Ga naar inhoud

debiemy

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    19

  • Registratiedatum

  • Laatst bezocht

debiemy's prestaties

Leerling

Leerling (3/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. debiemy
    Hallo Passer, mijn zoon kwam aandraven met de Open Office, deze gratis software wordt ook vermeld in uw laatste reactie. En dit werkt, weliswaar is de documentopmaak naar de knoppen. Dank voor de support!
  2. debiemy
    Dank. Ik vond deze link al eerder en probeerde deze uit. Ik kon de mediafiles verwijderen, ook het terug omzetten naar een word doc maar ook dat doc opent niet = geeft foutmelding.
  3. debiemy
    Ik maakte onbewust een te groot Word doc met veel foto's. Het document is correct afgesloten maar geeft bij het opnieuw openen een foutmelding: het kan niet meer kan geopend worden omwille van te groot. Hoe kan ik de inhoud recupereren? Ik zette de doc al om naar een zip en opende en delete de mediabestanden. Het terugomzetten naar een doc lukt wel maar ook dan is het doc niet te openen. Ik gebruik de mac versie van word.
  4. debiemy
    Beste, hoe kan ik een MP4 afspelen op een sony ericsson W380 of nokia 5530? Moet file geconverteerd worden? Dank OK Zelf gevonden met Any Video Converter en Nokia Video Manager
  5. debiemy
    Beste, ik heb vorige week de hele opkuis tem combofix al eens doorlopen (met succes trouwens gezien alles virusvrij kunnen maken). De melding die ik nu krijg is een windowsvenster geen melding van het antivirusprogramma. Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 19:51:51, on 8/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE C:\Program Files\Telenet Security Pack\Anti-Virus\FSGK32.EXE C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\Program Files\Telenet Security Pack\Common\FSHDLL32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fssm32.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsav32.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Nikon\NkView5\NkvMon.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ? O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 12983 bytes
  6. debiemy
    Beste, dit heb ik al ontelbare malen gedaan (heb malware, cleaner, enz geïstalleerd en met succes laten lopen nav eerdere call van mij - zie eerder en beantwoord door KAPE). CCleaner levert zuivere PC op. Computer draait wel precies op volle toeren.
  7. debiemy
    Na grondig opkuisen PC met malwarebytes, enz inclusief updaten JAVA krijg ik nu deze melding : "Windows kan niet op stand-by worden gezet, omdat er Microsoft Office-documenten of -onderdelen worden gebruikt vanaf het netwerk. Sluit alle geopende documenten of toepassingen voordat u de computer op stand-by kunt zetten". Er staat echter niets geopend. Heeft deze melding nog iets te maken met malware?
  8. debiemy
    Ziezo, ook deze laatste stap werd met succes voltooid. Alvast heel erg bedankt om mij te begeleiden tijdens deze grote schoonmaak!!! Ik heb ook wat bijgeleerd mbt beheer pc en de cleaner laat ik zeker staan. Waarschijnlijk wordt ik een trouwe bezoeker van dit forum (maar dan liefst in een andere rubriek dan het opkuisen van malware)! Dank!
  9. debiemy
    Hierbij het resultaat van de security check (geef ik hierbij nu al mijn geheimen prijs?): (PS U zegt de zaken in quarantaine te laten staan maar kan het kwaad deze te wissen?) Results of screen317's Security Check version 0.99.1 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: a-squared Free 4.5 a-squared HiJackFree 3.1 `````````````````````````````` Anti-malware/Other Utilities Check: CCleaner Java 6 Update 13 Java 6 Update 3 Java 2 Runtime Environment, SE v1.4.2_03 Out of date Java installed! Adobe Flash Player 10 Adobe Reader 7.1.0 - Nederlands Out of date Adobe Reader installed! `````````````````````````````` Process Check: objlist.exe by Laurent Telenet Security Pack Anti-Virus fsgk32st.exe Telenet Security Pack Anti-Virus FSGK32.EXE Telenet Security Pack Anti-Virus fssm32.exe Telenet Security Pack Anti-Virus fsav32.exe `````````````````````````````` DNS Vulnerability Check: `````````End of Log```````````
  10. debiemy
    beste, als ik in start/uitvoeren combofix / uninstall ingeef wordt combofix opgestart ipv verwijderd
  11. debiemy
    Dit ziet er echt wel proper uit!!! Moet ik mij nu niets aantrekken van het feit dat die malware (zogezegd?) mijn schijf heeft gedefragmenteerd? Moet ik in de malwarebytes die virussen die nog in quarantaine staan niet verwijderen? Alvast heel erg bedankt, ook voor de zeer snelle respons! Malwarebytes' Anti-Malware 1.43 Database versie: 3482 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.11 3/01/2010 19:49:22 mbam-log-2010-01-03 (19-49-22).txt Scan type: Snelle Scan Objecten gescand: 144031 Verstreken tijd: 7 minute(s), 31 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden)
  12. debiemy
    ComboFix 10-01-02.05 - Lieven 03/01/2010 17:39:13.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1014.348 [GMT 1:00] Gestart vanuit: c:\documents and settings\Lieven\Mijn documenten\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Lieven\Bureaublad\CFScript.txt AV: Telenet Security Pack 9.01 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: Telenet Security Pack 9.01 *disabled* {D4747503-0346-49EB-9262-997542F79BF4} FILE :: "c:\windows\system32\drivers\afc.sys" "c:\windows\system32\Drivers\ov550i.sys" "c:\windows\system32\locate.com" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\afc.sys c:\windows\system32\locate.com . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Afc -------\Service_APL531 (((((((((((((((((((( Bestanden Gemaakt van 2009-12-03 to 2010-01-03 )))))))))))))))))))))))))))))) . 2010-01-03 11:19 . 2010-01-03 16:21 -------- d--h--r- c:\documents and settings\Lieven\Onlangs geopend 2010-01-02 21:59 . 2010-01-02 21:59 -------- d-----w- c:\documents and settings\Lieven\Application Data\Malwarebytes 2010-01-02 21:59 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-02 21:59 . 2010-01-02 21:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-02 21:59 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-02 21:59 . 2010-01-02 21:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-02 21:01 . 2010-01-02 21:01 388096 ----a-r- c:\documents and settings\Lieven\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-02 21:01 . 2010-01-02 21:01 -------- d-----w- c:\program files\TrendMicro 2009-12-30 20:51 . 2009-12-30 20:56 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys 2009-12-30 20:50 . 2009-08-05 15:57 80000 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2009-12-30 20:49 . 2009-12-30 20:56 -------- d-----w- c:\program files\Telenet Security Pack 2009-12-29 17:57 . 2009-12-29 17:57 -------- d-----w- C:\ISeeYouXP 2009-12-29 17:56 . 2009-12-29 17:56 -------- d-----w- c:\program files\CCleaner 2009-12-29 17:53 . 2009-12-29 17:53 -------- d-----w- c:\program files\a-squared HiJackFree 2009-12-29 11:48 . 2009-12-30 21:29 -------- d-----w- c:\program files\a-squared Free 2009-12-29 10:55 . 2009-12-29 10:55 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer 2009-12-29 10:48 . 2009-12-29 10:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe 2009-12-28 23:50 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2009-12-28 23:48 . 2009-12-28 23:48 -------- d-----w- c:\program files\iPod 2009-12-28 23:48 . 2009-12-28 23:50 -------- d-----w- c:\program files\iTunes 2009-12-28 23:47 . 2009-12-28 23:47 -------- d-----w- c:\program files\Bonjour 2009-12-28 19:17 . 2009-12-28 19:17 -------- d-----w- c:\program files\Windows Sidebar 2009-12-28 19:16 . 2009-12-30 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2009-12-28 14:12 . 2009-12-28 14:13 -------- d-----w- c:\program files\Windows Live Safety Center 2009-12-28 14:00 . 2009-12-30 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-12-26 10:38 . 2009-12-26 10:38 -------- d-----w- C:\filmtype 2009-12-26 10:16 . 2009-12-26 10:16 -------- d-----w- c:\documents and settings\Lieven\Local Settings\Application Data\ArcSoft 2009-12-26 10:15 . 2009-12-26 10:21 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft 2009-12-26 10:11 . 2005-04-27 15:36 245408 ----a-w- c:\windows\system32\unicows.dll 2009-12-26 10:11 . 2009-12-26 10:11 -------- d-----w- c:\program files\Common Files\ArcSoft 2009-12-26 10:08 . 2009-12-26 10:08 -------- d-----w- c:\windows\OVT 2009-12-18 18:38 . 2009-12-18 18:38 15849968 ----a-w- c:\documents and settings\Lieven\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller1x0\airinstaller1x0.exe 2009-12-09 21:02 . 2009-12-09 21:02 -------- d-----w- c:\documents and settings\Lieven\Local Settings\Application Data\WMTools Downloaded Files . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-03 15:17 . 2009-02-08 16:45 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT 2010-01-03 11:45 . 2009-11-10 20:00 79488 ----a-w- c:\documents and settings\Lieven\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-30 21:28 . 2006-11-27 16:34 -------- d-----w- c:\documents and settings\Lieven\Application Data\F-Secure 2009-12-30 20:50 . 2004-09-14 07:38 97370 ----a-w- c:\windows\system32\perfc013.dat 2009-12-30 20:50 . 2004-09-14 07:38 523460 ----a-w- c:\windows\system32\perfh013.dat 2009-12-30 20:50 . 2006-11-27 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2009-12-30 20:49 . 2007-08-16 08:44 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg 2009-12-28 23:52 . 2009-11-11 21:23 41328 ---ha-w- c:\windows\system32\mlfcache.dat 2009-12-28 23:48 . 2007-11-04 10:58 -------- d-----w- c:\program files\Common Files\Apple 2009-12-28 23:47 . 2006-08-28 16:32 -------- d-----w- c:\program files\QuickTime 2009-12-28 23:11 . 2006-11-10 18:54 54320 ----a-w- c:\documents and settings\Lieven\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-28 19:54 . 2008-01-18 11:01 -------- d-----w- c:\program files\Pinnacle 2009-12-28 19:49 . 2007-03-16 17:12 -------- d-----w- c:\program files\Harry Potter Creative CD 2009-12-28 19:36 . 2008-08-01 09:25 -------- d-----w- c:\program files\ExtraFilm PhotoAssistant 2009-12-28 19:32 . 2006-07-28 16:55 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-28 19:25 . 2006-08-28 16:26 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-28 14:03 . 2006-11-27 16:22 -------- d-----w- c:\program files\Telenet Internet Security Pack 2009-12-26 10:26 . 2006-09-01 20:46 -------- d-----w- c:\documents and settings\Lieven\Application Data\ArcSoft 2009-12-26 10:23 . 2009-08-30 13:11 -------- d-----w- c:\program files\Spector Photo Software 2009-12-26 10:11 . 2006-08-28 16:30 -------- d-----w- c:\program files\ArcSoft 2009-12-18 20:28 . 2007-11-24 15:26 -------- d-----w- c:\documents and settings\Lieven\Application Data\LEGO Company 2009-11-12 16:07 . 2009-11-12 16:07 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-11-11 21:12 . 2007-11-04 11:00 -------- d-----w- c:\documents and settings\Lieven\Application Data\Apple Computer 2009-11-07 17:25 . 2009-11-07 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-29 07:46 . 2004-09-14 07:38 832512 ------w- c:\windows\system32\wininet.dll 2009-10-29 07:46 . 2004-09-14 07:38 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:46 . 2004-09-14 07:38 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:40 . 2004-09-14 07:38 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-09-14 07:38 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 22:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-17 17:37 . 2009-10-17 17:37 68 ----a-w- C:\scandata.dat 2009-10-13 10:38 . 2004-09-14 07:38 270848 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-09-14 07:38 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2004-09-14 07:38 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-10 16:04 . 2009-02-08 16:47 49152 ----a-r- c:\documents and settings\Lieven\Application Data\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe 2009-10-10 16:03 . 2009-10-10 16:03 335872 ----a-r- c:\documents and settings\Lieven\Application Data\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe . ((((((((((((((((((((((((((((( SnapShot@2010-01-03_14.13.53 ))))))))))))))))))))))))))))))))))))))))) . + 2010-01-03 16:54 . 2010-01-03 16:54 16384 c:\windows\Temp\Perflib_Perfdata_724.dat - 2010-01-03 11:39 . 2010-01-03 11:39 16384 c:\windows\Temp\Perflib_Perfdata_724.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 68856] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-08 393216] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-16 148888] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 63712] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2007-10-31 378784] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-02-24 479232] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] FotoStation Easy AutoLaunch.lnk - c:\program files\FotoStation Easy\FotoStation Easy AutoLaunch.exe [2006-8-28 49152] Image Transfer.lnk - c:\program files\Sony Corporation\Image Transfer\SonyTray.exe [2006-8-28 73728] NkvMon.exe.lnk - c:\program files\Nikon\NkView5\NkvMon.exe [2006-8-28 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Program Files\\Spelletjes\\KetnetKick\\KetnetKick.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [30/12/2009 21:51 33920] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [30/12/2009 21:50 80000] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [30/12/2009 21:50 68064] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [29/12/2009 12:48 1858144] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/12/2008 11:17 55152] R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [6/02/2009 18:08 533360] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [30/12/2009 21:49 107104] R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [30/12/2009 21:50 55936] S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [16/08/2008 10:40 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [16/08/2008 10:42 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [16/08/2008 10:42 109992] S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [16/08/2008 10:50 103976] S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [16/08/2008 10:50 100008] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsfilter.sys [30/12/2009 21:49 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsrec.sys [30/12/2009 21:49 25184] . Inhoud van de 'Gedeelde Taken' map 2009-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34] 2010-01-02 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2010-01-03 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . . ------- Bijkomende Scan ------- . uStart Page = about:blank uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-03 17:56 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(644) c:\program files\telenet security pack\hips\fshook32.dll - - - - - - - > 'lsass.exe'(700) c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL c:\program files\telenet security pack\hips\fshook32.dll - - - - - - - > 'explorer.exe'(3236) c:\program files\telenet security pack\hips\fshook32.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL c:\program files\telenet security pack\scanner-interface\fsgkiapi.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Telenet Security Pack\Anti-Virus\fsgk32st.exe c:\program files\Telenet Security Pack\Common\FSMA32.EXE c:\program files\Telenet Security Pack\Anti-Virus\FSGK32.EXE c:\program files\Java\jre6\bin\jqs.exe c:\program files\Telenet Security Pack\Common\FSHDLL32.EXE c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Telenet Security Pack\Anti-Virus\fssm32.exe c:\program files\Telenet Security Pack\FWES\Program\fsdfwd.exe c:\program files\Telenet Security Pack\Anti-Virus\fsav32.exe c:\windows\system32\WgaTray.exe c:\windows\system32\wscntfy.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac c:\program files\iPod\bin\iPodService.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe c:\program files\Java\jre6\bin\jucheck.exe . ************************************************************************** . Voltooingstijd: 2010-01-03 18:02:09 - machine werd herstart ComboFix-quarantined-files.txt 2010-01-03 17:02 ComboFix2.txt 2010-01-03 14:15 Pre-Run: 115.934.543.872 bytes beschikbaar Post-Run: 115.830.571.008 bytes beschikbaar - - End Of File - - 1253F8D90EDB49402D71FA3CBB11121B Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 18:07:35, on 3/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE C:\Program Files\Telenet Security Pack\Anti-Virus\FSGK32.EXE C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Telenet Security Pack\Common\FSHDLL32.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fssm32.exe C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe C:\Program Files\Telenet Security Pack\Anti-Virus\fsav32.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Telenet Security Pack\Common\FSM32.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Nikon\NkView5\NkvMon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ? O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 12697 bytes
  13. debiemy
    Hallo: ik ben ongelooflijk benieuwd. ComboFix 10-01-02.05 - Lieven 03/01/2010 15:07:50.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1014.388 [GMT 1:00] Gestart vanuit: c:\documents and settings\Lieven\Mijn documenten\ComboFix.exe AV: Telenet Security Pack 9.01 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: Telenet Security Pack 9.01 *disabled* {D4747503-0346-49EB-9262-997542F79BF4} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrator\Application Data\02000000a8060d86724C.manifest c:\documents and settings\Administrator\Application Data\02000000a8060d86724O.manifest c:\documents and settings\Administrator\Application Data\02000000a8060d86724P.manifest c:\documents and settings\Administrator\Application Data\02000000a8060d86724S.manifest c:\documents and settings\Lieven\Application Data\02000000a8060d86724C.manifest c:\documents and settings\Lieven\Application Data\02000000a8060d86724O.manifest c:\documents and settings\Lieven\Application Data\02000000a8060d86724P.manifest c:\documents and settings\Lieven\Application Data\02000000a8060d86724S.manifest c:\documents and settings\Lieven\Application Data\SystemProc c:\documents and settings\Myriam\Application Data\02000000a8060d86724C.manifest c:\documents and settings\Myriam\Application Data\02000000a8060d86724O.manifest c:\documents and settings\Myriam\Application Data\02000000a8060d86724P.manifest c:\documents and settings\Myriam\Application Data\02000000a8060d86724S.manifest c:\windows\desktop c:\windows\desktop\Partituur Expert.lnk c:\windows\system32\1050768916 c:\windows\system32\unrar.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-03 to 2010-01-03 )))))))))))))))))))))))))))))) . 2010-01-03 11:19 . 2010-01-03 11:19 -------- d--h--r- c:\documents and settings\Lieven\Onlangs geopend 2010-01-02 21:59 . 2010-01-02 21:59 -------- d-----w- c:\documents and settings\Lieven\Application Data\Malwarebytes 2010-01-02 21:59 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-02 21:59 . 2010-01-02 21:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-02 21:59 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-02 21:59 . 2010-01-02 21:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-02 21:01 . 2010-01-02 21:01 388096 ----a-r- c:\documents and settings\Lieven\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-02 21:01 . 2010-01-02 21:01 -------- d-----w- c:\program files\TrendMicro 2009-12-30 20:51 . 2009-12-30 20:56 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys 2009-12-30 20:50 . 2009-08-05 15:57 80000 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2009-12-30 20:49 . 2009-12-30 20:56 -------- d-----w- c:\program files\Telenet Security Pack 2009-12-30 10:42 . 2005-01-14 01:41 11254 ----a-w- c:\windows\system32\locate.com 2009-12-29 17:57 . 2009-12-29 17:57 -------- d-----w- C:\ISeeYouXP 2009-12-29 17:56 . 2009-12-29 17:56 -------- d-----w- c:\program files\CCleaner 2009-12-29 17:53 . 2009-12-29 17:53 -------- d-----w- c:\program files\a-squared HiJackFree 2009-12-29 11:48 . 2009-12-30 21:29 -------- d-----w- c:\program files\a-squared Free 2009-12-29 10:55 . 2009-12-29 10:55 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer 2009-12-29 10:48 . 2009-12-29 10:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe 2009-12-28 23:50 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2009-12-28 23:48 . 2009-12-28 23:48 -------- d-----w- c:\program files\iPod 2009-12-28 23:48 . 2009-12-28 23:50 -------- d-----w- c:\program files\iTunes 2009-12-28 23:47 . 2009-12-28 23:47 -------- d-----w- c:\program files\Bonjour 2009-12-28 19:17 . 2009-12-28 19:17 -------- d-----w- c:\program files\Windows Sidebar 2009-12-28 19:16 . 2009-12-30 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2009-12-28 14:12 . 2009-12-28 14:13 -------- d-----w- c:\program files\Windows Live Safety Center 2009-12-28 14:00 . 2009-12-30 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-12-26 10:38 . 2009-12-26 10:38 -------- d-----w- C:\filmtype 2009-12-26 10:16 . 2009-12-26 10:16 -------- d-----w- c:\documents and settings\Lieven\Local Settings\Application Data\ArcSoft 2009-12-26 10:15 . 2009-12-26 10:21 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft 2009-12-26 10:11 . 2006-11-10 14:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys 2009-12-26 10:11 . 2005-04-27 15:36 245408 ----a-w- c:\windows\system32\unicows.dll 2009-12-26 10:11 . 2009-12-26 10:11 -------- d-----w- c:\program files\Common Files\ArcSoft 2009-12-26 10:08 . 2009-12-26 10:08 -------- d-----w- c:\windows\OVT 2009-12-18 18:38 . 2009-12-18 18:38 15849968 ----a-w- c:\documents and settings\Lieven\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller1x0\airinstaller1x0.exe 2009-12-09 21:02 . 2009-12-09 21:02 -------- d-----w- c:\documents and settings\Lieven\Local Settings\Application Data\WMTools Downloaded Files . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-03 11:45 . 2009-11-10 20:00 79488 ----a-w- c:\documents and settings\Lieven\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-30 21:28 . 2006-11-27 16:34 -------- d-----w- c:\documents and settings\Lieven\Application Data\F-Secure 2009-12-30 20:50 . 2004-09-14 07:38 97370 ----a-w- c:\windows\system32\perfc013.dat 2009-12-30 20:50 . 2004-09-14 07:38 523460 ----a-w- c:\windows\system32\perfh013.dat 2009-12-30 20:50 . 2006-11-27 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2009-12-30 20:49 . 2007-08-16 08:44 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg 2009-12-28 23:52 . 2009-11-11 21:23 41328 ---ha-w- c:\windows\system32\mlfcache.dat 2009-12-28 23:48 . 2007-11-04 10:58 -------- d-----w- c:\program files\Common Files\Apple 2009-12-28 23:47 . 2006-08-28 16:32 -------- d-----w- c:\program files\QuickTime 2009-12-28 23:11 . 2006-11-10 18:54 54320 ----a-w- c:\documents and settings\Lieven\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-28 19:54 . 2008-01-18 11:01 -------- d-----w- c:\program files\Pinnacle 2009-12-28 19:49 . 2007-03-16 17:12 -------- d-----w- c:\program files\Harry Potter Creative CD 2009-12-28 19:36 . 2008-08-01 09:25 -------- d-----w- c:\program files\ExtraFilm PhotoAssistant 2009-12-28 19:32 . 2006-07-28 16:55 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-28 19:25 . 2006-08-28 16:26 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-28 14:03 . 2006-11-27 16:22 -------- d-----w- c:\program files\Telenet Internet Security Pack 2009-12-26 10:26 . 2006-09-01 20:46 -------- d-----w- c:\documents and settings\Lieven\Application Data\ArcSoft 2009-12-26 10:23 . 2009-08-30 13:11 -------- d-----w- c:\program files\Spector Photo Software 2009-12-26 10:11 . 2006-08-28 16:30 -------- d-----w- c:\program files\ArcSoft 2009-12-18 20:28 . 2007-11-24 15:26 -------- d-----w- c:\documents and settings\Lieven\Application Data\LEGO Company 2009-11-12 16:07 . 2009-11-12 16:07 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-11-11 21:12 . 2007-11-04 11:00 -------- d-----w- c:\documents and settings\Lieven\Application Data\Apple Computer 2009-11-07 17:25 . 2009-11-07 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-29 07:46 . 2004-09-14 07:38 832512 ----a-w- c:\windows\system32\wininet.dll 2009-10-29 07:46 . 2004-09-14 07:38 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:46 . 2004-09-14 07:38 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:40 . 2004-09-14 07:38 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2004-09-14 07:38 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 22:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-17 17:37 . 2009-10-17 17:37 68 ----a-w- C:\scandata.dat 2009-10-13 10:38 . 2004-09-14 07:38 270848 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-09-14 07:38 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2004-09-14 07:38 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-10 16:04 . 2009-02-08 16:47 49152 ----a-r- c:\documents and settings\Lieven\Application Data\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe 2009-10-10 16:03 . 2009-10-10 16:03 335872 ----a-r- c:\documents and settings\Lieven\Application Data\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe 2009-10-10 15:53 . 2009-02-08 16:45 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 68856] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-08 393216] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-16 148888] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 63712] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2007-10-31 378784] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-02-24 479232] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "F-Secure Manager"="c:\program files\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] FotoStation Easy AutoLaunch.lnk - c:\program files\FotoStation Easy\FotoStation Easy AutoLaunch.exe [2006-8-28 49152] Image Transfer.lnk - c:\program files\Sony Corporation\Image Transfer\SonyTray.exe [2006-8-28 73728] NkvMon.exe.lnk - c:\program files\Nikon\NkView5\NkvMon.exe [2006-8-28 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Program Files\\Spelletjes\\KetnetKick\\KetnetKick.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [30/12/2009 21:51 33920] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [30/12/2009 21:50 80000] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Telenet Security Pack\HIPS\drivers\fshs.sys [30/12/2009 21:50 68064] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [29/12/2009 12:48 1858144] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/12/2008 11:17 55152] R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [6/02/2009 18:08 533360] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [30/12/2009 21:49 107104] R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Telenet Security Pack\ORSP Client\fsorsp.exe [30/12/2009 21:50 55936] S3 APL531;OVT Scanner;c:\windows\system32\Drivers\ov550i.sys --> c:\windows\system32\Drivers\ov550i.sys [?] S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [16/08/2008 10:40 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [16/08/2008 10:42 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [16/08/2008 10:42 109992] S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [16/08/2008 10:50 103976] S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [16/08/2008 10:50 100008] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsfilter.sys [30/12/2009 21:49 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Telenet Security Pack\Anti-Virus\win2k\fsrec.sys [30/12/2009 21:49 25184] . Inhoud van de 'Gedeelde Taken' map 2009-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34] 2010-01-02 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2010-01-03 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . . ------- Bijkomende Scan ------- . uStart Page = about:blank uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html LSP: c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-03 15:13 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(640) c:\program files\telenet security pack\hips\fshook32.dll c:\windows\system32\igfxdev.dll - - - - - - - > 'lsass.exe'(696) c:\program files\Telenet Security Pack\FSPS\program\FSLSP.DLL c:\program files\telenet security pack\hips\fshook32.dll . Voltooingstijd: 2010-01-03 15:15:28 ComboFix-quarantined-files.txt 2010-01-03 14:15 Pre-Run: 115.555.848.192 bytes beschikbaar Post-Run: 116.135.047.168 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - A60A5E36D2B881E5A658B9F197954B94
  14. debiemy
    Oei, installatie lukte niet: kreeg tijdens installatie inderdaad melding alvorens op OK te drukken antivirusprogramma uit te schakelen. Heb dit gedaan: geen reactie. Vervolgens opnieuw combo gedownload maar kreeg melding kan combofix niet herbenoemen, benoem opnieuw liefst met numerieke getallen (of zoiets) en vervolgens geen reactie meer.
  15. debiemy
    Net voor ik de finale opkuis met Cleaner en Systeemherstel heb uitgevoerd, meldde mijn antivirusprogramma mij dat er een Trojan.BHO.Agent.BJ succesvol is opgeruimd. Ik diende wel niet terug op te starten zoals voorheen. Ik bekijk nu nog even of het zich nog voordoet na de Cleaner en het Systeemherstel. Moet ik in Malwarebytes die in quarantaine geplaatste rommel niet verwijderen? Dank alvast.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.