Vraag & Antwoord

Beveiliging & privacy

Altijd Combofix, anders geen internet

7 antwoorden
  • Hallo, als ik m'n pc aanzet en ik wil internetten of m'n hotmail nakijken, moet ik eerst Combofix draaien anders doet 'ie het niet. Ik ben het echt beu nou.. SuperAntispyware heb ik en Brute Forcxe Uninstaller gebruik ik ook wel eens, dat heeft verder geen invloed op m'n probleem Ik denk dat er iedere keer als ik op internet ga er een sleutel word aangemaakt die dan de volgende keer als ik wil internetten in de weg zit, maar ik heb geen verstand van dit soort zaken... Kan iemand even naar m'n log kijken??? 1000x dank bij voorbaat! "Dennis" - 07-04-01 12:19:07 Service Pack 2 ComboFix 07-03-14.4 - Running from: "E:\Downloaded!" ((((((((((((((((((((((((((((((( Files Created from 2007-03-01 to 2007-04-01 )))))))))))))))))))))))))))))))))) 2007-03-28 15:02 <DIR> d-------- C:\Program Files\IVT Corporation 2007-03-24 00:59 <DIR> d-------- C:\Program Files\Movavi Video Converter 5.1 2007-03-24 00:59 <DIR> d-------- C:\Program Files\MOVAVI 2007-03-23 20:53 16,496 --------- C:\WINDOWS\system32\drivers\NVXBAR.SYS 2007-03-23 20:53 141,582 --------- C:\WINDOWS\system32\drivers\NVCAP.SYS 2007-03-23 18:47 8 --a------ C:\WINDOWS\system32\nvModes.dat 2007-03-23 18:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles 2007-03-23 18:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA 2007-03-19 16:20 56,320 --a------ C:\WINDOWS\system32\DeltTray.exe 2007-03-19 16:20 44,032 --a------ C:\WINDOWS\system32\deltapnl.dll 2007-03-19 16:20 292,992 --a------ C:\WINDOWS\system32\drivers\delta.sys 2007-03-19 16:20 20,480 --a------ C:\WINDOWS\system32\deltasio.dll 2007-03-19 16:20 2,405,806 --a------ C:\WINDOWS\system32\pcifmdio.dll 2007-03-19 16:20 1,122,304 --a------ C:\WINDOWS\system32\deltapnl.exe 2007-03-19 16:20 <DIR> d-------- C:\Program Files\M-Audio 2007-03-15 18:33 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE 2007-03-15 18:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com 2007-03-15 18:23 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2007-03-15 18:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-03-15 18:23 <DIR> d-------- C:\DOCUME~1\Dennis\APPLIC~1\SUPERAntiSpyware.com 2007-03-14 11:19 <DIR> d-------- C:\DOCUME~1\Dennis\APPLIC~1\tunebite 2007-03-14 11:09 16,640 --a------ C:\WINDOWS\system32\drivers\tbhsd.sys 2007-03-14 11:09 <DIR> d-------- C:\Program Files\Tunebite 2007-03-13 20:37 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-03-13 20:37 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-03-13 20:37 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-03-13 20:37 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-03-13 20:37 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe 2007-03-13 20:37 <DIR> d-------- C:\Program Files\Winamp 2007-03-11 20:07 41,984 --------- C:\WINDOWS\Ctregrun.exe 2007-03-11 20:06 233,472 --a------ C:\WINDOWS\system32\wrap_oal.dll 2007-03-11 20:06 <DIR> d-------- C:\Program Files\Creative 2007-03-11 20:06 <DIR> d-------- C:\DOCUME~1\Dennis\APPLIC~1\Creative 2007-03-11 20:05 <DIR> d-------- C:\WINDOWS\system32\Data 2007-03-08 19:40 <DIR> d-------- C:\Program Files\SecondLife 2007-03-08 19:40 <DIR> d-------- C:\DOCUME~1\Dennis\APPLIC~1\SecondLife 2007-03-07 23:55 <DIR> d-------- C:\DOCUME~1\Dennis\Shared 2007-03-07 23:55 <DIR> d-------- C:\DOCUME~1\Dennis\Incomplete 2007-03-07 23:54 <DIR> d-------- C:\Program Files\LimeWire 2007-03-07 23:54 <DIR> d-------- C:\DOCUME~1\Dennis\.limewire 2007-03-06 14:43 <DIR> d-------- C:\Program Files\Video Convert Master 2007-03-05 20:37 <DIR> d-------- C:\Program Files\Real 2007-03-05 20:37 <DIR> d-------- C:\Program Files\Common Files\Real 2007-03-05 19:54 <DIR> d-------- C:\Program Files\Mpgdvd 2007-03-05 19:45 <DIR> d-------- C:\Program Files\Magic RM to MP3 Converter 2007-03-05 17:56 <DIR> d-------- C:\audiograbber 2007-03-05 17:37 8,192 --a------ C:\WINDOWS\system32\wshirda.dll 2007-03-05 17:37 28,160 --a------ C:\WINDOWS\system32\irmon.dll 2007-03-05 17:37 154,112 --a------ C:\WINDOWS\system32\irftp.exe 2007-03-05 17:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth 2007-03-05 17:34 54,272 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll 2007-03-05 12:32 <DIR> d-------- C:\WINDOWS\system32\PreInstall 2007-03-04 19:57 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2007-03-04 19:57 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-03-25 13:26 53418 --a------ C:\WINDOWS\system32\perfc013.dat 2007-03-25 13:26 364330 --a------ C:\WINDOWS\system32\perfh013.dat 2007-03-23 21:36 -------- d--h----- C:\Program Files\installshield installation information 2007-03-12 21:25 724992 --a------ C:\WINDOWS\iun6002.exe 2007-03-12 21:25 5664 --a------ C:\WINDOWS\system32\drivers\usbmidim.sys 2007-03-12 21:25 23392 --a------ C:\WINDOWS\system32\drivers\usbmm2x4.sys 2007-03-12 21:25 214016 --a------ C:\WINDOWS\system32\usbmn2x4.dll 2007-03-12 21:25 -------- d-------- C:\Program Files\m-audio midisport 2x4 2007-03-11 20:10 -------- d-------- C:\Program Files\nvidia corporation 2007-03-05 20:03 -------- d-------- C:\Program Files\activex control pad 2007-03-02 13:14 -------- d-------- C:\Program Files\Common Files\adobe 2007-02-27 20:35 -------- d---s---- C:\DOCUME~1\Dennis\APPLIC~1\microsoft 2007-02-27 15:03 -------- d-------- C:\Program Files\msn messenger 2007-02-27 14:56 -------- d-------- C:\Program Files\movie maker 2007-02-27 14:56 -------- d-------- C:\Program Files\messenger 2007-02-27 14:55 -------- d-------- C:\Program Files\windows nt 2007-02-27 14:33 -------- d-------- C:\DOCUME~1\Dennis\APPLIC~1\adobe 2007-02-25 15:45 1485 --a------ C:\WINDOWS\mozver.dat 2007-02-25 15:45 -------- d-------- C:\Program Files\java 2007-02-25 15:44 -------- d-------- C:\Program Files\Common Files\java 2007-02-25 15:35 57344 --a------ C:\WINDOWS\system32\commtb32.dll 2007-02-25 15:35 169984 --a------ C:\WINDOWS\system32\p2d.dll 2007-02-25 15:35 161552 --a------ C:\WINDOWS\system32\asycpict.dll 2007-02-23 21:33 -------- d-------- C:\Program Files\hitman pro 2007-02-23 21:31 -------- d-------- C:\DOCUME~1\Dennis\APPLIC~1\lavasoft 2007-02-22 20:21 -------- d-------- C:\Program Files\ratdvd 2007-02-12 14:13 -------- d-------- C:\Program Files\native instruments 2007-02-12 14:13 -------- d-------- C:\Program Files\digidesign 2007-01-26 13:22 233472 --a------ C:\WINDOWS\system32\rex shared library.dll 2007-01-26 13:22 225280 --a------ C:\WINDOWS\system32\rewire.dll 2007-01-21 19:20 0 --a------ C:\WINDOWS\nsreg.dat 2007-01-21 18:30 62 --ahs---- C:\DOCUME~1\Dennis\APPLIC~1\desktop.ini 2007-01-21 17:43 0 -rahs---- C:\MSDOS.SYS 2007-01-21 17:43 0 -rahs---- C:\IO.SYS 2007-01-21 17:43 0 --a------ C:\CONFIG.SYS 2007-01-21 17:43 0 --a------ C:\AUTOEXEC.BAT 2007-01-21 17:40 21748 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-01-15 19:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe 2007-01-15 19:23 90112 --a------ C:\WINDOWS\system32\avastss.scr (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "SetDefaultMIDI"="MIDIDef.exe" "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "snpstd3"="C:\\WINDOWS\\vsnpstd3.exe" "NVIDIA nTune"="\"C:\\Program Files\\NVIDIA Corporation\\nTune\\\\nTune.exe\" clear" "H2O"="C:\\Program Files\\SyncroSoft\\Pos\\H2O\\cledx.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\"" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe" "M-Audio Delta Taskbar Icon"="C:\\WINDOWS\\System32\\DeltTray.exe" "DeltTray"="DeltTray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\admlpcd] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="condnezw" "hkey"="HKLM" "command"="condnezw.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tcpipmon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="tcpipmon" "hkey"="HKLM" "command"="tcpipmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 bthsvcs REG_MULTI_SZ BthServ\0\0 ******************************************************************** catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-04-01 12:21:58
  • Download [url=http://www.isecurity.org.uk/downloads/hijackthissetup.exe][b:d9e14670a5]hijackthissetup[/b:d9e14670a5][/url] naar je Bureaublad.[list:d9e14670a5]Dubbelklikken op [b:d9e14670a5]hijackthissetup.exe[/b:d9e14670a5] Volg de instructies en klik op [b:d9e14670a5]Install[/b:d9e14670a5] Er zal een snelkoppeling verschijnen op je Bureaublad met de naam [i:d9e14670a5]Hijack This[/i:d9e14670a5] Dubbelklikken op de snelkoppeling om Hijackthis te starten.[/list:u:d9e14670a5] Doe een scan en save het logfile, plaats dat file hier aub.
  • Alsjeblieft: Logfile of HijackThis v1.97.7 Scan saved at 11:19:02, on 5/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\D-Tools\daemon.exe C:\WINDOWS\vsnpstd3.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\DeltTray.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\oodag.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe E:\Downloaded!\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.google.be/ O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkydee1982.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  • Waar haal je die versie vandaan??? Dit is een oude versie, als je die link gebruikt die ik gaf heb je gelijk de laatste versie. Gooi die oude versie maar weg. plaats met behulp van die nieuwe versie een nieuw Logje aub.
  • Die oude versie stond nog ergens op m'n pc, hier is het logje van de nieuwe versie: Logfile of HijackThis v1.99.1 Scan saved at 15:10:24, on 10/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\D-Tools\daemon.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\DeltTray.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\oodag.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hijack This\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe O4 - HKLM\..\Run: [DeltTray] DeltTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkydee1982.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe Dank u
  • tja niks bijzonders te zien dus. Download [b:53e9783a15]Dr.Web CureIt[/b:53e9783a15] naar je bureaublad: [url=ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe]ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe[/url] Dubbelklik [b:53e9783a15]drweb-cureit.exe[/b:53e9783a15] en sta het toe om de express scan te starten. Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, klik de Yes to all knop bij de vraag 'cure it?'. Dit is enkel een korte scan. Eenmaal de korte scan is beeïndigd, Klik [b:53e9783a15]Options[/b:53e9783a15] > Change Settings Kies de "Scan"-tab en verwijder het vinkje bij "Heuristic analyse" Terug in het hoofdvenster kan je de drives selecteren die je wilt laten scannen. Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen. Klik daarna de [b:53e9783a15]groene pijl[/b:53e9783a15] rechts om de scan te starten. Klik 'Yes to all' wanneer er gevraagd wordt om cure of move uit te voeren. Wanneer de scan gedaan is, kijk of je volgende icoontje kan aanklikken dat staat naast hetgeen gevonden werd: [img:53e9783a15]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:53e9783a15] Indien wel, klik erop en daarna klik op het icoontje er net onder en kies: [b:53e9783a15]Move incurable[/b:53e9783a15] zoals je zal zien in volgende afbeelding: [img:53e9783a15]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:53e9783a15] Dit zal de bestanden verplaatsen naar volgende map %userprofile%\DoctorWeb\quarantaine-folder indien het niet gedesinfecteerd kan worden. (dit in het geval dat we samples nodig hebben) Na bovenstaande te selecteren, in het menu bovenaan van Dr.Web CureIt, klik [b:53e9783a15]file[/b:53e9783a15] en kies [b:53e9783a15]save report list[/b:53e9783a15]. Bewaar de log op je bureaublad. Sluit daarna Dr.Web Cureit. [b:53e9783a15]Herstart[/b:53e9783a15] je computer!! Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart. Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.
  • Dr. web haalde niks uit, dusssssss heb ik alles maar geformateerd en opnieuw geinstalleerd toch bedank!!!

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.