Vraag & Antwoord

Beveiliging & privacy

spyware hijack geplaatst

6 antwoorden
  • Hallo kan iemand hier even naar kijken. Zit wat spyware op. Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 17:13:46, on 17-3-2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: G:\WINDOWS\System32\smss.exe G:\WINDOWS\system32\winlogon.exe G:\WINDOWS\system32\services.exe G:\WINDOWS\system32\lsass.exe G:\WINDOWS\system32\Ati2evxx.exe G:\WINDOWS\system32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\system32\Ati2evxx.exe G:\Program Files\Lavasoft\Ad-Aware\aawservice.exe G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe G:\Program Files\Alwil Software\Avast4\ashServ.exe G:\WINDOWS\Explorer.EXE G:\WINDOWS\system32\spoolsv.exe G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe G:\WINDOWS\System32\CTsvcCDA.EXE G:\WINDOWS\system32\FsUsbExService.Exe G:\Program Files\CDBurnerXP\NMSAccessU.exe G:\WINDOWS\system32\PnkBstrA.exe G:\WINDOWS\system32\PnkBstrB.exe G:\Program Files\SPAMfighter\sfus.exe G:\WINDOWS\System32\svchost.exe G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe G:\WINDOWS\system32\wuauclt.exe G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe G:\Program Files\Alwil Software\Avast4\ashWebSv.exe G:\WINDOWS\System32\svchost.exe G:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\system32\wuauclt.exe G:\WINDOWS\System32\svchost.exe G:\Documents and Settings\ralph marijnissen\Local Settings\Application Data\ave.exe G:\Documents and Settings\ralph marijnissen\Local Settings\Application Data\ave.exe G:\WINDOWS\System32\msiexec.exe G:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe G:\Documents and Settings\ralph marijnissen\Local Settings\Application Data\ave.exe G:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O3 - Toolbar: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CTDVDDET] "G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "G:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ASUS Probe] G:\Program Files\ASUS\Asus Probe\AsusProb.exe O4 - HKLM\..\Run: [ScreenPrint32] G:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKLM\..\Run: [DAEMON Tools] "G:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [CanonSolutionMenu] G:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] G:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [nmctxth] "G:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "G:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [syncman] g:\windows\system32\wuaucldt.exe O4 - HKLM\..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative Detector] "G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [swg] "G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [KCeasy] G:\Program Files\KCeasy\KCeasy.exe /hide O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "G:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [AutoStartNPSAgent] G:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [syncman] g:\documents and settings\ralph marijnissen\wuaucldt.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: monnwb32.exe (User 'SYSTEM') O4 - .DEFAULT Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'Default user') O4 - .DEFAULT Startup: monnwb32.exe (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe O4 - Startup: monnwb32.exe O4 - Global Startup: Harman Kardon TC 30 Remote.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://G:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\System32\browseui.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: FsUsbExService - Teruten - G:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate1ca185afa58314c) (gupdate1ca185afa58314c) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe O23 - Service: NMSAccessU - Unknown owner - G:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: PnkBstrA - Unknown owner - G:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - G:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - G:\Program Files\SPAMfighter\sfus.exe -- End of file - 12684 bytes
  • Ik ga even kijken of ik wat zie.
  • Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:f46898a78a] O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O3 - Toolbar: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) O4 - HKLM\..\Run: [syncman] g:\windows\system32\wuaucldt.exe O4 - HKLM\..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe O4 - HKCU\..\Run: [syncman] g:\documents and settings\ralph marijnissen\wuaucldt.exe O4 - S-1-5-18 Startup: monnwb32.exe (User 'SYSTEM') O4 - Startup: monnwb32.exe O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - [/b:f46898a78a] Sluit alle vensters behalve Hijackthis Klik op 'Fix checked' om de items te verwijderen. Download [url=http://eric71.geekstogo.com/tools/LopSD.exe]LopSD[/url] naar je Bureaublad[list:f46898a78a] [*:f46898a78a]Kies Optie [b:f46898a78a] N [/b:f46898a78a] en Enter [*:f46898a78a]Klik OK bij het informatie venter [*:f46898a78a]Kies Optie [b:f46898a78a] 2 [/b:f46898a78a] (Fix + Hosts), en Enter [*:f46898a78a]Aan het eind verschijnt een log ([b:f46898a78a] LopR.txt [/b:f46898a78a]) plaats de inhoud ervan in je volgende antwoord[/list:u:f46898a78a][i:f46898a78a]Vista gebruikers:rechtsklik op LopSD en kies voor "Als Administrator uitvoeren”[/i:f46898a78a] Note:LopSD wordt door sommige virusscanners als virus gezien,deactiveer daarom je scanner Plaats een nieuwe HijackThis logje.
  • Heb de aangegeven dingen verwijderd. Heb nu al diverse anti mailware programmas laten lopen als: adaware van lavasoft, spybot, super anti spyware maar krijg telkens die leuke Xp smart security [b:daba799f4e] terug. Deze heeft ook de firewall uitgezet. Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 19:39:08, on 18-3-2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: G:\WINDOWS\System32\smss.exe G:\WINDOWS\system32\csrss.exe G:\WINDOWS\system32\winlogon.exe G:\WINDOWS\system32\services.exe G:\WINDOWS\system32\lsass.exe G:\WINDOWS\system32\Ati2evxx.exe G:\WINDOWS\system32\svchost.exe G:\WINDOWS\system32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe G:\Program Files\Lavasoft\Ad-Aware\AAWService.exe G:\WINDOWS\system32\Ati2evxx.exe G:\Program Files\Alwil Software\Avast4\ashServ.exe G:\WINDOWS\Explorer.EXE G:\WINDOWS\system32\spoolsv.exe G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe G:\WINDOWS\CTHELPER.EXE G:\WINDOWS\system32\CTXFIHLP.EXE G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe G:\WINDOWS\SYSTEM32\CTXFISPI.EXE G:\Program Files\iTunes\iTunesHelper.exe G:\Program Files\Java\jre1.6.0_06\bin\jusched.exe G:\Program Files\ASUS\Asus Probe\AsusProb.exe G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe G:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe G:\Program Files\SPAMfighter\SFAgent.exe G:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe G:\WINDOWS\System32\CTsvcCDA.EXE G:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe G:\WINDOWS\system32\FsUsbExService.Exe G:\Program Files\CDBurnerXP\NMSAccessU.exe G:\Program Files\Canon\MyPrinter\BJMyPrt.exe G:\WINDOWS\system32\PnkBstrA.exe G:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe G:\WINDOWS\system32\PnkBstrB.exe G:\Program Files\Pure Networks\Network Magic\nmapp.exe G:\WINDOWS\system32\ctfmon.exe G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe G:\Program Files\SPAMfighter\sfus.exe G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe G:\WINDOWS\System32\svchost.exe G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe G:\Program Files\TomTom HOME 2\HOMERunner.exe G:\Program Files\DAEMON Tools Lite\DTLite.exe G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe G:\Program Files\Microsoft ActiveSync\wcescomm.exe G:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe G:\WINDOWS\system32\wuauclt.exe G:\PROGRA~1\MI3AA1~1\rapimgr.exe G:\Program Files\Harman Kardon\Remote Control\HarmonyClient.exe G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe G:\Program Files\Logitech\SetPoint\SetPoint.exe G:\Program Files\LimeWire\LimeWire.exe G:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe G:\Program Files\Common Files\Teleca Shared\Generic.exe G:\WINDOWS\System32\wbem\unsecapp.exe G:\WINDOWS\System32\wbem\wmiprvse.exe G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe G:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe G:\Program Files\Alwil Software\Avast4\ashWebSv.exe G:\WINDOWS\System32\msiexec.exe G:\Program Files\iPod\bin\iPodService.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\system32\wuauclt.exe G:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe G:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe G:\WINDOWS\System32\wbem\wmiprvse.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe G:\Program Files\Mozilla Firefox\firefox.exe G:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe G:\Program Files\Alwil Software\Avast4\setup\avast.setup R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CTDVDDET] "G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "G:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ASUS Probe] G:\Program Files\ASUS\Asus Probe\AsusProb.exe O4 - HKLM\..\Run: [ScreenPrint32] G:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKLM\..\Run: [DAEMON Tools] "G:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [CanonSolutionMenu] G:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] G:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [nmctxth] "G:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "G:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [syncman] g:\windows\system32\wuaucldt.exe O4 - HKLM\..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative Detector] "G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [swg] "G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [KCeasy] G:\Program Files\KCeasy\KCeasy.exe /hide O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "G:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [AutoStartNPSAgent] G:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: monnwb32.exe (User 'SYSTEM') O4 - .DEFAULT Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'Default user') O4 - .DEFAULT Startup: monnwb32.exe (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe O4 - Startup: monnwb32.exe O4 - Global Startup: Harman Kardon TC 30 Remote.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://G:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\System32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: FsUsbExService - Teruten - G:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate1ca185afa58314c) (gupdate1ca185afa58314c) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - G:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccessU - Unknown owner - G:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: PnkBstrA - Unknown owner - G:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - G:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - G:\Program Files\SPAMfighter\sfus.exe -- End of file - 14670 bytes [/b:daba799f4e]
  • --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.40GHz ) BIOS : BIOS Date: 09/14/04 14:38:31 Ver: 08.00.09 USER : ralph marijnissen ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 100318-1] 4.8.1335 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:76 Go (Free:3 Go) D:\ (Local Disk) - NTFS - Total:0 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) G:\ (Local Disk) - NTFS - Total:298 Go (Free:72 Go) H:\ (Local Disk) - NTFS - Total:298 Go (Free:265 Go) I:\ (CD or DVD) J:\ (CD or DVD) "G:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( do 18-03-2010|19:42 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Beschrijving van mappen in APPLIC~1 [13-01-2007|12:55] G:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [0|bestand(en)] G:\DOCUME~1\ADMINI~1\APPLIC~1\bytes [3|map(pen)] G:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar [17-03-2010|18:29] G:\DOCUME~1\ALLUSE~1\APPLIC~1\{52AC600B-5800-407E-99FF-83CD0669760B} [07-05-2008|10:02] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [28-08-2007|17:18] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [28-08-2007|17:20] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [11-06-2009|20:12] G:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [24-01-2009|22:33] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [09-11-2009|12:38] G:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ [22-01-2010|18:01] G:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJScan [08-12-2007|22:57] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo [11-11-2008|18:49] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative [09-02-2010|22:41] G:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite [03-02-2010|19:50] G:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [19-02-2009|01:05] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [08-02-2010|17:54] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [17-12-2007|12:48] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Hema Album Software Advanced [24-04-2008|22:26] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Kazaa [26-08-2008|22:39] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [08-11-2007|18:22] G:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [08-11-2007|18:22] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [17-03-2010|19:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [20-01-2010|21:11] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [09-11-2009|16:54] G:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [18-11-2007|12:26] G:\DOCUME~1\ALLUSE~1\APPLIC~1\NexonUS [14-01-2007|02:41] G:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [17-02-2010|22:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [10-11-2009|19:05] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Pure Networks [24-04-2008|22:01] G:\DOCUME~1\ALLUSE~1\APPLIC~1\REFLEX [29-01-2007|22:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [12-01-2010|11:41] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [16-03-2010|19:59] G:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com [29-01-2007|22:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca [18-11-2009|14:18] G:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [24-01-2009|21:58] G:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [13-01-2007|15:04] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [20-08-2008|17:39] G:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [0|bestand(en)] G:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes [37|map(pen)] G:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar [11-12-2009|17:30] G:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [13-01-2007|12:55] G:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [0|bestand(en)] G:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes [4|map(pen)] G:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar [15-03-2010|16:36] G:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [14-01-2007|02:15] G:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot [0|bestand(en)] G:\DOCUME~1\LOCALS~1\APPLIC~1\bytes [4|map(pen)] G:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar [13-01-2007|12:57] G:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [01-02-2008|19:37] G:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire [0|bestand(en)] G:\DOCUME~1\NETWOR~1\APPLIC~1\bytes [4|map(pen)] G:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar [13-12-2008|17:41] G:\DOCUME~1\RALPHM~1\APPLIC~1\Adobe [20-03-2007|16:41] G:\DOCUME~1\RALPHM~1\APPLIC~1\AdobeAUM [01-07-2007|21:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\AdobeUM [14-09-2007|21:38] G:\DOCUME~1\RALPHM~1\APPLIC~1\Ahead [22-09-2008|20:54] G:\DOCUME~1\RALPHM~1\APPLIC~1\Any Video Converter [29-01-2007|22:27] G:\DOCUME~1\RALPHM~1\APPLIC~1\Apple Computer [04-05-2007|21:46] G:\DOCUME~1\RALPHM~1\APPLIC~1\ATI [17-03-2010|18:51] G:\DOCUME~1\RALPHM~1\APPLIC~1\AVI ReComp [15-03-2010|23:09] G:\DOCUME~1\RALPHM~1\APPLIC~1\AVS4YOU [24-01-2009|22:44] G:\DOCUME~1\RALPHM~1\APPLIC~1\Azureus [31-03-2009|14:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\Belastingdienst [15-03-2010|22:09] G:\DOCUME~1\RALPHM~1\APPLIC~1\BSplayer [15-03-2010|22:04] G:\DOCUME~1\RALPHM~1\APPLIC~1\BSplayer Pro [31-05-2009|20:39] G:\DOCUME~1\RALPHM~1\APPLIC~1\Canneverbe_Limited [22-01-2010|18:01] G:\DOCUME~1\RALPHM~1\APPLIC~1\Canon [10-03-2007|00:34] G:\DOCUME~1\RALPHM~1\APPLIC~1\Command & Conquer 3 Tiberium Wars Demo [08-12-2007|22:57] G:\DOCUME~1\RALPHM~1\APPLIC~1\Comodo [22-12-2009|22:09] G:\DOCUME~1\RALPHM~1\APPLIC~1\Creative [09-02-2010|22:41] G:\DOCUME~1\RALPHM~1\APPLIC~1\DAEMON Tools Lite [27-02-2007|22:28] G:\DOCUME~1\RALPHM~1\APPLIC~1\DeepBurner [29-12-2009|13:27] G:\DOCUME~1\RALPHM~1\APPLIC~1\dvdcss [08-11-2007|18:31] G:\DOCUME~1\RALPHM~1\APPLIC~1\Gearbox Software [04-02-2007|03:00] G:\DOCUME~1\RALPHM~1\APPLIC~1\Google [27-07-2008|18:39] G:\DOCUME~1\RALPHM~1\APPLIC~1\GrabIt [17-11-2009|21:13] G:\DOCUME~1\RALPHM~1\APPLIC~1\Help [13-01-2007|12:58] G:\DOCUME~1\RALPHM~1\APPLIC~1\Identities [11-11-2008|19:37] G:\DOCUME~1\RALPHM~1\APPLIC~1\InstallShield [29-03-2008|22:48] G:\DOCUME~1\RALPHM~1\APPLIC~1\Kazaa Lite [11-03-2007|17:00] G:\DOCUME~1\RALPHM~1\APPLIC~1\Lavasoft [14-09-2007|19:50] G:\DOCUME~1\RALPHM~1\APPLIC~1\Leadertech [11-11-2008|19:44] G:\DOCUME~1\RALPHM~1\APPLIC~1\LG Electronics [12-12-2009|23:53] G:\DOCUME~1\RALPHM~1\APPLIC~1\LimeWirePlus [08-11-2007|18:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Logitech [13-01-2007|13:08] G:\DOCUME~1\RALPHM~1\APPLIC~1\Macromedia [17-03-2010|19:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Malwarebytes [17-02-2010|21:01] G:\DOCUME~1\RALPHM~1\APPLIC~1\Microsoft [29-08-2008|17:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Mozilla [09-11-2009|16:54] G:\DOCUME~1\RALPHM~1\APPLIC~1\MSN6 [27-07-2008|17:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\NewsLeecher [17-02-2010|22:23] G:\DOCUME~1\RALPHM~1\APPLIC~1\PC Suite [17-02-2010|21:00] G:\DOCUME~1\RALPHM~1\APPLIC~1\Samsung [24-04-2007|10:16] G:\DOCUME~1\RALPHM~1\APPLIC~1\SecondLife [22-05-2007|16:16] G:\DOCUME~1\RALPHM~1\APPLIC~1\SecuROM [29-01-2007|22:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Sony Ericsson [01-07-2007|19:22] G:\DOCUME~1\RALPHM~1\APPLIC~1\SPAMfighter [07-02-2007|11:33] G:\DOCUME~1\RALPHM~1\APPLIC~1\Sun [16-03-2010|19:59] G:\DOCUME~1\RALPHM~1\APPLIC~1\SUPERAntiSpyware.com [19-09-2007|10:37] G:\DOCUME~1\RALPHM~1\APPLIC~1\SystemRequirementsLab [29-01-2007|22:25] G:\DOCUME~1\RALPHM~1\APPLIC~1\Teleca [24-01-2009|21:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\TomTom [17-03-2010|22:44] G:\DOCUME~1\RALPHM~1\APPLIC~1\uTorrent [16-03-2010|19:01] G:\DOCUME~1\RALPHM~1\APPLIC~1\vlc [17-03-2010|18:35] G:\DOCUME~1\RALPHM~1\APPLIC~1\WinRAR [0|bestand(en)] G:\DOCUME~1\RALPHM~1\APPLIC~1\bytes [55|map(pen)] G:\DOCUME~1\RALPHM~1\APPLIC~1\bytes beschikbaar --------------------\\ Geplande Taken gelocaliseerd in G:\WINDOWS\Tasks [18-03-2010 19:33][--a------] G:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [18-03-2010 19:36][--a------] G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [18-03-2010 19:28][--a------] G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [18-03-2010 19:35][--a------] G:\WINDOWS\tasks\Google Software Updater.job [27-02-2010 19:29][--a------] G:\WINDOWS\tasks\AppleSoftwareUpdate.job [18-03-2010 19:28][--ah-----] G:\WINDOWS\tasks\SA.DAT [08-04-2003 13:00][-r-h-----] G:\WINDOWS\tasks\desktop.ini --------------------\\ Beschrijving van mappen in G:\Program Files [13-01-2007|15:11] G:\Program Files\2BrightSparks [20-08-2008|20:11] G:\Program Files\Adobe [18-11-2007|10:09] G:\Program Files\AGEIA Technologies [14-09-2007|21:37] G:\Program Files\Ahead [14-03-2007|15:39] G:\Program Files\AIDA32 - Enterprise System Information [18-06-2008|21:05] G:\Program Files\ALCATech [13-01-2007|13:16] G:\Program Files\Alwil Software [22-09-2008|20:37] G:\Program Files\Any Video Converter [08-11-2007|21:42] G:\Program Files\Apple Software Update [27-02-2007|22:00] G:\Program Files\Astonsoft [08-11-2007|19:44] G:\Program Files\ASUS [17-11-2007|23:38] G:\Program Files\Atari [04-05-2007|21:44] G:\Program Files\ATI Technologies [09-03-2007|23:13] G:\Program Files\ATITool [17-03-2010|18:51] G:\Program Files\AVI ReComp [17-03-2010|18:50] G:\Program Files\AviSynth 2.5 [17-03-2010|17:54] G:\Program Files\AVS4YOU [05-03-2007|17:31] G:\Program Files\AVSMedia [28-12-2008|14:56] G:\Program Files\Belastingdienst [17-03-2010|18:50] G:\Program Files\Burn4Free [09-11-2009|12:50] G:\Program Files\Canon [09-11-2009|12:37] G:\Program Files\CanonBJ [08-11-2007|16:41] G:\Program Files\Casema [24-11-2009|20:41] G:\Program Files\CCleaner [31-05-2009|20:39] G:\Program Files\CDBurnerXP [21-03-2008|18:03] G:\Program Files\CodiNET [20-01-2010|21:05] G:\Program Files\Common Files [10-12-2007|20:14] G:\Program Files\Comodo [13-01-2007|12:53] G:\Program Files\ComPlus Applications [13-01-2007|13:50] G:\Program Files\Creative [09-02-2010|22:41] G:\Program Files\DAEMON Tools Lite [28-01-2008|18:45] G:\Program Files\data [17-02-2010|21:00] G:\Program Files\DIFX [29-01-2007|22:34] G:\Program Files\Disc2Phone [13-08-2009|19:01] G:\Program Files\DVD Decrypter [05-03-2007|17:30] G:\Program Files\DVD Shrink [23-03-2008|22:22] G:\Program Files\EA GAMES [18-06-2008|21:22] G:\Program Files\Eidos [23-03-2008|22:50] G:\Program Files\Electronic Arts [18-06-2008|21:22] G:\Program Files\FMS [09-03-2007|19:05] G:\Program Files\Futuremark [17-03-2010|18:51] G:\Program Files\Gabest [18-06-2008|21:21] G:\Program Files\GameShadow [02-10-2007|12:47] G:\Program Files\GameSpy [23-03-2008|22:31] G:\Program Files\GameSpy Arcade [08-02-2010|18:31] G:\Program Files\Google [27-07-2008|18:19] G:\Program Files\GrabIt [01-03-2009|19:27] G:\Program Files\Harman Kardon [17-12-2007|12:48] G:\Program Files\Hema Album Software Advanced [11-03-2007|16:55] G:\Program Files\Hitman Pro [07-07-2008|17:25] G:\Program Files\Incomplete [17-02-2010|22:23] G:\Program Files\InstallShield Installation Information [11-03-2007|18:39] G:\Program Files\Intel [18-11-2007|11:52] G:\Program Files\Intel Corporation [13-10-2007|21:20] G:\Program Files\Internet Explorer [08-11-2007|21:51] G:\Program Files\iPod [08-11-2007|21:51] G:\Program Files\iTunes [27-04-2008|21:56] G:\Program Files\Java [18-06-2008|21:21] G:\Program Files\Kazaa Lite K++ [17-03-2010|18:29] G:\Program Files\Lavasoft [11-11-2008|19:38] G:\Program Files\LG Electronics [11-11-2008|19:38] G:\Program Files\LG PC Suite 2 [10-01-2010|12:30] G:\Program Files\LimeWire [07-07-2008|17:25] G:\Program Files\LimeWire Plus [28-04-2008|17:06] G:\Program Files\LimewirePlus [10-11-2009|19:01] G:\Program Files\Linksys [08-11-2007|18:24] G:\Program Files\Logitech [17-03-2010|19:24] G:\Program Files\Malwarebytes' Anti-Malware [17-02-2010|20:59] G:\Program Files\MarkAny [17-02-2010|22:22] G:\Program Files\MarkAnyContentSAFER [13-01-2007|20:05] G:\Program Files\Messenger [20-01-2010|21:14] G:\Program Files\Microsoft [17-02-2010|20:53] G:\Program Files\Microsoft ActiveSync [13-01-2007|12:55] G:\Program Files\microsoft frontpage [13-01-2007|13:30] G:\Program Files\Microsoft Office [20-01-2010|21:14] G:\Program Files\Microsoft Silverlight [20-08-2008|17:28] G:\Program Files\Microsoft SQL Server Compact Edition [28-01-2008|18:45] G:\Program Files\models [13-01-2007|15:16] G:\Program Files\Movie Maker [11-03-2008|21:03] G:\Program Files\MozBackup [18-03-2010|19:37] G:\Program Files\Mozilla Firefox [30-06-2009|09:27] G:\Program Files\MSBuild [13-01-2007|12:53] G:\Program Files\MSN [13-01-2007|12:53] G:\Program Files\MSN Gaming Zone [04-02-2007|03:23] G:\Program Files\MSXML 4.0 [30-06-2009|09:23] G:\Program Files\MSXML 6.0 [13-01-2007|15:16] G:\Program Files\NetMeeting [27-07-2008|17:51] G:\Program Files\NewsLeecher [13-01-2007|12:53] G:\Program Files\Online Services [21-03-2008|17:51] G:\Program Files\OpenAL [16-06-2007|19:02] G:\Program Files\Outlook Express [25-02-2007|13:31] G:\Program Files\Panasonic [17-02-2010|21:00] G:\Program Files\PC Connectivity Solution [27-11-2009|12:01] G:\Program Files\PhoenixRC [13-01-2007|14:00] G:\Program Files\PowerQuest [14-11-2007|19:52] G:\Program Files\PowerStrip [10-11-2009|18:55] G:\Program Files\Pure Networks [08-11-2007|21:50] G:\Program Files\QuickTime [28-03-2009|22:24] G:\Program Files\RealFlightG4 [30-06-2009|09:27] G:\Program Files\Reference Assemblies [09-03-2007|23:19] G:\Program Files\RivaTuner v2.0 RC 15.4 [17-02-2010|21:01] G:\Program Files\Samsung [18-02-2010|17:25] G:\Program Files\ScreenPrint32 v3 [31-05-2009|20:41] G:\Program Files\SlySoft [29-01-2007|22:23] G:\Program Files\Sony Ericsson [18-03-2010|19:32] G:\Program Files\SPAMfighter [13-01-2010|12:14] G:\Program Files\Spybot - Search & Destroy [16-03-2010|19:59] G:\Program Files\SUPERAntiSpyware [24-04-2008|21:32] G:\Program Files\SVKSystems [28-01-2008|18:44] G:\Program Files\text [28-03-2007|15:20] G:\Program Files\The Sir. Community [28-04-2008|20:31] G:\Program Files\ThrustHP [03-03-2008|21:50] G:\Program Files\Thrustmaster [24-01-2009|21:56] G:\Program Files\TomTom HOME 2 [25-04-2008|23:18] G:\Program Files\Trend Micro [17-03-2010|17:11] G:\Program Files\TrendMicro [28-01-2008|18:44] G:\Program Files\txd [18-06-2008|21:17] G:\Program Files\Ubi Soft [21-02-2009|22:24] G:\Program Files\Ubisoft [13-01-2007|12:58] G:\Program Files\Uninstall Information [08-02-2009|22:57] G:\Program Files\uTorrent [18-11-2007|14:37] G:\Program Files\Valve [29-12-2009|13:21] G:\Program Files\VideoLAN [24-01-2009|22:45] G:\Program Files\Vuze [17-03-2010|21:08] G:\Program Files\WebEx [15-03-2010|22:04] G:\Program Files\Webteh [20-01-2010|21:14] G:\Program Files\Windows Live [20-01-2010|21:11] G:\Program Files\Windows Live SkyDrive [15-03-2010|16:35] G:\Program Files\Windows Media Connect 2 [15-03-2010|16:35] G:\Program Files\Windows Media Player [17-02-2010|20:52] G:\Program Files\Windows Mobile Device Handbook [13-01-2007|15:16] G:\Program Files\Windows NT [13-01-2007|12:53] G:\Program Files\WindowsUpdate [17-03-2010|18:35] G:\Program Files\WinRAR [13-01-2007|12:55] G:\Program Files\xerox [17-03-2010|18:51] G:\Program Files\Xvid [0|bestand(en)] G:\Program Files\bytes [138|map(pen)] G:\Program Files\bytes beschikbaar --------------------\\ Beschrijving van mappen in G:\Program Files\Common Files [07-05-2008|10:02] G:\Program Files\Common Files\Adobe [14-09-2007|21:37] G:\Program Files\Common Files\Ahead [28-08-2007|17:18] G:\Program Files\Common Files\Apple [16-04-2009|15:17] G:\Program Files\Common Files\Application [09-03-2007|20:15] G:\Program Files\Common Files\ATI Technologies [17-03-2010|17:54] G:\Program Files\Common Files\AVSMedia [09-11-2009|12:41] G:\Program Files\Common Files\CANON [13-01-2007|13:30] G:\Program Files\Common Files\Designer [12-08-2008|17:02] G:\Program Files\Common Files\Futuremark Shared [13-01-2007|13:58] G:\Program Files\Common Files\InstallShield [29-01-2007|18:43] G:\Program Files\Common Files\Java [28-03-2009|22:50] G:\Program Files\Common Files\KnifeEdge [08-11-2007|18:24] G:\Program Files\Common Files\LogiShared [08-11-2007|18:23] G:\Program Files\Common Files\Logitech [15-03-2010|23:09] G:\Program Files\Common Files\Microsoft Shared [13-01-2007|12:53] G:\Program Files\Common Files\MSSoap [13-01-2007|13:49] G:\Program Files\Common Files\ODBC [10-11-2009|18:54] G:\Program Files\Common Files\Pure Networks Shared [13-01-2007|12:54] G:\Program Files\Common Files\Services [13-01-2007|13:49] G:\Program Files\Common Files\SpeechEngines [16-06-2007|19:02] G:\Program Files\Common Files\System [29-01-2007|22:23] G:\Program Files\Common Files\Teleca Shared [20-01-2010|21:05] G:\Program Files\Common Files\Windows Live [20-08-2008|17:26] G:\Program Files\Common Files\WindowsLiveInstaller [17-03-2010|18:28] G:\Program Files\Common Files\Wise Installation Wizard [0|bestand(en)] G:\Program Files\Common Files\bytes [27|map(pen)] G:\Program Files\Common Files\bytes beschikbaar --------------------\\ Process ( 82 Processes ) ... OK ! --------------------\\ Zoeken met S_Lop Geen Lop mappen gevonden ! --------------------\\ Zoeken naar Lop Bestanden - Mappen Geen Lop mappen gevonden ! --------------------\\ Zoeken doorheen het Register ..... OK ! --------------------\\ Nazicht van het Hosts bestand Hosts bestand IN ORDE --------------------\\ Zoeken naar verborgen bestanden met Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-18 19:44:55 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Zoeken naar andere infecties --------------------\\ Cracks & Keygens .. G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63 G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\Nero 6300 Serial und dvd video plug in.txt G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\nero6302.exe G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\Nero63_Keygen.exe G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\NVE2104.exe G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownloade spellen\brother in arms demo 2\Texture\t_map_18_crackofdawn.utx.uz2 G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-202477-Ahead Nero v7 5 9 0 + Keygen rar[==www mgatorrents co uk==].zip G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-202477-Nero 7 5 9 0 Incl Keygen.zip G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-202477-Nero Keygen ALL VERSIONS zip.zip G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-233472-Nero Full Multi Keygenerator.exe G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-81299617-Nero.v7.Ultra.Edition.Multilangages.Incl-Keygen.par.eMule-Paradise.com.rar G:\DOCUME~1\RALPHM~1\Mijn documenten\kerstmuziek\Nero 7.0.1.2 Ultra Edition with Keygen - English.zip G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\ partition magic keygenerator jerk ja.asf G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\BPM Studio Professional 4.9.1_Full Crack.zip G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\Nero 7.0.1.2 Ultra Edition with Keygen - English.zip G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\nero keygenerator.wm [F:42][D:30]-> G:\DOCUME~1\RALPHM~1\LOCALS~1\Temp [F:33][D:0]-> G:\DOCUME~1\RALPHM~1\Cookies [F:2443][D:4]-> G:\DOCUME~1\RALPHM~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "G:\Lop SD\LopR_1.txt" - wo 17-03-2010|21:21 - Option : [2] 2 - "G:\Lop SD\LopR_2.txt" - do 18-03-2010|19:46 - Option : [2] --------------------\\ Scan voltooid om 19:46:20
  • 1) Zet [color=green:d8afc14d2f]TeaTimer[/color:d8afc14d2f] van Spybot even uit tijdens de fix want hij kan veranderingen in de weg staan. - Start Spybot S&D - Ga naar het Mode menu en selecteer "Advanced Mode" - Aan de linkerkant, kies "Tools"kies [b:d8afc14d2f]"Tools"[/b:d8afc14d2f] (of gereedschap ) en klik op > [b:d8afc14d2f]Resident[/b:d8afc14d2f] - Uitvinken [color=green:d8afc14d2f]"Resident TeaTimer[/color:d8afc14d2f]" en en sluit Spybot S&D. - Herstart de computer. 2) Download het volgende naar je bureaublad:[url=http://home.kpn.nl/stefsmeenk/ResetTeaTimer.exe] ResetTeaTimer.exe[/url] Dubbelklik daarna op ResetTeaTimer.exe Dit zal de voorgaande items die je toegelaten hebt of geblokkeerd hebt via TeaTimer terug resetten. Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:d8afc14d2f][color=blue:d8afc14d2f]Combofix [/color:d8afc14d2f][/b:d8afc14d2f][/url] naar je Bureaublad en gebruik het volgens [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden]deze handleiding[/url]. [i:d8afc14d2f][color=Red:d8afc14d2f]OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:d8afc14d2f]download Combofix opnieuw[/b:d8afc14d2f]. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![/color:d8afc14d2f][/i:d8afc14d2f][list:d8afc14d2f][*:d8afc14d2f]Dubbelklik op [b:d8afc14d2f]Combofix.exe[/b:d8afc14d2f] om het te starten. [*:d8afc14d2f][i:d8afc14d2f]Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.[/i:d8afc14d2f] [*:d8afc14d2f]Klik op [b:d8afc14d2f]OK[/b:d8afc14d2f] in het "NirCmd" venstertje. [*:d8afc14d2f][i:d8afc14d2f]Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op [b:d8afc14d2f]JA[/b:d8afc14d2f] te klikken in het "Query - Recovery Console" venster.[/i:d8afc14d2f] [*:d8afc14d2f]Klik op [b:d8afc14d2f]OK[/b:d8afc14d2f] en [b:d8afc14d2f]Ja[/b:d8afc14d2f] om automatisch de Recovery Console te laten installeren. [*:d8afc14d2f]Klik na afloop terug op [b:d8afc14d2f]Ja[/b:d8afc14d2f] om het scannen op malware te starten. [*:d8afc14d2f]Tijdens het runnen van de fix, [b:d8afc14d2f]NIET[/b:d8afc14d2f] in het venster klikken, want dit zal je pc doen vasthangen. [*:d8afc14d2f]Wanneer de fix voltooid is en na herstart, zal de log [b:d8afc14d2f]Combofix.txt[/b:d8afc14d2f] openen.[/list:u:d8afc14d2f]Post dit logje in je volgende antwoord.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.