll 2009-09-12 05:32 . 2004-07-26 14:16 262144 ------w- c:\windows\system32\ImagXR7.dll 2009-09-12 05:32 . 2004-07-26 14:16 1568768 ------w- c:\windows\system32\ImagX7.dll 2009-09-12 05:32 . 2001-06-26 05:15 38912 ------w- c:\windows\system32\picn20.dll 2009-09-12 05:32 . 2000-06-26 08:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll 2009-09-12 05:32 . 2009-09-12 05:38 -------- d-----w- c:\program files\Common Files\Ahead 2009-09-12 05:32 . 2009-09-12 05:41 -------- d-----w- c:\program files\Ahead 2009-09-09 11:36 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2009-08-27 17:25 . 2008-04-13 22:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-24 06:42 . 2009-07-19 07:27 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-22 22:01 . 2009-07-19 10:22 -------- d-----w- c:\documents and settings\steve\Application Data\Skype 2009-09-22 22:01 . 2009-07-19 10:27 -------- d-----w- c:\documents and settings\steve\Application Data\skypePM 2009-09-22 17:09 . 2009-07-19 16:30 -------- d-----w- c:\documents and settings\steve\Application Data\vlc 2009-09-22 15:53 . 2009-07-18 20:14 72000 ----a-w- c:\documents and settings\steve\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-22 13:54 . 2009-07-19 12:24 -------- d-----w- c:\program files\Common Files\Adobe 2009-09-10 15:15 . 2009-07-18 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-23 11:07 . 2009-08-23 11:07 -------- d-----w- c:\program files\Alwil Software 2009-08-23 10:42 . 2009-07-19 07:46 -------- d-----w- c:\program files\Common Files\Symantec Shared 2009-08-17 16:10 . 2009-08-23 11:07 1279456 ----a-w- c:\windows\system32\aswBoot.exe 2009-08-17 16:06 . 2009-08-23 11:07 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-08-17 16:06 . 2009-08-23 11:07 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-08-17 16:05 . 2009-08-23 11:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-08-17 16:05 . 2009-08-23 11:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-08-17 16:04 . 2009-08-23 11:07 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-08-17 16:04 . 2009-08-23 11:07 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-08-17 16:03 . 2009-08-23 11:07 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-08-17 16:02 . 2009-08-23 11:07 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-08-14 18:58 . 2009-07-21 19:14 -------- d-----w- c:\documents and settings\steve\Application Data\dvdcss 2009-08-13 08:53 . 2009-08-13 08:53 -------- d-----w- c:\program files\Microsoft Works 2009-08-13 08:53 . 2009-07-18 19:39 -------- d-----w- c:\program files\MSBuild 2009-08-13 08:52 . 2009-08-13 08:52 -------- d-----w- c:\program files\Microsoft.NET 2009-08-13 08:49 . 2009-08-13 08:49 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2009-08-09 16:05 . 2009-07-19 10:45 -------- d-----w- c:\documents and settings\steve\Application Data\Uniblue 2009-08-09 16:05 . 2009-07-19 10:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-08-09 16:04 . 2009-07-19 10:42 -------- d-----w- c:\program files\Uniblue 2009-08-06 15:36 . 2009-08-06 15:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Bluetooth 2009-08-06 15:31 . 2009-08-06 15:31 -------- d-----w- c:\program files\IVT Corporation 2009-08-05 09:01 . 2008-04-14 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-02 09:35 . 2009-08-02 09:35 -------- d-----w- c:\program files\GPLGS 2009-08-02 09:27 . 2009-08-02 09:27 -------- d-----w- c:\program files\Acro Software 2009-08-02 08:13 . 2009-08-02 08:13 -------- d-----w- c:\program files\microsoft frontpage 2009-07-29 04:37 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-07-29 04:37 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-21 16:33 . 2009-07-21 16:33 164 ----a-w- c:\windows\install.dat 2009-07-21 15:46 . 2009-07-21 15:33 104676 ----a-w- c:\windows\hpoins04.dat 2009-07-19 10:39 . 2009-07-19 10:29 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-07-19 10:29 . 2009-07-19 10:29 128 ----a-w- c:\documents and settings\steve\Local Settings\Application Data\fusioncache.dat 2009-07-19 10:27 . 2009-07-19 10:27 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-07-19 07:49 . 2009-07-19 07:49 10344 ----a-w- c:\windows\system32\drivers\symlcbrd.sys 2009-07-19 07:37 . 2009-07-19 07:38 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-07-18 20:21 . 2009-07-18 20:21 0 ----a-w- c:\windows\nsreg.dat 2009-07-18 20:20 . 2009-07-18 20:20 552 ----a-w- c:\windows\system32\d3d8caps.dat 2009-07-18 19:45 . 2009-09-22 11:10 71680 ----a-w- c:\documents and settings\Administrator\GLB2ABB.tmp 2009-07-18 19:45 . 2009-07-18 20:12 71680 ----a-w- c:\documents and settings\steve\GLB2ABB.tmp 2009-07-18 19:45 . 2009-07-18 20:07 71680 ----a-w- c:\windows\system32\config\systemprofile\GLB2ABB.tmp 2009-07-18 19:45 . 2009-07-18 19:45 71680 ----a-w- c:\documents and settings\Default User\GLB2ABB.tmp 2009-07-18 19:24 . 2009-07-18 19:24 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-07-17 19:01 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 21:43 . 2008-07-30 19:24 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-06-29 16:23 . 2008-07-30 19:29 828928 ----a-w- c:\windows\system32\wininet.dll 2009-06-29 16:23 . 2008-07-30 19:29 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-06-29 16:23 . 2008-07-30 19:28 17408 ----a-w- c:\windows\system32\corpol.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-06-16 1277440] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-06-07 251264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-19 148888] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-04 344064] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2009-05-13 6345840] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-05-21 17881600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-06-29 124928] c:\documents and settings\steve\Start Menu\Programs\Startup\ Styler.lnk - c:\documents and settings\steve\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2009-7-18 15086] c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [4/21/2009 6:27 PM 29808] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [8/23/2009 1:07 PM 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/23/2009 1:07 PM 20560] R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [7/21/2009 6:36 PM 1205760] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}] RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register . Contents of the 'Scheduled Tasks' folder 2009-09-24 c:\windows\Tasks\User_Feed_Synchronization-{747EFB34-D356-4DC9-BF68-5700ED1A0A45}.job - c:\windows\system32\msfeedssync.exe [2009-07-18 16:36] 2009-09-20 c:\windows\Tasks\wrSpySweeper_L61CD07705F6244FDA5B685D41125D4D1.job - c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-07-21 13:40] 2009-09-20 c:\windows\Tasks\wrSpySweeper_L61CD07705F6244FDA5B685D41125D4D1.job - c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-07-21 13:40] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\steve\Application Data\Mozilla\Firefox\Profiles\jizk43nh.default\ FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - AddRemove-Resource Hacker 3.4.0 - c:\windows\Resource Hacker 3.4.0\uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-09-25 11:11 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(992) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-09-25 11:13 ComboFix-quarantined-files.txt 2009-09-25 09:13 Pre-Run: 167,689,723,904 bytes free Post-Run: 167,668,944,896 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 213 --- E O F --- 2009-09-25 05:47
  14. west
    ok bedankt grts west
  15. west
    Hoi hier is het logje dat je gevraagd hebt . Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:06:56 AM, on 9/25/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21073) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\LClock\LClock.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Styler\Styler.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\WINDOWS\eHome\ehmsas.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [LClock] "C:\Program Files\LClock\LClock.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE" O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avast!] "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe" O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [CTFMON.EXE] "C:\WINDOWS\system32\ctfmon.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKCU\..\Run: [incrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: Styler.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (Award-winning Security Software for Home and Business Computers) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- End of file - 8513 bytes grts west
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.