steve73
-
Items
20 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door steve73
-
Ik zou graag effe men logjes willen laten nakijken om te zien of alles nog inorde is. Omdat de explorer veel site's tegenhoud of de webpagina niet kan vinden. Alvast bedankt Malwarebytes' Anti-Malware 1.41 Database versie: 2814 Windows 6.0.6002 Service Pack 2 22/09/2010 22:13:19 mbam-log-2010-09-22 (22-12-47).txt Scan type: Volledige Scan (C:\|D:\|) Objecten gescand: 306523 Verstreken tijd: 1 hour(s), 18 minute(s), 33 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 2 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\ProgramData\05178728 (Rogue.Multiple) -> No action taken. C:\ProgramData\83811627 (Rogue.Multiple) -> No action taken. Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:18:01, on 22/09/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\FSC Launch Manager\LaunchMgr.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Launch Manager] C:\PROGRA~1\FSCLAU~1\LAUNCH~1.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} (Google Gadget Control) - http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E84CE77B-2028-40E1-9D9A-973A5294C446}: NameServer = 195.238.2.21,195.238.2.22 O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe -- End of file - 7365 bytes
-
Hallo, Kan iemand me zeggen welke router jullie goed vinden? Er moeten 2 laptops draadloos op aangesloten worden en 1 vaste pc met kabel. Bij Telenet provider. MVG Sofie
-
En wat zouden jullie nu doen? 2007 eraf gooien, of beide erop laten staan? Tot mei moet ik nog naar het school en dan zou ik de 2003 eraf gooien maar nu kan ik nog niet omdat ze zo moeilijk doen.
-
Ze zeggen, omdat de meeste bedrijven nog niet overgeschakelt zijn op office 2007, dat we alles moeten leren met office 2003. en als we huiswerk hebben en dat moeten door mailen zou het zijn dat de gegevens en de briefwisselingen anders zouden geschikt worden (wat me raar lijkt).
-
Hallo, Ik heb office 2007 opstaan, nu heb ik voor het school office 2003 nodig. Ik heb die geïnstalleerd maar krijg nu bij de outlook foutmeldingen. De outlook van 2003 heb ik er dus afgehaald maar het blijft. Er staat "niet geïmplementeerd". Wie kan mij helpen, ik had ze er graag allebei op gehad maar in het school zeiden ze dat we er problemen door gingen krijgen, en het is zo ver
-
PC oké!!!! bedankt hè Mag ik weten wat voor een bestand dat eigenlijk was? Is mijn oude pc die een vriend van hen is inorde komen stellen maar die heeft altijd trager gewerkt dan dat ik die had. en er staan veel dingen in die ik er nooit op gezet heb zoals dit onderandere. Bedankt en dan mag dit gesloten worden!
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:36:35, on 17/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZENG07.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1222025948008 O20 - AppInit_DLLs: c:\PROGRA~1\Bandoo\BndHook.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe -- End of file - 6407 bytes Malwarebytes' Anti-Malware 1.41 Database versie: 2973 Windows 5.1.2600 Service Pack 3 17/10/2009 12:35:46 mbam-log-2009-10-17 (12-35-46).txt Scan type: Snelle Scan Objecten gescand: 100666 Verstreken tijd: 5 minute(s), 18 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) ComboFix 09-10-16.09 - pb 17/10/2009 11:50.1.1 - NTFSx86 Gestart vanuit: c:\documents and settings\pb\Mijn documenten\Mijn ontvangen bestanden\ComboFix.exe AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\pb\LOCALS~1\Temp\IadHide3.dll c:\documents and settings\pb\Local Settings\Temp\IadHide3.dll c:\windows\system32\MabryObj.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-09-17 to 2009-10-17 )))))))))))))))))))))))))))))) . 2009-10-17 09:45 . 2009-10-17 09:45 -------- d-----w- c:\documents and settings\pb\Application Data\Malwarebytes 2009-10-14 18:38 . 2009-10-14 18:38 -------- d-----w- c:\program files\Trend Micro 2009-10-14 18:19 . 2009-10-14 18:19 -------- d-----w- c:\documents and settings\pb\Local Settings\Application Data\ESET 2009-10-14 15:32 . 2008-03-03 16:21 568 ---ha-w- c:\windows\nod32fixtemdono.reg 2009-10-14 15:32 . 2008-03-03 12:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg 2009-10-14 15:25 . 2009-10-14 15:25 -------- d-----w- c:\program files\ESET 2009-10-14 15:25 . 2009-10-14 15:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-17 09:44 . 2009-10-17 09:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-17 09:43 . 2009-10-17 09:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-10-17 09:39 . 2008-08-31 12:18 -------- d-----w- c:\program files\Surfairy 2009-10-14 16:35 . 2008-09-21 19:32 -------- d-----w- c:\program files\QuickTime 2009-09-15 19:01 . 2009-09-15 19:01 -------- d-----w- c:\documents and settings\pb\Application Data\Bandoo 2009-09-15 19:00 . 2009-09-15 18:59 -------- d-----w- c:\program files\Bandoo aub, bij mbam waren er geen dingen die verwijdert moesten worden
-
Hier zijn we dan weer:-) Deze keer voor men ouders hun pc. Die is traag niet normaal maar echt traag!!!! het internet ook, hoe moet ik zeggen de pagina's worden snel geladen maar niet weergegeven. Ontvangst is zeer goed dus... Heb een paar dingen gedaan zoals programma's die ze niet gebruiken eraf halen, NOD32 geinstalleerd en de agv of avg er afgehaald. Hier een logje Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:43:10, on 14/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZENG07.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\mmc.exe C:\WINDOWS\system32\DfrgNtfs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Surfairy - {BB9AAAF3-4F8D-48B5-A565-FF3E58433DC2} - C:\Program Files\Surfairy\SurfairyHlp.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: Suggestions - {2223664C-1942-4276-9A2D-E8D8F547C5D2} - res://EffiPeled (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1222025948008 O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe -- End of file - 7120 bytes stond wel een virus op dacht iets met heur erin. Wat kan ik doen?
-
Bedankt allemaal voor jullie hulp. Dit weekend heeft Belgacom hier een paar dagen achter elkaar enkele uren eruit gelegen. Nu gaat onze internet terug super snel en dit zonder kabel!!!! Ik begrijp er niks van. Toch bedankt voor de hulp!!!!
-
Dit is het dan.
-
Heb het gedaan maar dat helpt niks. K snap er niks van...
-
aaah, ik moet dat ingeven. ga ik direct doen!!!! moet ik dat elke keer veranderen als ik bij mijn moeder met men LP op telenet ga?
-
ok ben ik geweest, daar staat "Automatisch een DNS-serveradres laten toewijzen" dat staat aangevinkt. Er staat nergens een serveradres. Bij internetprotocol 6 staat ook alles op automatisch
-
ADSL go hebben we met een wifi verbinding BBOX Is dat het merk en type? ---------- Post toegevoegd om 09:54 ---------- Vorige post was om 09:51 ---------- zo lang hebben we dat nog niet ik denk van juni ofzo, hebben al wel een trojan gehad doordat een vriendin een liedje had doorgestuurd van haar bearshare want zelf hebben we dat niet. Omdat ik vroeger, een aantal jaren geleden, ook via bearshare virussen had binnen gekregen. ---------- Post toegevoegd om 09:56 ---------- Vorige post was om 09:54 ---------- de realtek was al de nieuwe versie toch bedankt!
-
tja, wat dan hè... :viking:eens goed met smijten? hahaha
-
ComboFix 09-09-16.05 - Sofie 17/09/2009 16:04.2.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.2936.1886 [GMT 2:00] Gestart vanuit: c:\users\Sofie\Documents\ComboFix.exe AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Norman Security Suite ver. 7.00 *On-access scanning enabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1372784565-1403818847-2530268298-500 c:\users\Sofie\AppData\Roaming\inst.exe c:\windows\Downloaded Program Files\Install.inf . (((((((((((((((((((( Bestanden Gemaakt van 2009-08-17 to 2009-09-17 )))))))))))))))))))))))))))))) . 2009-09-17 14:10 . 2009-09-17 14:10 -------- d-----w- c:\users\Stevie Wonder\AppData\Local\temp 2009-09-17 14:10 . 2009-09-17 14:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-09-17 07:49 . 2009-09-17 07:49 -------- d-----w- c:\users\Sofie\AppData\Roaming\Malwarebytes 2009-09-17 07:49 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-17 07:49 . 2009-09-17 07:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-17 07:49 . 2009-09-17 07:49 -------- d-----w- c:\programdata\Malwarebytes 2009-09-17 07:49 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-16 19:42 . 2009-09-16 19:42 -------- d-----w- c:\users\Sofie\Office Genuine Advantage 2009-09-16 19:04 . 2009-09-16 19:04 -------- d-----w- c:\program files\Trend Micro 2009-09-16 18:13 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll 2009-09-16 18:13 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll 2009-09-16 18:13 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll 2009-09-16 18:13 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-16 18:13 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll 2009-09-16 18:13 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-09-16 18:13 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll 2009-09-16 18:13 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe 2009-09-03 20:03 . 2009-09-03 20:03 -------- d-----w- c:\programdata\vsosdk 2009-09-03 19:18 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll 2009-09-03 19:18 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll 2009-09-03 19:18 . 2002-12-10 01:20 102439 ----a-w- c:\windows\system32\sipr3260.dll 2009-09-03 19:18 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll 2009-09-03 19:18 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll 2009-09-03 19:18 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll 2009-09-03 19:18 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll 2009-09-03 13:07 . 2009-09-03 19:04 -------- d-----w- c:\users\Sofie\AppData\Roaming\AVS4YOU 2009-09-03 13:07 . 2009-09-03 13:07 -------- d-----w- c:\programdata\AVS4YOU 2009-09-03 13:05 . 2009-09-03 19:05 -------- d-----w- c:\program files\Common Files\AVSMedia 2009-09-03 13:05 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll 2009-09-03 13:05 . 2008-08-13 09:22 487424 ----a-w- c:\windows\system32\msvcp70.dll 2009-09-03 13:05 . 2009-09-03 19:06 -------- d-----w- c:\program files\AVS4YOU 2009-09-03 13:05 . 2008-08-13 09:22 344064 ----a-w- c:\windows\system32\msvcr70.dll 2009-09-03 13:05 . 2008-08-13 09:22 24576 ----a-w- c:\windows\system32\msxml3a.dll 2009-09-03 12:40 . 2009-09-03 12:40 -------- d-----w- c:\users\yfl\LOCALS~1 2009-09-03 12:40 . 2009-09-03 12:40 -------- d-----w- c:\users\yfl 2009-09-03 12:37 . 2009-09-03 12:37 -------- d-----w- c:\program files\Real Alternative 2009-09-03 12:37 . 2009-09-03 12:37 -------- d-----w- c:\users\Sofie\AppData\Local\Real 2009-09-03 12:37 . 2009-09-03 19:05 -------- d-----w- c:\program files\AviSynth 2.5 2009-09-03 12:35 . 2009-09-03 12:35 -------- d-----w- c:\program files\Xilisoft 2009-09-03 08:15 . 2009-09-03 08:15 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-09-03 08:15 . 2009-09-05 00:04 -------- d-----w- c:\users\Sofie\AppData\Roaming\Vso 2009-09-03 08:15 . 2009-09-03 19:18 -------- d-----w- c:\program files\VSO 2009-09-02 19:39 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-09-02 19:39 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-29 00:31 . 2009-08-29 00:31 -------- d-----w- c:\windows\system32\EventProviders 2009-08-28 20:36 . 2009-08-28 20:37 -------- d-----w- c:\users\Sofie\AppData\Roaming\HpUpdate 2009-08-28 20:35 . 2009-08-28 20:35 -------- d-----w- c:\windows\Hewlett-Packard 2009-08-26 11:40 . 2009-09-14 10:21 -------- d-----w- c:\program files\High Quality Photo Resizer 2009-08-26 07:07 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll 2009-08-22 15:34 . 2009-08-22 16:00 -------- d-----w- c:\programdata\Bandoo 2009-08-22 15:34 . 2009-08-22 15:34 -------- d-----w- c:\program files\Bandoo 2009-08-22 11:08 . 2009-08-22 11:08 -------- d-----w- c:\programdata\Fujitsu 2009-08-22 11:08 . 2009-08-22 11:08 -------- d-----w- c:\program files\Common Files\Fujitsu 2009-08-22 11:08 . 2009-08-22 11:08 -------- d-----w- c:\program files\Fujitsu 2009-08-22 10:22 . 2009-08-22 10:22 -------- d-----w- c:\program files\Enigma Software Group 2009-08-22 08:43 . 2009-08-22 08:47 -------- d-----w- c:\programdata\HDBR31 2009-08-20 20:37 . 2009-08-22 11:16 -------- d-----w- C:\temp 2009-08-19 19:27 . 2009-07-25 03:23 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-08-19 19:27 . 2009-09-08 12:50 -------- d-----w- c:\program files\Java . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-16 08:36 . 2008-04-09 10:17 653034 ----a-w- c:\windows\system32\perfh010.dat 2009-09-16 08:36 . 2008-04-09 10:17 119750 ----a-w- c:\windows\system32\perfc010.dat 2009-09-16 08:36 . 2008-04-09 09:53 667352 ----a-w- c:\windows\system32\perfh013.dat 2009-09-16 08:36 . 2008-04-09 09:53 126854 ----a-w- c:\windows\system32\perfc013.dat 2009-09-16 08:36 . 2008-04-09 09:32 659180 ----a-w- c:\windows\system32\perfh00C.dat 2009-09-16 08:36 . 2008-04-09 09:32 122976 ----a-w- c:\windows\system32\perfc00C.dat 2009-09-14 11:38 . 2009-07-02 17:30 -------- d-----w- c:\program files\Google 2009-09-14 10:20 . 2009-07-22 18:02 -------- d-----w- c:\program files\HP 2009-09-14 09:57 . 2009-07-22 18:00 -------- d-----w- c:\programdata\HP 2009-09-14 09:34 . 2008-10-14 00:47 -------- d-----w- c:\program files\InstallShield Installation Information 2009-09-14 08:16 . 2009-07-02 17:30 -------- d-----w- c:\program files\Picasa2 2009-09-10 07:42 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-09-03 12:05 . 2009-09-03 08:15 47360 ----a-w- c:\users\Sofie\AppData\Roaming\pcouffin.sys 2009-08-28 21:06 . 2009-08-28 21:06 0 ----a-w- c:\users\Sofie\AppData\Roaming\wklnhst.dat 2009-08-22 11:07 . 2009-07-02 17:31 -------- d-----w- c:\program files\Fujitsu Siemens Computers 2009-08-20 20:50 . 2009-07-12 13:30 -------- d-----w- c:\program files\ESET 2009-08-20 19:48 . 2009-07-19 19:58 -------- d-----w- c:\users\Sofie\AppData\Roaming\Bandoo 2009-08-19 09:08 . 2009-08-19 09:08 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf 2009-08-18 11:57 . 2009-08-18 11:57 -------- d-----w- c:\programdata\Zylom 2009-08-14 22:47 . 2009-08-14 22:47 -------- dc-h--w- c:\programdata\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1} 2009-08-14 17:07 . 2009-09-09 20:27 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-08-14 16:29 . 2009-09-09 20:27 104960 ----a-w- c:\windows\system32\netiohlp.dll 2009-08-14 16:29 . 2009-09-09 20:27 17920 ----a-w- c:\windows\system32\netevent.dll 2009-08-14 14:16 . 2009-09-09 20:27 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-08-14 14:16 . 2009-09-09 20:27 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-08-14 14:16 . 2009-09-09 20:27 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-08-14 14:16 . 2009-09-09 20:27 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-08-14 14:16 . 2009-09-09 20:27 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-08-14 14:16 . 2009-09-09 20:27 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-08-14 14:16 . 2009-09-09 20:27 10240 ----a-w- c:\windows\system32\finger.exe 2009-08-10 14:30 . 2009-08-10 14:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2009-08-07 18:25 . 2009-08-07 18:25 -------- d-----w- c:\programdata\3838B 2009-08-06 05:38 . 2009-08-06 05:38 1060864 ----a-w- c:\windows\system32\MFC71.dll 2009-08-03 22:29 . 2009-08-03 22:29 -------- d-----w- c:\program files\7-Zip 2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll 2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-07-26 18:05 . 2009-07-26 18:05 -------- d-----w- c:\users\Stevie Wonder\AppData\Roaming\Vodafone 2009-07-25 11:25 . 2009-07-25 11:25 -------- d-----w- c:\users\Sofie\AppData\Roaming\Vodafone 2009-07-25 11:25 . 2009-07-25 11:25 -------- d-----w- c:\programdata\InstallShield 2009-07-25 11:25 . 2009-07-25 11:25 -------- d-----w- c:\programdata\Vodafone 2009-07-25 11:24 . 2009-07-25 11:24 -------- d-----w- c:\program files\Vodafone 2009-07-25 11:24 . 2009-07-25 11:24 -------- d-----w- c:\program files\Common Files\InstallShield 2009-07-22 18:42 . 2009-07-22 18:42 -------- d-----w- c:\programdata\WEBREG 2009-07-22 18:40 . 2009-07-22 18:40 -------- d-----w- c:\users\Sofie\AppData\Roaming\HP 2009-07-22 18:24 . 2009-07-22 18:24 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2009-07-19 22:02 . 2009-07-19 22:01 -------- d-----w- c:\programdata\IM 2009-07-19 22:01 . 2009-07-19 22:01 -------- d-----w- c:\programdata\IncrediMail 2009-07-19 19:52 . 2009-07-19 11:50 -------- d-----w- c:\programdata\NOS 2009-07-19 19:52 . 2009-07-19 11:50 -------- d-----w- c:\program files\NOS 2009-07-18 16:06 . 2009-07-28 18:17 827904 ----a-w- c:\windows\system32\wininet.dll 2009-07-18 16:01 . 2009-07-28 18:17 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-07-18 09:46 . 2009-07-28 18:17 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-17 14:35 . 2009-08-13 19:44 71680 ----a-w- c:\windows\system32\atl.dll 2009-07-14 13:00 . 2009-08-13 19:44 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-14 12:59 . 2009-08-13 19:44 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-14 12:58 . 2009-08-13 19:44 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-07-14 10:59 . 2009-08-13 19:44 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-12 13:33 . 2009-07-02 17:46 84808 ----a-w- c:\users\Sofie\AppData\Local\GDIPFONTCACHEV1.DAT 2009-07-12 13:30 . 2009-07-12 13:30 298104 ----a-w- c:\windows\system32\imon.dll 2009-07-12 13:30 . 2009-07-12 13:30 512096 ----a-w- c:\windows\system32\drivers\amon.sys 2009-07-12 13:30 . 2009-07-12 13:30 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys 2009-07-12 13:15 . 2009-07-03 13:09 84808 ----a-w- c:\users\Stevie Wonder\AppData\Local\GDIPFONTCACHEV1.DAT 2009-07-11 19:32 . 2009-09-09 20:27 513024 ----a-w- c:\windows\system32\wlansvc.dll 2009-07-11 19:32 . 2009-09-09 20:27 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-07-11 19:32 . 2009-09-09 20:27 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-07-11 19:29 . 2009-09-09 20:27 127488 ----a-w- c:\windows\system32\L2SecHC.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] 2009-08-13 07:40 1862592 ----a-w- c:\program files\Bandoo\Plugins\IE\ieplugin.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-17 39408] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-12 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-12 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-12 145944] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "FSCRecovery"="c:\program files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe" [2008-06-18 268096] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-07-12 949376] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-17 122368] "MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-07-16 6253088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] "fsc-reg"="c:\fsc-reg\fscreg.exe" [2008-08-01 380688] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{13CD0553-BAE3-4FB2-9B55-3E7833C3AFC6}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{2DBEF05C-4B99-4228-8AF5-66EEF5968093}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{E44032F4-D8E3-4C14-848C-9375BA0F61EC}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{A693E08C-7255-41B2-A815-626696545243}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{BC627C3E-9DA7-4DF2-9B76-EA2D636B540E}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{B770DF78-D7C4-4CA0-B1C1-05445CBFFA65}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{5E291652-AEDF-4DD9-89F9-350D05841319}"= e:\setup\hpznui01.exe:hpznui01.exe "{97D6595D-6183-4598-ABDB-A87A754B2D46}"= TCP:427|RPort=427|c:\windows\system32\svchost.exe|Svc=HPSLPSVC:SLP_Service "{09776F99-6738-4A08-8CE4-3E80E9E2BF40}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe "{38FD0393-945D-4CF6-852E-FD0D130E58FC}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe "{CF217E8F-5BA8-4C6F-8B2A-C27E0B38689B}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe "{AD64D546-AB02-4612-93EC-A7878CC41D1E}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe "{1DD0FF21-E4A0-4183-BE02-BD7BC5B0839F}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe "{5A2090DB-447D-4BBD-9968-DDA529F1ED25}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe "{90A92F02-3050-4B49-8EDC-6830B8109551}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe "{1843BD03-9991-43C8-A14A-F730BE3EBDBF}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe "{8D6E2099-70F5-4B2E-BB97-3D8B739D8D97}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe "{D806010E-07E0-4EE6-B0EC-B64E0541467D}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe "{BFC03261-1A7E-48C0-9626-4320D3AE923A}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe "{14C6C0DD-8F52-4F69-8032-2F1A60D3F527}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe "{B830228A-4BF5-47BF-8CFD-D12CB541200B}"= UDP:990:LocalSubnet:LocalSubnet|IF={B9E2B2AD-EFDF-46CB-B45F-843B126D6133}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 R1 nod32drv;nod32drv;c:\windows\System32\drivers\nod32drv.sys [12/07/2009 15:30 15424] R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4/11/2008 11:39 14336] R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\System32\drivers\RTL8187B.sys [14/10/2008 2:43 337920] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll LSP: c:\windows\system32\wpclsp.dll DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-NPCTray - c:\program files\Norman\npc\bin\npc_tray.exe HKLM-Run-Belgacom - c:\program files\Belgacom\bin\sprtcmd.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-09-17 16:10 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2009-09-17 16:13 ComboFix-quarantined-files.txt 2009-09-17 14:13 Pre-Run: 66.709.155.840 bytes beschikbaar Post-Run: 66.513.547.264 bytes beschikbaar 273 --- E O F --- 2009-09-17 10:13 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:15:53, on 17/09/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18294) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\FSC Launch Manager\LaunchMgr.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Eset\nod32kui.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\notepad.exe C:\Windows\Explorer.exe C:\Windows\system32\conime.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe O4 - HKLM\..\Run: [Launch Manager] C:\PROGRA~1\FSCLAU~1\LAUNCH~1.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} (Google Gadget Control) - http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: c:\PROGRA~1\Bandoo\BndHook.dll O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- End of file - 8200 bytes p.s. Internet is enkel nog beschikbaar met kabel draadloos gaat niet
-
Malwarebytes staat er bij: geblokkeerd opstartprogramma's Ook launchmanager en 2 van NORMAN (uitgever onbekend) Norman heb ik er normaal afgehaald maar blijft bij die opstartprogramma's staan. Internet is een beetje sneller maar nog helemaal niet optimaal, zou het aan die adapters kunnen liggen? Staat nog altijd bij dat de apparaten correct werken
-
HIJACKThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:44:54, on 17/09/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18294) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\FSC Launch Manager\LaunchMgr.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Eset\nod32kui.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe O4 - HKLM\..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD O4 - HKLM\..\Run: [Launch Manager] C:\PROGRA~1\FSCLAU~1\LAUNCH~1.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O13 - Gopher Prefix: O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} (Google Gadget Control) - http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: ? c:\progra~1\bandoo\bndhook.dll O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- End of file - 9142 bytes mbam:Malwarebytes' Anti-Malware 1.41 Database versie: 2814 Windows 6.0.6001 Service Pack 1 17/09/2009 9:57:20 mbam-log-2009-09-17 (09-57-20).txt Scan type: Snelle Scan Objecten gescand: 96012 Verstreken tijd: 4 minute(s), 48 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 6 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 2 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully. Dat is allemal gebeurd nu. ---------- Post toegevoegd om 08:49 ---------- Vorige post was om 08:48 ---------- Als hij opnieuw opstart komt erop te staan dat er geblokkeerde opstartprogramma's zijn
-
Die resultaten die erop staan is via die HIJACKThis Alvast bedankt dat jullie me willen helpen
-
Hallo allemaal, ik heb een fujitsu siemens sinds een week is men draadloze internet verbinding traag. Naar google gaat snel maar dan... en Bufferen duurt ook lang dikwijls dat er op komt te staan dat de pagina is verlopen. Ik doe elke dag een scan met NOD32. Ik heb al vele programma's verwijdert, al naar Belgacom gebeld maar zij zeggen dat het aan adapter ligt, toen heb ik controle gedaan (configuratiescherm-apparaatbeheer-netwerkadapters) Daar stonden er 2 : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS6.0) en Realtek RTL8187B Wireless 802.11b/g 54Mbps USB2.0 Er stond overal bij: Dit apparaat werkt correct. Toen ben ik hier op het forum komen zoeken, heb die HIJACK geinstalleerd en heb die scan gedaan gehad en toen kreeg ik dit: ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:32:21, on 16/09/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18294) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\FSC Launch Manager\LaunchMgr.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Eset\nod32kui.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\mmc.exe C:\Windows\system32\conime.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe O4 - HKLM\..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD O4 - HKLM\..\Run: [Launch Manager] C:\PROGRA~1\FSCLAU~1\LAUNCH~1.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [fsc-reg] C:\fsc-reg\fscreg.exe 20090831 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Monopod] C:\Users\Sofie\AppData\Local\Temp\b.exe O4 - HKCU\..\Run: [NordBull] C:\windows\msb.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O13 - Gopher Prefix: O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} (Google Gadget Control) - http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: ? c:\progra~1\bandoo\bndhook.dll O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- End of file - 9444 bytes Ligt het hieraan of niet? en wat kan ik doen? Heb ik er goed aangedaan om die HIJACK te installeren? MVG Steve en Sofie
