elkrieko
-
Items
14 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door elkrieko
-
-
bedankt kapo op dit moment nog geen problemen met die ***** imesh haha
Ik hoop dat het zo blijft , anders zoek ik je hulp weer op
nogmaals bedankt
-
Beste kapo nu wel gelukt hieronder de resultaten van combofix
ComboFix 09-12-23.04 - elkrieko 24/12/2009 12:17:06.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.1156 [GMT 1:00]
Gestart vanuit: c:\users\elkrieko\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\elkrieko\Desktop\CFScript.txt\CFScript.txt..txt
AV: avast! antivirus 4.8.1229 [VPS 090103-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 090103-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Conduit
c:\program files\Conduit\Community Alerts\Alert.dll
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-11-24 to 2009-12-24 ))))))))))))))))))))))))))))))
.
2009-12-24 11:24 . 2009-12-24 11:24 -------- d-----w- c:\users\elkrieko\AppData\Local\temp
2009-12-24 11:24 . 2009-12-24 11:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-24 11:24 . 2009-12-24 11:24 -------- d-----w- c:\users\muziek\AppData\Local\temp
2009-12-24 11:24 . 2009-12-24 11:24 -------- d-----w- c:\users\Incomplete\AppData\Local\temp
2009-12-24 11:24 . 2009-12-24 11:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-22 02:06 . 2009-12-22 02:06 1232496 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleCld_D9AEC8D4D1915047.dll
2009-12-22 02:04 . 2009-12-22 02:06 -------- d-----w- c:\program files\Google
2009-12-21 03:09 . 2009-12-23 23:58 52224 ----a-w- c:\users\elkrieko\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-20 23:23 . 2009-12-20 23:23 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Windows Live Writer
2009-12-20 23:23 . 2009-12-20 23:23 -------- d-----w- c:\users\elkrieko\AppData\Local\Windows Live Writer
2009-12-15 18:37 . 2009-12-15 18:37 -------- d-----w- c:\programdata\McAfee
2009-12-13 18:41 . 2009-12-13 18:42 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-13 18:37 . 2009-12-13 18:37 -------- d-----w- c:\programdata\McAfee Security Scan
2009-12-13 18:32 . 2009-12-13 18:32 -------- d-----w- c:\users\elkrieko\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150040}
2009-12-10 02:06 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 02:05 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 02:05 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 16:14 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-09 16:09 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-06 21:30 . 2009-12-06 21:30 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Malwarebytes
2009-12-06 21:30 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-06 21:30 . 2009-12-06 21:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-06 21:30 . 2009-12-06 21:30 -------- d-----w- c:\programdata\Malwarebytes
2009-12-06 21:30 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-05 23:57 . 2009-12-21 03:09 117760 ----a-w- c:\users\elkrieko\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-05 21:15 . 2009-12-05 21:15 -------- d-----w- c:\program files\Trend Micro
2009-11-25 02:01 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-24 19:46 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-24 19:46 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-24 19:40 . 2009-11-24 19:40 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbA1CC.tmp.exe
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-23 03:32 . 2009-07-09 16:12 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Azureus
2009-12-20 01:49 . 2009-11-14 18:32 -------- d-----w- c:\program files\DNA
2009-12-19 23:07 . 2007-04-14 10:30 -------- d-----w- c:\program files\Intel
2009-12-18 16:19 . 2009-07-09 16:11 -------- d-----w- c:\program files\Vuze
2009-12-18 16:19 . 2009-10-15 15:48 178 ----a-w- c:\users\elkrieko\AppData\Roaming\Azureus\restart.bat
2009-12-13 20:21 . 2009-10-31 18:34 -------- d-----w- c:\programdata\CyberLink
2009-12-13 20:19 . 2009-10-31 18:28 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-12-11 17:30 . 2007-04-14 20:11 680172 ----a-w- c:\windows\system32\perfh013.dat
2009-12-11 17:30 . 2007-04-14 20:11 132614 ----a-w- c:\windows\system32\perfc013.dat
2009-12-10 02:34 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-10 02:07 . 2007-10-12 13:40 -------- d-----w- c:\programdata\Microsoft Help
2009-12-06 21:06 . 2009-11-15 18:22 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-12-06 21:06 . 2009-11-15 18:22 -------- d-----w- c:\program files\AVS4YOU
2009-12-06 15:32 . 2009-07-15 17:02 -------- d-----w- c:\program files\Canon
2009-12-06 15:22 . 2008-08-08 18:30 -------- d-----w- c:\program files\epson
2009-12-06 15:22 . 2007-04-14 10:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-05 20:21 . 2007-12-31 20:34 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Launchy
2009-12-04 10:34 . 2007-12-31 20:42 -------- d-----w- c:\users\elkrieko\AppData\Roaming\U3
2009-12-03 02:25 . 2007-11-13 19:21 -------- d-----w- c:\program files\Glary Utilities
2009-11-24 23:54 . 2007-09-05 18:06 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2008-05-27 09:54 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-05-27 09:54 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2007-09-05 18:06 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2007-09-05 18:06 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2007-09-05 18:06 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2007-09-05 18:06 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 23:02 . 2009-01-03 19:43 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-21 06:40 . 2009-12-09 16:19 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 16:19 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-09 16:19 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-09 16:19 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-20 23:11 . 2009-11-20 23:11 -------- d-----w- c:\users\elkrieko\AppData\Roaming\NeroDCTemplates
2009-11-18 04:18 . 2009-11-18 04:18 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 04:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 04:18 . 2009-11-18 04:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-15 18:23 . 2009-11-15 18:23 -------- d-----w- c:\users\elkrieko\AppData\Roaming\AVS4YOU
2009-11-15 18:23 . 2009-11-15 17:34 -------- d-----w- c:\users\elkrieko\AppData\Roaming\DivX
2009-11-15 18:23 . 2009-11-15 18:23 -------- d-----w- c:\programdata\AVS4YOU
2009-11-15 16:55 . 2009-11-15 16:55 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-11-15 00:08 . 2009-11-15 00:08 -------- d-----w- c:\users\elkrieko\AppData\Roaming\LaCie
2009-11-15 00:08 . 2009-11-15 00:08 96 ----a-w- c:\users\elkrieko\AppData\Local\fusioncache.dat
2009-11-14 18:55 . 2009-11-14 18:52 -------- d-----w- c:\programdata\eMule
2009-11-14 10:53 . 2009-11-14 10:53 81920 ----a-r- c:\users\elkrieko\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut2_6DD9963C271A4A1482B04DC148C52E58_2.exe
2009-11-14 10:53 . 2009-11-14 10:53 81920 ----a-r- c:\users\elkrieko\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut1_6DD9963C271A4A1482B04DC148C52E58_2.exe
2009-11-14 10:53 . 2009-11-14 10:53 43302 ----a-r- c:\users\elkrieko\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\ARPPRODUCTICON.exe
2009-11-14 10:53 . 2009-11-14 10:53 -------- d-----w- c:\program files\LaCie
2009-11-09 19:20 . 2007-09-07 17:26 -------- d-----w- c:\program files\Java
2009-11-02 19:42 . 2009-10-02 22:54 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-31 18:36 . 2009-10-31 18:34 -------- d-----w- c:\users\elkrieko\AppData\Roaming\CyberLink
2009-10-31 18:31 . 2009-10-31 18:31 -------- d-----w- c:\program files\Common Files\CyberLink
2009-10-26 17:57 . 2009-10-26 17:57 -------- d-----w- c:\users\elkrieko\AppData\Roaming\InfraRecorder
2009-10-26 17:57 . 2009-10-26 17:57 -------- d-----w- c:\program files\InfraRecorder
2009-10-11 03:17 . 2008-12-13 06:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 21:08 . 2009-11-18 02:00 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-18 02:00 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-18 02:00 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-01 01:02 . 2009-11-18 02:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-18 02:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-18 02:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-18 02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-18 02:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-18 02:02 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-18 02:02 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-18 02:02 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-18 02:02 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-18 02:02 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-18 02:02 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-18 02:02 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-09-06 143360]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-01-27 251264]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"LaCie Backup"="c:\program files\LaCie\Backup Software\\LaCieBackup.exe" [2007-12-03 2600960]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-22 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"V0230Mon.exe"="c:\windows\V0230Mon.exe" [2006-09-06 32768]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-04-19 151552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-27 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-27 8473120]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-27 81920]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"BePCSC"="c:\program files\EmvSmartCardReader\BePCSC.exe" [2007-05-03 27136]
"SmartMon"="c:\program files\EmvSmartCardReader\SmartMON.exe" [2006-12-04 73826]
"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2007-12-31 274432]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-07 23:24 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(:49,f7,0e,ba,39,3d,ca,01
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [27/05/2008 10:54 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [22/12/2008 11:06 9968]
R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [22/12/2008 11:05 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [27/05/2008 10:54 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [5/09/2007 19:06 53328]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [28/01/2009 8:39 185640]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/02/2008 8:17 493568]
R3 V0230Vfx;V0230Vfx;c:\windows\System32\drivers\V0230Vfx.sys [5/09/2007 19:50 6272]
R3 V0230VID;Live! Cam Video IM Pro;c:\windows\System32\drivers\V0230VID.sys [5/09/2007 19:50 500480]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22/12/2009 3:06 135664]
S3 EMVSCARD;EMVSCARD;c:\windows\System32\drivers\EMVSCARD.sys [19/12/2006 13:29 20736]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [8/07/2008 1:56 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [22/10/2009 3:03 54632]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [22/12/2008 11:06 7408]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Bijkomende Scan -------
.
mWindow Title = Telenet Internet
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-12-24 12:24
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2009-12-24 12:27:27
ComboFix-quarantined-files.txt 2009-12-24 11:27
ComboFix2.txt 2009-12-23 00:18
Pre-Run: 189.947.088.896 bytes beschikbaar
Post-Run: 190.006.140.928 bytes beschikbaar
- - End Of File - - 548C26CA6F2E93D640746640F016011F
Ik hoop je dat het gelukt is ??
alvast bedankt voor je hulp vrolijk kerstfeest
-
beste kape ?
ik heb gedaan wat je vroeg maar combofix heeft meer dan 1 uur gedraaid maar kreeg geen antwoord volgens de tekst van hun kon het voor een zwaar geinfecteerde pc 20 minuten duren ??
heb misschien iets verkeerd gedaan ?? kan wel mijn avast niet uitschakelen want ben mijn paswoord vergeten ? Maar combofix is wel opgestart is er misschien een andere oplossing daarvoor om mijn beveiligingen uit te schakelen ??
Ik heb jouw tekst Folder::
c:\program files\Conduit
Registry::
R0 -: HKCU-Main,Start Page = hxxp://search.imesh.com/be/
R0 -: HKLM-Main,Start Page = hxxp://search.imesh.com/be
in een bureaumap met CFScript.txt. naar combofix gesleept .
graag antwoord als ik iets verkeerd deed ?
de beste groetjes en thx
-
zoals jullie gevraagd haden hier de uistag van van walwaMalwarebytes' Anti-Malware 1.42
Database versie: 3305
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865
23/12/2009 1:27:25
mbam-log-2009-12-23 (01-27-25).txt
Scan type: Snelle Scan
Objecten gescand: 103661
Verstreken tijd: 3 minute(s), 36 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
rebytes MBAM
alsook de uitslag van combofix
ComboFix 09-12-21.08 - elkrieko 23/12/2009 1:08.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.1175 [GMT 1:00]
Gestart vanuit: c:\users\elkrieko\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 090103-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 090103-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\elkrieko\AppData\Local\Microsoft\Windows\Temporary Internet Files\7jNgLc_3
c:\users\elkrieko\AppData\Local\Microsoft\Windows\Temporary Internet Files\eJ6--gkHCr
F:\Autorun.inf
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-11-23 to 2009-12-23 ))))))))))))))))))))))))))))))
.
2009-12-23 00:15 . 2009-12-23 00:16 -------- d-----w- c:\users\elkrieko\AppData\Local\temp
2009-12-22 02:06 . 2009-12-22 02:06 1232496 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleCld_D9AEC8D4D1915047.dll
2009-12-22 02:04 . 2009-12-22 02:06 -------- d-----w- c:\program files\Google
2009-12-21 03:09 . 2009-12-22 23:22 52224 ----a-w- c:\users\elkrieko\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-20 23:23 . 2009-12-20 23:23 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Windows Live Writer
2009-12-20 23:23 . 2009-12-20 23:23 -------- d-----w- c:\users\elkrieko\AppData\Local\Windows Live Writer
2009-12-20 00:38 . 2009-12-20 00:38 -------- d-----w- c:\program files\Conduit
2009-12-15 18:37 . 2009-12-15 18:37 -------- d-----w- c:\programdata\McAfee
2009-12-13 18:41 . 2009-12-13 18:42 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-13 18:37 . 2009-12-13 18:37 -------- d-----w- c:\programdata\McAfee Security Scan
2009-12-13 18:32 . 2009-12-13 18:32 -------- d-----w- c:\users\elkrieko\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150040}
2009-12-10 02:06 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 02:05 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 02:05 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 16:14 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-09 16:09 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-06 21:30 . 2009-12-06 21:30 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Malwarebytes
2009-12-06 21:30 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-06 21:30 . 2009-12-06 21:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-06 21:30 . 2009-12-06 21:30 -------- d-----w- c:\programdata\Malwarebytes
2009-12-06 21:30 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-05 23:57 . 2009-12-21 03:09 117760 ----a-w- c:\users\elkrieko\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-05 21:15 . 2009-12-05 21:15 -------- d-----w- c:\program files\Trend Micro
2009-11-25 02:01 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-24 19:46 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-24 19:46 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-24 19:40 . 2009-11-24 19:40 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbA1CC.tmp.exe
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-22 19:40 . 2009-07-09 16:12 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Azureus
2009-12-20 01:49 . 2009-11-14 18:32 -------- d-----w- c:\program files\DNA
2009-12-19 23:07 . 2007-04-14 10:30 -------- d-----w- c:\program files\Intel
2009-12-18 16:19 . 2009-07-09 16:11 -------- d-----w- c:\program files\Vuze
2009-12-18 16:19 . 2009-10-15 15:48 178 ----a-w- c:\users\elkrieko\AppData\Roaming\Azureus\restart.bat
2009-12-13 20:21 . 2009-10-31 18:34 -------- d-----w- c:\programdata\CyberLink
2009-12-13 20:19 . 2009-10-31 18:28 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-12-11 17:30 . 2007-04-14 20:11 680172 ----a-w- c:\windows\system32\perfh013.dat
2009-12-11 17:30 . 2007-04-14 20:11 132614 ----a-w- c:\windows\system32\perfc013.dat
2009-12-10 02:34 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-10 02:07 . 2007-10-12 13:40 -------- d-----w- c:\programdata\Microsoft Help
2009-12-06 21:06 . 2009-11-15 18:22 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-12-06 21:06 . 2009-11-15 18:22 -------- d-----w- c:\program files\AVS4YOU
2009-12-06 15:32 . 2009-07-15 17:02 -------- d-----w- c:\program files\Canon
2009-12-06 15:22 . 2008-08-08 18:30 -------- d-----w- c:\program files\epson
2009-12-06 15:22 . 2007-04-14 10:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-05 20:21 . 2007-12-31 20:34 -------- d-----w- c:\users\elkrieko\AppData\Roaming\Launchy
2009-12-04 10:34 . 2007-12-31 20:42 -------- d-----w- c:\users\elkrieko\AppData\Roaming\U3
2009-12-03 02:25 . 2007-11-13 19:21 -------- d-----w- c:\program files\Glary Utilities
2009-11-24 23:54 . 2007-09-05 18:06 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2008-05-27 09:54 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-05-27 09:54 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2007-09-05 18:06 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2007-09-05 18:06 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2007-09-05 18:06 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2007-09-05 18:06 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 23:02 . 2009-01-03 19:43 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-21 06:40 . 2009-12-09 16:19 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 16:19 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-09 16:19 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-09 16:19 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-20 23:11 . 2009-11-20 23:11 -------- d-----w- c:\users\elkrieko\AppData\Roaming\NeroDCTemplates
2009-11-18 04:18 . 2009-11-18 04:18 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 04:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 04:18 . 2009-11-18 04:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-15 18:23 . 2009-11-15 18:23 -------- d-----w- c:\users\elkrieko\AppData\Roaming\AVS4YOU
2009-11-15 18:23 . 2009-11-15 17:34 -------- d-----w- c:\users\elkrieko\AppData\Roaming\DivX
2009-11-15 18:23 . 2009-11-15 18:23 -------- d-----w- c:\programdata\AVS4YOU
2009-11-15 16:55 . 2009-11-15 16:55 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-11-15 00:08 . 2009-11-15 00:08 -------- d-----w- c:\users\elkrieko\AppData\Roaming\LaCie
2009-11-15 00:08 . 2009-11-15 00:08 96 ----a-w- c:\users\elkrieko\AppData\Local\fusioncache.dat
2009-11-14 18:55 . 2009-11-14 18:52 -------- d-----w- c:\programdata\eMule
2009-11-14 10:53 . 2009-11-14 10:53 81920 ----a-r- c:\users\elkrieko\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut2_6DD9963C271A4A1482B04DC148C52E58_2.exe
2009-11-14 10:53 . 2009-11-14 10:53 81920 ----a-r- c:\users\elkrieko\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut1_6DD9963C271A4A1482B04DC148C52E58_2.exe
2009-11-14 10:53 . 2009-11-14 10:53 43302 ----a-r- c:\users\elkrieko\AppData\Roaming\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\ARPPRODUCTICON.exe
2009-11-14 10:53 . 2009-11-14 10:53 -------- d-----w- c:\program files\LaCie
2009-11-09 19:20 . 2007-09-07 17:26 -------- d-----w- c:\program files\Java
2009-11-02 19:42 . 2009-10-02 22:54 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-31 18:36 . 2009-10-31 18:34 -------- d-----w- c:\users\elkrieko\AppData\Roaming\CyberLink
2009-10-31 18:31 . 2009-10-31 18:31 -------- d-----w- c:\program files\Common Files\CyberLink
2009-10-26 17:57 . 2009-10-26 17:57 -------- d-----w- c:\users\elkrieko\AppData\Roaming\InfraRecorder
2009-10-26 17:57 . 2009-10-26 17:57 -------- d-----w- c:\program files\InfraRecorder
2009-10-11 03:17 . 2008-12-13 06:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 21:08 . 2009-11-18 02:00 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-18 02:00 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-18 02:00 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-01 01:02 . 2009-11-18 02:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-18 02:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-18 02:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-18 02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-18 02:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-18 02:02 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-18 02:02 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-18 02:02 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-18 02:02 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-18 02:02 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-18 02:02 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-18 02:02 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 02:10 . 2009-11-18 02:02 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-11-18 02:02 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-11-18 02:02 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-11-18 02:02 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-11-18 02:02 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-11-18 02:02 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-11-18 02:02 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-11-18 02:02 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-11-18 02:02 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-11-18 02:02 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-11-18 02:02 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-11-18 02:02 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-11-18 02:02 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-11-18 02:02 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-11-18 02:02 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-11-18 02:02 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-11-18 02:02 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-11-18 02:02 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-11-18 02:02 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:30 . 2009-11-18 02:02 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:27 . 2009-11-18 02:02 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-11-18 02:02 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-11-18 02:02 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-11-18 02:02 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-11-18 02:02 258048 ----a-w- c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-11-18 02:02 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-11-18 02:02 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-09-06 143360]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-01-27 251264]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-23 2001648]
"LaCie Backup"="c:\program files\LaCie\Backup Software\\LaCieBackup.exe" [2007-12-03 2600960]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-22 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"V0230Mon.exe"="c:\windows\V0230Mon.exe" [2006-09-06 32768]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-04-19 151552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-27 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-27 8473120]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-27 81920]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"BePCSC"="c:\program files\EmvSmartCardReader\BePCSC.exe" [2007-05-03 27136]
"SmartMon"="c:\program files\EmvSmartCardReader\SmartMON.exe" [2006-12-04 73826]
"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2007-12-31 274432]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-07 23:24 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(:49,f7,0e,ba,39,3d,ca,01
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [27/05/2008 10:54 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [22/12/2008 11:06 9968]
R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [22/12/2008 11:05 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [27/05/2008 10:54 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [5/09/2007 19:06 53328]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [28/01/2009 8:39 185640]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/02/2008 8:17 493568]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [22/12/2008 11:06 7408]
R3 V0230Vfx;V0230Vfx;c:\windows\System32\drivers\V0230Vfx.sys [5/09/2007 19:50 6272]
R3 V0230VID;Live! Cam Video IM Pro;c:\windows\System32\drivers\V0230VID.sys [5/09/2007 19:50 500480]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22/12/2009 3:06 135664]
S3 EMVSCARD;EMVSCARD;c:\windows\System32\drivers\EMVSCARD.sys [19/12/2006 13:29 20736]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [8/07/2008 1:56 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [22/10/2009 3:03 54632]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.imesh.com/be/
mWindow Title = Telenet Internet
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html
.
- - - - ORPHANS VERWIJDERD - - - -
WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
WebBrowser-{C1036F99-E666-4AAD-A079-5A20AD04E477} - (no file)
HKLM-Run-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-12-23 01:16
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2009-12-23 01:18:47
ComboFix-quarantined-files.txt 2009-12-23 00:18
Pre-Run: 189.230.735.360 bytes beschikbaar
Post-Run: 189.470.384.128 bytes beschikbaar
- - End Of File - - 4EC7315F354B78F415118635066CD483
Graag wat informatie daarover is chinees voor mij haha sorry
ik hoop dat jullie advies positief is ?
alsnog bedankt daarvoor dan groetjes
-
oke bedankt zeal het later effe proberen moet nu wel weg
bedankt alvast
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:11, on 22/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\V0230Mon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\EmvSmartCardReader\BePCSC.exe
C:\Program Files\EmvSmartCardReader\SmartMON.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Launchy\Launchy.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\V0230Mon.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [bePCSC] C:\Program Files\EmvSmartCardReader\BePCSC.exe
O4 - HKLM\..\Run: [smartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} (FixItClient Class) - https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
--
End of file - 9377 bytes
Deze resultaten heb ik gekregen hoop dat jullie er wat mee kunt alvast bedankt
Hoop op een positief antwoord groetjessss
-
Geachte heren
Heb sinds kort problemen met imesh ?
Heb die vroeger reeds van pc verwijderd zeker minstens 2 jaar geleden maar sinds kort komt hij telkens weer ook als ik hem terug verwijder graag jullie hulp hiervoor ?
heb hem ook al via Hijack This verwijderd maar komt telkens terug ?
Bedankt bij voorbaad voor jullie hulp
P.S (hij komt telkens als starpagina op pc ?)
-
ik download van pirate bay vroeger van limeware nooit problemen met downloaden nu ook niet maar als ik mijn rechter muisknop gebruik krijg ik dat bericht van explorer.exe "toepassing kan niet gevonden worden . Het opnieuw installeren van deze toepassing kan probleem verhelpen " ?? alleen waneer ik de gedowloade films van naam wil veranderen op er nederlandse tekst op wil zetten (namen van film en tekst moeten overeenkomen ) als ik dan terug naar startpagina ga en terug naar men muziek en filmmap ga lukt het eventjes daarna weer opnieuw dat gericht ??
drom hoe moet in die rtl70.bpl terug installeren ?? en ken geen reaconverter ?? wasda ?? ben maar een amateurke he haha . Misschien jullie weer een stapje verder ?? na deze uitleg? hopelijk ?
---------- Post toegevoegd om 20:53 ---------- Vorige post was om 20:48 ----------
effe om te reageren op die converter ik had wel eens een Divx-converter gedownload maar heb die terug verwijderd (sorry mijne euro viel door die naam converter ? weet niet of dat jullie helpt ?? )
-
als films download en ze in mappen wil zetten komt regelmatig dat bericht erop van rtl70.bpc dan moet ik terug naar bureelblad om terug die file waar ik op download en dan kan ik die film in de map die ik wens plaatsen is beedje verveelend dat was geen probleem vroeger ?
als ik nieuwe windows zou downloaden zou het dan kunnen dat dat bericht van "kan rtl70.bpc niet vinden en moet terug gedownload worden " dan eventueel zou verdwijnen ?? om fims te bekijken heb ik geen probleem mee gaat via windows mediaplayer
hoop dat je hiermee verder kan helpen alvast de groetjes en bedankt
-
sorry maar ken de namen niet meer maar kan ik die nog terugvinden dan ?? maar waren sites die men me voorstelde te verwijderen ?
maar krijg nog dat bericht van rtl70.bpl dat ik het terug moet dowloaden het probleem is niet altijd konstant maar meestal als ik met films bezig ben ??
graag jullie mening en eventueel jullie oplossingen bedankt alvast
-
heb alles verwijders van files die moesten ,maar heb nog altijd probleem met dat bericht van rtl70.bpl ??
graag verder instructies , bedankt alvast
-
em32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\V0230Mon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\EmvSmartCardReader\BePCSC.exe
C:\Program Files\EmvSmartCardReader\SmartMON.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Launchy\Launchy.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\prevhost.exe
C:\Program Files\Windows Media Player\wmprph.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Peer2Peer-NE Toolbar - {c0d70ed8-d984-40c3-9666-8939ce76ea13} - C:\Program Files\Peer2Peer-NE\tbPeer.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: myp2pmedia - {195f0fc9-5b11-d342-7727-58451b3e8f44} - C:\Windows\system32\-APBFmq--WHmc1.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Peer2Peer-NE Toolbar - {c0d70ed8-d984-40c3-9666-8939ce76ea13} - C:\Program Files\Peer2Peer-NE\tbPeer.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Peer2Peer-NE Toolbar - {c0d70ed8-d984-40c3-9666-8939ce76ea13} - C:\Program Files\Peer2Peer-NE\tbPeer.dll
O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\V0230Mon.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [bePCSC] C:\Program Files\EmvSmartCardReader\BePCSC.exe
O4 - HKLM\..\Run: [smartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O13 - Gopher Prefix:
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} (CrazyTalk4 Control) - http://plug-in.reallusion.com/CrazyTalk4.cab
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} (FixItClient Class) - https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
--
End of file - 13120 byt
deze gegevens krijg ik bij hijack
-
heb zelfde probleem met rtl70.bpl
ben maar een amareurke graag hulp het die hyjackthis gedownload maar nu ???
EDIT : eigen topic voor je aangemaakt. Posten in topic van andere gebruikers zorgt alleen maar voor misverstanden.
Imesh probleem ?
in Archief Windows Algemeen
Geplaatst:
kapo bedankt ik heb uitgevoerd wat je vroeg mag die CCcleaner op bureaublad blijven en op de pc geinstaleerd blijven ??
hartelijk bedankt alsnog groetjes en fijne feestdagen