HVA

Lid

Bekijk profiel Bekijk hun activiteit

Items
145
Registratiedatum
28 oktober 2009
Laatst bezocht
28 januari 2021

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door HVA

Opstart en kleurproblemen

HVA plaatste een topic in Archief Windows Algemeen

Deze morgen wilde ik mijn computer opstarten en bleef hij altijd hangen op het windowslogo. Na een tijdje viel hij uit en startte automatisch terug op. Ik heb hem toen maar uitgeschakeld en na de middag startte hij wel op na een tijdje. Sinds een aantal dagen komen de kleuren ook niet goed meer door. Vooral bij foto's zie je dit duidelijk. Ik heb in het begin van de week een viruswaarschuwing gehad, zou dit hier verband mee kunnen hebben?
- 11 april 2010
- 12 antwoorden
Pc valt uit

HVA plaatste een topic in Archief Hardware algemeen

Als ik mijn pc 's morgens opstart valt hij terug uit na een aantal minuten. Momenteel gebeurd dit een tweetal maal als ik hem heb opgestart. Ik heb dit probleem een jaar terug nog gehad en toen gebeurde dit meermaals per dag, dus ik vrees dat het terug erger wordt. Ik had toen mijn pc laten nakijken, en toen hebben ze niets abnormaals gevonden. Het rare is wel dat hij gedurende een jaar terug normaal werkte, tot nu dus. Heeft iemand dit ook al voorgehad, en wat kan ik er aan doen?
- 15 februari 2010
- 1 antwoord
Spyware striker pro

HVA reageerde op HVA's topic in Archief Bestrijding malware & virussen

Neen, geen opstartende programma's van ascentive meer. Nogmaals bedankt!!
- 29 januari 2010
- 15 antwoorden
Spyware striker pro

HVA reageerde op HVA's topic in Archief Bestrijding malware & virussen

De beide logjes: ComboFix 10-01-28.05 - krikke 29/01/2010 11:25:22.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.198 [GMT 1:00] Gestart vanuit: c:\documents and settings\krikke\Mijn documenten\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\krikke\Bureaublad\CFScript.txt..txt AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66} FILE :: "c:\windows\DUMP5505.tmp" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\krikke\LOCALS~1\Temp\jna8065030466398609717.tmp c:\documents and settings\All Users\Application Data\Ascentive c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\APConfig.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\AutoUpdater\SPSDD.csv c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\AutoUpdater\SPSDDActivity.log c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\CountScans.XML c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\EmailAVConfig.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012316444001.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012316544202.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012317090903.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012318581800.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012401500601.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012401500702.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012408324400.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012408373100.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012501085801.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012501085902.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012510445800.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012607581900.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012608150000.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012608313500.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012608420700.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012609190000.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012610194100.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012617353800.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012708052800.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Events\EV2010012713145901.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\History\20100123170902.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Logs\SBAMSvcLog.csv c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\Logs\Spyware Striker Pro.csv c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\RegistrationConfig.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\ScanConfig.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\ServiceConfig.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\SoftwareUpdateConfig.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\ThreatDefinitionsConfig.xml c:\documents and settings\All Users\Application Data\Ascentive\AntiMalware\WSCConfig.xml c:\documents and settings\krikke\Local Settings\Temp\jna8065030466398609717.tmp c:\program files\Ascentive c:\program files\Ascentive\Performance Center\APCLang.dll c:\program files\Ascentive\Performance Center\ApcMain.exe c:\program files\Ascentive\Performance Center\GUID c:\program files\Ascentive\Performance Center\SOUND.WAV c:\program files\Ascentive\Performance Centertemp.htm c:\windows\DUMP5505.tmp . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-28 to 2010-01-29 )))))))))))))))))))))))))))))) . 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\documents and settings\krikke\Application Data\Malwarebytes 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE 2010-01-27 12:27 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-27 12:27 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-27 07:40 . 2010-01-27 07:40 -------- d-----w- c:\program files\TrendMicro 2010-01-23 18:29 . 2010-01-23 18:29 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2010-01-23 18:28 . 2010-01-23 18:28 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Threat Expert 2010-01-23 18:28 . 2010-01-23 18:28 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache 2010-01-23 18:27 . 2010-01-23 18:27 -------- d-----r- c:\documents and settings\LocalService\Favorieten 2010-01-23 17:15 . 2010-01-23 17:15 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2010-01-23 17:13 . 2010-01-23 17:13 -------- d-----w- c:\documents and settings\krikke\Local Settings\Application Data\Threat Expert 2010-01-23 15:41 . 2010-01-23 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Sunbelt Software 2010-01-23 15:37 . 2009-10-06 10:27 86016 ----a-w- c:\windows\system32\SQLiteWrapper.dll 2010-01-23 15:37 . 2009-10-06 10:27 223232 ----a-w- c:\windows\system32\sqlite3.dll 2010-01-23 15:37 . 2009-10-06 10:27 32768 ----a-w- c:\windows\system32\Password.dll 2010-01-23 15:22 . 2009-10-06 10:27 307200 ----a-w- c:\windows\system32\AscSQLite.dll 2010-01-23 15:22 . 2008-11-06 15:04 36864 ----a-w- c:\windows\system32\ascbalon.dll 2010-01-23 15:22 . 2009-10-06 10:27 217088 ----a-w- c:\windows\system32\AscConTest.dll 2010-01-20 16:27 . 2010-01-29 10:19 -------- d--h--r- c:\documents and settings\krikke\Onlangs geopend 2010-01-20 16:05 . 2010-01-20 16:05 -------- d-----w- c:\program files\Fighters 2010-01-13 12:07 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 1601-01-01 00:00 . 1601-01-01 00:00 0 ----a-w- c:\documents and settings\krikke\jm5289.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-29 10:41 . 2007-08-17 14:48 -------- d-----w- c:\documents and settings\krikke\Application Data\LimeWire 2010-01-27 07:41 . 2010-01-27 07:41 388096 ----a-r- c:\documents and settings\krikke\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-26 16:34 . 2005-02-05 16:50 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-24 00:49 . 2009-10-27 11:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\Temp 2010-01-21 19:01 . 2009-11-10 07:11 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-20 19:40 . 2006-07-21 14:24 -------- d-----w- c:\program files\Google 2010-01-10 22:46 . 2009-11-26 20:25 -------- d-----w- c:\program files\LimeWire 2009-12-21 19:10 . 2004-08-04 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-12-14 21:26 . 2004-08-04 12:00 477390 ----a-w- c:\windows\system32\perfc013.dat 2009-12-14 21:26 . 2004-08-04 12:00 1275696 ----a-w- c:\windows\system32\perfh013.dat 2009-12-14 21:18 . 2009-12-14 21:18 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe 2009-12-14 21:18 . 2009-12-14 21:18 1936 ----a-w- c:\windows\system32\drivers\PAGEDFRG.SYS 2009-11-26 20:47 . 2009-11-26 20:47 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-26 20:45 . 2009-11-26 20:45 152576 ----a-w- c:\documents and settings\krikke\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-26 20:44 . 2009-11-26 20:26 79488 ----a-w- c:\documents and settings\krikke\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-21 16:03 . 2004-08-04 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-06 15:46 . 2009-11-06 15:46 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2009-11-06 15:46 . 2009-11-06 15:46 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-11-06 15:46 . 2009-11-06 15:46 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-11-06 15:46 . 2009-11-06 15:46 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-11-06 15:46 . 2009-11-06 15:46 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-11-06 15:45 . 2009-11-06 15:45 50968 ----a-w- c:\windows\system32\avgfwdx.dll 2009-11-06 15:45 . 2009-11-06 15:45 29208 ----a-w- c:\windows\system32\drivers\avgfwdx.sys 2009-02-13 22:30 . 2009-02-13 22:30 5162 ----a-w- c:\program files\r1200rt (100 x 75).jpg 2009-02-13 22:28 . 2009-02-13 22:25 3060 ----a-w- c:\program files\154 (90 x 75).jpg 2007-04-03 15:08 . 2007-04-03 15:08 2285 ----a-w- c:\program files\Poda Island (80 x 68).jpg 2007-04-03 15:07 . 2007-04-03 15:04 3211 ----a-w- c:\program files\1601 (80 x 80).jpg . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:02 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VoipStunt"="c:\program files\voipstunt.com\voipstunt\voipstunt.exe" [2009-11-28 9109296] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 335872] "ALi5289"="c:\program files\ULI5289\ALi5289.exe" [2004-07-24 405504] "JMAP5289"="c:\program files\ULI5289\JMAP5289.exe" [2004-07-19 28672] "SoundMan"="SOUNDMAN.EXE" [2004-07-27 68096] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-06-02 77824] "snpstd"="c:\windows\vsnpstd.exe" [2003-12-31 40960] "VMSnap3"="c:\windows\VMSnap3.EXE" [2007-01-08 49152] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-11 2043160] "AVGIDS"="c:\program files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" [2009-07-22 1600008] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-26 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\krikke\Menu Start\Programma's\Opstarten\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-12-16 503808] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Windows Desktop Search.lnk - c:\program files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe [2005-9-20 238080] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-11-06 15:46 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Soulseek\\slsk.exe"= "c:\\Program Files\\Sop Cast\\SopCast.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\Program Files\\NetMeeting\\conf.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG8\\avgam.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 aliidex;aliidex;c:\windows\system32\drivers\aliidex.sys [5/02/2005 22:06 7040] R0 aliperf;aliperf;c:\windows\system32\drivers\aliperf.sys [5/02/2005 22:06 7168] R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [22/07/2009 17:23 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [6/11/2009 16:46 12552] R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [5/02/2005 21:56 49101] R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [5/02/2005 17:50 44928] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/11/2009 16:46 335240] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/11/2009 16:46 108552] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [6/11/2009 16:46 908056] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/11/2009 16:46 297752] R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [6/11/2009 16:46 1370488] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe [22/07/2009 17:23 5641736] R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe [22/07/2009 17:23 571912] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18/03/2009 15:20 54752] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [6/11/2009 16:45 29208] R3 AVGIDSDriver;AVGIDSDriver;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSDriver.sys [22/07/2009 17:23 121352] R3 AVGIDSFilter;AVGIDSFilter;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSFilter.sys [22/07/2009 17:23 30216] R3 AVGIDSShim;AVGIDSShim;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSShim.sys [22/07/2009 17:23 27232] R3 JM5289;JM5289;\??\c:\documents and settings\krikke\JM5289.sys --> c:\documents and settings\krikke\JM5289.sys [?] R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [5/02/2005 22:04 29696] R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [17/08/2007 9:53 428160] S2 gupdate1c98e18712b2202;Google Updateservice (gupdate1c98e18712b2202);c:\program files\Google\Update\GoogleUpdate.exe [13/02/2009 21:19 133104] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [6/11/2009 16:45 29208] S3 cxbu0wdm;CardMan 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [24/06/2009 10:16 114304] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 22:48 704864] . Inhoud van de 'Gedeelde Taken' map 2010-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:19] 2010-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:19] 2010-01-27 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-01-29 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-01-29 c:\windows\Tasks\SLOW-PCfighter-krikke-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-01-18 14:00] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nieuwsblad.be/index.html uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Telenet Internet uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &MSN Search - c:\program files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll/search.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html DPF: Dexia netbanking - hxxp://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab DPF: Microsoft XML Parser for Java . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-29 11:39 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(928) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2960) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\windows\System32\SCardSvr.exe c:\windows\SOUNDMAN.EXE c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\progra~1\AVG\AVG8\avgam.exe c:\progra~1\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe c:\program files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearchIndexer.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Voltooingstijd: 2010-01-29 11:52:15 - machine werd herstart ComboFix-quarantined-files.txt 2010-01-29 10:52 ComboFix2.txt 2010-01-29 09:10 Pre-Run: 175.450.079.232 bytes beschikbaar Post-Run: 175.412.846.592 bytes beschikbaar - - End Of File - - D9F810AFFF070482260B7CD1837CBA9E Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 11:56:08, on 29/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ULI5289\ALi5289.exe C:\Program Files\ULI5289\JMAP5289.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\VMSnap3.EXE C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe C:\program files\voipstunt.com\voipstunt\voipstunt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\LimeWire\LimeWire.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearchIndexer.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad Online R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe O4 - HKLM\..\Run: [JMAP5289] C:\Program Files\ULI5289\JMAP5289.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [VoipStunt] "C:\program files\voipstunt.com\voipstunt\voipstunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll/search.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136568899265 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://tools.ebay.be/easylister/components/ImageUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe O23 - Service: Google Updateservice (gupdate1c98e18712b2202) (gupdate1c98e18712b2202) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 10947 bytes
- 29 januari 2010
- 15 antwoorden
Spyware striker pro

HVA reageerde op HVA's topic in Archief Bestrijding malware & virussen

Inderdaad, ik had eerst op uitvoeren geklikt. Hieronder de beide logs. Nogmaals bedankt!! ComboFix 10-01-28.05 - krikke 29/01/2010 9:41.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.204 [GMT 1:00] Gestart vanuit: c:\documents and settings\krikke\Mijn documenten\ComboFix.exe AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\krikke\LOCALS~1\Temp\jna5504723313127421780.tmp c:\documents and settings\krikke\err.log c:\documents and settings\krikke\Local Settings\Temp\jna5504723313127421780.tmp c:\program files\INSTAFINK c:\program files\INSTAFINK\Cache\ErrorLog.txt c:\program files\INSTAFINK\Cache\instafinktb0302.cfg c:\program files\INSTAFINK\InstaFinderK_inst.exe c:\program files\INSTAFINK\Uninstall.exe c:\windows\system32\setup.ini . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-28 to 2010-01-29 )))))))))))))))))))))))))))))) . 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\documents and settings\krikke\Application Data\Malwarebytes 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE 2010-01-27 12:27 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-27 12:27 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-27 12:27 . 2010-01-27 12:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-27 07:40 . 2010-01-27 07:40 -------- d-----w- c:\program files\TrendMicro 2010-01-23 18:29 . 2010-01-23 18:29 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2010-01-23 18:28 . 2010-01-23 18:28 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Threat Expert 2010-01-23 18:28 . 2010-01-23 18:28 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache 2010-01-23 18:27 . 2010-01-23 18:27 -------- d-----r- c:\documents and settings\LocalService\Favorieten 2010-01-23 17:15 . 2010-01-23 17:15 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2010-01-23 17:13 . 2010-01-23 17:13 -------- d-----w- c:\documents and settings\krikke\Local Settings\Application Data\Threat Expert 2010-01-23 15:41 . 2010-01-23 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Sunbelt Software 2010-01-23 15:41 . 2010-01-23 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Ascentive 2010-01-23 15:37 . 2009-10-06 10:27 86016 ----a-w- c:\windows\system32\SQLiteWrapper.dll 2010-01-23 15:37 . 2009-10-06 10:27 223232 ----a-w- c:\windows\system32\sqlite3.dll 2010-01-23 15:37 . 2009-10-06 10:27 32768 ----a-w- c:\windows\system32\Password.dll 2010-01-23 15:22 . 2009-10-06 10:27 307200 ----a-w- c:\windows\system32\AscSQLite.dll 2010-01-23 15:22 . 2008-11-06 15:04 36864 ----a-w- c:\windows\system32\ascbalon.dll 2010-01-23 15:22 . 2009-10-06 10:27 217088 ----a-w- c:\windows\system32\AscConTest.dll 2010-01-23 15:21 . 2010-01-27 12:23 -------- d-----w- c:\program files\Ascentive 2010-01-20 16:27 . 2010-01-28 19:41 -------- d--h--r- c:\documents and settings\krikke\Onlangs geopend 2010-01-20 16:05 . 2010-01-20 16:05 -------- d-----w- c:\program files\Fighters 2010-01-13 12:07 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-29 08:59 . 2007-08-17 14:48 -------- d-----w- c:\documents and settings\krikke\Application Data\LimeWire 2010-01-27 07:41 . 2010-01-27 07:41 388096 ----a-r- c:\documents and settings\krikke\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-26 16:34 . 2005-02-05 16:50 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-26 08:15 . 2009-02-02 14:48 98304 ----a-w- c:\windows\DUMP5505.tmp 2010-01-24 00:49 . 2009-10-27 11:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\Temp 2010-01-21 19:01 . 2009-11-10 07:11 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-20 19:40 . 2006-07-21 14:24 -------- d-----w- c:\program files\Google 2010-01-10 22:46 . 2009-11-26 20:25 -------- d-----w- c:\program files\LimeWire 2009-12-21 19:10 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-14 21:26 . 2004-08-04 12:00 477390 ----a-w- c:\windows\system32\perfc013.dat 2009-12-14 21:26 . 2004-08-04 12:00 1275696 ----a-w- c:\windows\system32\perfh013.dat 2009-12-14 21:18 . 2009-12-14 21:18 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe 2009-12-14 21:18 . 2009-12-14 21:18 1936 ----a-w- c:\windows\system32\drivers\PAGEDFRG.SYS 2009-11-26 20:47 . 2009-11-26 20:47 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-26 20:45 . 2009-11-26 20:45 152576 ----a-w- c:\documents and settings\krikke\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-26 20:44 . 2009-11-26 20:26 79488 ----a-w- c:\documents and settings\krikke\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-06 15:46 . 2009-11-06 15:46 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2009-11-06 15:46 . 2009-11-06 15:46 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-11-06 15:46 . 2009-11-06 15:46 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-11-06 15:46 . 2009-11-06 15:46 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-11-06 15:46 . 2009-11-06 15:46 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-11-06 15:45 . 2009-11-06 15:45 50968 ----a-w- c:\windows\system32\avgfwdx.dll 2009-11-06 15:45 . 2009-11-06 15:45 29208 ----a-w- c:\windows\system32\drivers\avgfwdx.sys 2009-02-13 22:30 . 2009-02-13 22:30 5162 ----a-w- c:\program files\r1200rt (100 x 75).jpg 2009-02-13 22:28 . 2009-02-13 22:25 3060 ----a-w- c:\program files\154 (90 x 75).jpg 2007-04-03 15:08 . 2007-04-03 15:08 2285 ----a-w- c:\program files\Poda Island (80 x 68).jpg 2007-04-03 15:07 . 2007-04-03 15:04 3211 ----a-w- c:\program files\1601 (80 x 80).jpg . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:02 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VoipStunt"="c:\program files\voipstunt.com\voipstunt\voipstunt.exe" [2009-11-28 9109296] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856] "Performance Center"="c:\program files\Ascentive\Performance Center\ApcMain.exe" [2009-11-10 3239936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 335872] "ALi5289"="c:\program files\ULI5289\ALi5289.exe" [2004-07-24 405504] "JMAP5289"="c:\program files\ULI5289\JMAP5289.exe" [2004-07-19 28672] "SoundMan"="SOUNDMAN.EXE" [2004-07-27 68096] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-06-02 77824] "snpstd"="c:\windows\vsnpstd.exe" [2003-12-31 40960] "VMSnap3"="c:\windows\VMSnap3.EXE" [2007-01-08 49152] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-11 2043160] "AVGIDS"="c:\program files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" [2009-07-22 1600008] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-26 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\krikke\Menu Start\Programma's\Opstarten\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-12-16 503808] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Windows Desktop Search.lnk - c:\program files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe [2005-9-20 238080] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-11-06 15:46 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Soulseek\\slsk.exe"= "c:\\Program Files\\Sop Cast\\SopCast.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\Program Files\\NetMeeting\\conf.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG8\\avgam.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 aliidex;aliidex;c:\windows\system32\drivers\aliidex.sys [5/02/2005 22:06 7040] R0 aliperf;aliperf;c:\windows\system32\drivers\aliperf.sys [5/02/2005 22:06 7168] R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [22/07/2009 17:23 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [6/11/2009 16:46 12552] R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [5/02/2005 21:56 49101] R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [5/02/2005 17:50 44928] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/11/2009 16:46 335240] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/11/2009 16:46 108552] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [6/11/2009 16:46 908056] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/11/2009 16:46 297752] R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [6/11/2009 16:46 1370488] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe [22/07/2009 17:23 5641736] R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe [22/07/2009 17:23 571912] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18/03/2009 15:20 54752] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [6/11/2009 16:45 29208] R3 AVGIDSDriver;AVGIDSDriver;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSDriver.sys [22/07/2009 17:23 121352] R3 AVGIDSFilter;AVGIDSFilter;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSFilter.sys [22/07/2009 17:23 30216] R3 AVGIDSShim;AVGIDSShim;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSShim.sys [22/07/2009 17:23 27232] R3 JM5289;JM5289;\??\c:\documents and settings\krikke\JM5289.sys --> c:\documents and settings\krikke\JM5289.sys [?] R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [5/02/2005 22:04 29696] R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [17/08/2007 9:53 428160] S2 gupdate1c98e18712b2202;Google Updateservice (gupdate1c98e18712b2202);c:\program files\Google\Update\GoogleUpdate.exe [13/02/2009 21:19 133104] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [6/11/2009 16:45 29208] S3 cxbu0wdm;CardMan 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [24/06/2009 10:16 114304] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 22:48 704864] . Inhoud van de 'Gedeelde Taken' map 2010-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:19] 2010-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:19] 2010-01-27 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-01-29 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2010-01-29 c:\windows\Tasks\SLOW-PCfighter-krikke-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-01-18 14:00] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nieuwsblad.be/index.html uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Telenet Internet uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &MSN Search - c:\program files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll/search.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html DPF: Dexia netbanking - hxxp://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab DPF: Microsoft XML Parser for Java . - - - - ORPHANS VERWIJDERD - - - - Notify-WgaLogon - (no file) SafeBoot-SBAMSvc ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-29 09:57 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... c:\documents and settings\krikke\Application Data\LimeWire\mozilla-profile\parent.lock 0 bytes Scan succesvol afgerond verborgen bestanden: 1 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(928) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3624) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\windows\System32\SCardSvr.exe c:\windows\SOUNDMAN.EXE c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\progra~1\AVG\AVG8\avgam.exe c:\progra~1\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe c:\program files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearchIndexer.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Voltooingstijd: 2010-01-29 10:10:35 - machine werd herstart ComboFix-quarantined-files.txt 2010-01-29 09:10 Pre-Run: 175.359.086.592 bytes beschikbaar Post-Run: 175.459.717.120 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - F732C76363E16E7FAE8825B25D4DE89C Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 10:17:08, on 29/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe C:\WINDOWS\system32\Ati2evxx.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\ULI5289\ALi5289.exe C:\Program Files\ULI5289\JMAP5289.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\VMSnap3.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\program files\voipstunt.com\voipstunt\voipstunt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Ascentive\Performance Center\ApcMain.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe C:\Program Files\LimeWire\LimeWire.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearchIndexer.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad Online R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe O4 - HKLM\..\Run: [JMAP5289] C:\Program Files\ULI5289\JMAP5289.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [VoipStunt] "C:\program files\voipstunt.com\voipstunt\voipstunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll/search.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136568899265 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://tools.ebay.be/easylister/components/ImageUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe O23 - Service: Google Updateservice (gupdate1c98e18712b2202) (gupdate1c98e18712b2202) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 11041 bytes
- 29 januari 2010
- 15 antwoorden
Spyware striker pro

HVA reageerde op HVA's topic in Archief Bestrijding malware & virussen

Bij het downloaden van combifix krijg ik nu de volgende foutmelding. "U kunt combifix niet herbenoemen als combifix[1]Gelieve een andere naam te gebruiken bij voorkeur opgebouwd uit alfanumerische karakters." Als ik dan op ok druk verdwijnt de tekst en verwachte ik dat je dan een andere naam zou kunnen invullen, maar dat is niet. Hoe kan ik dit nu toch nog downloaden? Bedankt!!
- 29 januari 2010
- 15 antwoorden
Spyware striker pro

HVA reageerde op HVA's topic in Archief Bestrijding malware & virussen

Ik krijg inderdaad een melding van avg. Hoe kan ik dit tijdelijk uitschakelen? Thanks.
- 29 januari 2010
- 15 antwoorden
Spyware striker pro

HVA reageerde op HVA's topic in Archief Bestrijding malware & virussen

Hallo, hieronder de beide logs. spyware striker start momenteel niet meer op maar er is nog wel een ander programma dat opstart. Ascentive performance center geloof ik. Hoe kan ik dit nog verwijderen? Momenteel start mijn pc ook zeer traag op. Er gaan verschillende minuten overheen vooraleer windows opstart, wat kan ik hier aan doen? Alvast bedankt. Malwarebytes' Anti-Malware 1.44 Database versie: 3644 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 27/01/2010 13:53:57 mbam-log-2010-01-27 (13-53-57).txt Scan type: Snelle Scan Objecten gescand: 112837 Verstreken tijd: 19 minute(s), 50 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 24 Registerwaarden geïnfecteerd: 2 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 21 Bestanden geïnfecteerd: 27 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\Interface\{014da6c4-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{014da6c6-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{014da6ca-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{014da6c0-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f31a5d11-bf0b-4a4e-90af-274f2090aaa6} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.Ascentive) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.Ascentive) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.Ascentive) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.Ascentive) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Casino King (Adware.Casino) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Casino King (Adware.Casino) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Registry Helper (Rogue.RegistryHelper) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> Quarantined and deleted successfully. Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\Documents and Settings\krikke\Application Data\WinAntiSpyware 2006 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Documents and Settings\krikke\Application Data\WinAntiSpyware 2006\Logs (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWay\myBar (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWay\myBar\0.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database\RTMonitor.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database\RTMonitor.dat\#monitors (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> Quarantined and deleted successfully. C:\Documents and Settings\krikke\Application Data\WinAntiSpyware 2006\Logs\update.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\0000C62E (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\0000C728 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\0000C95A (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\0002CC9D (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\000CA175 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\00122E2C (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\00239C64.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\00239D3F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\0023DFA7 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\018B9A98 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\Cache\0000C350 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\Cache\0001B919 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\Cache\0001EBA3 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\SrchAstt\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\scanlog.xml (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database\AutoProcess.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database\monstate.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database\Summary.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database\tasks.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiSpyware 2006 Free\Database\threatnet.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully. C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 20:39:18, on 28/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ULI5289\ALi5289.exe C:\Program Files\ULI5289\JMAP5289.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\vsnpstd.exe C:\WINDOWS\VMSnap3.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\program files\voipstunt.com\voipstunt\voipstunt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Ascentive\Performance Center\ApcMain.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearchIndexer.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Messenger\wlcsdk.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Telenet R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad Online R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe O4 - HKLM\..\Run: [JMAP5289] C:\Program Files\ULI5289\JMAP5289.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [VoipStunt] "C:\program files\voipstunt.com\voipstunt\voipstunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SAC.tmp" /EF "HKCU" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll/search.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136568899265 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://tools.ebay.be/easylister/components/ImageUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe O23 - Service: Google Updateservice (gupdate1c98e18712b2202) (gupdate1c98e18712b2202) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 12004 bytes
- 28 januari 2010
- 15 antwoorden
Spyware striker pro

HVA reageerde op HVA's topic in Archief Bestrijding malware & virussen

Hallo, het gevraagde logje. Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 8:43:33, on 27/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ULI5289\ALi5289.exe C:\Program Files\ULI5289\JMAP5289.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\vsnpstd.exe C:\WINDOWS\VMSnap3.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\program files\voipstunt.com\voipstunt\voipstunt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Ascentive\Performance Center\ApcMain.exe C:\Program Files\Ascentive\Spyware Striker\SpywareStriker.exe C:\Program Files\Skyr@cer Pro Utility\WLANPRO.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearchIndexer.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Ascentive\Spyware Striker\SBAMSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Live\Messenger\wlcsdk.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Telenet R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad Online R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - (no file) O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file) O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe O4 - HKLM\..\Run: [JMAP5289] C:\Program Files\ULI5289\JMAP5289.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [VoipStunt] "C:\program files\voipstunt.com\voipstunt\voipstunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SAC.tmp" /EF "HKCU" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m O4 - HKCU\..\Run: [spyware Striker Pro] C:\Program Files\Ascentive\Spyware Striker\SpywareStriker.exe -m O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Skyr@cer Pro PCI 154 Configuration Utility.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\nl-be\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\nl-be\msntb.dll/search.htm O8 - Extra context menu item: &Search - http://bar.mytotalsearch.com/menusearch.html?p=CP13086X59 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136568899265 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://tools.ebay.be/easylister/components/ImageUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe O23 - Service: Google Updateservice (gupdate1c98e18712b2202) (gupdate1c98e18712b2202) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: AntiMalware (SBAMSvc) - Sunbelt Software - C:\Program Files\Ascentive\Spyware Striker\SBAMSvc.exe -- End of file - 13086 bytes
- 27 januari 2010
- 15 antwoorden
Spyware striker pro

HVA plaatste een topic in Archief Bestrijding malware & virussen

Onlangs heb ik bovenstaand anti spyware programma gedownload. Nu heb ik gelezen dat dit onbetrouwbaar is en zou dit willen verwijderen, echter vind ik dit nergens terug. Ik heb al bij configuratiescherm - software gekeken, maar daar staat het niet tussen, nochtans start het telkens ik mijn pc opzet mee op. Waar kan ik dit verwijderen?
- 26 januari 2010
- 15 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

Dat weet ik natuurlijk wel, maar de link naar mijn computerprobleem begrijp ik niet. Wat het probleem betreft, dit is opgelost, ik heb van AVG een nieuw licentienummer gekregen en AVG 8.5 terug geïnstalleerd, voorlopig zonder problemen kunnen werken, hopelijk blijft het zo.
- 6 november 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

Wat is de 9/11 gebeurtenis?
- 5 november 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

Momenteel AVG 9.0 verwijderd en geen problemen meer. Het probleem zit hem nu in het herinstalleren, de licentienummer bestaat volgens hun niet meer. Alhoewel nog geldig tot 09/11. Ik heb dan maar een mailtje gestuurd naar support van AVG, ik ben benieuwd.
- 5 november 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

AVG 9.0 staat hier spijtig genoeg niet bij.
- 1 november 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

Net systeemherstel geprobeerd, ik heb de computer tot 2 maand terug proberen te zetten maar krijg telkens het bericht dat er geen wijzigingen zijn gevonden. Hoe kan ik AVG uitzetten? Dan weet ik zeker dat het daar mee te maken heeft. Alvast bedankt.
- 1 november 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

Net gekeken, en daar staan ze ook niet tussen.
- 1 november 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

En waar kan ik Ad-Aware ergens openen? Ik heb al gekeken bij software in configuratiescherm, maar daar staat Ad-Aware en StopSign niet tussen.
- 1 november 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

En waar zou ik dit kunnen vinden? Heb al in het configuratiescherm onder software aan het kijken geweest, maar niet veel gevonden. Ik ben dan ook een computerleek.
- 31 oktober 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA reageerde op HVA's topic in Archief Internet & Netwerk

De update heb ik gisteren reeds gedaan, en dit ging zonder problemen, het is na het herstarten van mijn computer dat de problemen gestart zijn. Dus de versie AVG 9.0 is reeds geïnstalleerd.
- 28 oktober 2009
- 18 antwoorden
[OPGELOST] Update naar AVG 9.0

HVA plaatste een topic in Archief Internet & Netwerk

Ik heb gisteren mijn computer geupdated met het antivirusprogramma AVG 9.0. Tot nu toe heb ik met de vorige programma's van AVG nog geen problemen gehad, echter na de update van gisteren krijg ik constant de melding dat de pagina's die ik wil openen niet kunnen gevonden worden, foto's van avators worden niet meer weergegeven, zelfs bij het aanmaken van een account op dit forum ondervond ik problemen. Weet er iemand een oplossing hiervoor? Alvast bedankt!
- 28 oktober 2009
- 18 antwoorden

Inloggen

HVA

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Alles dat geplaatst werd door HVA

Opstart en kleurproblemen

Pc valt uit

Spyware striker pro

Spyware striker pro

Spyware striker pro

Spyware striker pro

Spyware striker pro

Spyware striker pro

Spyware striker pro

Spyware striker pro

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

[OPGELOST] Update naar AVG 9.0

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie