Vraag & Antwoord

Beveiliging & privacy

Systeembeheerder error

12 antwoorden
  • hallo beste mensen, mijn probleem is net als een aantal anderen hier: ik schijn niet meer de systeembeheerder van mijn eigen pc te zijn. kan iemand mij even helpen? alvast bedankt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:19:45, on 8-10-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\DAEMON Tools\daemon.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [PhilipsRemote] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Dani den Besten\Bureaublad\Games\Poker\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Dani den Besten\Bureaublad\Games\Poker\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Dani den Besten\Menu Start\Programma's\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/23b2b94751f7cd2f3306/netzip/RdxIE601.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - ftp://ftp.giskit.com/pub/mapguide/mgaxctrl.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5E39E273-2B96-4BF8-952B-6EB8877F4E29}: NameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{96BB9648-15BC-4581-B9AD-751EA826F5CD}: NameServer = 198.168.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{9C19310F-4413-468C-9B23-21A30A43EC2C}: NameServer = 192.168.2.1 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 9380 bytes
  • Start Hijackthis, kies voor [i:3aa52b918e]'Do a system scan only'[/i:3aa52b918e] en vink onderstaande regels aan: [b:3aa52b918e] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Dani den Besten\Bureaublad\Games\Poker\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Dani den Besten\Bureaublad\Games\Poker\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/23b2b94751f7cd2f3306/netzip/RdxIE601.cab [/b:3aa52b918e] Sluit nu [u:3aa52b918e]alle[/u:3aa52b918e] openstaande vensters, behalve Hijackthis en klik op [b:3aa52b918e]Fix Checked[/b:3aa52b918e]. Verwijder onderstaande map: C:\Documents and Settings\Dani den Besten\Bureaublad\Games\Poker\[b:3aa52b918e]PartyPoker[/b:3aa52b918e] Herstart je PC. Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]Combofix[/url] naar je [b:3aa52b918e]bureaublad[/b:3aa52b918e] Dubbelklik op [u:3aa52b918e]combofix.exe[/u:3aa52b918e] Kies voor "Continue" door [b:3aa52b918e]1[/b:3aa52b918e] te typen gevolgd door [b:3aa52b918e]ENTER[/b:3aa52b918e]. Tijdens het runnen van de fix, [b:3aa52b918e]NIET[/b:3aa52b918e] in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log [b:3aa52b918e]combofix.txt[/b:3aa52b918e] openen. Bewaar dit logje. [i:3aa52b918e]NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.[/i:3aa52b918e] Plaats in je volgende antwoord het logje van combofix ([i:3aa52b918e]combofix.txt[/i:3aa52b918e]) tesamen met een vers Hijackthis log. Succes! Pim
  • beste Pim alvast bedankt voor het helpen! overigens was dat mapje van party poker na de hijack scan al weg...? Dit is het combofix txt bestand ComboFix 07-10-07.2 - Dani den Besten 2007-10-09 0:04:51.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.227 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\Dani den Besten\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2007-09-08 to 2007-10-08 )))))))))))))))))))))))))))))) . 2007-10-09 00:04 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-09 00:04 <DIR> d-------- C:\WINDOWS\LastGood 2007-10-08 19:18 <DIR> d-------- C:\Program Files\Trend Micro 2007-09-25 14:40 256,568 -r------- C:\WINDOWS\system32\drivers\windrvr6.sys 2007-09-25 14:40 <DIR> d-------- C:\Program Files\Philips 2007-09-16 17:45 <DIR> d-------- C:\Program Files\SurfRight 2007-09-13 23:12 <DIR> dr-h----- C:\Documents and Settings\Admin\Onlangs geopend 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Mijn documenten 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Menu Start 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Favorieten 2007-09-13 23:12 <DIR> d--h----- C:\Documents and Settings\Admin\Sjablonen 2007-09-13 23:12 <DIR> d--h----- C:\Documents and Settings\Admin\Netwerkprinteromgeving 2007-09-13 23:12 <DIR> d---s---- C:\Documents and Settings\Admin\UserData 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Bureaublad 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Real 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\InterTrust 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Help 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Cyberlink 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Ahead . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-09 00:03 13440 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS 2007-10-08 21:39 --------- d-------- C:\Program Files\Incomplete 2007-10-08 21:33 --------- d-------- C:\Program Files\LimeWire 2007-10-08 19:01 --------- d-------- C:\Program Files\Hitman Pro 2007-10-04 22:10 --------- d-------- C:\Program Files\Papyrus Design Group, Inc 2007-10-02 21:25 --------- d-------- C:\Program Files\Microsoft Picture It! 9 2007-09-29 20:51 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\Azureus 2007-09-25 14:40 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-22 13:40 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\AdobeUM 2007-09-17 19:43 --------- d-------- C:\Program Files\Spyware Doctor 2007-09-16 19:51 --------- d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-09-16 18:48 --------- d-------- C:\Program Files\SpywareBlaster 2007-08-24 16:53 --------- d-------- C:\Program Files\Google 2007-08-13 15:04 --------- d-------- C:\Program Files\TestEnDrive 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dit"="Dit.exe" [2003-12-30 00:33 C:\WINDOWS\Dit.exe] "CHotkey"="mHotkey.exe" [2004-02-05 14:45 C:\WINDOWS\mHotkey.exe] "PhilipsRemote"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe" [2003-12-12 19:55] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-02-23 13:32] "PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2004-02-19 11:09] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-09 00:00] "Cmaudio"="cmicnfg.cpl" [] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-09-13 22:39] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "PhilipsDM"="C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2006-12-21 09:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "Hitman Pro SurfRight Helper"="C:\Program Files\Hitman Pro\srhelper.exe" [2005-06-28 19:07] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "SpecifyDefaultButtons"=0 (0x0) "Btn_Search"=0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= :\WINDOWS\syste [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot R2 fxgpio;fxgpio;C:\WINDOWS\system32\drivers\fxgpio.sys R2 fxptl;fxptl;C:\WINDOWS\system32\drivers\fxptl.sys R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys R3 CardReaderFilter;Card Reader Filter;\??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys R3 WinDriver6;WinDriver6;C:\WINDOWS\system32\drivers\windrvr6.sys R3 X10UIF;%DESCRIPTION%;C:\WINDOWS\system32\Drivers\x10uif.sys S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys S4 NTRemap;NTRemap;C:\WINDOWS\system32\drivers\NTRemap.sys *Newly Created Service* - CATCHME . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-09 00:07:48 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2007-10-09 0:09:02 . --- E O F --- Hijack txt scan #2 (dit is overigens een: system scan only) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:14:18, on 9-10-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\DAEMON Tools\daemon.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [PhilipsRemote] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Dani den Besten\Menu Start\Programma's\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - ftp://ftp.giskit.com/pub/mapguide/mgaxctrl.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5E39E273-2B96-4BF8-952B-6EB8877F4E29}: NameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{96BB9648-15BC-4581-B9AD-751EA826F5CD}: NameServer = 198.168.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{9C19310F-4413-468C-9B23-21A30A43EC2C}: NameServer = 192.168.2.1 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 8521 bytes
  • Hoi, Probeer de volgende mogelijke manieren om New.net te verwijderen, in deze volgorde: 1) Ga naar Configuratiescherm > Software. Kijk of [b:5c4b5e9e1e]New.net Domains[/b:5c4b5e9e1e] of [b:5c4b5e9e1e]New.net Application[/b:5c4b5e9e1e] in de softwarelijst staat en, zo ja, deïnstalleer dit. Staat het niet in de softwarelijst of lukt het deïnstalleren niet, ga dan naar 2). 2) Kijk in de map C:\Program Files\NewDotNet of daarin een uninstaller staat. Die uninstaller heet [b:5c4b5e9e1e]uninstallX_XX.exe[/b:5c4b5e9e1e] (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen. Lukt het op deze manier niet, ga dan naar 3). 3) Kijk in de map C:\Windows of daarin een unistaller staat. Die uninstaller heet [b:5c4b5e9e1e]NDNuninstallx_xx.exe[/b:5c4b5e9e1e] (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen. Lukt het op deze manier niet, ga dan naar 4). 4) Download [url=http://www.new.net/support/NNuninstall.exe]deze[/url] uninstaller, plaats het op je bureaublad. Dubbelklik op [b:5c4b5e9e1e]NNuninstall.exe[/b:5c4b5e9e1e], dat nu op je bureaublad staat, om New.net te verwijderen. Na het verwijderen van New.net, moet de pc opnieuw worden opgestart. Maak daarna een nieuw Combofix-log en plaats dat hier. Vertel dan ook gelijk even hoe het met je problemen is ;) Pim
  • heey hallo ik geloof dat ik inmiddels m'n pc weer aardig onder controle heb kan iig weer programma's installeren! Dit is het logbestand ComboFix 07-10-07.2 - Dani den Besten 2007-10-09 17:40:11.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.223 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\Dani den Besten\Bureaublad\ComboFix.exe . (((((((((((((((((((( Bestanden Gemaakt van 2007-09-09 to 2007-10-09 )))))))))))))))))))))))))))))) . 2007-10-09 00:04 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-08 19:18 <DIR> d-------- C:\Program Files\Trend Micro 2007-09-25 14:40 256,568 -r------- C:\WINDOWS\system32\drivers\windrvr6.sys 2007-09-25 14:40 <DIR> d-------- C:\Program Files\Philips 2007-09-16 17:45 <DIR> d-------- C:\Program Files\SurfRight 2007-09-13 23:12 <DIR> dr-h----- C:\Documents and Settings\Admin\Onlangs geopend 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Mijn documenten 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Menu Start 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Favorieten 2007-09-13 23:12 <DIR> d--h----- C:\Documents and Settings\Admin\Sjablonen 2007-09-13 23:12 <DIR> d--h----- C:\Documents and Settings\Admin\Netwerkprinteromgeving 2007-09-13 23:12 <DIR> d---s---- C:\Documents and Settings\Admin\UserData 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Bureaublad 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Real 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\InterTrust 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Help 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Cyberlink 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Ahead . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-09 17:38 13440 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS 2007-10-08 21:39 --------- d-------- C:\Program Files\Incomplete 2007-10-08 21:33 --------- d-------- C:\Program Files\LimeWire 2007-10-08 19:01 --------- d-------- C:\Program Files\Hitman Pro 2007-10-04 22:10 --------- d-------- C:\Program Files\Papyrus Design Group, Inc 2007-10-02 21:25 --------- d-------- C:\Program Files\Microsoft Picture It! 9 2007-09-29 20:51 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\Azureus 2007-09-25 14:40 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-22 13:40 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\AdobeUM 2007-09-17 19:43 --------- d-------- C:\Program Files\Spyware Doctor 2007-09-16 19:51 --------- d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-09-16 18:48 --------- d-------- C:\Program Files\SpywareBlaster 2007-08-24 16:53 --------- d-------- C:\Program Files\Google 2007-08-13 15:04 --------- d-------- C:\Program Files\TestEnDrive 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll . ((((((((((((((((((((((((((((( snapshot@2007-10-09_ 0.08.04,54 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 12,010 2007-10-09 15:29:58 C:\WINDOWS\SoftwareDistribution\EventCache\{3B7C119C-9C04-497B-BF7F-BE522252763A}.bin . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dit"="Dit.exe" [2003-12-30 00:33 C:\WINDOWS\Dit.exe] "CHotkey"="mHotkey.exe" [2004-02-05 14:45 C:\WINDOWS\mHotkey.exe] "PhilipsRemote"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe" [2003-12-12 19:55] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-02-23 13:32] "PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2004-02-19 11:09] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-09 00:00] "Cmaudio"="cmicnfg.cpl" [] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-09-13 22:39] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "PhilipsDM"="C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2006-12-21 09:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "Hitman Pro SurfRight Helper"="C:\Program Files\Hitman Pro\srhelper.exe" [2005-06-28 19:07] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "SpecifyDefaultButtons"=0 (0x0) "Btn_Search"=0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= :\WINDOWS\syste [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot R2 fxgpio;fxgpio;C:\WINDOWS\system32\drivers\fxgpio.sys R2 fxptl;fxptl;C:\WINDOWS\system32\drivers\fxptl.sys R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys R3 CardReaderFilter;Card Reader Filter;\??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys R3 WinDriver6;WinDriver6;C:\WINDOWS\system32\drivers\windrvr6.sys R3 X10UIF;%DESCRIPTION%;C:\WINDOWS\system32\Drivers\x10uif.sys S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys S4 NTRemap;NTRemap;C:\WINDOWS\system32\drivers\NTRemap.sys . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-09 17:42:28 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2007-10-09 17:43:29 C:\ComboFix2.txt ... 2007-10-09 00:09 . --- E O F ---
  • Hmm, dat is raar, ik zie nog steeds sporen terug van de Newdotnet infectie :-? Download deze verwijder tool: http://www.new.net/support/NNuninstall.exe Dubbelklik op NNuninstall.exe en laat de tool zijn werk doen. Herstart de computer en post een nieuw Combofix log ter controle. Pim
  • hmm ik heb het nogmaals geprobeerd met die nnuninstal maar ik geloof dat die new.net er nog steeds tussen staat... ComboFix 07-10-07.2 - Dani den Besten 2007-10-10 14:25:56.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.241 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\Dani den Besten\Bureaublad\ComboFix.exe . (((((((((((((((((((( Bestanden Gemaakt van 2007-09-10 to 2007-10-10 )))))))))))))))))))))))))))))) . 2007-10-10 14:26 <DIR> d-------- C:\WINDOWS\LastGood 2007-10-09 18:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx 2007-10-09 00:04 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-08 19:18 <DIR> d-------- C:\Program Files\Trend Micro 2007-09-25 14:40 256,568 -r------- C:\WINDOWS\system32\drivers\windrvr6.sys 2007-09-25 14:40 <DIR> d-------- C:\Program Files\Philips 2007-09-16 17:45 <DIR> d-------- C:\Program Files\SurfRight 2007-09-13 23:12 <DIR> dr-h----- C:\Documents and Settings\Admin\Onlangs geopend 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Mijn documenten 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Menu Start 2007-09-13 23:12 <DIR> dr------- C:\Documents and Settings\Admin\Favorieten 2007-09-13 23:12 <DIR> d--h----- C:\Documents and Settings\Admin\Sjablonen 2007-09-13 23:12 <DIR> d--h----- C:\Documents and Settings\Admin\Netwerkprinteromgeving 2007-09-13 23:12 <DIR> d---s---- C:\Documents and Settings\Admin\UserData 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Bureaublad 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Real 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\InterTrust 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Help 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Cyberlink 2007-09-13 23:12 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Ahead . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-10 14:25 13440 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS 2007-10-10 14:20 --------- d-------- C:\Program Files\Hitman Pro 2007-10-09 19:34 --------- d-------- C:\Program Files\Spyware Doctor 2007-10-09 18:32 --------- d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-09 18:02 --------- d-------- C:\Program Files\SpywareBlaster 2007-10-08 21:39 --------- d-------- C:\Program Files\Incomplete 2007-10-08 21:33 --------- d-------- C:\Program Files\LimeWire 2007-10-04 22:10 --------- d-------- C:\Program Files\Papyrus Design Group, Inc 2007-10-02 21:25 --------- d-------- C:\Program Files\Microsoft Picture It! 9 2007-09-29 20:51 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\Azureus 2007-09-25 14:40 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-22 13:40 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\AdobeUM 2007-08-24 16:53 --------- d-------- C:\Program Files\Google 2007-08-13 15:04 --------- d-------- C:\Program Files\TestEnDrive 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll . ((((((((((((((((((((((((((((( snapshot@2007-10-09_ 0.08.04,54 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 15,584 2005-10-12 23:20:05 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spmsg.dll ----a-w 216,800 2005-10-12 23:20:06 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spuninst.exe ----a-w 584,192 2007-07-09 13:11:51 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\rpcrt4.dll ----a-w 122,880 2007-06-12 21:53:16 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\spru0413.dll ----a-w 582,656 2007-07-09 13:20:52 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\rpcrt4.dll ----a-w 369,664 2007-06-18 22:24:36 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\spru0413.dll ----a-w 22,752 2005-10-12 23:20:04 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\spcustom.dll ----a-w 725,728 2005-10-12 23:20:09 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\update.exe ----a-w 389,856 2005-10-12 23:20:15 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\updspapi.dll ----a-w 12,708 2007-10-10 12:09:31 C:\WINDOWS\SoftwareDistribution\EventCache\{ABDB60FD-E52A-4523-8972-8812D99BB5A4}.bin . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dit"="Dit.exe" [2003-12-30 00:33 C:\WINDOWS\Dit.exe] "CHotkey"="mHotkey.exe" [2004-02-05 14:45 C:\WINDOWS\mHotkey.exe] "PhilipsRemote"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe" [2003-12-12 19:55] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-02-23 13:32] "PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2004-02-19 11:09] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-09 00:00] "Cmaudio"="cmicnfg.cpl" [] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-09-13 22:39] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "PhilipsDM"="C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2006-12-21 09:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "Hitman Pro SurfRight Helper"="C:\Program Files\Hitman Pro\srhelper.exe" [2007-10-09 17:59] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "SpecifyDefaultButtons"=0 (0x0) "Btn_Search"=0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= :\WINDOWS\syste [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot R2 fxgpio;fxgpio;C:\WINDOWS\system32\drivers\fxgpio.sys R2 fxptl;fxptl;C:\WINDOWS\system32\drivers\fxptl.sys R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys R3 CardReaderFilter;Card Reader Filter;\??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys R3 WinDriver6;WinDriver6;C:\WINDOWS\system32\drivers\windrvr6.sys R3 X10UIF;%DESCRIPTION%;C:\WINDOWS\system32\Drivers\x10uif.sys S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys S4 NTRemap;NTRemap;C:\WINDOWS\system32\drivers\NTRemap.sys . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-10 14:28:45 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2007-10-10 14:29:44 C:\ComboFix2.txt ... 2007-10-09 17:43 C:\ComboFix3.txt ... 2007-10-09 00:09 . --- E O F ---
  • Excuus voor de late reactie, heb je topic even uit het oog verloren :oops: Kopieer onderstaande code in de codebox in een leeg kladblok venster: [i:63dd061235](vergeet REGEDIT4 niet mee te kopieeren!) [/i:63dd061235] [code:1:63dd061235] REGEDIT4 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] [/code:1:63dd061235] Sla deze op als [b:63dd061235]fixreg.reg[/b:63dd061235] en geef als type "[b:63dd061235]Alle bestanden[/b:63dd061235]" Wanneer je hem hebt opgeslagen ziet het icoontje als volgt eruit: [img:63dd061235]http://users.telenet.be/bluepatchy/miekiemoes/images/reg.gif[/img:63dd061235] Dubbelklik vervolgens op fixreg.reg. Bij de vraag of je de wijzigingen aan het register wil toevoegen zeg [b:63dd061235]Ja/Ok[/b:63dd061235] Hoe is het met je problemen? Pim
  • hallo, dat van die late reactie maakt niet uit ik had afgelopen dagen toch vrij druk met m'n werk, maar goed dit terzijde. inmiddels heb ik die fixreg.reg uitgevoerd en nu kan ik weer alles installeren en werkt m'n pc weer wat beter. zal ik nog ff een combofix log erop zetten voor de zekerheid? bedankt voor je hulp iig! gr. Daniel
  • Graag een nieuw Combofix logje ja! :D
  • ziehier een combofix log: ComboFix 07-10-07.2 - Dani den Besten 2007-10-15 0:00:07.4 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.151 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\Dani den Besten\Bureaublad\ComboFix.exe . (((((((((((((((((((( Bestanden Gemaakt van 2007-09-14 to 2007-10-14 )))))))))))))))))))))))))))))) . 2007-10-14 22:32 <DIR> d-------- C:\WINDOWS\LastGood 2007-10-12 22:45 227,360 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-10-12 22:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-10-12 22:24 <DIR> d-------- C:\Documents and Settings\Dani den Besten\Application Data\RegistrySmart 2007-10-12 22:09 103 --a------ C:\Documents and Settings\Dani den Besten\fixreg.reg 2007-10-09 18:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx 2007-10-09 00:04 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-08 19:18 <DIR> d-------- C:\Program Files\Trend Micro 2007-09-25 14:40 256,568 -r------- C:\WINDOWS\system32\drivers\windrvr6.sys 2007-09-25 14:40 <DIR> d-------- C:\Program Files\Philips 2007-09-16 17:45 <DIR> d-------- C:\Program Files\SurfRight . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-14 23:57 --------- d-------- C:\Program Files\Hitman Pro 2007-10-14 22:30 13440 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS 2007-10-13 21:59 3824 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-13 16:04 --------- d-------- C:\Program Files\LimeWire 2007-10-13 16:04 --------- d-------- C:\Program Files\Incomplete 2007-10-12 22:17 --------- d-------- C:\Program Files\MSN Messenger 2007-10-09 19:34 --------- d-------- C:\Program Files\Spyware Doctor 2007-10-09 18:32 --------- d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-09 18:02 --------- d-------- C:\Program Files\SpywareBlaster 2007-10-04 22:10 --------- d-------- C:\Program Files\Papyrus Design Group, Inc 2007-10-02 21:25 --------- d-------- C:\Program Files\Microsoft Picture It! 9 2007-09-29 20:51 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\Azureus 2007-09-25 14:40 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-22 13:40 --------- d-------- C:\Documents and Settings\Dani den Besten\Application Data\AdobeUM 2007-09-06 16:14 75248 --a------ C:\WINDOWS\zllsputility.exe 2007-09-06 16:14 1086952 --a------ C:\WINDOWS\system32\zpeng24.dll 2007-08-24 16:53 --------- d-------- C:\Program Files\Google 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll . ((((((((((((((((((((((((((((( snapshot@2007-10-09_ 0.08.04,54 ))))))))))))))))))))))))))))))))))))))))) . ----a-r 29,926 2007-10-12 20:16:57 C:\WINDOWS\Installer\{9816B8B8-4B53-4D3D-9235-AD931252001D}\MsblIco.Exe ----a-w 15,584 2005-10-12 23:20:05 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spmsg.dll ----a-w 216,800 2005-10-12 23:20:06 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spuninst.exe ----a-w 584,192 2007-07-09 13:11:51 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\rpcrt4.dll ----a-w 122,880 2007-06-12 21:53:16 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\spru0413.dll ----a-w 582,656 2007-07-09 13:20:52 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\rpcrt4.dll ----a-w 369,664 2007-06-18 22:24:36 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\spru0413.dll ----a-w 22,752 2005-10-12 23:20:04 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\spcustom.dll ----a-w 725,728 2005-10-12 23:20:09 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\update.exe ----a-w 389,856 2005-10-12 23:20:15 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\updspapi.dll ----a-w 12,708 2007-10-13 19:59:37 C:\WINDOWS\SoftwareDistribution\EventCache\{B7B1E279-1C79-4A3F-B7B4-86583D582F98}.bin ----a-w 135,168 2007-09-24 20:30:28 C:\WINDOWS\system32\java.exe ----a-w 135,168 2007-09-24 20:30:30 C:\WINDOWS\system32\javaw.exe ----a-w 139,264 2007-09-24 21:31:42 C:\WINDOWS\system32\javaws.exe ----a-w 18,089,592 2007-09-28 05:19:39 C:\WINDOWS\system32\MRT.exe ----a-w 51,056 2007-01-19 10:53:04 C:\WINDOWS\system32\sirenacm.dll ----a-w 83,432 2007-09-06 14:14:04 C:\WINDOWS\system32\vsdata.dll ----a-w 395,080 2007-09-06 14:14:28 C:\WINDOWS\system32\vsdatant.sys ----a-w 157,160 2007-09-06 14:14:04 C:\WINDOWS\system32\vsinit.dll ----a-w 103,912 2007-09-06 14:14:04 C:\WINDOWS\system32\vsmonapi.dll ----a-w 275,944 2007-09-06 14:14:04 C:\WINDOWS\system32\vspubapi.dll ----a-w 71,144 2007-09-06 14:14:04 C:\WINDOWS\system32\vsregexp.dll ----a-w 472,552 2007-09-06 14:14:06 C:\WINDOWS\system32\vsutil.dll ----a-w 46,568 2007-09-06 14:14:06 C:\WINDOWS\system32\vswmi.dll ----a-w 99,816 2007-09-06 14:14:06 C:\WINDOWS\system32\vsxml.dll ----a-w 83,432 2007-09-06 14:14:06 C:\WINDOWS\system32\zlcomm.dll ----a-w 71,144 2007-09-06 14:14:08 C:\WINDOWS\system32\zlcommdb.dll ---h--w 4,212 2007-10-12 20:46:05 C:\WINDOWS\system32\zllictbl.dat ----a-w 127,768 2007-07-19 13:10:28 C:\WINDOWS\system32\drivers\klif.sys ----a-w 370,208 2007-09-06 14:13:56 C:\WINDOWS\system32\ZoneLabs\av.dll ----a-w 99,816 2007-09-06 14:13:56 C:\WINDOWS\system32\ZoneLabs\camupd.dll ----a-w 813,568 2004-01-30 10:35:08 C:\WINDOWS\system32\ZoneLabs\dbghelp.dll ----a-w 128,480 2007-09-06 14:13:58 C:\WINDOWS\system32\ZoneLabs\fbl.dll ----a-w 38,376 2007-09-06 14:13:58 C:\WINDOWS\system32\ZoneLabs\featuremap.dll ----a-w 321,016 2007-09-06 14:13:58 C:\WINDOWS\system32\ZoneLabs\imsecure.dll ----a-w 714,208 2007-08-15 13:45:42 C:\WINDOWS\system32\ZoneLabs\qrbase.dll ----a-w 787,936 2007-08-15 13:45:44 C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll ----a-w 173,544 2007-09-06 14:14:00 C:\WINDOWS\system32\ZoneLabs\scheduler.dll ----a-w 2,432,259 2007-01-11 09:12:08 C:\WINDOWS\system32\ZoneLabs\spyware.dat ----a-w 1,500,640 2007-08-15 13:45:44 C:\WINDOWS\system32\ZoneLabs\srescan.dll ----a-w 50,416 2007-06-11 10:44:10 C:\WINDOWS\system32\ZoneLabs\srescan.sys ----a-w 456,168 2007-09-06 14:14:02 C:\WINDOWS\system32\ZoneLabs\ssleay32.dll ----a-w 833,248 2007-08-01 04:30:04 C:\WINDOWS\system32\ZoneLabs\updating.dll ----a-w 149,032 2007-09-06 14:14:18 C:\WINDOWS\system32\ZoneLabs\updclient.exe ----a-w 286,787 2007-01-11 15:31:06 C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll ----a-w 503,875 2006-09-04 18:59:14 C:\WINDOWS\system32\ZoneLabs\upd_core.dll ----a-w 108,008 2007-09-06 14:14:04 C:\WINDOWS\system32\ZoneLabs\vsavpro.dll ----a-w 79,336 2007-09-06 14:14:04 C:\WINDOWS\system32\ZoneLabs\vsdb.dll ----a-w 75,304 2007-09-06 14:14:18 C:\WINDOWS\system32\ZoneLabs\vsmon.exe ----a-w 2,024,936 2007-09-06 14:14:04 C:\WINDOWS\system32\ZoneLabs\vsmondll.dll ----a-w 1,345,000 2007-09-06 14:14:06 C:\WINDOWS\system32\ZoneLabs\vsruledb.dll ----a-w 239,080 2007-09-06 14:14:06 C:\WINDOWS\system32\ZoneLabs\vsvault.dll ----a-w 2,432,259 2007-01-11 09:12:08 C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat ----a-w 177,640 2007-09-06 14:14:08 C:\WINDOWS\system32\ZoneLabs\zlparser.dll ----a-w 79,344 2007-09-06 14:14:08 C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll ----a-w 382,440 2007-09-06 14:14:08 C:\WINDOWS\system32\ZoneLabs\zlsre.dll ----a-w 120,296 2007-09-06 14:14:08 C:\WINDOWS\system32\ZoneLabs\zlupdate.dll ----a-w 77,824 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll ----a-w 110,592 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll ----a-w 331,776 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll ----a-w 38,400 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll ----a-w 208,960 2006-09-19 21:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll ----a-w 274,432 2007-08-24 17:31:48 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll ----a-w 1,093,632 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll ----a-w 548,864 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll ----a-w 626,688 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll ----a-w 184,320 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll ----a-w 90,112 2007-05-30 22:03:22 C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll ----a-w 135,168 2007-08-24 17:31:48 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe ----a-w 200,704 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll ----a-w 65,248 2007-05-30 22:03:30 C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat ----a-w 21,568 2006-06-30 12:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll ----a-w 110,360 2007-07-19 13:10:32 C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2kxp32\kl1.sys ----a-w 186,128 2007-07-19 13:10:32 C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2kxp32\klif.sys ----a-w 110,360 2007-05-30 22:03:48 C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\kl1.sys ----a-w 127,768 2007-07-19 13:10:28 C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\klif.sys ----a-w 45,056 2007-05-30 22:03:50 C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\regcat.exe ----a-w 288,144 2007-09-06 14:14:30 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard.zip.dll ----a-w 152,976 2007-09-06 14:14:30 C:\WINDOWS\system32\ZoneLabs\lib\licenseui.zip.dll ----a-w 26,000 2007-09-06 14:14:30 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll ----a-w 1,361,296 2007-09-06 14:14:32 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll ----a-w 71,056 2007-09-06 14:14:32 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll ----a-w 30,184 2007-09-06 14:15:50 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll ----a-w 30,216 2007-09-06 14:15:52 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll ----a-w 214,528 2007-09-06 14:15:52 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll ----a-w 3,266,040 2007-09-06 14:15:54 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll . ----a-w 135,168 2007-07-11 23:22:00 C:\WINDOWS\system32\java.exe ----a-w 135,168 2007-07-11 23:22:04 C:\WINDOWS\system32\javaw.exe ----a-w 139,264 2007-07-12 00:22:38 C:\WINDOWS\system32\javaws.exe ----a-w 17,474,680 2007-09-06 02:50:42 C:\WINDOWS\system32\MRT.exe ----a-w 48,936 2006-07-29 17:32:50 C:\WINDOWS\system32\sirenacm.dll ------w 83,696 2007-03-08 23:01:24 C:\WINDOWS\system32\vsdata.dll ------w 157,424 2007-03-08 23:01:24 C:\WINDOWS\system32\vsinit.dll ------w 104,176 2007-03-08 23:01:26 C:\WINDOWS\system32\vsmonapi.dll ----a-w 276,208 2007-03-08 23:01:26 C:\WINDOWS\system32\vspubapi.dll ----a-w 71,408 2007-03-08 23:01:26 C:\WINDOWS\system32\vsregexp.dll ------w 472,816 2007-03-08 23:01:28 C:\WINDOWS\system32\vsutil.dll ------w 46,832 2007-03-08 23:01:30 C:\WINDOWS\system32\vswmi.dll ----a-w 100,080 2007-03-08 23:01:30 C:\WINDOWS\system32\vsxml.dll ------w 83,696 2007-03-08 23:01:30 C:\WINDOWS\system32\zlcomm.dll ------w 71,408 2007-03-08 23:01:32 C:\WINDOWS\system32\zlcommdb.dll ---h--w 4,212 2007-04-08 14:39:37 C:\WINDOWS\system32\zllictbl.dat ----a-w 362,280 2007-03-08 23:01:10 C:\WINDOWS\system32\ZoneLabs\av.dll ----a-w 100,080 2007-03-08 23:01:10 C:\WINDOWS\system32\ZoneLabs\camupd.dll ----a-w 813,568 2004-01-30 11:35:08 C:\WINDOWS\system32\ZoneLabs\dbghelp.dll ----a-w 128,744 2007-03-08 23:01:14 C:\WINDOWS\system32\ZoneLabs\fbl.dll ----a-w 321,280 2007-03-08 23:01:14 C:\WINDOWS\system32\ZoneLabs\imsecure.dll ----a-w 714,472 2007-01-18 04:39:16 C:\WINDOWS\system32\ZoneLabs\qrbase.dll -c--a-w 677,608 2007-01-18 04:39:16 C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll ----a-w 173,808 2007-03-08 23:01:20 C:\WINDOWS\system32\ZoneLabs\scheduler.dll -c--a-w 2,432,259 2007-01-11 10:12:08 C:\WINDOWS\system32\ZoneLabs\spyware.dat ----a-w 1,369,832 2007-01-18 04:39:18 C:\WINDOWS\system32\ZoneLabs\srescan.dll ----a-w 50,416 2007-01-18 04:39:20 C:\WINDOWS\system32\ZoneLabs\srescan.sys ----a-w 456,432 2007-03-08 23:01:20 C:\WINDOWS\system32\ZoneLabs\ssleay32.dll ----a-w 833,248 2007-06-13 18:33:45 C:\WINDOWS\system32\ZoneLabs\updating.dll ----a-w 141,104 2007-03-08 23:01:58 C:\WINDOWS\system32\ZoneLabs\updclient.exe -c--a-w 286,787 2007-01-11 16:31:06 C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll -c--a-w 503,875 2006-09-04 19:59:14 C:\WINDOWS\system32\ZoneLabs\upd_core.dll ----a-w 108,272 2007-03-08 23:01:24 C:\WINDOWS\system32\ZoneLabs\vsavpro.dll ----a-w 79,600 2007-03-08 23:01:24 C:\WINDOWS\system32\ZoneLabs\vsdb.dll ----a-w 75,568 2007-03-08 23:01:58 C:\WINDOWS\system32\ZoneLabs\vsmon.exe ----a-w 2,025,200 2007-03-08 23:01:26 C:\WINDOWS\system32\ZoneLabs\vsmondll.dll ----a-w 1,345,264 2007-03-08 23:01:28 C:\WINDOWS\system32\ZoneLabs\vsruledb.dll ----a-w 243,440 2007-03-08 23:01:28 C:\WINDOWS\system32\ZoneLabs\vsvault.dll -c--a-w 2,432,259 2007-01-11 10:12:08 C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat ----a-w 177,904 2007-03-08 23:01:32 C:\WINDOWS\system32\ZoneLabs\zlparser.dll ----a-w 79,608 2007-03-08 23:01:32 C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll ----a-w 378,608 2007-03-08 23:01:34 C:\WINDOWS\system32\ZoneLabs\zlsre.dll ----a-w 120,560 2007-03-08 23:01:34 C:\WINDOWS\system32\ZoneLabs\zlupdate.dll ----a-w 61,565 2006-12-19 17:13:50 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll -c--a-w 114,813 2006-12-19 17:13:50 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll -c--a-w 307,323 2006-12-19 17:13:50 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll -c--a-w 36,923 2006-11-29 21:02:26 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll -c--a-w 208,960 2006-09-19 22:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll -c--a-w 274,514 2007-01-11 16:31:04 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll -c--a-w 1,093,632 2006-12-19 17:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll -c--a-w 184,445 2006-11-29 21:02:26 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll -c--a-w 94,313 2006-12-19 17:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe ----a-w 200,704 2006-12-19 17:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll ----a-w 21,568 2006-06-30 13:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll ----a-w 288,408 2007-03-08 23:02:12 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard.zip.dll ----a-w 153,240 2007-03-08 23:02:12 C:\WINDOWS\system32\ZoneLabs\lib\licenseui.zip.dll ----a-w 26,264 2007-03-08 23:02:14 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll ----a-w 1,361,560 2007-03-08 23:02:14 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll ----a-w 71,320 2007-03-08 23:02:14 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll ----a-w 30,448 2007-03-08 23:04:42 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll ----a-w 30,480 2007-03-08 23:04:44 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll ----a-w 210,696 2007-03-08 23:04:44 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll ----a-w 3,229,440 2007-03-08 23:04:46 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dit"="Dit.exe" [2003-12-30 00:33 C:\WINDOWS\Dit.exe] "CHotkey"="mHotkey.exe" [2004-02-05 14:45 C:\WINDOWS\mHotkey.exe] "PhilipsRemote"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe" [2003-12-12 19:55] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-02-23 13:32] "PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2004-02-19 11:09] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-09 00:00] "Cmaudio"="cmicnfg.cpl" [] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-09-13 22:39] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "PhilipsDM"="C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2006-12-21 09:43] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 16:14] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-06 15:57] "Hitman Pro SurfRight Helper"="C:\Program Files\Hitman Pro\srhelper.exe" [2007-10-09 17:59] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "SpecifyDefaultButtons"=0 (0x0) "Btn_Search"=0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= :\WINDOWS\syste [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot R2 fxgpio;fxgpio;C:\WINDOWS\system32\drivers\fxgpio.sys R2 fxptl;fxptl;C:\WINDOWS\system32\drivers\fxptl.sys R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys R3 CardReaderFilter;Card Reader Filter;\??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys R3 WinDriver6;WinDriver6;C:\WINDOWS\system32\drivers\windrvr6.sys R3 X10UIF;%DESCRIPTION%;C:\WINDOWS\system32\Drivers\x10uif.sys S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys S4 NTRemap;NTRemap;C:\WINDOWS\system32\drivers\NTRemap.sys . Inhoud van de 'Gedeelde Taken' map "2007-10-12 20:24:23 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job" - C:\Program Files\RegistrySmart\RegistrySmart.exe . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-15 00:03:41 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2007-10-15 0:05:06 C:\ComboFix2.txt ... 2007-10-10 14:29 C:\ComboFix3.txt ... 2007-10-09 17:43 . --- E O F ---
  • Dat ziet er weer goed uit! Download [url=http://www.atribune.org/ccount/click.php?id=1]ATF Cleaner ( van Atribune)[/url] Dubbelklik op [b:bd2ce23390]ATF cleaner[/b:bd2ce23390] om het programma te starten. Op het tabblad "Main", plaats je een vinkje bij Select All. Haal het vinkje weg bij Prefetch. Klik op de knop Empty Selected. Gebruik je ook [b:bd2ce23390]Firefox[/b:bd2ce23390] als browser: Klik op tabblad "Firefox", plaats een vinkje bij Select All. Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". (dit verwijdert het vinkje bij "Firefox saved passwords") Klik op de knop Empty Selected. Gebruik je ook [b:bd2ce23390]Opera[/b:bd2ce23390] als browser: Klik op tabblad "Opera", plaats een vinkje bij Select All. Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". Klik op de knop Empty Selected. Ga naar het tabblad "Main" en klik op de knop [b:bd2ce23390]Exit[/b:bd2ce23390] om het programma af te sluiten. Hoe is het met je problemen? Pim

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.