Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Erg trage XP machine

None
9 antwoorden
  • Beste HijackThis deskundigen.
    Het is weer zo ver, ik ben weer met een pc bezig van een vriend die erg traag is. Hoewel ik er al een aantal Gb's aan onnodige zaken verwijdert en Malware Bytes 41 besmettingen heeft vewijdert is er nog niet erg veel verandert. Ik heb dan ook het idee dat er verder nog iets mis is vandaar dat ik een logje plaats. Wil iemand hier eens naar kijken? b.v.d.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 17:02:24, on 29-10-2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program Files\AVG\AVG9\avgrsx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\system32\PackethSvc.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG9\avgemc.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\PROGRA~1\AVG\AVG9\avgtray.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Totalcmd\TOTALCMD.EXE
    K:\Tools\HijackThis 2.0.4.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.freeler.nl/
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install3.5/installer.exe
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\Leen\LOCALS~1\Temp\hpdj.exe (file missing)
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


    End of file - 8876 bytes
  • Hoi Gerard, jammer dat je het MBAM-log niet meegepost hebt.

    Wil je dat alsnog doen (in MBAM tab Logbestanden).
  • Abraham,
    Fijn dat je zo snel reageert.
    Hierbij het logje.

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Databaseversie: 4979

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    28-10-2010 23:10:51
    mbam-log-2010-10-28 (23-10-51).txt

    Scantype: Snelle scan
    Objecten gescand: 177376
    Verstreken tijd: 9 minuut/minuten, 15 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 1
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 16
    Bestanden geïnfecteerd: 24

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\Icons (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\medias (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135\img (Adware.EGDAccess) -> Quarantined and deleted successfully.

    Bestanden geïnfecteerd:
    C:\Program Files\Instant Access\Center\Crazy Girls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\NoCreditCard.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\DesktopIcons\Crazy Girls.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\js\js_api_dialer.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\medias\4250_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\medias\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\medias\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\medias\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061023221049\medias\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856\Common\show_module.php_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856\img\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20050810230856\img\dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135\Common\show_module.php_0.loginvis (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135\img\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\Exe\20060104220135\img\dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\WINDOWS\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\WINDOWS\tmlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully.
  • Hoi Gerard, het lijkt mij het beste dat je het volgende gaat doen:

    download ComboFix van één van deze locaties:

    [b:ee3dc42f5e]Bleepingcomputer[/b:ee3dc42f5e]

    [b:ee3dc42f5e]ForoSpyware[/b:ee3dc42f5e]


    [b:ee3dc42f5e]* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op *[/b:ee3dc42f5e][/color:ee3dc42f5e]

    [list:ee3dc42f5e][*:ee3dc42f5e] Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

    Hier is een handleiding over hoe je ze kan uitschakelen: [b:ee3dc42f5e]Klik hier[/b:ee3dc42f5e]

    [*:ee3dc42f5e] Indien het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.[*:ee3dc42f5e]Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.[*:ee3dc42f5e] ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

    [b:ee3dc42f5e]**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.[/b:ee3dc42f5e][/color:ee3dc42f5e]

    [*:ee3dc42f5e]Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.[/list:u:ee3dc42f5e]
    [img:ee3dc42f5e]http://www.bleepstatic.com/combofix/nl/cf-rc-auto.jpg[/img:ee3dc42f5e]


    Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

    [img:ee3dc42f5e]http://www.bleepstatic.com/combofix/nl
    c-auto-done.jpg[/img:ee3dc42f5e]



    [b:ee3dc42f5e]Klik op Ja om verder te gaan met het scannen naar malware.[/b:ee3dc42f5e]


    Wanneer ComboFix klaar is, zal het het een logbestand voor je maken.
    Post de inhoud van dit logbestand (te vinden als [b:ee3dc42f5e]C:\ComboFix.txt[/b:ee3dc42f5e]) in je volgende bericht.
  • Abraham,
    Misschien is het in het geheel niet terzake doende maar ik wil toch even meldingf maken van het volgende. Toen Combofix (bijna) klaar was kwam de volgende melding in beeld: Lograpport wordt voorbereid. Start geen andere programma's tot Combofix klaar is.
    In een ander schermpje wordt dan nog het volgende toegevoegd: Er bevindt zich geen schijf in het station. Plaats een geschikt medium.
    Dit is geheel nieuw voor mij. Maar hier de log. Ik hoop dat je er brood van kunt bakken…

    ComboFix 10-10-28.09 - Leen 29-10-2010 19:00:59.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.63 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\Leen\Bureaublad\ComboFix.exe
    AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Leen\Cookies\hpothb07.dat
    c:\program files\Internet Explorer\OLD80.tmp
    c:\windows\system\hpscnmgr.dll
    c:\windows\system\hpsjrreg.exe
    c:\windows\system32\Bank.dll
    c:\windows\system32\Thumbs.db

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    ——-\Service_NPF


    (((((((((((((((((((( Bestanden Gemaakt van 2010-09-28 to 2010-10-29 ))))))))))))))))))))))))))))))
    .

    2010-10-29 16:03 . 2010-09-07 14:52 165584 —-a-w- c:\windows\system32\drivers\aswSP.sys
    2010-10-29 16:03 . 2010-09-07 14:47 17744 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2010-10-29 16:03 . 2010-09-07 14:47 23376 —-a-w- c:\windows\system32\drivers\aswRdr.sys
    2010-10-29 16:03 . 2010-09-07 14:52 46672 —-a-w- c:\windows\system32\drivers\aswTdi.sys
    2010-10-29 16:03 . 2010-09-07 14:47 100176 —-a-w- c:\windows\system32\drivers\aswmon2.sys
    2010-10-29 16:03 . 2010-09-07 14:47 94544 —-a-w- c:\windows\system32\drivers\aswmon.sys
    2010-10-29 16:03 . 2010-09-07 14:46 28880 —-a-w- c:\windows\system32\drivers\aavmker4.sys
    2010-10-29 16:02 . 2010-09-07 15:12 38848 —-a-w- c:\windows\avastSS.scr
    2010-10-29 16:02 . 2010-09-07 15:11 167592 —-a-w- c:\windows\system32\aswBoot.exe
    2010-10-29 16:02 . 2010-10-29 16:02 ——– d—–w- c:\program files\Alwil Software
    2010-10-29 16:02 . 2010-10-29 16:02 ——– d—–w- c:\documents and settings\All Users\Application Data\Alwil Software
    2010-10-28 21:13 . 2010-10-29 15:32 ——– d–h–r- c:\documents and settings\Leen\Onlangs geopend
    2010-10-28 20:59 . 2010-10-28 20:59 ——– d—–w- c:\documents and settings\Leen\Application Data\Malwarebytes
    2010-10-28 20:58 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-10-28 20:58 . 2010-10-28 20:58 ——– d—–w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-10-28 20:58 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-10-28 18:18 . 2009-05-26 12:35 583552 —-a-w- c:\windows\system32\drivers\RTL8192su.sys
    2010-10-14 09:44 . 2010-09-18 06:53 974848 -c—-w- c:\windows\system32\dllcache\mfc42.dll
    2010-10-14 09:44 . 2010-09-18 06:53 953856 -c—-w- c:\windows\system32\dllcache\mfc40u.dll
    2010-10-14 09:44 . 2010-08-23 16:13 617472 -c—-w- c:\windows\system32\dllcache\comctl32.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-10-28 20:49 . 2004-10-06 00:26 17408 —-a-w- c:\windows\system32\drivers\USBCRFT.SYS
    2010-10-28 19:22 . 2007-04-25 11:12 73728 —-a-w- c:\windows\system32\javacpl.cpl
    2010-10-28 19:22 . 2010-05-03 15:54 472808 —-a-w- c:\windows\system32\deployJava1.dll
    2010-09-18 10:23 . 2004-10-06 06:21 974848 —-a-w- c:\windows\system32\mfc42u.dll
    2010-09-18 06:53 . 2004-10-06 06:21 974848 —-a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53 . 2004-10-06 06:21 954368 ——w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53 . 2004-10-06 06:21 953856 —-a-w- c:\windows\system32\mfc40u.dll
    2010-09-10 05:52 . 2004-10-06 06:22 916480 —-a-w- c:\windows\system32\wininet.dll
    2010-09-10 05:52 . 2004-10-06 06:21 43520 —-a-w- c:\windows\system32\licmgr10.dll
    2010-09-10 05:52 . 2004-10-06 06:21 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
    2010-09-01 11:52 . 2004-10-06 06:21 285824 —-a-w- c:\windows\system32\atmfd.dll
    2010-09-01 07:57 . 2004-10-06 06:22 1852928 —-a-w- c:\windows\system32\win32k.sys
    2010-08-27 08:03 . 2004-10-06 06:22 119808 —-a-w- c:\windows\system32\t2embed.dll
    2010-08-27 05:55 . 2004-10-06 06:22 99840 —-a-w- c:\windows\system32\srvsvc.dll
    2010-08-27 01:43 . 2008-05-05 05:25 5632 —-a-w- c:\windows\system32\xpsp4res.dll
    2010-08-26 13:39 . 2004-10-06 06:22 357248 —-a-w- c:\windows\system32\drivers\srv.sys
    2010-08-23 16:13 . 2004-10-06 06:21 617472 —-a-w- c:\windows\system32\comctl32.dll
    2010-08-17 13:17 . 2004-10-06 06:22 58880 —-a-w- c:\windows\system32\spoolsv.exe
    2010-08-16 08:45 . 2004-10-06 06:22 590848 —-a-w- c:\windows\system32\rpcrt4.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-18 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-20 4583424]
    "nwiz"="nwiz.exe" [2004-09-20 921600]
    "ledpointer"="CNYHKey.exe" [2004-02-03 5794816]
    "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2009-01-16 325768]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-16 47392]
    "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
    backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BlueSoleil.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BlueSoleil.lnk
    backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^McAfee Security Scan.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\McAfee Security Scan.lnk
    backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
    2005-11-28 13:02 118784 -c–a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2010-09-20 21:07 932288 —-a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
    2005-03-04 10:01 88209 —-a-w- c:\windows\AGRSMMSG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
    2004-02-24 12:05 508416 —-a-w- c:\windows\mHotkey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]
    2004-07-20 16:18 90112 —-a-w- c:\windows\Dit.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2010-03-25 23:10 142120 —-a-w- c:\program files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2008-04-14 17:03 1695232 —-a-w- c:\program files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 09:50 155648 —-a-w- c:\windows\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
    2004-10-08 15:14 81920 -c–a-w- c:\program files\Home Cinema\PowerCinema\PCMService.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
    2007-03-23 12:20 227328 —-a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-03-17 19:53 421888 —-a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkoppeling naar eigenschappenvenster voor High Definition Audio]
    2004-03-17 14:10 61952 —-a-w- c:\windows\system32\Hdaudpropshortcut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2007-06-18 11:17 68856 —-a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2004-10-08 17:02 180269 —-a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
    2005-11-28 13:02 988701 -c–a-w- c:\program files\Acronis\TrueImage\TrueImageMonitor.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%WinDir%\\system32\\fxsclnt.exe"=
    "%ProgramFiles%\\CA\\eTrust Antivirus\\InocIT.exe"=
    "%ProgramFiles%\\CA\\eTrust Antivirus\\Realmon.exe"=
    "%ProgramFiles%\\CA\\eTrust Antivirus\\InoRpc.exe"=
    "%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
    "%ProgramFiles%\\CompuServe 6.0\\cs.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Nokia\\Nokia Software Updater\
    su_ui_client.exe"=
    "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\
    sl_host_process.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=

    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29-10-2010 18:03 165584]
    R1 crlscsi;crlscsi;c:\windows\system32\drivers\crlscsi.sys [8-8-2006 15:54 6144]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29-10-2010 18:03 17744]
    R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [19-9-2002 20:29 53248]
    R2 PackethSvc;Virtual NIC Service;c:\windows\system32\PackethSvc.exe [9-10-2004 10:06 64512]
    R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [16-1-2009 11:11 184968]
    R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [6-10-2004 1:38 1272000]
    R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [1-10-2004 17:35 24704]
    R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [6-10-2004 2:27 19928]
    S2 SHARSHTL;Shuttle Sharer;c:\windows\system32\drivers\sharshtl.sys [1-2-2005 13:10 18432]
    S3 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [19-9-2002 20:27 77824]
    S3 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [19-9-2002 20:41 77824]
    S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [6-10-2004 2:26 17408]
    S3 epstw2k;SCM-SCSI stuurprogramma voor parallele poort;c:\windows\system32\drivers\epstw2k.sys [1-2-2005 0:01 114944]
    S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [28-10-2010 20:18 583552]
    S3 scsiscan;Stuurprogramma voor SCSI-scanner;c:\windows\system32\drivers\scsiscan.sys [1-2-2005 0:01 11520]
    S3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [12-10-2004 14:04 11672]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Inhoud van de 'Gedeelde Taken' map

    2010-10-25 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    uDefault_Search_URL = hxxp://www.google.com/ie
    uInternet Settings,ProxyOverride = <local>;*.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    .
    - - - - ORPHANS VERWIJDERD - - - -

    HKLM-Run-Cmaudio - cmicnfg.cpl
    MSConfigStartUp-AntivirusRegistration - c:\program files\Excid.com Aps\eTrust Antivirus Registration\EzAntivirusRegistrationCheck.exe
    MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    MSConfigStartUp-Instant Access - c:\windows\system32\linewsrv.exe
    AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
    AddRemove-{6B103F43-069C-11D6-9EA2-0050BAE317E1} - c:\program files\Uninstall_PCM.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-10-29 19:11
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\¤–}|ÿÿÿÿÀ•}|ù•9~*]
    "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'lsass.exe'(792)
    c:\windows\system32\relog_ap.dll

    - - - - - - - > 'explorer.exe'(3824)
    c:\progra~1\WINDOW~2\wmpband.dll
    c:\windows\system32\msls31.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
    c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_dut.nlr
    c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files\Alwil Software\Avast5\AvastSvc.exe
    c:\windows\System32\SCardSvr.exe
    c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32
    vsvc32.exe
    c:\windows\system32\wscntfy.exe
    c:\windows\system32\RunDll32.exe
    c:\windows\CNYHKey.exe
    c:\windows\system32\msiexec.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2010-10-29 19:21:22 - machine werd herstart
    ComboFix-quarantined-files.txt 2010-10-29 17:21

    Pre-Run: 98.686.025.728 bytes beschikbaar
    Post-Run: 98.566.762.496 bytes beschikbaar

    WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

    - - End Of File - - F1CF7595BAEB7B48E2FE9059B39DF7EE


    PS. Ik heb inmiddels AVG vervangen door Avast mede vanwege de overwegend positieve beoordelingen.
  • Hoi Grard, dat log van VomboFix ziet er verder goed uit!

    En die rare melding - die heb ik een keer eerder gehoord!

    ComboFix mag nu verwijderd worden:
    [list:c37008b916][*:c37008b916] ga daarvoor naar Start - Uitvoeren
    [*:c37008b916] kopieer en plak hierin het volgende: [b:c37008b916]Combofix /Uninstall[/b:c37008b916]
    [*:c37008b916] klik daarna op [b:c37008b916]OK[/b:c37008b916].
    [*:c37008b916] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:c37008b916]

    Voorbeeld:

    [img:c37008b916]http://home.kpn.nl/stefsmeenk/CFUninstall.PNG[/img:c37008b916]

    Doe dan nu dit: een test, om te kijken hoe je huidige veiligheidssituatie is.

    Download naar je bureaublad [b:c37008b916]Security Check[/b:c37008b916].
    [list:c37008b916][*:c37008b916] Klik/dubbelklik op [b:c37008b916]SecurityCheck.exe[/b:c37008b916] en let op de instrukties in het zwarte vesnter.
    [*:c37008b916] Een Kladblok document genaamd [b:c37008b916]checkup.txt[/b:c37008b916] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:c37008b916] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:c37008b916]
    Post de inhoud van [b:c37008b916]checkup.txt [/b:c37008b916]in je volgende post.
  • Komt tie

    Results of screen317's Security Check version 0.99.6
    Windows XP Service Pack 3
    Internet Explorer 8
    [b:3f8fa0e335]``````````````````````````````
    [u:3f8fa0e335]Antivirus/Firewall Check:[/u:3f8fa0e335][/b:3f8fa0e335]
    avast! Free Antivirus
    [b:3f8fa0e335]```````````````````````````````
    [u:3f8fa0e335]Anti-malware/Other Utilities Check:[/u:3f8fa0e335][/b:3f8fa0e335]
    Malwarebytes' Anti-Malware
    CCleaner
    Java(TM) 6 Update 22
    [b:3f8fa0e335]````````````````````````````````
    Process Check:
    [u:3f8fa0e335]objlist.exe by Laurent[/u:3f8fa0e335][/b:3f8fa0e335]
    Alwil Software Avast5 AvastSvc.exe
    Alwil Software Avast5 avastUI.exe
    [b:3f8fa0e335]````````````````````````````````
    [u:3f8fa0e335]DNS Vulnerability Check:[/u:3f8fa0e335][/b:3f8fa0e335]
    GREAT! (Not vulnerable to DNS cache poisoning)

    [b:3f8fa0e335]``````````End of Log````````````[/b:3f8fa0e335]
  • Hoi Gerard, ter controle kan je nog een keer MBAM laten draaien in de snelscanmodus.

    Vindt MBAM niks, dan denk ik dat de eigenaar blij zal zijn met wat je weer gedaan hebt!
  • Hoi Abraham,

    Heb ik al gedaan evenals Avast en TFC. Alles proper zouden ze in België zeggen. De machine loopt in elk geval een stuk vlotter.
    Dit houdt dus in: twee blije mensen, ik zelf voor de door jouw geboden hulp en mijn vriend voor de mijne.
    Mijn dank voor de snelle afhandeling.
    Groet, Gerard.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.