Vraag & Antwoord

Beveiliging & privacy

Hijjack logje

Anoniem
None
24 antwoorden
  • Hoi,

    Omdat ik zeer vaak een mededeling krijg dat Outlook Express problemen heeft met opstarten, heb ik maar een logje gemaakt.

    Logfile of HijackThis v1.99.1
    Scan saved at 12:34:51, on 13-10-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Roelof\Local Settings\Temporary Internet Files\Content.IE5\YD389ORM\HijackThis[1].exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\System32\mscoree.DLL
    O9 - Extra 'Tools' menuitem: Tri&xie Options… - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\System32\mscoree.DLL
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160655073452
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160663165156
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    Ik denk dat er niks mis mee is, maar ik wil even jullie mening.

    Roelof
  • hoe ziet die mededeling van oe eruit?
    hoe groot zijn je postvakken?
  • hoe ziet die mededeling van oe eruit?

    In msimn.exe is een fout opgetreden en moet worden afgesloten.

    hoe groot zijn je postvakken ?

    Postvak in 1225 kb
    Postvak uit 187 kb
    Verzonden items 210.974 kb
    Verwijderde items 9334 kb

    Roelof
  • die map verzonden items is wel heel erg groot, dat zou je best goed dwars kunnen zitten.
    als je nog in oe kunt komen moet je eerste actie zijn om die map leeg te maken, althans een heel erg groot stuk leger, hooguit een 40 mb.
    vervolgens de mappen comprimeren, en als het dan nog niet goed wil met oe, meld je dat hier opnieuw.
  • Hoi,

    Map verzonden items is nu 32MB.

    Probleem blijft bestaan. Het valt me al meer op dat het om en om gaat.
    Dus ene keer foutmelding, daarna weer goed, daarna weer foutmelding enz.

    Roelof
  • je kan oe even deïnstalleren en weer installeren via programmatoegang en -instellingen windows-onderdelen.
    heb het zojuist gesimuleerd en loopt prima zonder instellingen weg te gooien (toch voor zekerheid even postvakken map gehéél kopieren).

    in je log kan ik niet echt slechte dingen ontdekken.
    zelf zou ik een fix gedaan hebben op:
    O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
  • Twee vragen/opmerkingen

    Waarom deze file's en hoe kan ik daar een fix op doen.

    OE probleem : het viel me op dat als ik via snelstarten start dat de foutmelding komt , via programma's - outlook express gaat het wel goed.

    En de probs begonnen na Windows Update .

    Roelof
  • waarom deze files: ze zijn niet nodig voor de goede werking van je systeem, en volgens sommige info kunnen ze verstorend werken.
    hoe fixen: draai hijackthis, en kies voor scan only
    dan krijg je dezelfde lijst te zien, met hokjes om vinkjes te zetten.
    zet dus vinkjes op de aangegeven plaatsen en kies voor fixen.

    als die ene snelkoppeling (ook in menu start zijn het snelkoppelingen) wél goed is: klik rechts op betreffende ikoon in menu start, kies voor kopiëren naar .. desktop/bureaublad, en vervang daar het weigerachtige ikoon.
    niet moeilijker doen dan nodig…!
  • Hoi,

    Ik heb eerst de snelkoppeling gekopieerd zoals je zei, zonder succes.

    Daarna Hijjackthis de files laten fixen die jij aangegeven hebt.

    OE werkt ineens zonder problemen.

    Roelof
  • Hmm ik doe liever moeilijk want dan laat ik legitieme regels gewoon staan.

    Deze moet je maar laten staan, die zijn legitiem.

  • Hoi,

    Maar waarom deze reactie.
    ik heb hijack alles laten repareren en het probleem is weg.

    Groetjes,

    Roelof
  • wat jij wil
  • Combofix log :

    Roelof - 06-10-14 10:12:38,54 Service Pack 2
    ComboFix 06.10.08W - Running from: C:\Documents and Settings\Roelof\Bureaublad

    ((((((((((((((((((((((((((((((( Files Created from 2006-09-14 to 2006-10-14 ))))))))))))))))))))))))))))))))))


    2006-10-12 22:19 974,848 –a—— C:\WINDOWS\system32\mfc70.dll
    2006-10-12 22:19 487,424 –a—— C:\WINDOWS\system32\msvcp70.dll
    2006-10-12 22:19 344,064 –a—— C:\WINDOWS\system32\msvcr70.dll
    2006-10-12 16:12 24,816 –a—— C:\WINDOWS\system32\mdimon.dll
    2006-10-12 16:07 502,368 –a—— C:\WINDOWS\system32\drivers\amon.sys
    2006-10-12 16:07 270,336 –a—— C:\WINDOWS\system32\imon.dll
    2006-10-12 16:01 208,896 –a—— C:\WINDOWS\system32\NVUNINST.EXE
    2006-10-12 16:01 208,896 –a—— C:\WINDOWS\system32\nvudisp.exe
    2006-10-12 15:56 82,944 –a—— C:\WINDOWS\system32\drivers\wdmaud.sys
    2006-10-12 15:56 7,552 –a—— C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2006-10-12 15:56 60,800 –a—— C:\WINDOWS\system32\drivers\sysaudio.sys
    2006-10-12 15:56 60,288 –a—— C:\WINDOWS\system32\drivers\drmk.sys
    2006-10-12 15:56 6,400 –a—— C:\WINDOWS\system32\drivers\splitter.sys
    2006-10-12 15:56 54,272 –a—— C:\WINDOWS\system32\drivers\swmidi.sys
    2006-10-12 15:56 52,864 –a—— C:\WINDOWS\system32\drivers\DMusic.sys
    2006-10-12 15:56 5,376 –a—— C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2006-10-12 15:56 40,960 -r——- C:\WINDOWS\system32\ChCfg.exe
    2006-10-12 15:56 4,992 –a—— C:\WINDOWS\system32\drivers\MSPQM.sys
    2006-10-12 15:56 4,096 –a—— C:\WINDOWS\system32\ksuser.dll
    2006-10-12 15:56 2,944 –a—— C:\WINDOWS\system32\drivers\drmkaud.sys
    2006-10-12 15:56 172,416 –a—— C:\WINDOWS\system32\drivers\kmixer.sys
    2006-10-12 15:56 157,184 -r——- C:\WINDOWS\system32\RtlCPAPI.dll
    2006-10-12 15:56 142,464 –a—— C:\WINDOWS\system32\drivers\aec.sys
    2006-10-12 15:55 9,710,592 -r——- C:\WINDOWS\RTLCPL.exe
    2006-10-12 15:55 86,016 -r——- C:\WINDOWS\SoundMan.exe
    2006-10-12 15:55 69,632 -r——- C:\WINDOWS\Alcmtr.exe
    2006-10-12 15:55 487,424 -r——- C:\WINDOWS\RtlExUpd.dll
    2006-10-12 15:55 356,352 -r——- C:\WINDOWS\RtlUpd.exe
    2006-10-12 15:55 3,966,976 -r——- C:\WINDOWS\system32\drivers\RtkHDAud.Sys
    2006-10-12 15:55 2,807,808 -r——- C:\WINDOWS\alcwzrd.exe
    2006-10-12 15:55 2,142,208 -r——- C:\WINDOWS\MicCal.exe
    2006-10-12 15:55 14,854,144 -r——- C:\WINDOWS\RTHDCPL.exe
    2006-10-12 15:53 70,144 -ra—— C:\WINDOWS\system32\drivers\Rtlnicxp.sys
    2006-10-12 15:50 36,352 -ra—— C:\WINDOWS\system32\drivers\AmdK8.sys
    2006-10-12 15:45 57,856 –a—— C:\WINDOWS\system32\drivers\redbook.sys
    2006-10-12 15:45 3,072 –a—— C:\WINDOWS\system32\drivers\audstub.sys
    2006-10-12 15:44 6,400 –a—— C:\WINDOWS\system32\drivers\enum1394.sys
    2006-10-12 15:44 20,992 –a—— C:\WINDOWS\system32\drivers\rtl8139.sys
    2006-10-12 15:43 76,288 –a—— C:\WINDOWS\system32\usbui.dll
    2006-10-12 15:43 6,144 -ra—— C:\WINDOWS\system32\kbdtuq.dll
    2006-10-12 15:43 6,144 -ra—— C:\WINDOWS\system32\kbdtuf.dll
    2006-10-12 15:43 5,632 -ra—— C:\WINDOWS\system32\kbdazel.dll
    2006-10-12 15:42 86,556 –a—— C:\WINDOWS\system32\dgsetup.dll
    2006-10-12 15:42 8,704 –a—— C:\WINDOWS\system32\batt.dll
    2006-10-12 15:42 8,192 -ra—— C:\WINDOWS\system32\kbdhept.dll
    2006-10-12 15:42 76,288 –a—— C:\WINDOWS\system32\storprop.dll
    2006-10-12 15:42 70,144 –a—— C:\WINDOWS\notepad.exe
    2006-10-12 15:42 7,168 -ra—— C:\WINDOWS\system32\kbdcz.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdycl.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdsl1.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdsl.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdpl.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdhu.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdhela3.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdcz2.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdcz1.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdcr.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\KBDAL.DLL
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdlv1.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdlv.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdhela2.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdgkl.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdest.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdycc.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbduzb.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdur.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdtat.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdru1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdru.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdro.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdpl1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdmon.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdlt1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdlt.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdkyr.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdkaz.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhu1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhe319.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhe220.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhe.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdbu.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdblr.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdaze.dll
    2006-10-12 15:42 24,661 –a—— C:\WINDOWS\system32\spxcoins.dll
    2006-10-12 15:42 176,157 –a—— C:\WINDOWS\system32\dgrpsetu.dll
    2006-10-12 15:42 15,872 –a—— C:\WINDOWS\TASKMAN.EXE
    2006-10-12 15:42 13,312 –a—— C:\WINDOWS\system32\irclass.dll
    2006-10-12 15:42 11,264 –a—— C:\WINDOWS\system32\drivers\irenum.sys
    2006-10-12 15:42 103,936 –a—— C:\WINDOWS\system32\EqnClass.Dll
    2006-10-12 15:09 22,752 –a—— C:\WINDOWS\system32\spupdsvc.exe
    2006-10-12 15:06 11,776 ——— C:\WINDOWS\system32\spnpinst.exe
    2006-10-12 14:56 77,312 –a—— C:\WINDOWS\system32\browser.dll
    2006-10-12 14:56 614,912 –a—— C:\WINDOWS\system32\h323msp.dll
    2006-10-12 14:56 39,936 –a—— C:\WINDOWS\system32\mf3216.dll
    2006-10-12 14:56 332,288 –a—— C:\WINDOWS\system32\ipnathlp.dll
    2006-10-12 14:54 956,416 –a—— C:\WINDOWS\system32\msdtctm.dll
    2006-10-12 14:54 91,136 –a—— C:\WINDOWS\system32\mtxoci.dll
    2006-10-12 14:54 66,560 –a—— C:\WINDOWS\system32\mtxclu.dll
    2006-10-12 14:54 625,152 –a—— C:\WINDOWS\system32\catsrvut.dll
    2006-10-12 14:54 60,416 –a—— C:\WINDOWS\system32\colbact.dll
    2006-10-12 14:54 581,120 –a—— C:\WINDOWS\system32\rpcrt4.dll
    2006-10-12 14:54 540,160 –a—— C:\WINDOWS\system32\comuid.dll
    2006-10-12 14:54 426,496 –a—— C:\WINDOWS\system32\msdtcprx.dll
    2006-10-12 14:54 397,824 –a—— C:\WINDOWS\system32\rpcss.dll
    2006-10-12 14:54 243,200 –a—— C:\WINDOWS\system32\es.dll
    2006-10-12 14:54 225,792 –a—— C:\WINDOWS\system32\catsrv.dll
    2006-10-12 14:54 161,280 –a—— C:\WINDOWS\system32\msdtcuiu.dll
    2006-10-12 14:54 110,080 –a—— C:\WINDOWS\system32\clbcatex.dll
    2006-10-12 14:54 101,376 –a—— C:\WINDOWS\system32\txflog.dll
    2006-10-12 14:54 1,284,608 –a—— C:\WINDOWS\system32\ole32.dll
    2006-10-12 14:54 1,267,200 –a—— C:\WINDOWS\system32\comsvcs.dll
    2006-10-12 14:53 241,152 –a—— C:\WINDOWS\system32\srrstr.dll
    2006-10-12 14:51 26,112 –a—— C:\WINDOWS\system32\xpsp1hfm.exe
    2006-10-12 14:12 8,192 ——— C:\WINDOWS\system32\bitsprx2.dll
    2006-10-12 14:12 7,168 ——— C:\WINDOWS\system32\bitsprx3.dll
    2006-10-12 14:12 351,232 –a—— C:\WINDOWS\system32\winhttp.dll
    2006-10-12 14:12 18,944 –a—— C:\WINDOWS\system32\qmgrprxy.dll
    2006-10-12 14:11 466,200 –a—— C:\WINDOWS\system32\wuapi.dll
    2006-10-12 14:11 41,240 –a—— C:\WINDOWS\system32\wups.dll
    2006-10-12 14:11 194,840 –a—— C:\WINDOWS\system32\wuaueng1.dll
    2006-10-12 14:11 18,200 –a—— C:\WINDOWS\system32\wups2.dll
    2006-10-12 14:11 174,360 –a—— C:\WINDOWS\system32\wuauclt1.exe
    2006-10-12 14:11 128,280 –a—— C:\WINDOWS\system32\wucltui.dll
    2006-10-12 13:52 112,128 –a—— C:\WINDOWS\system32\mapi32.dll
    2006-10-12 13:52 0 -rahs—- C:\MSDOS.SYS
    2006-10-12 13:52 0 -rahs—- C:\IO.SYS
    2006-10-12 13:52 0 –a—— C:\CONFIG.SYS
    2006-10-12 13:52 0 –a—— C:\AUTOEXEC.BAT
    2006-10-12 13:50 45,568 –a—— C:\WINDOWS\system32\safrslv.dll
    2006-10-12 13:50 43,520 –a—— C:\WINDOWS\system32\safrcdlg.dll
    2006-10-12 13:50 43,520 –a—— C:\WINDOWS\system32\racpldlg.dll
    2006-10-12 13:50 382,464 –a—— C:\WINDOWS\system32\qmgr.dll
    2006-10-12 13:50 29,696 –a—— C:\WINDOWS\system32\safrdm.dll
    2006-10-12 13:50 11,264 –a—— C:\WINDOWS\system32\atrace.dll
    2006-10-12 13:49 86,016 –a—— C:\WINDOWS\system32\isign32.dll
    2006-10-12 13:49 81,920 –a—— C:\WINDOWS\system32\ils.dll
    2006-10-12 13:49 73,728 –a—— C:\WINDOWS\system32\icwdial.dll
    2006-10-12 13:49 73,472 –a—— C:\WINDOWS\system32\drivers\sr.sys
    2006-10-12 13:49 69,632 –a—— C:\WINDOWS\system32\msconf.dll
    2006-10-12 13:49 679,424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-10-12 13:49 67,584 –a—— C:\WINDOWS\system32\srclient.dll
    2006-10-12 13:49 67,584 –a—— C:\WINDOWS\system32\acctres.dll
    2006-10-12 13:49 65,536 –a—— C:\WINDOWS\system32\icwphbk.dll
    2006-10-12 13:49 50,176 –a—— C:\WINDOWS\system32\inetres.dll
    2006-10-12 13:49 34,560 –a—— C:\WINDOWS\system32\mnmdd.dll
    2006-10-12 13:49 32,768 –a—— C:\WINDOWS\system32\mnmsrvc.exe
    2006-10-12 13:49 32,768 –a—— C:\WINDOWS\system32\isrdbg32.dll
    2006-10-12 13:49 28,672 –a—— C:\WINDOWS\system32\nmmkcert.dll
    2006-10-12 13:49 278,528 –a—— C:\WINDOWS\system32\mstask.dll
    2006-10-12 13:49 278,528 –a—— C:\WINDOWS\system32\inetcfg.dll
    2006-10-12 13:49 252,928 –a—— C:\WINDOWS\system32\msoeacct.dll
    2006-10-12 13:49 192,000 –a—— C:\WINDOWS\system32\schedsvc.dll
    2006-10-12 13:49 170,496 –a—— C:\WINDOWS\system32\srsvc.dll
    2006-10-12 13:49 16,384 –a—— C:\WINDOWS\system32\icfgnt5.dll
    2006-10-12 13:49 12,288 –a—— C:\WINDOWS\system32\nmevtmsg.dll
    2006-10-12 13:49 12,288 –a—— C:\WINDOWS\system32\mstinit.exe
    2006-10-12 13:49 105,984 –a—— C:\WINDOWS\system32\msoert2.dll
    2006-10-12 13:48 97,792 –a—— C:\WINDOWS\system32\comrepl.dll
    2006-10-12 13:48 94,208 –a—— C:\WINDOWS\system32\tscfgwmi.dll
    2006-10-12 13:48 9,728 –a—— C:\WINDOWS\system32\reset.exe
    2006-10-12 13:48 87,176 –a—— C:\WINDOWS\system32\rdpwsx.dll
    2006-10-12 13:48 85,504 –a—— C:\WINDOWS\system32\catsrvps.dll
    2006-10-12 13:48 80,896 –a—— C:\WINDOWS\system32\charmap.exe
    2006-10-12 13:48 73,216 –a—— C:\WINDOWS\system32\avwav.dll
    2006-10-12 13:48 67,072 –a—— C:\WINDOWS\system32\rdshost.exe
    2006-10-12 13:48 662,528 –a—— C:\WINDOWS\system32\getuname.dll
    2006-10-12 13:48 655,360 –a—— C:\WINDOWS\system32\mstscax.dll
    2006-10-12 13:48 62,464 –a—— C:\WINDOWS\system32\rdpclip.exe
    2006-10-12 13:48 61,440 –a—— C:\WINDOWS\system32\remotepg.dll
    2006-10-12 13:48 6,656 –a—— C:\WINDOWS\system32\wuauserv.dll
    2006-10-12 13:48 6,144 –a—— C:\WINDOWS\system32\msdtc.exe
    2006-10-12 13:48 58,880 –a—— C:\WINDOWS\system32\msdtclog.dll
    2006-10-12 13:48 57,344 –a—— C:\WINDOWS\system32\sol.exe
    2006-10-12 13:48 55,808 –a—— C:\WINDOWS\system32\freecell.exe
    2006-10-12 13:48 54,272 –a—— C:\WINDOWS\system32\stclient.dll
    2006-10-12 13:48 539,136 –a—— C:\WINDOWS\system32\spider.exe
    2006-10-12 13:48 5,632 –a—— C:\WINDOWS\system32\write.exe
    2006-10-12 13:48 5,120 –a—— C:\WINDOWS\system32\dcomcnfg.exe
    2006-10-12 13:48 44,544 –a—— C:\WINDOWS\system32\tscupgrd.exe
    2006-10-12 13:48 44,544 –a—— C:\WINDOWS\system32\hticons.dll
    2006-10-12 13:48 412,160 –a—— C:\WINDOWS\system32\mstsc.exe
    2006-10-12 13:48 4,608 –a—— C:\WINDOWS\system32\rdpcfgex.dll
    2006-10-12 13:48 4,096 –a—— C:\WINDOWS\system32\mtxex.dll
    2006-10-12 13:48 39,424 –a—— C:\WINDOWS\system32\cfgbkend.dll
    2006-10-12 13:48 352,768 –a—— C:\WINDOWS\system32\hypertrm.dll
    2006-10-12 13:48 35,840 –a—— C:\WINDOWS\system32\winchat.exe
    2006-10-12 13:48 345,600 –a—— C:\WINDOWS\system32\mspaint.exe
    2006-10-12 13:48 33,792 –a—— C:\WINDOWS\system32\regini.exe
    2006-10-12 13:48 297,472 –a—— C:\WINDOWS\system32\termsrv.dll
    2006-10-12 13:48 25,600 –a—— C:\WINDOWS\system32\comaddin.dll
    2006-10-12 13:48 25,088 –a—— C:\WINDOWS\system32\mtxlegih.dll
    2006-10-12 13:48 233,472 –a—— C:\WINDOWS\system32\avtapi.dll
    2006-10-12 13:48 23,040 –a—— C:\WINDOWS\system32\qwinsta.exe
    2006-10-12 13:48 22,016 –a—— C:\WINDOWS\system32\msg.exe
    2006-10-12 13:48 21,896 –a—— C:\WINDOWS\system32\drivers\tdtcp.sys
    2006-10-12 13:48 20,480 –a—— C:\WINDOWS\system32\qprocess.exe
    2006-10-12 13:48 20,480 –a—— C:\WINDOWS\system32\mtxdm.dll
    2006-10-12 13:48 19,968 –a—— C:\WINDOWS\system32\rdpsnd.dll
    2006-10-12 13:48 187,392 –a—— C:\WINDOWS\system32\accwiz.exe
    2006-10-12 13:48 17,920 –a—— C:\WINDOWS\system32\tsshutdn.exe
    2006-10-12 13:48 17,408 –a—— C:\WINDOWS\system32\qappsrv.exe
    2006-10-12 13:48 16,384 –a—— C:\WINDOWS\system32\tskill.exe
    2006-10-12 13:48 16,384 –a—— C:\WINDOWS\system32\rwinsta.exe
    2006-10-12 13:48 16,384 –a—— C:\WINDOWS\system32\avmeter.dll
    2006-10-12 13:48 15,872 –a—— C:\WINDOWS\system32\cdmodem.dll
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\tsdiscon.exe
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\tscon.exe
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\shadow.exe
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\logoff.exe
    2006-10-12 13:48 147,968 –a—— C:\WINDOWS\system32\rdchost.dll
    2006-10-12 13:48 147,456 –a—— C:\WINDOWS\system32\comsnap.dll
    2006-10-12 13:48 142,336 –a—— C:\WINDOWS\system32\sessmgr.exe
    2006-10-12 13:48 139,528 –a—— C:\WINDOWS\system32\drivers\rdpwd.sys
    2006-10-12 13:48 139,264 –a—— C:\WINDOWS\system32\sndvol32.exe
    2006-10-12 13:48 132,608 –a—— C:\WINDOWS\system32\sndrec32.exe
    2006-10-12 13:48 13,824 –a—— C:\WINDOWS\system32\rdsaddin.exe
    2006-10-12 13:48 128,000 –a—— C:\WINDOWS\system32\mshearts.exe
    2006-10-12 13:48 125,208 –a—— C:\WINDOWS\system32\wuauclt.exe
    2006-10-12 13:48 124,416 –a—— C:\WINDOWS\system32\mplay32.exe
    2006-10-12 13:48 12,040 –a—— C:\WINDOWS\system32\drivers\tdpipe.sys
    2006-10-12 13:48 119,808 –a—— C:\WINDOWS\system32\winmine.exe
    2006-10-12 13:48 114,688 –a—— C:\WINDOWS\system32\calc.exe
    2006-10-12 13:48 11,776 –a—— C:\WINDOWS\system32\xolehlp.dll
    2006-10-12 13:48 11,264 –a—— C:\WINDOWS\system32\icaapi.dll
    2006-10-12 13:48 104,448 –a—— C:\WINDOWS\system32\clipbrd.exe
    2006-10-12 13:48 1,343,768 –a—— C:\WINDOWS\system32\wuaueng.dll
    2006-10-12 13:48 1,161 –a—— C:\WINDOWS\system32\usrlogon.cmd
    2006-10-12 13:47 58,880 –a—— C:\WINDOWS\system32\licwmi.dll
    2006-10-12 13:47 56,320 –a—— C:\WINDOWS\system32\servdeps.dll
    2006-10-12 13:47 40,840 –a—— C:\WINDOWS\system32\drivers\termdd.sys
    2006-10-12 13:47 196,864 –a—— C:\WINDOWS\system32\drivers\rdpdr.sys
    2006-10-12 13:47 188,928 –a—— C:\WINDOWS\system32\cmprops.dll
    2006-10-12 13:47 17,920 –a—— C:\WINDOWS\system32\mmfutil.dll
    2006-10-09 08:12 1,343,488 –a—— C:\WINDOWS\system32\FreeImage.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-10-14 10:10 ——– d——– C:\Program Files\Java
    2006-10-14 10:08 ——– d——– C:\Program Files\Common Files\Java
    2006-10-14 10:08 ——– d——– C:\Program Files\Common Files
    2006-10-13 22:55 ——– d——– C:\Program Files\Internet Explorer
    2006-10-13 20:10 ——– d—s—- C:\Documents and Settings\Roelof\Application Data\Microsoft
    2006-10-13 14:32 ——– d——– C:\Program Files\WinZip
    2006-10-13 13:40 ——– d——– C:\Program Files\JSAS
    2006-10-13 12:20 ——– d——– C:\Program Files\ESET
    2006-10-12 22:20 ——– d——– C:\Documents and Settings\Roelof\Application Data\Macromedia
    2006-10-12 22:19 ——– d–h—– C:\Program Files\InstallShield Installation Information
    2006-10-12 22:19 ——– d——– C:\Program Files\Macromedia
    2006-10-12 22:19 ——– d——– C:\Program Files\Common Files\Macromedia Shared
    2006-10-12 22:19 ——– d——– C:\Program Files\Common Files\Macromedia
    2006-10-12 20:09 ——– d——– C:\Program Files\xp-AntiSpy
    2006-10-12 17:14 ——– d——– C:\Documents and Settings\Roelof\Application Data\Lavasoft
    2006-10-12 17:13 ——– d——– C:\Program Files\Lavasoft
    2006-10-12 16:59 ——– d——– C:\Program Files\SPAMfighter
    2006-10-12 16:59 ——– d——– C:\Program Files\Common Files\Application
    2006-10-12 16:59 ——– d——– C:\Program Files\Common Files\Ankiro
    2006-10-12 16:33 ——– d——– C:\Program Files\Common Files\Microsoft Shared
    2006-10-12 16:19 ——– d——– C:\Program Files\MSN Messenger
    2006-10-12 16:11 ——– d——– C:\Program Files\Microsoft.NET
    2006-10-12 16:11 ——– d——– C:\Program Files\Microsoft Office
    2006-10-12 16:11 ——– d——– C:\Program Files\Common Files\DESIGNER
    2006-10-12 15:55 ——– d——– C:\Program Files\Realtek
    2006-10-12 15:51 ——– d——– C:\Program Files\Common Files\InstallShield
    2006-10-12 15:51 ——– d——– C:\Program Files\ATI Technologies
    2006-10-12 15:44 ——– d——– C:\Program Files\Jasc Software Inc
    2006-10-12 15:44 ——– d——– C:\Documents and Settings\Roelof\Application Data\Jasc Software Inc
    2006-10-12 15:43 ——– d——– C:\Program Files\Common Files\SWF Studio
    2006-10-12 15:43 ——– d——– C:\Program Files\Common Files\SpeechEngines
    2006-10-12 15:43 ——– d——– C:\Program Files\Common Files\ODBC
    2006-10-12 15:42 62 –ahs—- C:\Documents and Settings\Roelof\Application Data\desktop.ini
    2006-10-12 15:33 ——– d——– C:\Program Files\Messenger
    2006-10-12 15:30 ——– d——– C:\Program Files\Windows Media Player
    2006-10-12 15:30 ——– d——– C:\Program Files\Outlook Express
    2006-10-12 15:30 ——– d——– C:\Program Files\Common Files\System
    2006-10-12 15:13 ——– d——– C:\Program Files\Movie Maker
    2006-10-12 15:11 ——– d——– C:\Program Files\Windows NT
    2006-10-12 15:11 ——– d——– C:\Program Files\NetMeeting
    2006-10-12 14:49 ——– d——– C:\Program Files\WinRAR
    2006-10-12 14:31 ——– d——– C:\Program Files\Bhelpuri
    2006-10-12 14:11 ——– d–h—– C:\Program Files\WindowsUpdate
    2006-10-12 13:59 ——– d–h—– C:\Program Files\Uninstall Information
    2006-10-12 13:59 ——– d——– C:\Documents and Settings\Roelof\Application Data\Identities
    2006-10-12 13:52 ——– d——– C:\Program Files\xerox
    2006-10-12 13:52 ——– d——– C:\Program Files\microsoft frontpage
    2006-10-12 13:51 ——– d——– C:\Program Files\Online Services
    2006-10-12 13:49 ——– d——– C:\Program Files\ComPlus Applications
    2006-10-12 13:49 ——– d——– C:\Program Files\Common Files\Services
    2006-10-12 13:49 ——– d——– C:\Program Files\Common Files\MSSoap
    2006-10-12 13:48 ——– d——– C:\Program Files\MSN Gaming Zone
    2006-10-12 13:48 ——– d——– C:\Program Files\MSN
    2006-09-13 07:07 1084416 –a—— C:\WINDOWS\system32\msxml3.dll
    2006-08-25 17:51 617472 –a—— C:\WINDOWS\system32\comctl32.dll
    2006-08-21 14:28 16896 –a—— C:\WINDOWS\system32\fltlib.dll
    2006-08-21 11:14 23040 –a—— C:\WINDOWS\system32\fltmc.exe
    2006-08-21 11:14 128896 ——— C:\WINDOWS\system32\drivers\fltmgr.sys
    2006-08-16 13:59 100352 –a—— C:\WINDOWS\system32\6to4svc.dll
    2006-08-16 11:37 225664 –a—— C:\WINDOWS\system32\drivers\tcpip6.sys
    2006-08-14 12:34 332928 –a—— C:\WINDOWS\system32\drivers\srv.sys
    2006-08-11 21:45 888832 –a—— C:\WINDOWS\system32\nvmobls.dll
    2006-08-11 21:45 581632 –a—— C:\WINDOWS\system32\nvhwvid.dll
    2006-08-11 21:45 5611520 –a—— C:\WINDOWS\system32\nvdisps.dll
    2006-08-11 21:45 5251072 –a—— C:\WINDOWS\system32\nvdispsr.dll
    2006-08-11 21:45 458752 –a—— C:\WINDOWS\system32\nvmccssr.dll
    2006-08-11 21:45 45056 –a—— C:\WINDOWS\system32\nvmccsrs.dll
    2006-08-11 21:45 3039232 –a—— C:\WINDOWS\system32\nvgames.dll
    2006-08-11 21:45 2953216 –a—— C:\WINDOWS\system32\nvvitvsr.dll
    2006-08-11 21:45 2928640 –a—— C:\WINDOWS\system32\nvgamesr.dll
    2006-08-11 21:45 2904064 –a—— C:\WINDOWS\system32\nvvitvs.dll
    2006-08-11 21:45 2859008 –a—— C:\WINDOWS\system32\nvmoblsr.dll
    2006-08-11 21:45 229376 –a—— C:\WINDOWS\system32\nvmccs.dll
    2006-08-11 21:45 188416 –a—— C:\WINDOWS\system32\nvmccss.dll
    2006-08-11 21:45 1732608 –a—— C:\WINDOWS\system32\nvwssr.dll
    2006-08-11 21:45 1236992 –a—— C:\WINDOWS\system32\nvwss.dll
    2006-08-11 21:44 147456 –a—— C:\WINDOWS\system32\nvcolor.exe
    2006-08-11 21:43 86016 –a—— C:\WINDOWS\system32\nvmctray.dll
    2006-08-11 21:43 81920 –a—— C:\WINDOWS\system32\nvwddi.dll
    2006-08-11 21:43 794624 –a—— C:\WINDOWS\system32\nvcplui.exe
    2006-08-11 21:43 7630848 –a—— C:\WINDOWS\system32\nvcpl.dll
    2006-08-11 21:43 466944 –a—— C:\WINDOWS\system32\nvshell.dll
    2006-08-11 21:43 442368 –a—— C:\WINDOWS\system32\nvappbar.exe
    2006-08-11 21:43 425984 –a—— C:\WINDOWS\system32\keystone.exe
    2006-08-11 21:43 311296 –a—— C:\WINDOWS\system32\nvexpbar.dll
    2006-08-11 21:43 286720 –a—— C:\WINDOWS\system32\nvnt4cpl.dll
    2006-08-11 21:43 196608 –a—— C:\WINDOWS\system32\nvapi.dll
    2006-08-11 21:43 1662976 –a—— C:\WINDOWS\system32\nvwdmcpl.dll
    2006-08-11 21:43 1519616 –a—— C:\WINDOWS\system32\nwiz.exe
    2006-08-11 21:43 1470464 –a—— C:\WINDOWS\system32\nview.dll
    2006-08-11 21:43 1339392 –a—— C:\WINDOWS\system32\nvdspsch.exe
    2006-08-11 21:43 1019904 –a—— C:\WINDOWS\system32\nvwimg.dll
    2006-08-11 21:43 1011712 –a—— C:\WINDOWS\system32\nvcpluir.dll
    2006-08-11 21:42 5636096 –a—— C:\WINDOWS\system32\nvoglnt.dll
    2006-08-11 21:42 4496128 –a—— C:\WINDOWS\system32\nv4_disp.dll
    2006-08-11 21:42 35840 –a—— C:\WINDOWS\system32\nvcodins.dll
    2006-08-11 21:42 35840 –a—— C:\WINDOWS\system32\nvcod.dll
    2006-08-11 21:42 155715 –a—— C:\WINDOWS\system32\nvsvc32.exe
    2006-07-29 19:32 48936 –a—— C:\WINDOWS\system32\sirenacm.dll
    2006-07-21 10:29 72704 –a—— C:\WINDOWS\system32\hlink.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "nwiz"="nwiz.exe /install"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "SPAMfighter Agent"="\"C:\\Program Files\\SPAMfighter\\SFAgent.exe\" update delay 60"
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe"
    "RTHDCPL"="RTHDCPL.EXE"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Mijn huidige introductiepagina"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
    securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


    Completion time: Sat 14-10-2006 10:13:11.45
    C:\ComboFix.txt … 14-10-2006 10:13


    Hijjack log :

    Logfile of HijackThis v1.99.1
    Scan saved at 10:02:54, on 14-10-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Roelof\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160655073452
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160663165156
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
  • afgezien van afwezigheid van de Java die ik aangeboden heb is het logje schoon, hoe is het met de problemen nu?

    Ik zou toch Java nog even instaleren hoor.

    Juisterr
  • Hoi,

    Problemen nog steeds weg en ik heb java geinstalleerd.
    Ik heb deze geinstalleerd : jdk-1_5_0_09-windows-i586-p.exe

    Roelof
  • netjes gedaan, houd het netjes he.
  • Hoi,

    Ik doe mijn best.

    Ik heb nu NOD32 en Ad-Aware Se geinstalleerd.

    Roelof
  • Hoi,

    Probleem, is weer terug. Daarom deze logs :

    Roelof - 06-10-16 9:14:52,37 Service Pack 2
    ComboFix 06.10.08W - Running from: C:\Documents and Settings\Roelof\Bureaublad

    ((((((((((((((((((((((((((((((( Files Created from 2006-09-16 to 2006-10-16 ))))))))))))))))))))))))))))))))))


    2006-10-15 13:34 32,768 –a—— C:\WINDOWS\plugin.dll
    2006-10-12 22:19 974,848 –a—— C:\WINDOWS\system32\mfc70.dll
    2006-10-12 22:19 487,424 –a—— C:\WINDOWS\system32\msvcp70.dll
    2006-10-12 22:19 344,064 –a—— C:\WINDOWS\system32\msvcr70.dll
    2006-10-12 16:12 24,816 –a—— C:\WINDOWS\system32\mdimon.dll
    2006-10-12 16:07 502,368 –a—— C:\WINDOWS\system32\drivers\amon.sys
    2006-10-12 16:07 270,336 –a—— C:\WINDOWS\system32\imon.dll
    2006-10-12 16:01 208,896 –a—— C:\WINDOWS\system32\NVUNINST.EXE
    2006-10-12 16:01 208,896 –a—— C:\WINDOWS\system32\nvudisp.exe
    2006-10-12 15:56 82,944 –a—— C:\WINDOWS\system32\drivers\wdmaud.sys
    2006-10-12 15:56 7,552 –a—— C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2006-10-12 15:56 60,800 –a—— C:\WINDOWS\system32\drivers\sysaudio.sys
    2006-10-12 15:56 60,288 –a—— C:\WINDOWS\system32\drivers\drmk.sys
    2006-10-12 15:56 6,400 –a—— C:\WINDOWS\system32\drivers\splitter.sys
    2006-10-12 15:56 54,272 –a—— C:\WINDOWS\system32\drivers\swmidi.sys
    2006-10-12 15:56 52,864 –a—— C:\WINDOWS\system32\drivers\DMusic.sys
    2006-10-12 15:56 5,376 –a—— C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2006-10-12 15:56 40,960 -r——- C:\WINDOWS\system32\ChCfg.exe
    2006-10-12 15:56 4,992 –a—— C:\WINDOWS\system32\drivers\MSPQM.sys
    2006-10-12 15:56 4,096 –a—— C:\WINDOWS\system32\ksuser.dll
    2006-10-12 15:56 2,944 –a—— C:\WINDOWS\system32\drivers\drmkaud.sys
    2006-10-12 15:56 172,416 –a—— C:\WINDOWS\system32\drivers\kmixer.sys
    2006-10-12 15:56 157,184 -r——- C:\WINDOWS\system32\RtlCPAPI.dll
    2006-10-12 15:56 142,464 –a—— C:\WINDOWS\system32\drivers\aec.sys
    2006-10-12 15:55 9,710,592 -r——- C:\WINDOWS\RTLCPL.exe
    2006-10-12 15:55 86,016 -r——- C:\WINDOWS\SoundMan.exe
    2006-10-12 15:55 69,632 -r——- C:\WINDOWS\Alcmtr.exe
    2006-10-12 15:55 487,424 -r——- C:\WINDOWS\RtlExUpd.dll
    2006-10-12 15:55 356,352 -r——- C:\WINDOWS\RtlUpd.exe
    2006-10-12 15:55 3,966,976 -r——- C:\WINDOWS\system32\drivers\RtkHDAud.Sys
    2006-10-12 15:55 2,807,808 -r——- C:\WINDOWS\alcwzrd.exe
    2006-10-12 15:55 2,142,208 -r——- C:\WINDOWS\MicCal.exe
    2006-10-12 15:55 14,854,144 -r——- C:\WINDOWS\RTHDCPL.exe
    2006-10-12 15:53 70,144 -ra—— C:\WINDOWS\system32\drivers\Rtlnicxp.sys
    2006-10-12 15:50 36,352 -ra—— C:\WINDOWS\system32\drivers\AmdK8.sys
    2006-10-12 15:45 57,856 –a—— C:\WINDOWS\system32\drivers\redbook.sys
    2006-10-12 15:45 3,072 –a—— C:\WINDOWS\system32\drivers\audstub.sys
    2006-10-12 15:44 6,400 –a—— C:\WINDOWS\system32\drivers\enum1394.sys
    2006-10-12 15:44 20,992 –a—— C:\WINDOWS\system32\drivers\rtl8139.sys
    2006-10-12 15:43 76,288 –a—— C:\WINDOWS\system32\usbui.dll
    2006-10-12 15:43 6,144 -ra—— C:\WINDOWS\system32\kbdtuq.dll
    2006-10-12 15:43 6,144 -ra—— C:\WINDOWS\system32\kbdtuf.dll
    2006-10-12 15:43 5,632 -ra—— C:\WINDOWS\system32\kbdazel.dll
    2006-10-12 15:42 86,556 –a—— C:\WINDOWS\system32\dgsetup.dll
    2006-10-12 15:42 8,704 –a—— C:\WINDOWS\system32\batt.dll
    2006-10-12 15:42 8,192 -ra—— C:\WINDOWS\system32\kbdhept.dll
    2006-10-12 15:42 76,288 –a—— C:\WINDOWS\system32\storprop.dll
    2006-10-12 15:42 70,144 –a—— C:\WINDOWS\notepad.exe
    2006-10-12 15:42 7,168 -ra—— C:\WINDOWS\system32\kbdcz.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdycl.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdsl1.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdsl.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdpl.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdhu.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdhela3.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdcz2.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdcz1.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\kbdcr.dll
    2006-10-12 15:42 6,656 -ra—— C:\WINDOWS\system32\KBDAL.DLL
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdlv1.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdlv.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdhela2.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdgkl.dll
    2006-10-12 15:42 6,144 -ra—— C:\WINDOWS\system32\kbdest.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdycc.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbduzb.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdur.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdtat.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdru1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdru.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdro.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdpl1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdmon.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdlt1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdlt.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdkyr.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdkaz.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhu1.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhe319.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhe220.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdhe.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdbu.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdblr.dll
    2006-10-12 15:42 5,632 -ra—— C:\WINDOWS\system32\kbdaze.dll
    2006-10-12 15:42 24,661 –a—— C:\WINDOWS\system32\spxcoins.dll
    2006-10-12 15:42 176,157 –a—— C:\WINDOWS\system32\dgrpsetu.dll
    2006-10-12 15:42 15,872 –a—— C:\WINDOWS\TASKMAN.EXE
    2006-10-12 15:42 13,312 –a—— C:\WINDOWS\system32\irclass.dll
    2006-10-12 15:42 11,264 –a—— C:\WINDOWS\system32\drivers\irenum.sys
    2006-10-12 15:42 103,936 –a—— C:\WINDOWS\system32\EqnClass.Dll
    2006-10-12 15:09 22,752 –a—— C:\WINDOWS\system32\spupdsvc.exe
    2006-10-12 15:06 11,776 ——— C:\WINDOWS\system32\spnpinst.exe
    2006-10-12 14:56 77,312 –a—— C:\WINDOWS\system32\browser.dll
    2006-10-12 14:56 614,912 –a—— C:\WINDOWS\system32\h323msp.dll
    2006-10-12 14:56 39,936 –a—— C:\WINDOWS\system32\mf3216.dll
    2006-10-12 14:56 332,288 –a—— C:\WINDOWS\system32\ipnathlp.dll
    2006-10-12 14:54 956,416 –a—— C:\WINDOWS\system32\msdtctm.dll
    2006-10-12 14:54 91,136 –a—— C:\WINDOWS\system32\mtxoci.dll
    2006-10-12 14:54 66,560 –a—— C:\WINDOWS\system32\mtxclu.dll
    2006-10-12 14:54 625,152 –a—— C:\WINDOWS\system32\catsrvut.dll
    2006-10-12 14:54 60,416 –a—— C:\WINDOWS\system32\colbact.dll
    2006-10-12 14:54 581,120 –a—— C:\WINDOWS\system32\rpcrt4.dll
    2006-10-12 14:54 540,160 –a—— C:\WINDOWS\system32\comuid.dll
    2006-10-12 14:54 426,496 –a—— C:\WINDOWS\system32\msdtcprx.dll
    2006-10-12 14:54 397,824 –a—— C:\WINDOWS\system32\rpcss.dll
    2006-10-12 14:54 243,200 –a—— C:\WINDOWS\system32\es.dll
    2006-10-12 14:54 225,792 –a—— C:\WINDOWS\system32\catsrv.dll
    2006-10-12 14:54 161,280 –a—— C:\WINDOWS\system32\msdtcuiu.dll
    2006-10-12 14:54 110,080 –a—— C:\WINDOWS\system32\clbcatex.dll
    2006-10-12 14:54 101,376 –a—— C:\WINDOWS\system32\txflog.dll
    2006-10-12 14:54 1,284,608 –a—— C:\WINDOWS\system32\ole32.dll
    2006-10-12 14:54 1,267,200 –a—— C:\WINDOWS\system32\comsvcs.dll
    2006-10-12 14:53 241,152 –a—— C:\WINDOWS\system32\srrstr.dll
    2006-10-12 14:51 26,112 –a—— C:\WINDOWS\system32\xpsp1hfm.exe
    2006-10-12 14:12 8,192 ——— C:\WINDOWS\system32\bitsprx2.dll
    2006-10-12 14:12 7,168 ——— C:\WINDOWS\system32\bitsprx3.dll
    2006-10-12 14:12 351,232 –a—— C:\WINDOWS\system32\winhttp.dll
    2006-10-12 14:12 18,944 –a—— C:\WINDOWS\system32\qmgrprxy.dll
    2006-10-12 14:11 466,200 –a—— C:\WINDOWS\system32\wuapi.dll
    2006-10-12 14:11 41,240 –a—— C:\WINDOWS\system32\wups.dll
    2006-10-12 14:11 194,840 –a—— C:\WINDOWS\system32\wuaueng1.dll
    2006-10-12 14:11 18,200 –a—— C:\WINDOWS\system32\wups2.dll
    2006-10-12 14:11 174,360 –a—— C:\WINDOWS\system32\wuauclt1.exe
    2006-10-12 14:11 128,280 –a—— C:\WINDOWS\system32\wucltui.dll
    2006-10-12 13:52 112,128 –a—— C:\WINDOWS\system32\mapi32.dll
    2006-10-12 13:52 0 -rahs—- C:\MSDOS.SYS
    2006-10-12 13:52 0 -rahs—- C:\IO.SYS
    2006-10-12 13:52 0 –a—— C:\CONFIG.SYS
    2006-10-12 13:52 0 –a—— C:\AUTOEXEC.BAT
    2006-10-12 13:50 45,568 –a—— C:\WINDOWS\system32\safrslv.dll
    2006-10-12 13:50 43,520 –a—— C:\WINDOWS\system32\safrcdlg.dll
    2006-10-12 13:50 43,520 –a—— C:\WINDOWS\system32\racpldlg.dll
    2006-10-12 13:50 382,464 –a—— C:\WINDOWS\system32\qmgr.dll
    2006-10-12 13:50 29,696 –a—— C:\WINDOWS\system32\safrdm.dll
    2006-10-12 13:50 11,264 –a—— C:\WINDOWS\system32\atrace.dll
    2006-10-12 13:49 86,016 –a—— C:\WINDOWS\system32\isign32.dll
    2006-10-12 13:49 81,920 –a—— C:\WINDOWS\system32\ils.dll
    2006-10-12 13:49 73,728 –a—— C:\WINDOWS\system32\icwdial.dll
    2006-10-12 13:49 73,472 –a—— C:\WINDOWS\system32\drivers\sr.sys
    2006-10-12 13:49 69,632 –a—— C:\WINDOWS\system32\msconf.dll
    2006-10-12 13:49 679,424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-10-12 13:49 67,584 –a—— C:\WINDOWS\system32\srclient.dll
    2006-10-12 13:49 67,584 –a—— C:\WINDOWS\system32\acctres.dll
    2006-10-12 13:49 65,536 –a—— C:\WINDOWS\system32\icwphbk.dll
    2006-10-12 13:49 50,176 –a—— C:\WINDOWS\system32\inetres.dll
    2006-10-12 13:49 34,560 –a—— C:\WINDOWS\system32\mnmdd.dll
    2006-10-12 13:49 32,768 –a—— C:\WINDOWS\system32\mnmsrvc.exe
    2006-10-12 13:49 32,768 –a—— C:\WINDOWS\system32\isrdbg32.dll
    2006-10-12 13:49 28,672 –a—— C:\WINDOWS\system32\nmmkcert.dll
    2006-10-12 13:49 278,528 –a—— C:\WINDOWS\system32\mstask.dll
    2006-10-12 13:49 278,528 –a—— C:\WINDOWS\system32\inetcfg.dll
    2006-10-12 13:49 252,928 –a—— C:\WINDOWS\system32\msoeacct.dll
    2006-10-12 13:49 192,000 –a—— C:\WINDOWS\system32\schedsvc.dll
    2006-10-12 13:49 170,496 –a—— C:\WINDOWS\system32\srsvc.dll
    2006-10-12 13:49 16,384 –a—— C:\WINDOWS\system32\icfgnt5.dll
    2006-10-12 13:49 12,288 –a—— C:\WINDOWS\system32\nmevtmsg.dll
    2006-10-12 13:49 12,288 –a—— C:\WINDOWS\system32\mstinit.exe
    2006-10-12 13:49 105,984 –a—— C:\WINDOWS\system32\msoert2.dll
    2006-10-12 13:48 97,792 –a—— C:\WINDOWS\system32\comrepl.dll
    2006-10-12 13:48 94,208 –a—— C:\WINDOWS\system32\tscfgwmi.dll
    2006-10-12 13:48 9,728 –a—— C:\WINDOWS\system32\reset.exe
    2006-10-12 13:48 87,176 –a—— C:\WINDOWS\system32\rdpwsx.dll
    2006-10-12 13:48 85,504 –a—— C:\WINDOWS\system32\catsrvps.dll
    2006-10-12 13:48 80,896 –a—— C:\WINDOWS\system32\charmap.exe
    2006-10-12 13:48 73,216 –a—— C:\WINDOWS\system32\avwav.dll
    2006-10-12 13:48 67,072 –a—— C:\WINDOWS\system32\rdshost.exe
    2006-10-12 13:48 662,528 –a—— C:\WINDOWS\system32\getuname.dll
    2006-10-12 13:48 655,360 –a—— C:\WINDOWS\system32\mstscax.dll
    2006-10-12 13:48 62,464 –a—— C:\WINDOWS\system32\rdpclip.exe
    2006-10-12 13:48 61,440 –a—— C:\WINDOWS\system32\remotepg.dll
    2006-10-12 13:48 6,656 –a—— C:\WINDOWS\system32\wuauserv.dll
    2006-10-12 13:48 6,144 –a—— C:\WINDOWS\system32\msdtc.exe
    2006-10-12 13:48 58,880 –a—— C:\WINDOWS\system32\msdtclog.dll
    2006-10-12 13:48 57,344 –a—— C:\WINDOWS\system32\sol.exe
    2006-10-12 13:48 55,808 –a—— C:\WINDOWS\system32\freecell.exe
    2006-10-12 13:48 54,272 –a—— C:\WINDOWS\system32\stclient.dll
    2006-10-12 13:48 539,136 –a—— C:\WINDOWS\system32\spider.exe
    2006-10-12 13:48 5,632 –a—— C:\WINDOWS\system32\write.exe
    2006-10-12 13:48 5,120 –a—— C:\WINDOWS\system32\dcomcnfg.exe
    2006-10-12 13:48 44,544 –a—— C:\WINDOWS\system32\tscupgrd.exe
    2006-10-12 13:48 44,544 –a—— C:\WINDOWS\system32\hticons.dll
    2006-10-12 13:48 412,160 –a—— C:\WINDOWS\system32\mstsc.exe
    2006-10-12 13:48 4,608 –a—— C:\WINDOWS\system32\rdpcfgex.dll
    2006-10-12 13:48 4,096 –a—— C:\WINDOWS\system32\mtxex.dll
    2006-10-12 13:48 39,424 –a—— C:\WINDOWS\system32\cfgbkend.dll
    2006-10-12 13:48 352,768 –a—— C:\WINDOWS\system32\hypertrm.dll
    2006-10-12 13:48 35,840 –a—— C:\WINDOWS\system32\winchat.exe
    2006-10-12 13:48 345,600 –a—— C:\WINDOWS\system32\mspaint.exe
    2006-10-12 13:48 33,792 –a—— C:\WINDOWS\system32\regini.exe
    2006-10-12 13:48 297,472 –a—— C:\WINDOWS\system32\termsrv.dll
    2006-10-12 13:48 25,600 –a—— C:\WINDOWS\system32\comaddin.dll
    2006-10-12 13:48 25,088 –a—— C:\WINDOWS\system32\mtxlegih.dll
    2006-10-12 13:48 233,472 –a—— C:\WINDOWS\system32\avtapi.dll
    2006-10-12 13:48 23,040 –a—— C:\WINDOWS\system32\qwinsta.exe
    2006-10-12 13:48 22,016 –a—— C:\WINDOWS\system32\msg.exe
    2006-10-12 13:48 21,896 –a—— C:\WINDOWS\system32\drivers\tdtcp.sys
    2006-10-12 13:48 20,480 –a—— C:\WINDOWS\system32\qprocess.exe
    2006-10-12 13:48 20,480 –a—— C:\WINDOWS\system32\mtxdm.dll
    2006-10-12 13:48 19,968 –a—— C:\WINDOWS\system32\rdpsnd.dll
    2006-10-12 13:48 187,392 –a—— C:\WINDOWS\system32\accwiz.exe
    2006-10-12 13:48 17,920 –a—— C:\WINDOWS\system32\tsshutdn.exe
    2006-10-12 13:48 17,408 –a—— C:\WINDOWS\system32\qappsrv.exe
    2006-10-12 13:48 16,384 –a—— C:\WINDOWS\system32\tskill.exe
    2006-10-12 13:48 16,384 –a—— C:\WINDOWS\system32\rwinsta.exe
    2006-10-12 13:48 16,384 –a—— C:\WINDOWS\system32\avmeter.dll
    2006-10-12 13:48 15,872 –a—— C:\WINDOWS\system32\cdmodem.dll
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\tsdiscon.exe
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\tscon.exe
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\shadow.exe
    2006-10-12 13:48 15,360 –a—— C:\WINDOWS\system32\logoff.exe
    2006-10-12 13:48 147,968 –a—— C:\WINDOWS\system32\rdchost.dll
    2006-10-12 13:48 147,456 –a—— C:\WINDOWS\system32\comsnap.dll
    2006-10-12 13:48 142,336 –a—— C:\WINDOWS\system32\sessmgr.exe
    2006-10-12 13:48 139,528 –a—— C:\WINDOWS\system32\drivers\rdpwd.sys
    2006-10-12 13:48 139,264 –a—— C:\WINDOWS\system32\sndvol32.exe
    2006-10-12 13:48 132,608 –a—— C:\WINDOWS\system32\sndrec32.exe
    2006-10-12 13:48 13,824 –a—— C:\WINDOWS\system32\rdsaddin.exe
    2006-10-12 13:48 128,000 –a—— C:\WINDOWS\system32\mshearts.exe
    2006-10-12 13:48 125,208 –a—— C:\WINDOWS\system32\wuauclt.exe
    2006-10-12 13:48 124,416 –a—— C:\WINDOWS\system32\mplay32.exe
    2006-10-12 13:48 12,040 –a—— C:\WINDOWS\system32\drivers\tdpipe.sys
    2006-10-12 13:48 119,808 –a—— C:\WINDOWS\system32\winmine.exe
    2006-10-12 13:48 114,688 –a—— C:\WINDOWS\system32\calc.exe
    2006-10-12 13:48 11,776 –a—— C:\WINDOWS\system32\xolehlp.dll
    2006-10-12 13:48 11,264 –a—— C:\WINDOWS\system32\icaapi.dll
    2006-10-12 13:48 104,448 –a—— C:\WINDOWS\system32\clipbrd.exe
    2006-10-12 13:48 1,343,768 –a—— C:\WINDOWS\system32\wuaueng.dll
    2006-10-12 13:48 1,161 –a—— C:\WINDOWS\system32\usrlogon.cmd
    2006-10-12 13:47 58,880 –a—— C:\WINDOWS\system32\licwmi.dll
    2006-10-12 13:47 56,320 –a—— C:\WINDOWS\system32\servdeps.dll
    2006-10-12 13:47 40,840 –a—— C:\WINDOWS\system32\drivers\termdd.sys
    2006-10-12 13:47 196,864 –a—— C:\WINDOWS\system32\drivers\rdpdr.sys
    2006-10-12 13:47 188,928 –a—— C:\WINDOWS\system32\cmprops.dll
    2006-10-12 13:47 17,920 –a—— C:\WINDOWS\system32\mmfutil.dll
    2006-10-09 08:12 1,343,488 –a—— C:\WINDOWS\system32\FreeImage.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-10-15 19:39 ——– d——– C:\Program Files\JSAS
    2006-10-15 18:11 ——– d——– C:\Program Files\FileZilla
    2006-10-14 11:05 ——– d——– C:\Program Files\SPAMfighter
    2006-10-14 10:10 ——– d——– C:\Program Files\Java
    2006-10-14 10:08 ——– d——– C:\Program Files\Common Files\Java
    2006-10-14 10:08 ——– d——– C:\Program Files\Common Files
    2006-10-13 22:55 ——– d——– C:\Program Files\Internet Explorer
    2006-10-13 20:10 ——– d—s—- C:\Documents and Settings\Roelof\Application Data\Microsoft
    2006-10-13 14:32 ——– d——– C:\Program Files\WinZip
    2006-10-13 12:20 ——– d——– C:\Program Files\ESET
    2006-10-12 22:20 ——– d——– C:\Documents and Settings\Roelof\Application Data\Macromedia
    2006-10-12 22:19 ——– d–h—– C:\Program Files\InstallShield Installation Information
    2006-10-12 22:19 ——– d——– C:\Program Files\Macromedia
    2006-10-12 22:19 ——– d——– C:\Program Files\Common Files\Macromedia Shared
    2006-10-12 22:19 ——– d——– C:\Program Files\Common Files\Macromedia
    2006-10-12 20:09 ——– d——– C:\Program Files\xp-AntiSpy
    2006-10-12 17:14 ——– d——– C:\Documents and Settings\Roelof\Application Data\Lavasoft
    2006-10-12 17:13 ——– d——– C:\Program Files\Lavasoft
    2006-10-12 16:59 ——– d——– C:\Program Files\Common Files\Application
    2006-10-12 16:59 ——– d——– C:\Program Files\Common Files\Ankiro
    2006-10-12 16:33 ——– d——– C:\Program Files\Common Files\Microsoft Shared
    2006-10-12 16:19 ——– d——– C:\Program Files\MSN Messenger
    2006-10-12 16:11 ——– d——– C:\Program Files\Microsoft.NET
    2006-10-12 16:11 ——– d——– C:\Program Files\Microsoft Office
    2006-10-12 16:11 ——– d——– C:\Program Files\Common Files\DESIGNER
    2006-10-12 15:55 ——– d——– C:\Program Files\Realtek
    2006-10-12 15:51 ——– d——– C:\Program Files\Common Files\InstallShield
    2006-10-12 15:51 ——– d——– C:\Program Files\ATI Technologies
    2006-10-12 15:44 ——– d——– C:\Program Files\Jasc Software Inc
    2006-10-12 15:44 ——– d——– C:\Documents and Settings\Roelof\Application Data\Jasc Software Inc
    2006-10-12 15:43 ——– d——– C:\Program Files\Common Files\SWF Studio
    2006-10-12 15:43 ——– d——– C:\Program Files\Common Files\SpeechEngines
    2006-10-12 15:43 ——– d——– C:\Program Files\Common Files\ODBC
    2006-10-12 15:42 62 –ahs—- C:\Documents and Settings\Roelof\Application Data\desktop.ini
    2006-10-12 15:33 ——– d——– C:\Program Files\Messenger
    2006-10-12 15:30 ——– d——– C:\Program Files\Windows Media Player
    2006-10-12 15:30 ——– d——– C:\Program Files\Outlook Express
    2006-10-12 15:30 ——– d——– C:\Program Files\Common Files\System
    2006-10-12 15:13 ——– d——– C:\Program Files\Movie Maker
    2006-10-12 15:11 ——– d——– C:\Program Files\Windows NT
    2006-10-12 15:11 ——– d——– C:\Program Files\NetMeeting
    2006-10-12 14:49 ——– d——– C:\Program Files\WinRAR
    2006-10-12 14:31 ——– d——– C:\Program Files\Bhelpuri
    2006-10-12 14:11 ——– d–h—– C:\Program Files\WindowsUpdate
    2006-10-12 13:59 ——– d–h—– C:\Program Files\Uninstall Information
    2006-10-12 13:59 ——– d——– C:\Documents and Settings\Roelof\Application Data\Identities
    2006-10-12 13:52 ——– d——– C:\Program Files\xerox
    2006-10-12 13:52 ——– d——– C:\Program Files\microsoft frontpage
    2006-10-12 13:51 ——– d——– C:\Program Files\Online Services
    2006-10-12 13:49 ——– d——– C:\Program Files\ComPlus Applications
    2006-10-12 13:49 ——– d——– C:\Program Files\Common Files\Services
    2006-10-12 13:49 ——– d——– C:\Program Files\Common Files\MSSoap
    2006-10-12 13:48 ——– d——– C:\Program Files\MSN Gaming Zone
    2006-10-12 13:48 ——– d——– C:\Program Files\MSN
    2006-09-13 07:07 1084416 –a—— C:\WINDOWS\system32\msxml3.dll
    2006-08-25 17:51 617472 –a—— C:\WINDOWS\system32\comctl32.dll
    2006-08-21 14:28 16896 –a—— C:\WINDOWS\system32\fltlib.dll
    2006-08-21 11:14 23040 –a—— C:\WINDOWS\system32\fltmc.exe
    2006-08-21 11:14 128896 ——— C:\WINDOWS\system32\drivers\fltmgr.sys
    2006-08-16 13:59 100352 –a—— C:\WINDOWS\system32\6to4svc.dll
    2006-08-16 11:37 225664 –a—— C:\WINDOWS\system32\drivers\tcpip6.sys
    2006-08-11 21:45 888832 –a—— C:\WINDOWS\system32\nvmobls.dll
    2006-08-11 21:45 581632 –a—— C:\WINDOWS\system32\nvhwvid.dll
    2006-08-11 21:45 5611520 –a—— C:\WINDOWS\system32\nvdisps.dll
    2006-08-11 21:45 5251072 –a—— C:\WINDOWS\system32\nvdispsr.dll
    2006-08-11 21:45 458752 –a—— C:\WINDOWS\system32\nvmccssr.dll
    2006-08-11 21:45 45056 –a—— C:\WINDOWS\system32\nvmccsrs.dll
    2006-08-11 21:45 3039232 –a—— C:\WINDOWS\system32\nvgames.dll
    2006-08-11 21:45 2953216 –a—— C:\WINDOWS\system32\nvvitvsr.dll
    2006-08-11 21:45 2928640 –a—— C:\WINDOWS\system32\nvgamesr.dll
    2006-08-11 21:45 2904064 –a—— C:\WINDOWS\system32\nvvitvs.dll
    2006-08-11 21:45 2859008 –a—— C:\WINDOWS\system32\nvmoblsr.dll
    2006-08-11 21:45 229376 –a—— C:\WINDOWS\system32\nvmccs.dll
    2006-08-11 21:45 188416 –a—— C:\WINDOWS\system32\nvmccss.dll
    2006-08-11 21:45 1732608 –a—— C:\WINDOWS\system32\nvwssr.dll
    2006-08-11 21:45 1236992 –a—— C:\WINDOWS\system32\nvwss.dll
    2006-08-11 21:44 147456 –a—— C:\WINDOWS\system32\nvcolor.exe
    2006-08-11 21:43 86016 –a—— C:\WINDOWS\system32\nvmctray.dll
    2006-08-11 21:43 81920 –a—— C:\WINDOWS\system32\nvwddi.dll
    2006-08-11 21:43 794624 –a—— C:\WINDOWS\system32\nvcplui.exe
    2006-08-11 21:43 7630848 –a—— C:\WINDOWS\system32\nvcpl.dll
    2006-08-11 21:43 466944 –a—— C:\WINDOWS\system32\nvshell.dll
    2006-08-11 21:43 442368 –a—— C:\WINDOWS\system32\nvappbar.exe
    2006-08-11 21:43 425984 –a—— C:\WINDOWS\system32\keystone.exe
    2006-08-11 21:43 311296 –a—— C:\WINDOWS\system32\nvexpbar.dll
    2006-08-11 21:43 286720 –a—— C:\WINDOWS\system32\nvnt4cpl.dll
    2006-08-11 21:43 196608 –a—— C:\WINDOWS\system32\nvapi.dll
    2006-08-11 21:43 1662976 –a—— C:\WINDOWS\system32\nvwdmcpl.dll
    2006-08-11 21:43 1519616 –a—— C:\WINDOWS\system32\nwiz.exe
    2006-08-11 21:43 1470464 –a—— C:\WINDOWS\system32\nview.dll
    2006-08-11 21:43 1339392 –a—— C:\WINDOWS\system32\nvdspsch.exe
    2006-08-11 21:43 1019904 –a—— C:\WINDOWS\system32\nvwimg.dll
    2006-08-11 21:43 1011712 –a—— C:\WINDOWS\system32\nvcpluir.dll
    2006-08-11 21:42 5636096 –a—— C:\WINDOWS\system32\nvoglnt.dll
    2006-08-11 21:42 4496128 –a—— C:\WINDOWS\system32\nv4_disp.dll
    2006-08-11 21:42 35840 –a—— C:\WINDOWS\system32\nvcodins.dll
    2006-08-11 21:42 35840 –a—— C:\WINDOWS\system32\nvcod.dll
    2006-08-11 21:42 155715 –a—— C:\WINDOWS\system32\nvsvc32.exe
    2006-07-29 19:32 48936 –a—— C:\WINDOWS\system32\sirenacm.dll
    2006-07-21 10:29 72704 –a—— C:\WINDOWS\system32\hlink.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "nwiz"="nwiz.exe /install"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "SPAMfighter Agent"="\"C:\\Program Files\\SPAMfighter\\SFAgent.exe\" update delay 60"
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe"
    "RTHDCPL"="RTHDCPL.EXE"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Mijn huidige introductiepagina"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
    securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


    Completion time: Mon 16-10-2006 9:15:24.34
    C:\ComboFix.txt … 16-10-2006 09:15
    C:\ComboFix2.txt … 14-10-2006 10:13

    Logfile of HijackThis v1.99.1
    Scan saved at 9:19:46, on 16-10-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Roelof\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160655073452
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160663165156
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
  • Download [b:f45015f210] naar je Bureaublad:[list:f45015f210][*:f45015f210]Dubbelklik [b:f45015f210]drweb-cureit.exe[/b:f45015f210] Klik op udate
    [*:f45015f210]Na de update verschijnt er een nieuw icoontje op je buroblad "CureIt.exe" dubbelklik het en klik op Scan, sta het toe om de express scan te starten.
    [*:f45015f210]Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt,
    klik de [b:f45015f210]Yes to all[/b:f45015f210] knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
    [*:f45015f210]Eenmaal de korte scan is beeïndigd, kan je de drives selecteren die je wilt laten scannen.
    [*:f45015f210]Selecteer hier [b:f45015f210]alle drives[/b:f45015f210]. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    [*:f45015f210]Klik daarna de [b:f45015f210]groene pijl[/b:f45015f210] rechts om de scan te starten.
    [*:f45015f210]Klik [b:f45015f210]Yes to all[/b:f45015f210] wanneer er gevraagd wordt om cure of move uit te voeren.
    [*:f45015f210]Wanneer de scan beëindigd is, kijk of je kunt op het icoontje naast de gevonden bestanden klikken: [img:f45015f210]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:f45015f210]
    [*:f45015f210]Indien ja,klik er op en klik vervolgens op het icoontje er juist onder en selecteer [b:f45015f210]Move incurable[/b:f45015f210] zoals je hier ziet:
    [img:f45015f210]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:f45015f210]
    Dit verplaatst gevonden bestanden naar de "%userprofile%\DoctorWeb\quarantaine-map" indien herstel niet mogelijk is.
    [*:f45015f210]Nadat de scan gedaan is, in het menu bovenaan, klik [b:f45015f210]File[/b:f45015f210] en kies [b:f45015f210]Save report List[/b:f45015f210]. Bewaar het op je Bureaublad.
    [*:f45015f210]Sluit daarna Dr.Web Cureit.
    [*:f45015f210][b:f45015f210]Herstart[/b:f45015f210] je computer!! [i:f45015f210]Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart[/i:f45015f210].
    [*:f45015f210]Na het herstarten, [b:f45015f210]kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post[/b:f45015f210].
    [/list:u:f45015f210]

    Negeer popups over Buy of 50% korting
  • Lijstje van Dr. Cureit,

    A0005085.exe C:\System Volume Information\_restore{99B2495A-3622-40DB-A97D-2CF5408993C1}\RP39 Program.PrcView.3725 Moved.
    lib2020.dll D:\2020\2020 Probably BACKDOOR.Trojan Moved.


    Groetjes,

    Roelof

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.