Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Altijd Combofix, anders geen internet

juisterr
7 antwoorden
  • Hallo,

    als ik m'n pc aanzet en ik wil internetten of m'n hotmail nakijken, moet ik eerst Combofix draaien anders doet 'ie het niet. Ik ben het echt beu nou..

    SuperAntispyware heb ik en Brute Forcxe Uninstaller gebruik ik ook wel eens, dat heeft verder geen invloed op m'n probleem

    Ik denk dat er iedere keer als ik op internet ga er een sleutel word aangemaakt die dan de volgende keer als ik wil internetten in de weg zit, maar ik heb geen verstand van dit soort zaken…

    Kan iemand even naar m'n log kijken??? 1000x dank bij voorbaat!



    "Dennis" - 07-04-01 12:19:07 Service Pack 2
    ComboFix 07-03-14.4 - Running from: "E:\Downloaded!"

    ((((((((((((((((((((((((((((((( Files Created from 2007-03-01 to 2007-04-01 ))))))))))))))))))))))))))))))))))


    2007-03-28 15:02 <DIR> d——– C:\Program Files\IVT Corporation
    2007-03-24 00:59 <DIR> d——– C:\Program Files\Movavi Video Converter 5.1
    2007-03-24 00:59 <DIR> d——– C:\Program Files\MOVAVI
    2007-03-23 20:53 16,496 ——— C:\WINDOWS\system32\drivers\NVXBAR.SYS
    2007-03-23 20:53 141,582 ——— C:\WINDOWS\system32\drivers\NVCAP.SYS
    2007-03-23 18:47 8 –a—— C:\WINDOWS\system32
    vModes.dat
    2007-03-23 18:36 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1
    View_Profiles
    2007-03-23 18:33 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    2007-03-19 16:20 56,320 –a—— C:\WINDOWS\system32\DeltTray.exe
    2007-03-19 16:20 44,032 –a—— C:\WINDOWS\system32\deltapnl.dll
    2007-03-19 16:20 292,992 –a—— C:\WINDOWS\system32\drivers\delta.sys
    2007-03-19 16:20 20,480 –a—— C:\WINDOWS\system32\deltasio.dll
    2007-03-19 16:20 2,405,806 –a—— C:\WINDOWS\system32\pcifmdio.dll
    2007-03-19 16:20 1,122,304 –a—— C:\WINDOWS\system32\deltapnl.exe
    2007-03-19 16:20 <DIR> d——– C:\Program Files\M-Audio
    2007-03-15 18:33 0 –a—— C:\WINDOWS\system32\CMMGR32.EXE
    2007-03-15 18:24 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    2007-03-15 18:23 <DIR> d——– C:\Program Files\SUPERAntiSpyware
    2007-03-15 18:23 <DIR> d——– C:\Program Files\Common Files\Wise Installation Wizard
    2007-03-15 18:23 <DIR> d——– C:\DOCUME~1\Dennis\APPLIC~1\SUPERAntiSpyware.com
    2007-03-14 11:19 <DIR> d——– C:\DOCUME~1\Dennis\APPLIC~1\tunebite
    2007-03-14 11:09 16,640 –a—— C:\WINDOWS\system32\drivers\tbhsd.sys
    2007-03-14 11:09 <DIR> d——– C:\Program Files\Tunebite
    2007-03-13 20:37 36,528 ——— C:\WINDOWS\system32\drivers\PxHelp20.sys
    2007-03-13 20:37 2,560 ——— C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-03-13 20:37 2,432 ——— C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-03-13 20:37 129,784 ——— C:\WINDOWS\system32\pxafs.dll
    2007-03-13 20:37 115,880 ——— C:\WINDOWS\system32\pxinsi64.exe
    2007-03-13 20:37 <DIR> d——– C:\Program Files\Winamp
    2007-03-11 20:07 41,984 ——— C:\WINDOWS\Ctregrun.exe
    2007-03-11 20:06 233,472 –a—— C:\WINDOWS\system32\wrap_oal.dll
    2007-03-11 20:06 <DIR> d——– C:\Program Files\Creative
    2007-03-11 20:06 <DIR> d——– C:\DOCUME~1\Dennis\APPLIC~1\Creative
    2007-03-11 20:05 <DIR> d——– C:\WINDOWS\system32\Data
    2007-03-08 19:40 <DIR> d——– C:\Program Files\SecondLife
    2007-03-08 19:40 <DIR> d——– C:\DOCUME~1\Dennis\APPLIC~1\SecondLife
    2007-03-07 23:55 <DIR> d——– C:\DOCUME~1\Dennis\Shared
    2007-03-07 23:55 <DIR> d——– C:\DOCUME~1\Dennis\Incomplete
    2007-03-07 23:54 <DIR> d——– C:\Program Files\LimeWire
    2007-03-07 23:54 <DIR> d——– C:\DOCUME~1\Dennis\.limewire
    2007-03-06 14:43 <DIR> d——– C:\Program Files\Video Convert Master
    2007-03-05 20:37 <DIR> d——– C:\Program Files\Real
    2007-03-05 20:37 <DIR> d——– C:\Program Files\Common Files\Real
    2007-03-05 19:54 <DIR> d——– C:\Program Files\Mpgdvd
    2007-03-05 19:45 <DIR> d——– C:\Program Files\Magic RM to MP3 Converter
    2007-03-05 17:56 <DIR> d——– C:\audiograbber
    2007-03-05 17:37 8,192 –a—— C:\WINDOWS\system32\wshirda.dll
    2007-03-05 17:37 28,160 –a—— C:\WINDOWS\system32\irmon.dll
    2007-03-05 17:37 154,112 –a—— C:\WINDOWS\system32\irftp.exe
    2007-03-05 17:36 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
    2007-03-05 17:34 54,272 –a—— C:\WINDOWS\system32\drivers\vfwwdm32.dll
    2007-03-05 12:32 <DIR> d——– C:\WINDOWS\system32\PreInstall
    2007-03-04 19:57 <DIR> d——– C:\WINDOWS\system32\LogFiles
    2007-03-04 19:57 <DIR> d——– C:\WINDOWS\system32\drivers\UMDF


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-03-25 13:26 53418 –a—— C:\WINDOWS\system32\perfc013.dat
    2007-03-25 13:26 364330 –a—— C:\WINDOWS\system32\perfh013.dat
    2007-03-23 21:36 ——– d–h—– C:\Program Files\installshield installation information
    2007-03-12 21:25 724992 –a—— C:\WINDOWS\iun6002.exe
    2007-03-12 21:25 5664 –a—— C:\WINDOWS\system32\drivers\usbmidim.sys
    2007-03-12 21:25 23392 –a—— C:\WINDOWS\system32\drivers\usbmm2x4.sys
    2007-03-12 21:25 214016 –a—— C:\WINDOWS\system32\usbmn2x4.dll
    2007-03-12 21:25 ——– d——– C:\Program Files\m-audio midisport 2x4
    2007-03-11 20:10 ——– d——– C:\Program Files
    vidia corporation
    2007-03-05 20:03 ——– d——– C:\Program Files\activex control pad
    2007-03-02 13:14 ——– d——– C:\Program Files\Common Files\adobe
    2007-02-27 20:35 ——– d—s—- C:\DOCUME~1\Dennis\APPLIC~1\microsoft
    2007-02-27 15:03 ——– d——– C:\Program Files\msn messenger
    2007-02-27 14:56 ——– d——– C:\Program Files\movie maker
    2007-02-27 14:56 ——– d——– C:\Program Files\messenger
    2007-02-27 14:55 ——– d——– C:\Program Files\windows nt
    2007-02-27 14:33 ——– d——– C:\DOCUME~1\Dennis\APPLIC~1\adobe
    2007-02-25 15:45 1485 –a—— C:\WINDOWS\mozver.dat
    2007-02-25 15:45 ——– d——– C:\Program Files\java
    2007-02-25 15:44 ——– d——– C:\Program Files\Common Files\java
    2007-02-25 15:35 57344 –a—— C:\WINDOWS\system32\commtb32.dll
    2007-02-25 15:35 169984 –a—— C:\WINDOWS\system32\p2d.dll
    2007-02-25 15:35 161552 –a—— C:\WINDOWS\system32\asycpict.dll
    2007-02-23 21:33 ——– d——– C:\Program Files\hitman pro
    2007-02-23 21:31 ——– d——– C:\DOCUME~1\Dennis\APPLIC~1\lavasoft
    2007-02-22 20:21 ——– d——– C:\Program Files\ratdvd
    2007-02-12 14:13 ——– d——– C:\Program Files
    ative instruments
    2007-02-12 14:13 ——– d——– C:\Program Files\digidesign
    2007-01-26 13:22 233472 –a—— C:\WINDOWS\system32\rex shared library.dll
    2007-01-26 13:22 225280 –a—— C:\WINDOWS\system32\rewire.dll
    2007-01-21 19:20 0 –a—— C:\WINDOWS
    sreg.dat
    2007-01-21 18:30 62 –ahs—- C:\DOCUME~1\Dennis\APPLIC~1\desktop.ini
    2007-01-21 17:43 0 -rahs—- C:\MSDOS.SYS
    2007-01-21 17:43 0 -rahs—- C:\IO.SYS
    2007-01-21 17:43 0 –a—— C:\CONFIG.SYS
    2007-01-21 17:43 0 –a—— C:\AUTOEXEC.BAT
    2007-01-21 17:40 21748 –a—— C:\WINDOWS\system32\emptyregdb.dat
    2007-01-15 19:32 689280 –a—— C:\WINDOWS\system32\aswboot.exe
    2007-01-15 19:23 90112 –a—— C:\WINDOWS\system32\avastss.scr


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "SetDefaultMIDI"="MIDIDef.exe"
    "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
    "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
    "DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "snpstd3"="C:\\WINDOWS\\vsnpstd3.exe"
    "NVIDIA nTune"="\"C:\\Program Files\\NVIDIA Corporation\
    Tune
    Tune.exe\" clear"
    "H2O"="C:\\Program Files\\SyncroSoft\\Pos\\H2O\\cledx.exe"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
    "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
    "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
    "M-Audio Delta Taskbar Icon"="C:\\WINDOWS\\System32\\DeltTray.exe"
    "DeltTray"="DeltTray.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"=""
    "hkey"="HKLM"
    "command"=""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\admlpcd]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="condnezw"
    "hkey"="HKLM"
    "command"="condnezw.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tcpipmon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="tcpipmon"
    "hkey"="HKLM"
    "command"="tcpipmon.exe"
    "inimapping"="0"


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\!SASWinLogon

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
    bthsvcs REG_MULTI_SZ BthServ\0\0



    ********************************************************************

    catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes …

    scanning hidden services …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-04-01 12:21:58
  • Download [b:d9e14670a5]hijackthissetup[/b:d9e14670a5] naar je Bureaublad.[list:d9e14670a5]Dubbelklikken op [b:d9e14670a5]hijackthissetup.exe[/b:d9e14670a5]
    Volg de instructies en klik op [b:d9e14670a5]Install[/b:d9e14670a5]
    Er zal een snelkoppeling verschijnen op je Bureaublad met de naam [i:d9e14670a5]Hijack This[/i:d9e14670a5]
    Dubbelklikken op de snelkoppeling om Hijackthis te starten.[/list:u:d9e14670a5]


    Doe een scan en save het logfile, plaats dat file hier aub.
  • Alsjeblieft:

    Logfile of HijackThis v1.97.7
    Scan saved at 11:19:02, on 5/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\RunDLL32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\System32\DeltTray.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\oodag.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    E:\Downloaded!\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.google.be/
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation
    Tune\
    Tune.exe" clear
    O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe
    O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkydee1982.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  • Waar haal je die versie vandaan??? Dit is een oude versie, als je die link gebruikt die ik gaf heb je gelijk de laatste versie. Gooi die oude versie maar weg.

    plaats met behulp van die nieuwe versie een nieuw Logje aub.
  • Die oude versie stond nog ergens op m'n pc, hier is het logje van de nieuwe versie:




    Logfile of HijackThis v1.99.1
    Scan saved at 15:10:24, on 10/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RunDLL32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\System32\DeltTray.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\oodag.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hijack This\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.be/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation
    Tune\
    Tune.exe" clear
    O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe
    O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkydee1982.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe


    Dank u
  • tja niks bijzonders te zien dus.

    Download [b:53e9783a15]Dr.Web CureIt[/b:53e9783a15] naar je bureaublad:
    ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

    Dubbelklik [b:53e9783a15]drweb-cureit.exe[/b:53e9783a15] en sta het toe om de express scan te starten.
    Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, klik de Yes to all knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
    Eenmaal de korte scan is beeïndigd, Klik [b:53e9783a15]Options[/b:53e9783a15] > Change Settings
    Kies de "Scan"-tab en verwijder het vinkje bij "Heuristic analyse"
    Terug in het hoofdvenster kan je de drives selecteren die je wilt laten scannen.
    Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    Klik daarna de [b:53e9783a15]groene pijl[/b:53e9783a15] rechts om de scan te starten.
    Klik 'Yes to all' wanneer er gevraagd wordt om cure of move uit te voeren.
    Wanneer de scan gedaan is, kijk of je volgende icoontje kan aanklikken dat staat naast hetgeen gevonden werd: [img:53e9783a15]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:53e9783a15]
    Indien wel, klik erop en daarna klik op het icoontje er net onder en kies: [b:53e9783a15]Move incurable[/b:53e9783a15] zoals je zal zien in volgende afbeelding:
    [img:53e9783a15]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:53e9783a15]
    Dit zal de bestanden verplaatsen naar volgende map %userprofile%\DoctorWeb\quarantaine-folder indien het niet gedesinfecteerd kan worden. (dit in het geval dat we samples nodig hebben)
    Na bovenstaande te selecteren, in het menu bovenaan van Dr.Web CureIt, klik [b:53e9783a15]file[/b:53e9783a15] en kies [b:53e9783a15]save report list[/b:53e9783a15]. Bewaar de log op je bureaublad.
    Sluit daarna Dr.Web Cureit.

    [b:53e9783a15]Herstart[/b:53e9783a15] je computer!! Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart.
    Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.
  • Dr. web haalde niks uit, dusssssss heb ik alles maar geformateerd en opnieuw geinstalleerd

    toch bedank!!!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.