krikke__

ja voorlopig hou ik het hierbij kape alvast bedankt en ik denk dan dat het hierbij opgelost is.

hoi kape ik had gisteren toch die prevx3.0 gedownload en geinstalleerd nu elke keer ik opstart (nu terug in normale modus)draait hij mee op de achtergrond en kan ik nu blijkbaar wel terug facebook spelletjes spelen en terug op men windows nu is mijn vraag houdt dat progje nu alles tegen of zou het opgelost kunnen zijn of houdt dat ding zich nu eventjes op de achtergrond ---------- Post toegevoegd om 08:10 ---------- Vorige post was om 08:09 ---------- daarmee bedoel ik dan die indringer

hoi sorry was er even tussenuit nu heb ik serieuze problemen vanaf ik mijn pc opstart gaat alles goed ,vanaf hij opgestart is mag ik elke knop indrukken gebeurt er nix ik zit nu in veilige modus te werken met netwerkmogelijkheden die nhl.exe vond ik in men windows map 32 nu staat hij nog in deze map:c:\windows\prefetch het is 17.6kb groot en het heet:nhl.exe-02f77fob.pf sorry dat ik het vraag maar hopelijk snelle oplossing want ik heb dat eens opgezocht en het klinkt niet goed ---------- Post toegevoegd om 17:19 ---------- Vorige post was om 17:13 ---------- kweezie rabbit ik heb naar die link van je geweest en die prvx3.0 gedownload en hij vind nix

Malwarebytes' Anti-Malware 1.45 Malwarebytes Databaseversie: 3957 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 5/04/2010 22:44:35 mbam-log-2010-04-05 (22-44-35).txt Scantype: Snelle scan Objecten gescand: 99619 Verstreken tijd: 3 minuut/minuten, 48 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) ---------- Post toegevoegd om 20:49 ---------- Vorige post was om 20:45 ---------- ik snap er de ballen van dat ding vind niks maar met jou link kreeg ik als antwoord server niet gevonden dan heb ik maar op google link geplakt en dan kon ik er wel op

nu merk ik ook dat in mijn windowstaakbeheer als procesnaam:nhl.exe staat te draaien en 46cpu heeft tegenover de andere progs 0 en kan dit niet stoppen maar mijn pc draait tegen 100% ik heb al rondgekeken op internet blijkt dit een virus te zijn??

ComboFix 10-04-04.01 - ikke 05/04/2010 11:48:59.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1535 [GMT 2:00] Gestart vanuit: c:\documents and settings\ikke\Mijn documenten\Downloads\ComboFix.exe AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\winlogon.bak . (((((((((((((((((((( Bestanden Gemaakt van 2010-03-05 to 2010-04-05 )))))))))))))))))))))))))))))) . 2010-04-05 09:25 . 2008-04-14 20:32 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll 2010-04-05 09:25 . 2008-04-14 20:32 1306624 ------w- c:\windows\system32\msxml6.dll 2010-04-05 09:25 . 2008-04-14 20:09 88064 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2010-04-05 09:25 . 2008-04-14 20:09 88064 ------w- c:\windows\system32\msxml6r.dll 2010-04-05 09:22 . 2010-04-05 09:22 -------- d-----w- c:\windows\ServicePackFiles 2010-04-05 09:21 . 2008-04-14 20:32 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe 2010-04-05 09:19 . 2007-08-10 18:52 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2010-04-05 09:07 . 2010-04-05 09:07 360584 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys 2010-04-05 09:07 . 2010-04-05 09:07 74760 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\UniversalDD.sys 2010-04-05 09:07 . 2010-04-05 09:07 30216 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSFilter.sys 2010-04-05 09:07 . 2010-04-05 09:07 28424 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgmfx86.sys 2010-04-05 09:07 . 2010-04-05 09:07 25736 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSShim.sys 2010-04-05 09:07 . 2010-04-05 09:07 25608 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSxx.sys 2010-04-05 09:07 . 2010-04-05 09:07 333192 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys 2010-04-05 09:07 . 2010-04-05 09:07 161800 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgrkx86.sys 2010-04-05 09:07 . 2010-04-05 09:07 122376 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSDriver.sys 2010-04-05 09:06 . 2010-04-05 09:06 4093280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\avgui.exe 2010-04-05 09:06 . 2010-04-05 09:06 2064224 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\avgtray.exe 2010-04-05 09:06 . 2010-04-05 09:06 508184 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\avgrsx.exe 2010-04-05 09:06 . 2010-04-05 09:06 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-04-05 09:06 . 2010-04-05 09:06 617752 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\avgnsx.exe 2010-04-05 09:06 . 2010-04-05 09:06 640792 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\avgvvx.dll 2010-04-05 09:06 . 2010-04-05 09:06 751384 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\avgscanx.exe 2010-04-05 09:06 . 2010-04-05 09:06 313696 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\avglogx.dll 2010-04-05 09:06 . 2010-04-05 09:06 25096 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\AVGIDSxx.sys 2010-04-05 09:06 . 2010-04-05 09:06 5888008 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\prepare\AVGIDSAgent.exe 2010-04-05 09:04 . 2010-04-04 13:43 877848 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe 2010-04-05 09:04 . 2010-04-04 13:43 613656 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgiproxy.exe 2010-04-05 09:04 . 2010-04-04 13:43 1657112 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll 2010-04-05 09:04 . 2010-04-04 13:43 798488 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avginet.dll 2010-04-05 09:00 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-04-05 09:00 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll 2010-04-04 19:13 . 2010-04-04 19:13 -------- d-----w- c:\documents and settings\ikke\Application Data\Malwarebytes 2010-04-04 19:13 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-04 19:13 . 2010-04-04 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-04-04 19:13 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-04 19:13 . 2010-04-04 19:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-04 18:57 . 2010-04-04 19:06 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-04-04 18:56 . 2010-04-04 18:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro 2010-04-04 18:56 . 2010-04-04 19:02 -------- d-----w- c:\program files\Hitman Pro 3.5 2010-04-04 17:44 . 2010-04-04 17:44 388096 ----a-r- c:\documents and settings\ikke\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-04-04 17:44 . 2010-04-04 17:44 -------- d-----w- c:\program files\TrendMicro 2010-04-04 17:33 . 2010-04-05 09:34 -------- d--h--r- c:\documents and settings\ikke\Onlangs geopend 2010-04-04 17:31 . 2010-04-04 17:32 -------- d-----w- c:\program files\CCleaner 2010-04-04 16:33 . 2010-04-04 16:33 -------- d-----w- c:\documents and settings\ikke\Local Settings\Application Data\Identities 2010-04-04 15:36 . 2010-04-04 15:36 -------- d-----w- c:\windows\Sun 2010-04-04 15:32 . 2010-04-04 15:32 -------- d-----w- c:\program files\Common Files\Java 2010-04-04 15:32 . 2010-04-04 15:32 503808 ----a-w- c:\documents and settings\ikke\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2790c5ca-n\msvcp71.dll 2010-04-04 15:32 . 2010-04-04 15:32 499712 ----a-w- c:\documents and settings\ikke\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2790c5ca-n\jmc.dll 2010-04-04 15:32 . 2010-04-04 15:32 348160 ----a-w- c:\documents and settings\ikke\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2790c5ca-n\msvcr71.dll 2010-04-04 15:32 . 2010-04-04 15:32 61440 ----a-w- c:\documents and settings\ikke\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-352832c9-n\decora-sse.dll 2010-04-04 15:32 . 2010-04-04 15:32 12800 ----a-w- c:\documents and settings\ikke\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-352832c9-n\decora-d3d.dll 2010-04-04 15:32 . 2010-04-04 15:32 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-04-04 15:31 . 2010-04-04 15:31 -------- d-----w- c:\program files\Java 2010-04-04 15:20 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-04-04 15:16 . 2010-04-04 15:16 -------- d--h--w- c:\windows\$hf_mig$ 2010-04-04 14:51 . 2010-04-04 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2010-04-04 14:51 . 2010-03-16 06:51 600680 ----a-w- c:\windows\system32\nvuninst.exe 2010-04-04 14:51 . 2010-04-04 14:52 -------- d-----w- c:\program files\NVIDIA Corporation 2010-04-04 14:51 . 2010-03-16 06:51 61440 ----a-w- c:\windows\system32\OpenCL.dll 2010-04-04 14:51 . 2010-03-16 06:51 4075520 ----a-w- c:\windows\system32\nvcuda.dll 2010-04-04 14:51 . 2010-03-16 06:51 2646632 ----a-w- c:\windows\system32\nvcuvenc.dll 2010-04-04 14:51 . 2010-03-16 06:51 2030184 ----a-w- c:\windows\system32\nvcuvid.dll 2010-04-04 14:51 . 2010-03-16 06:51 11640832 ----a-w- c:\windows\system32\nvcompiler.dll 2010-04-04 14:51 . 2010-03-16 06:51 1097728 ----a-w- c:\windows\system32\nvapi.dll 2010-04-04 14:51 . 2010-03-16 06:51 2183470 ----a-w- c:\windows\system32\nvdata.bin 2010-04-04 14:50 . 2010-04-04 14:50 -------- d-----w- C:\NVIDIA 2010-04-04 14:49 . 2010-04-04 14:49 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles 2010-04-04 14:17 . 2010-04-04 14:17 12328 ----a-w- c:\documents and settings\ikke\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-04 13:55 . 2010-04-04 13:55 0 ----a-w- c:\windows\nsreg.dat 2010-04-04 13:55 . 2010-04-04 13:55 -------- d-----w- c:\documents and settings\ikke\Local Settings\Application Data\Mozilla 2010-04-04 13:48 . 2010-04-04 13:48 -------- d-s---w- c:\documents and settings\ikke\UserData 2010-04-04 13:47 . 2009-10-16 10:13 1115392 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll 2010-04-04 13:43 . 2010-04-04 18:44 -------- d-----w- C:\$AVG 2010-04-04 13:43 . 2010-04-05 09:06 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-04-04 13:43 . 2010-04-05 09:05 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-04-04 13:43 . 2010-04-05 09:02 -------- d-----w- c:\windows\system32\drivers\Avg 2010-04-04 13:43 . 2010-04-04 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2010-04-04 13:43 . 2010-04-05 09:06 25096 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys 2010-04-04 13:43 . 2010-04-05 09:06 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-04-04 13:43 . 2010-04-05 09:05 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2010-04-04 13:43 . 2010-04-04 13:43 50968 ----a-w- c:\windows\system32\avgfwdx.dll 2010-04-04 13:43 . 2010-04-04 13:43 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys 2010-04-04 13:43 . 2010-04-04 13:43 -------- d-----w- c:\program files\AVG 2010-04-04 13:43 . 2010-04-04 13:43 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-04-04 13:38 . 2004-05-17 05:56 106496 ----a-w- c:\windows\system32\AONMDI.DLL 2010-04-04 13:38 . 2004-05-14 07:30 21640 ----a-w- c:\windows\system32\CCDEVIO.sys 2010-04-04 13:38 . 2003-03-11 18:15 9919 ----a-w- c:\windows\system32\AONMDI.SYS 2010-04-04 13:38 . 2010-04-04 13:38 -------- d-----w- c:\program files\AOpen 2010-04-04 13:38 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe 2010-04-04 13:37 . 2010-04-04 13:46 -------- d-----w- c:\windows\nview 2010-04-04 13:37 . 2010-03-16 06:51 600680 ----a-w- c:\windows\system32\nvudisp.exe 2010-04-04 13:37 . 2010-04-04 13:37 -------- d-----w- c:\windows\Profiles 2010-04-04 13:37 . 2010-04-04 13:37 -------- d-----w- c:\windows\system32\Adobe 2010-04-04 13:37 . 2010-04-04 13:37 -------- d-----w- c:\program files\Common Files\Adobe 2010-04-04 13:37 . 2010-04-04 13:37 -------- d-----w- c:\documents and settings\ikke\Application Data\InterTrust 2010-04-04 13:37 . 1998-11-13 10:08 308224 ----a-w- c:\windows\IsUn0413.exe 2010-04-04 13:26 . 2004-06-15 23:14 180480 ----a-r- c:\windows\system32\drivers\yk51x86.sys 2010-04-04 13:25 . 2010-04-04 13:25 -------- d-----w- c:\program files\Intel 2010-04-04 13:25 . 2010-04-04 13:38 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-04-04 13:25 . 2010-04-04 13:25 -------- d-----w- c:\program files\Common Files\InstallShield . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-05 09:34 . 2004-08-04 12:00 53418 ----a-w- c:\windows\system32\perfc013.dat 2010-04-05 09:34 . 2004-08-04 12:00 364330 ----a-w- c:\windows\system32\perfh013.dat 2010-04-05 09:26 . 2010-04-04 11:07 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-04-04 11:07 . 2010-04-04 11:07 -------- d-----w- c:\program files\microsoft frontpage 2010-04-04 11:05 . 2010-04-04 11:05 21748 ----a-w- c:\windows\system32\emptyregdb.dat 2010-03-16 06:51 . 2004-08-25 09:14 6432128 ----a-w- c:\windows\system32\nv4_disp.dll 2010-03-16 06:51 . 2004-08-25 09:14 215656 ----a-w- c:\windows\system32\nvcodins.dll 2010-03-16 06:51 . 2004-08-25 09:14 215656 ----a-w- c:\windows\system32\nvcod.dll 2010-03-16 06:51 . 2004-08-25 09:14 14757888 ----a-w- c:\windows\system32\nvoglnt.dll 2010-03-16 06:51 . 2004-08-25 09:14 10232352 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2010-03-16 01:37 . 2010-03-16 01:37 278120 ----a-w- c:\windows\system32\nvmccs.dll 2010-03-16 01:37 . 2010-03-16 01:37 154216 ----a-w- c:\windows\system32\nvsvc32.exe 2010-03-16 01:37 . 2010-03-16 01:37 145000 ----a-w- c:\windows\system32\nvcolor.exe 2010-03-16 01:37 . 2010-03-16 01:37 13670504 ----a-w- c:\windows\system32\nvcpl.dll 2010-03-16 01:37 . 2010-03-16 01:37 110696 ----a-w- c:\windows\system32\nvmctray.dll 2010-03-16 01:37 . 2010-03-16 01:37 81920 ----a-w- c:\windows\system32\nvwddi.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-10-16 10:13 1115392 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35(2).exe" [2010-04-04 5650240] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG9\\avgam.exe"= "c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [4-4-2010 15:43 25096] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [4-4-2010 15:43 52872] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [4-4-2010 15:43 216200] R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [4-4-2010 15:43 242696] R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [5-4-2010 11:05 916760] R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [5-4-2010 11:06 308064] R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [5-4-2010 11:06 2325816] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [4-4-2010 15:43 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [4-4-2010 15:43 122376] R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [4-4-2010 15:43 30216] R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [4-4-2010 15:43 26120] R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [4-4-2010 15:33 1128320] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [4-4-2010 15:43 30104] S3 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [5-4-2010 11:06 5888008] S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?] . . ------- Bijkomende Scan ------- . uInternet Connection Wizard,ShellNext = iexplore FF - ProfilePath - c:\documents and settings\ikke\Application Data\Mozilla\Firefox\Profiles\53y7u2wk.default\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-Cmaudio - cmicnfg.cpl HKLM-Run-nwiz - nwiz.exe AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-04-05 11:51 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2010-04-05 11:52:16 ComboFix-quarantined-files.txt 2010-04-05 09:52 Pre-Run: 75.881.578.496 bytes beschikbaar Post-Run: 75.872.055.296 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 443408C236AF5CC9F5026F9CC27EC695 nu hijack: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 12:01:05, on 5/04/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wpabaln.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35(2).exe" /scan:boot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5126 bytes

als ik sp3 download stond mijn proces van windowstaakbeheer constant op 100% bij het uitpakken en instaleren ook .ik heb zoals je zei 1 van de 2 weggedaan en avg gehouden nu ga ik dat van kape doen.

ik ga dat direct doen ok

duurd lang precies veel problemen ontdekt??

ok ???

ja en nu??

Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 21:26:10, on 4/04/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre6\bin\java.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35(2).exe" /scan:boot O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5371 bytes

nog even een vraagje kan het aan men klok liggen?? bijn mij is het nu 21.23

het rare vind ik wel op mijn klok is het nu 21.23 en heb net gereageert bij u staat de vermelding 19.17?? heeft dat er misschien iets mee te maken

ja inderdaad telenet maar ik zit er nu al bijna een week mee eerst begon het met facebook als ik op die site wou kwam er een scherm met kan de url niet vinden.dat gebeurde eigenlijk met elke site waar ik het woord facebook wou in vermelden dan vandaag begon het met men hotmail aanmelden ging wel maar naar men postvak in duurde uren het andere nadeel is ik heb vanmorgend men pc geformateeerd nog niks serieus gedownload behalve dan firefox en nog wat spullen maar er zat al een trojan op nu mijn vraag is ben ik gehackt