Judje23
-
Items
5 -
Registratiedatum
-
Laatst bezocht
Judje23's prestaties
-
wie kan me helpen me pc is denk ik geinfecteerd
Judje23 reageerde op Judje23's topic in Archief Bestrijding malware & virussen
Ooh wat erg ja stond uit. ooh wat voel ik me dom na al jaren met pc's bezig te zijn. maar goed ik had er wel virussen in zitten vandaar dat ik mijn harde schijf niet kan formateren. thnx btw dit bericht kan gesloten worden. -
wie kan me helpen me pc is denk ik geinfecteerd
Judje23 reageerde op Judje23's topic in Archief Bestrijding malware & virussen
Nou nee ze zijn niet recent hiervoor kreeg ik trojaan binnen en in 1 keer zoveel achter elkaar kreeg het er niet eens uit met trojaanremover. Toen heb ik geprobeerd met kill disk mijn hd te killen zodat alles eruit was maar dat wou dus niet lukken hij gooide iedere keer de laptop uit. maar toen maar weer windows 7 erop gezet even goed gelopen maar nu sinds 1 week alle bureaublad pictogrammen weg en kan het ook niet meer op bureaublad plaatsen want kan wel snelkoopling kopieren naar doen maar niets te vinden op bureaublad. heel vaag allemaal heb al 10 jaar een pc en kan er veel mee maar dit nog nooit meegemaakt vandaar dat ik hier hulp vraag. -
wie kan me helpen me pc is denk ik geinfecteerd
Judje23 reageerde op Judje23's topic in Archief Bestrijding malware & virussen
Hier het resultaat van combofix. ComboFix 09-11-22.04 - Judith 23-11-2009 11:48.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.2814.1940 [GMT 1:00] Gestart vanuit: c:\users\Judith\Desktop\ComboFix.exe * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\Index_05970870.dat c:\users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\IndexIE_05970870.dat . (((((((((((((((((((( Bestanden Gemaakt van 2009-10-23 to 2009-11-23 )))))))))))))))))))))))))))))) . 2009-11-23 11:10 . 2009-11-23 11:10 -------- d-----w- c:\users\Judith\AppData\Local\temp 2009-11-23 11:10 . 2009-11-23 11:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-11-23 10:48 . 2009-11-23 10:48 -------- d-----w- c:\users\Judith\AppData\Local\ESET 2009-11-22 17:16 . 2009-11-22 17:16 -------- d-----w- c:\program files\Trend Micro 2009-11-22 08:35 . 2009-11-22 08:35 16384 d-----w- C:\TAFEL 2009-11-22 08:35 . 1998-11-08 15:34 51217 ----a-w- c:\windows\SETTAFEL.EXE 2009-11-22 08:35 . 1993-06-30 12:02 398416 ----a-w- c:\windows\system\VBRUN300.DLL 2009-11-22 08:35 . 1993-04-28 00:00 7008 ----a-w- c:\windows\system\SETUPKIT.DLL 2009-11-20 14:00 . 2009-11-20 14:00 -------- d-----w- c:\programdata\Zylom 2009-11-15 11:20 . 2009-11-15 11:20 4096 d-----w- c:\program files\WinSCP 2009-11-13 22:05 . 2009-11-13 22:05 -------- d-----w- c:\users\Judith\AppData\Roaming\Media Player Classic 2009-11-13 17:19 . 2009-11-13 17:19 -------- d-----w- c:\users\Judith\AppData\Local\ElevatedDiagnostics 2009-11-12 15:34 . 2009-11-17 11:59 -------- d-----w- c:\users\Judith\AppData\Local\Apple Computer 2009-11-12 15:34 . 2009-11-12 15:51 4096 d-----w- c:\users\Judith\AppData\Roaming\Apple Computer 2009-11-12 15:34 . 2009-11-12 15:34 -------- dc----w- c:\windows\system32\DRVSTORE 2009-11-12 15:34 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2009-11-12 15:34 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2009-11-12 15:33 . 2009-11-12 15:33 -------- d-----w- c:\program files\iPod 2009-11-12 15:33 . 2009-11-12 15:34 4096 d-----w- c:\program files\iTunes 2009-11-12 15:33 . 2009-11-12 15:34 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-11-12 15:31 . 2009-11-12 15:32 -------- d-----w- c:\program files\Bonjour 2009-11-12 15:31 . 2009-11-12 15:31 4096 d-----w- c:\program files\QuickTime 2009-11-12 15:30 . 2009-11-12 15:33 -------- d-----w- c:\programdata\Apple Computer 2009-11-12 15:30 . 2009-11-12 15:30 -------- d-----w- c:\users\Judith\AppData\Local\Apple 2009-11-12 15:30 . 2009-11-12 15:30 4096 d-----w- c:\program files\Apple Software Update 2009-11-12 15:29 . 2009-11-12 15:46 -------- d-----w- c:\programdata\Apple 2009-11-12 15:29 . 2009-11-12 15:33 -------- d-----w- c:\program files\Common Files\Apple 2009-11-12 07:11 . 2009-11-12 07:11 -------- d-----w- c:\programdata\NVIDIA 2009-11-11 20:59 . 2009-07-23 20:01 485920 ----a-w- c:\windows\system32\nvuninst.exe 2009-11-09 22:28 . 2009-11-09 22:28 -------- d-----w- c:\program files\MSXML 4.0 2009-11-09 14:52 . 2009-11-09 14:52 -------- d-----w- C:\Sun 2009-11-09 11:22 . 2009-11-09 15:20 4096 d-----w- c:\users\Judith\.SunDownloadManager 2009-11-09 08:18 . 2009-06-30 09:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-11-09 08:18 . 2009-11-09 08:18 -------- d-----w- c:\program files\Panda Security 2009-11-09 08:10 . 2009-11-09 08:17 4096 d-----w- c:\users\Judith\.housecall6.6 2009-11-09 08:09 . 2009-11-09 08:09 -------- d-----w- c:\windows\Sun 2009-11-09 08:09 . 2009-11-09 08:08 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-09 08:08 . 2009-11-09 08:08 -------- d-----w- c:\program files\Java 2009-11-08 18:16 . 2009-11-08 18:16 -------- d-----w- c:\users\Judith\AppData\Roaming\Nero 2009-11-08 18:15 . 2009-11-08 18:15 -------- d-----w- c:\users\Judith\AppData\Local\Ahead 2009-11-08 18:04 . 2009-11-08 18:04 -------- d-----w- c:\programdata\Nero 2009-11-08 18:04 . 2009-11-08 18:04 -------- d-----w- c:\program files\Nero 2009-11-08 18:04 . 2009-11-08 18:07 4096 d-----w- c:\program files\Common Files\Nero 2009-11-08 17:40 . 2009-11-08 17:40 -------- d-----w- c:\users\Judith\AppData\Roaming\Malwarebytes 2009-11-08 17:40 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-08 17:39 . 2009-11-08 17:39 -------- d-----w- c:\programdata\Malwarebytes 2009-11-08 17:39 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-08 17:39 . 2009-11-22 21:04 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-08 16:59 . 2009-11-08 17:40 -------- d-----w- c:\users\Judith\AppData\Roaming\Vso 2009-11-08 16:59 . 2009-11-08 16:59 87608 ----a-w- c:\users\Judith\AppData\Roaming\inst.exe 2009-11-08 16:59 . 2009-11-08 16:59 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-11-08 16:59 . 2009-11-08 16:59 47360 ----a-w- c:\users\Judith\AppData\Roaming\pcouffin.sys 2009-11-08 16:58 . 2009-09-02 15:41 65602 ----a-w- c:\windows\system32\cook3260.dll 2009-11-08 16:58 . 2009-09-02 15:41 626688 ----a-w- c:\windows\system32\vp7vfw.dll 2009-11-08 16:58 . 2009-09-02 15:41 217127 ----a-w- c:\windows\system32\drv43260.dll 2009-11-08 16:58 . 2009-09-02 15:41 208935 ----a-w- c:\windows\system32\drv33260.dll 2009-11-08 16:58 . 2009-09-02 15:41 176165 ----a-w- c:\windows\system32\drv23260.dll 2009-11-08 16:58 . 2009-09-02 15:41 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll 2009-11-08 16:58 . 2009-09-02 15:41 102439 ----a-w- c:\windows\system32\sipr3260.dll 2009-11-08 16:58 . 2009-11-08 16:58 -------- d-----w- c:\program files\VSO 2009-11-08 16:52 . 2009-11-08 16:52 -------- d-----w- c:\programdata\SlySoft 2009-11-08 16:52 . 2009-11-08 16:52 -------- d-----w- c:\program files\SlySoft 2009-11-08 16:40 . 2009-11-08 16:40 -------- d-----w- c:\users\Judith\AppData\Roaming\InfraRecorder 2009-11-08 16:40 . 2009-11-08 16:40 4096 d-----w- c:\program files\InfraRecorder 2009-11-07 20:17 . 2009-11-07 23:01 -------- d-----w- c:\users\Judith\AppData\Roaming\ImgBurn 2009-11-07 15:24 . 2009-11-22 13:18 16384 d-----w- c:\users\Judith\AppData\Local\QuickPar 2009-11-07 09:43 . 2009-11-07 09:44 -------- d-----w- c:\users\Judith\AppData\Local\Adobe 2009-11-07 07:59 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll 2009-11-06 11:22 . 2009-11-06 11:22 4096 d-----w- c:\program files\[DBP] Dutch Binaries Program 2009-11-06 11:22 . 2009-11-06 11:22 -------- d-----w- c:\windows\[DBP] Dutch Binaries Program 2009-11-06 07:08 . 2009-11-06 07:08 603904 ----a-w- c:\windows\system32\TUProgSt.exe 2009-11-06 07:08 . 2008-11-12 15:44 27904 ----a-w- c:\windows\system32\uxtuneup.dll 2009-11-06 07:08 . 2008-11-12 15:44 17152 ----a-w- c:\windows\system32\authuitu.dll 2009-11-06 07:08 . 2009-11-06 07:08 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-11-06 07:08 . 2009-11-06 07:08 -------- d-----w- c:\users\Judith\AppData\Roaming\TuneUp Software 2009-11-06 07:08 . 2009-11-06 07:08 49152 d-----w- c:\program files\TuneUp Utilities 2009 2009-11-06 07:08 . 2009-11-06 07:08 -------- d-----w- c:\programdata\TuneUp Software 2009-11-06 06:48 . 2009-11-06 06:50 8192 d-----w- c:\users\Judith\AppData\Roaming\NewsLeecher 2009-11-06 06:37 . 2007-04-09 12:23 28040 ----a-w- c:\windows\system32\mdimon.dll 2009-11-06 06:37 . 2009-11-06 06:37 -------- d-----w- c:\windows\system32\Macromed 2009-11-06 06:35 . 2009-11-06 06:35 -------- d-----w- c:\program files\Microsoft.NET 2009-11-06 06:34 . 2009-11-06 06:34 -------- d-----r- C:\MSOCache 2009-11-06 06:32 . 2009-11-23 07:40 -------- d-----w- c:\users\Judith\Tracing 2009-11-06 06:31 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-11-06 06:31 . 2009-11-06 14:37 28672 d-----w- c:\program files\ESET 2009-11-06 06:31 . 2009-11-06 06:31 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-06 06:30 . 2009-11-06 06:30 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2009-11-06 06:30 . 2009-11-06 06:30 895792 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-11-06 06:30 . 2009-11-06 06:30 -------- d-----w- c:\program files\Microsoft 2009-11-06 06:30 . 2009-11-06 06:30 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-11-06 06:26 . 2009-11-06 06:26 -------- d-----w- c:\program files\Common Files\Windows Live 2009-11-06 06:12 . 2009-11-06 11:07 -------- d-----w- c:\programdata\Messenger Plus! 2009-11-06 06:10 . 2009-11-06 06:10 -------- d-----w- c:\program files\MCEscience-soft 2009-11-05 19:00 . 2009-11-05 19:00 -------- d-----w- c:\users\Judith\AppData\Local\Apps 2009-11-05 19:00 . 2009-11-05 19:00 -------- d-----w- c:\users\Judith\AppData\Local\Deployment 2009-11-05 19:00 . 2008-12-07 18:08 795648 ----a-w- c:\windows\system32\xvidcore.dll 2009-11-05 19:00 . 2008-12-07 18:08 130048 ----a-w- c:\windows\system32\xvidvfw.dll 2009-11-05 19:00 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2009-11-05 18:57 . 2009-11-05 18:57 971552 ----a-w- c:\windows\system32\drivers\tdrpm174.sys 2009-11-05 18:57 . 2009-11-05 18:57 540000 ----a-w- c:\windows\system32\drivers\timntr.sys 2009-11-05 18:57 . 2009-11-05 18:57 44704 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2009-11-05 18:57 . 2009-11-05 18:57 134272 ----a-w- c:\windows\system32\drivers\snman380.sys 2009-11-05 18:57 . 2009-11-05 18:57 -------- d-----w- c:\program files\Acronis 2009-11-05 18:57 . 2009-11-05 18:57 4096 d-----w- c:\program files\Common Files\Acronis 2009-11-05 18:55 . 2009-11-05 18:55 4096 d-----w- c:\program files\QuickPar 2009-11-05 18:55 . 2009-11-05 18:55 4096 d-----w- c:\program files\NewsLeecher 2009-11-05 18:55 . 2009-11-17 08:08 4096 d-----w- c:\program files\FTDv3.8 2009-11-05 18:53 . 2009-11-05 18:53 -------- d-----w- c:\program files\Elaborate Bytes 2009-11-05 18:52 . 2009-11-08 17:45 4096 d-----w- c:\program files\Nero 9 2009-11-05 18:51 . 2009-11-05 18:51 4096 d-----w- c:\program files\ImgBurn 2009-11-05 18:51 . 2009-11-05 20:39 4096 d-----w- c:\program files\Messenger Plus! Live 2009-11-05 18:51 . 2009-11-06 09:08 87400 ----a-w- c:\users\Judith\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-05 18:50 . 2009-11-05 18:50 -------- d-----w- c:\windows\PCHEALTH 2009-11-05 16:16 . 2008-02-22 10:31 676224 ----a-w- c:\windows\system32\OGACheckControl.DLL 2009-11-05 16:10 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-11-05 16:08 . 2009-11-05 16:08 -------- d-----w- c:\program files\Common Files\Adobe 2009-11-05 16:07 . 2009-11-06 06:32 4096 d-----w- c:\program files\Windows Live 2009-11-05 16:07 . 2009-11-05 19:03 4096 d-----w- c:\program files\Windows Live Safety Center 2009-11-05 16:07 . 2009-11-12 21:31 24576 d-sh--w- c:\windows\Installer 2009-11-05 15:50 . 2009-11-22 13:29 -------- d-----w- c:\windows\system32\wbem\Performance 2009-11-05 15:47 . 2009-11-05 15:47 -------- d-sh--we c:\programdata\Sjablonen 2009-11-05 15:47 . 2009-11-05 15:47 -------- d-sh--we c:\programdata\Menu Start 2009-11-05 15:47 . 2009-11-05 15:47 -------- d-sh--we c:\programdata\Favorieten 2009-11-05 15:47 . 2009-11-05 15:47 -------- d-sh--we c:\programdata\Documenten 2009-11-05 15:47 . 2009-11-05 15:47 -------- d-----w- C:\Recovery . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-22 13:29 . 2009-07-14 08:27 694684 ----a-w- c:\windows\system32\perfh013.dat 2009-11-22 13:29 . 2009-07-14 08:27 131278 ----a-w- c:\windows\system32\perfc013.dat 2009-11-12 15:46 . 2009-11-12 15:46 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2009-11-06 06:29 . 2009-11-05 18:59 -------- d-----w- c:\users\Judith\AppData\Roaming\Media Control 2009-11-05 19:00 . 2009-11-05 18:58 4096 d-----w- c:\program files\K-Lite Codec Pack 2009-11-05 18:59 . 2009-11-05 18:59 8192 d-----w- c:\program files\Media Control 2009-11-05 15:39 . 2009-11-05 15:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2009-10-02 04:06 . 2009-11-06 06:05 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-09-03 07:04 . 2009-11-06 06:05 1320960 ----a-w- c:\windows\system32\CertEnroll.dll 2009-08-29 06:57 . 2009-11-06 06:05 34816 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 06:54 . 2009-11-06 06:05 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2009-08-28 18:42 . 2009-08-28 18:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2009-08-28 18:42 . 2009-08-28 18:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-01-20 4359280] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2009-01-20 960536] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-01-20 377232] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-09 149280] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 13797920] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [9-11-2009 9:18 28552] R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6-2-2009 13:23 106208] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14-7-2009 0:52 48128] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6-2-2009 13:23 727720] R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [6-2-2009 13:24 92800] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [6-11-2009 8:08 603904] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\System32\drivers\VSTAZL3.SYS [13-7-2009 23:13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\System32\drivers\VSTDPV3.SYS [13-7-2009 23:13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\System32\drivers\VSTCNXT3.SYS [13-7-2009 23:13 661504] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map 2009-11-23 c:\windows\Tasks\1-klik Onderhoud.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-03 16:48] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2009-11-23 12:20 ComboFix-quarantined-files.txt 2009-11-23 11:20 Pre-Run: 249.821.163.520 bytes beschikbaar Post-Run: 249.826.746.368 bytes beschikbaar - - End Of File - - B18788101E95842516FDAB280C5004DD -
wie kan me helpen me pc is denk ik geinfecteerd
Judje23 reageerde op Judje23's topic in Archief Bestrijding malware & virussen
Malwarebytes' Anti-Malware 1.41 Database versie: 3215 Windows 6.1.7600 23-11-2009 9:15:11 mbam-log-2009-11-23 (09-15-11).txt Scan type: Snelle Scan Objecten gescand: 93419 Verstreken tijd: 4 minute(s), 40 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) dus conclussie mbam vind niets had ik al eerder mee gescand maar panda online vind wel bedreigingen. en mijn pc is van slag af dus kan best dat er toch iets in zit. -
wie kan me helpen me pc is denk ik geinfecteerd
Judje23 plaatste een topic in Archief Bestrijding malware & virussen
Hallo, Wie o wie kan mij helpen, Had veel virussen in mijn pc weet niet hoe maar denk via mijn zoontje. Nu wou ik mijn harde schijf formateren maar dat liet me laptop niet toe hij gooit de pc iedere keer uit zodra die bij het formateren komt, kan er verder geen xp of vista opzetten ook dan gooit hij hem uit. Het wil alleen lopen met windows 7 maar daar liep hij altijd goed op tot heden. Heb helemaal geen bureaublad pictogrammen meer erop staan en kan ook geen snelkoppelingen naar bureaublad doen. Hieronder plaats ik een hijack this log misschien dat iemand weet wat ik er aan kan doen. Eerder scande ik altijd online met housecall maar die doet het niet meer? verkeerde java misschien. Alvast bedankt voor diegene die mij kan helpen. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:26:58, on 22-11-2009 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-us.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe -- End of file - 6659 bytes
