Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

safe-site.com + set-upadvies gevraagd

Anoniem
None
68 antwoorden
  • help ik heb iets van een virus… :cry:

    Het gebeurt regelmatig dat ik automatisch wordt doorverwezen naar een andere site dan dat ik wil.
    Als ik dan heel goed op let dan zie ik heel even de link [www.safesite.com] voorbij komen en daarna ga ik naar een willekeurige andere site toe…
    Ik heb ondertussen al diverse scanners geprobeerd maar niets lijkt te helpen…

    Wie weet hoe ik dit probleem op kan lossen

    PS ik ben geen computer expert…[i:f564ef562e] :wink: [/i:f564ef562e]
    windows XP
  • Lijkt me dat er iets van spyware op je pc staat. In de FAQ kan je o.a. lezen hoe je een hijackthis-log maakt. Als je dit log hier post, kan een van de experts je er vast wel mee helpen.
  • :o het log-je staat er ff na 13.00 uur op!
  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:45:31, on 22-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Parental Control\ParentalControl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\program files\advanced system optimizer\memtuneup.exe
    C:\Program Files\D-Link AirPlus\AirPlus.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A051B1FF-8D7E-418B-AABE-4FF82F4280A2} - (no file)
    O2 - BHO: (no name) - {C6A043BF-A08F-4979-9080-E3B3DEF462D0} - (no file)
    O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ParentalControl] C:\Program Files\Parental Control\ParentalControl.exe /SERVICE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer\memtuneup.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: D-Link AirPlus.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193593939655
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O20 - Winlogon Notify: iifecda - iifecda.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)


    End of file - 5714 bytes
  • Download MBAM (Malwarebytes' Anti-Malware) via [b:2f842ca916] of [b:2f842ca916].
    [list:2f842ca916]Dubbelklik op [b:2f842ca916]mbam-setup.exe[/b:2f842ca916] om het programma te installeren.[list:2f842ca916]
    [*:2f842ca916]Zorg ervoor dat er een vinkje geplaatst is voor [b:2f842ca916]Update Malwarebytes' Anti-Malware[/b:2f842ca916] en [b:2f842ca916]Start Malwarebytes' Anti-Malware[/b:2f842ca916], Klik daarna op "Voltooien".
    [*:2f842ca916]Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
    [*:2f842ca916]Wanneer het programma volledig up to date is, selecteer dan in het tabblad [b:2f842ca916]Scanner[/b:2f842ca916] : "[b:2f842ca916]Snelle Scan[/b:2f842ca916]", daarna klik op [b:2f842ca916]Scan[/b:2f842ca916].
    [*:2f842ca916]Het scannen kan een tijdje duren, dus wees geduldig.
    [*:2f842ca916]Wanneer de scan voltooid is, klik op [b:2f842ca916]OK[/b:2f842ca916], daarna "Bekijk Resultaten" om de resultaten te zien.
    [*:2f842ca916]Zorg ervoor dat daar [b:2f842ca916]alles aangevinkt is[/b:2f842ca916], daarna klik op: [b:2f842ca916]Verwijder geselecteerde[/b:2f842ca916].
    [*:2f842ca916]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
    [*:2f842ca916]De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
    [*:2f842ca916]Kopieer en plak de inhoud van het logje in je volgend antwoord, samen met een nieuw HijackThis log.
    [/list:u:2f842ca916]
    [b:2f842ca916]Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
    Daarna zal het vragen om de Computer opnieuw op te starten… dus sta toe dat MBAM de computer opnieuw opstart.[/b:2f842ca916][/list:u:2f842ca916]
  • Beste Pim,

    de scanner loopt… zal tussen de middag eens zien wat ie heeft gevonden, had er al 2 gevonden voordat ik de deur uit ging.

    een ander probleem is overigens dat er niet te surfen is op internet… laat (langzaam) de eerst pagina's zien maar dan houdt het toch op. in de veilige modus werk e.e.a. wel snel en goed, kan dat hier ook aan liggen of moet ik daar nog verder voor gaan zoeken?

    In heb ik de tussentijd nog een andere vraag…. wat is een goede setup
    om al dit soort problemen in de toekomst te voorkomen.

    [b:f810ebaec1]Algemeen:[/b:f810ebaec1]
    gebruikers: 2 volwassenen en 2 tieners
    wens: een vlot en betrouwbaar systeem met een gebruikers account per persoon

    [b:f810ebaec1]Voorstel:[/b:f810ebaec1]
    beveiliging: NOD32 + firewall van Windows
    brouwser: firefox
    overig: crawler parental control, Systweak Memory Optimizer

    [b:f810ebaec1]Systeem info:[/b:f810ebaec1]
    System Information by Systweak
    **************************************************

    [b:f810ebaec1]*** General Information ***[/b:f810ebaec1]

    Computer Type: Intel Corporation Pentium 4 1860 MHz.
    BIOS: AT/AT COMPATIBLE Date: 09/14/01
    Memory: Total physical: 255 MB. Used: 87%
    Monitor: Plug en Play-monitor
    Adapter: NVIDIA RIVA TNT2 Model 64/Model 64 Pro (Microsoft …
    Mouse: PS/2-compatibele muis
    Keyboard: Standaardtoetsenbord (101/102 toetsen) of Microsof…
    Drives: 10 GB total free 37 GB total size in 1 drive

    Windows name and version: Uniprocessor Free (5.1.2600)
    **
    **
    IE version: 6.0.2900.2180
    DirectX Version: Unknow or Newer then DirectX 9.0c (4.09.00.0904)

    [b:f810ebaec1]*** Windows Information ***[/b:f810ebaec1]

    Windows Name and Version: Uniprocessor Free (5.1.2600)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Default Email: C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE"
    Product ID: **
    Software Count: 147 installed software.

    Language (ID): Original/English: Nederlands (Nederland) / Dutch (…
    Country (ID): Nederland NLD (31)
    TimeZone: West-Europa (standaardtijd)
    DVD-Zone: Not specified

    [b:f810ebaec1]*** Display Information ***[/b:f810ebaec1]

    Display: Plug en Play-monitor
    Max Resolution: 1024 x 768 - 32 bit
    Current Resolution: 1024 x 768 - 32 bit
    Adapter: NVIDIA RIVA TNT2 Model 64/Model 64 Pro (Microsoft …

    Driver Version: 64.0
    Technology: Raster Display
    Color Bits: 32
    Fonts Resolution: 96 dpi
    Pixel width/height/diagonal: 36/36/51

    [b:f810ebaec1]*** System Devices ***[/b:f810ebaec1]

    Manufactured: Intel Corporation
    Name: Pentium 4
    CodeName: Willamette (0.18 µm)
    Frequency: 1860 MHz
    L1 cache: 20 KB
    L2 cache: 256 KB
    Socket: Socket 478

    BIOS Manufactured: Award Software International, Inc.
    BIOS Date: 09/14/2001
    BIOS Version: 6.00 PG
    BIOS Size: 256 KB

    [b:f810ebaec1]*** MultiMedia Devices ***[/b:f810ebaec1]

    Wave In: Intel(r) Integrated Audio v5.5
    Wave Out: Intel(r) Integrated Audio v5.5
    Midi In: MPU-401 v5.5
    Midi Out: Microsoft GS Wavetable-software v5.5
    Midi Out: MPU-401 v5.5
    Mixer: Intel(r) Integrated Audio v5.5

    [b:f810ebaec1]*** Printers ***[/b:f810ebaec1]

    Name: HP LaserJet 4L Port: LPT1:

    [b:f810ebaec1]*** Ports ***[/b:f810ebaec1]

    Name: Communicatiepoort (COM1) Class: Poorten (COM & LPT)
    Name: Printerpoort (LPT1) Class: Poorten (COM & LPT)
    Name: Communicatiepoort (COM2) Class: Poorten (COM & LPT)
    USB: {36FC9E60-C465-11CF-8056-444553540000}\0000 Class: USB Port
    USB: {36FC9E60-C465-11CF-8056-444553540000}\0001 Class: USB Port

    [b:f810ebaec1]*** Memory Information ***[/b:f810ebaec1]

    Total Physical Memory: 255 MB
    Total Windows Memory: 875 MB
    Free Memory: 433 MB
    Used Memory: 442 MB
    AllocGranularity: 65536 bytes
    MinAppAddress: 00010000
    MaxAppAddress: 7FFEFFFF
    Page Size: 4096 bytes
    Total threads: 443
    Total processes: 33
    PageFile Total Size: 634064 KB (100%)
    PageFile Used: 222300 KB (35%)
    PageFile Free: 411764 KB (65%)

    [b:f810ebaec1]*** Communication ***[/b:f810ebaec1]

    Adapter: D-Link AirPlus DWL-520+ Wireless PCI Adapter - Pakketplanner-minipoort
    Address: 00:40:05:55:DA:D5
    IP format: 0.0.0.0

    Computer: **
    Gateaway:
    Mask: 0.0.0.0

    Winsock Description: WinSock 2.0
    Winsock Version: 2.2

    [b:f810ebaec1]*** DirectX Information ***[/b:f810ebaec1]

    Direct3D: Microsoft Direct3D Hardware-acceleratie via Direct3D-HAL
    Direct3D: Microsoft Direct3D Mono(Ramp) Software-emulatie
    Direct3D: Microsoft Direct3D RGB Software -emulatie

    DirectPlay: WinSock TCP-verbinding voor DirectPlay
    DirectPlay: WinSock IPX-verbinding voor DirectPlay
    DirectPlay: Modemverbinding voor DirectPlay

    DirectMusic: Microsoft Software Synthesizer

    [b:f810ebaec1]**************************************************[/b:f810ebaec1]
    [i:f810ebaec1]Systweak System Information Created: 23-4-2008 Please, visit our site http://www.systweak.com

    ** is verwijderde prive info[/i:f810ebaec1]

    Ik hoor graag jullie mening en voorstellen
  • Helaas is de eerste ronde van het scannen vastgelopen…:?

    Heb toen in de veilige modus een quick-scan gedaan en daarmee 3 problemen verwijdert.

    In de eerste scan had het programma 4 problemen gevonden dus nu loopt er een voledige scan in de veiligemodus (met netwerk):o

    De diverse logjes volgen later op de dag….
  • Malwarebytes' Anti-Malware 1.11
    Database versie: 672

    Scan type: Snelle Scan
    Objecten gescand: 46956
    Verstreken tijd: 12 minute(s), 22 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 2
    Registerwaarden geïnfecteerd: 1
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a051b1ff-8d7e-418b-aabe-4ff82f4280a2} (Trojan.Conhook) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{a051b1ff-8d7e-418b-aabe-4ff82f4280a2} (Trojan.Conhook) -> Quarantined and deleted successfully.

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)


    *****
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:11:14, on 23-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    [b:124b6b8b1a]Boot mode: Safe mode with network support[/b:124b6b8b1a]

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {C6A043BF-A08F-4979-9080-E3B3DEF462D0} - (no file)
    O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ParentalControl] C:\Program Files\Parental Control\ParentalControl.exe /SERVICE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer\memtuneup.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: D-Link AirPlus.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193593939655
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O20 - Winlogon Notify: iifecda - iifecda.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)


    End of file - 4941 bytes

    ****
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:49:28, on 23-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    [b:124b6b8b1a]Boot mode: Normal[/b:124b6b8b1a]

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Parental Control\ParentalControl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\program files\advanced system optimizer\memtuneup.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\D-Link AirPlus\AirPlus.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\iPod\bin\iPodService.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {C6A043BF-A08F-4979-9080-E3B3DEF462D0} - (no file)
    O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ParentalControl] C:\Program Files\Parental Control\ParentalControl.exe /SERVICE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer\memtuneup.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: D-Link AirPlus.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193593939655
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O20 - Winlogon Notify: iifecda - iifecda.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)


    End of file - 5574 bytes

    helaas krijg ik nog steeds dezelfde doorverwijzing en gaat surfen nog steeds erg moeizaam….
  • Volg
  • ComboFix 08-04-22.5 - NJK 2008-04-23 20:18:34.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.75 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\NJK\Bureaublad\ComboFix.exe
    Command switches used :: C:\Documents and Settings\NJK\Bureaublad\WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2008-03-23 to 2008-04-23 ))))))))))))))))))))))))))))))
    .

    2008-04-23 20:17 . 2008-04-23 20:17 1,024 –ah—– C:\WINDOWS\system32\config\systemprofile
    tuser.dat.LOG
    2008-04-23 07:43 . 2008-04-23 07:43 <DIR> d——– C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-23 07:43 . 2008-04-23 07:43 <DIR> d——– C:\Documents and Settings\NJK\Application Data\Malwarebytes
    2008-04-23 07:43 . 2008-04-23 07:43 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-04-22 12:45 . 2008-04-22 12:45 <DIR> d——– C:\Program Files\Trend Micro
    2008-04-21 17:19 . 2008-04-22 07:39 165 –a—— C:\WINDOWS\startUp manager.INI
    2008-04-21 17:11 . 2008-04-21 17:11 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\Systweak
    2008-04-21 12:52 . 2008-04-22 07:52 606 –a—— C:\WINDOWS\Uninstall Manager.INI
    2008-04-21 12:43 . 2008-04-21 12:43 <DIR> d——– C:\Documents and Settings\NJK\Application Data\Systweak
    2008-04-21 12:41 . 2008-04-21 12:42 <DIR> d——– C:\Program Files\Advanced System Optimizer
    2008-04-20 20:17 . 2008-04-20 20:17 42 –a—— C:\WINDOWS\system32\AK083E209605E394C.lie
    2008-04-20 12:04 . 2008-04-20 12:35 <DIR> d——– C:\Program Files\Parental Control
    2008-04-20 12:04 . 2008-04-23 20:27 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ParentalControl
    2008-04-19 17:40 . 2008-04-19 17:40 <DIR> d——– C:\Documents and Settings\Natalie\Application Data\ParentalControl
    2008-04-19 16:57 . 2008-04-19 16:57 <DIR> d——– C:\Documents and Settings\test\Application Data\ParentalControl
    2008-04-19 16:29 . 2008-02-22 02:33 69,632 –a—— C:\WINDOWS\system32\javacpl.cpl
    2008-04-19 16:28 . 2008-04-19 16:28 <DIR> d——– C:\Program Files\Common Files\Java
    2008-04-19 15:39 . 2008-04-19 15:39 230 –a—— C:\WINDOWS\system32\spupdsvc.inf
    2008-04-19 15:06 . 2008-04-19 15:06 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\ParentalControl
    2008-04-19 14:58 . 2008-04-19 14:58 <DIR> d——– C:\Documents and Settings\NJK\Application Data\ParentalControl
    2008-04-19 10:47 . 2008-04-19 14:48 <DIR> d——– C:\Program Files\Common Files\Panda Software
    2008-04-19 09:55 . 2008-04-19 09:55 <DIR> d——– C:\Program Files\uTorrent
    2008-04-19 09:55 . 2008-04-19 09:55 <DIR> d——– C:\Documents and Settings\NJK\Application Data\uTorrent
    2008-04-18 18:08 . 2008-04-18 18:08 <DIR> d——– C:\Documents and Settings\All Users\Application Data\sentinel
    2008-04-18 12:50 . 2008-04-18 18:05 <DIR> d——– C:\Program Files\Panda Security
    2008-04-18 12:44 . 2008-04-19 15:47 2,688 –a—— C:\WINDOWS\mozver.dat
    2008-04-17 17:20 . 2008-04-19 16:56 <DIR> d——– C:\Program Files\Mozilla Firefox(2)
    2008-04-17 17:20 . 2008-04-17 17:20 0 –a—— C:\WINDOWS
    sreg.dat
    2008-04-16 22:34 . 2008-04-16 22:34 <DIR> d——– C:\Documents and Settings\test\Application Data\ESET
    2008-04-16 22:34 . 2008-04-16 22:34 <DIR> d——– C:\Documents and Settings\NJK\Application Data\ESET
    2008-04-16 22:16 . 2008-04-16 22:16 <DIR> d——– C:\Program Files\Lavasoft
    2008-04-16 22:16 . 2008-04-19 15:21 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-04-16 17:18 . 2008-04-20 21:49 <DIR> d——– C:\Program Files\Google
    2008-04-15 17:53 . 2008-04-15 17:53 <DIR> d——– C:\Program Files\Webteh
    2008-04-15 17:15 . 2008-04-16 22:27 <DIR> d——– C:\Program Files\ESET
    2008-04-15 17:15 . 2008-04-16 22:27 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ESET
    2008-04-14 00:13 . 2008-04-14 00:13 <DIR> d——– C:\N360_BACKUP
    2008-04-13 17:15 . 2008-04-15 15:44 <DIR> d——– C:\Program Files\Norton 360
    2008-04-13 17:11 . 2008-04-22 12:40 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Symantec
    2008-04-13 17:09 . 2008-04-22 12:40 <DIR> d——– C:\Program Files\Common Files\Symantec Shared
    2008-04-13 17:07 . 2007-03-21 20:39 1,060,864 –a—— C:\WINDOWS\system32\MFC71.DLL
    2008-04-13 17:07 . 2008-04-13 17:07 1,047,552 –a—— C:\WINDOWS\system32\mfc71u.dll
    2008-04-13 17:07 . 2008-04-13 17:07 608,448 –a—— C:\WINDOWS\system32\comctl32.ocx
    2008-04-13 17:07 . 2008-04-13 17:07 89,088 –a—— C:\WINDOWS\system32\atl71.dll
    2008-04-13 13:48 . 2008-04-13 13:48 <DIR> d——– C:\Documents and Settings\Natalie\Application Data\vlc
    2008-04-12 21:54 . 2008-04-13 16:50 <DIR> d——– C:\Program Files\WinISO
    2008-04-12 21:32 . 2008-04-12 21:32 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\vlc
    2008-04-12 21:20 . 2008-04-15 17:52 <DIR> d——– C:\Program Files\VideoLAN
    2008-04-12 11:39 . 2008-04-12 11:39 <DIR> d——– C:\fsaua.data
    2008-04-06 18:36 . 2008-04-17 18:53 <DIR> d——– C:\Program Files\Spybot - Search & Destroy
    2008-04-06 18:36 . 2008-04-17 19:57 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-04-06 14:52 . 2008-04-06 15:15 <DIR> d——– C:\Program Files\Spyware Doctor
    2008-04-06 13:21 . 2008-02-27 16:52 49,152 –a—— C:\WINDOWS\system32\ArmAccess.dll
    2008-04-06 13:19 . 2008-04-06 15:15 <DIR> d-a—— C:\Documents and Settings\All Users\Application Data\TEMP
    2008-04-06 12:07 . 2008-04-06 12:07 51,355 –a—— C:\WINDOWS\system32\muzika.xm
    2008-03-29 11:20 . 2008-03-29 11:20 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\Apple Computer

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-19 14:29 ——— d—–w C:\Program Files\Java
    2008-04-19 08:08 ——— d—–w C:\Documents and Settings\All Users\Application Data\avg7
    2008-04-18 16:03 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2008-04-18 10:37 ——— d—–w C:\Documents and Settings\NJK\Application Data\AVG7
    2008-04-16 17:21 ——— d—–w C:\Documents and Settings\Sandra\Application Data\AVG7
    2008-04-13 20:37 ——— d—–w C:\Program Files\Windows Live Safety Center
    2008-04-13 20:35 ——— d—–w C:\Program Files\Windows Live
    2008-04-11 15:36 ——— d—–w C:\Program Files\TomTom HOME 2
    2008-04-10 15:34 ——— d—–w C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-04-09 17:43 ——— d—–w C:\Documents and Settings\NJK\Application Data\LimeWire
    2008-04-06 10:23 ——— d—–w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-04-05 09:56 ——— d—–w C:\Documents and Settings\Gast\Application Data\AVG7
    2008-03-29 21:31 ——— d—–w C:\Documents and Settings\Natalie\Application Data\Apple Computer
    2008-03-28 21:48 ——— d—–w C:\Documents and Settings\NJK\Application Data\Apple Computer
    2008-03-03 06:54 ——— d—–w C:\Program Files\Common Files\Adobe
    2008-02-27 06:50 ——— d—–w C:\Program Files\LimeWire
    2008-02-27 06:46 ——— d—–w C:\Program Files\LimeWire Plus
    2008-02-24 20:32 ——— d—–w C:\Documents and Settings\test\Application Data\Apple Computer
    2008-01-20 22:44 7,203 –sha-w C:\WINDOWS\system32
    qstv.ini2
    .
    [code:1:92f3fb84e7]<pre>
    —-a-w 39,792 2008-01-19 21:37:55 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
    —-a-w 200,704 2008-01-18 11:36:35 C:\Program Files\PowerISO\PWRISOVM .EXE
    —-a-w 528,384 2008-01-19 21:38:06 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher .exe
    —-a-w 378,784 2008-01-19 21:37:57 C:\Program Files\TomTom HOME 2\HOMERunner .exe
    —-a-w 219,952 2008-01-20 20:56:26 C:\Program Files\uTorrent\uTorrent .exe
    —-a-w 866,584 2008-01-20 20:56:29 C:\Program Files\Windows Defender\MSASCui .exe
    —-a-w 15,360 2008-01-20 11:38:07 C:\WINDOWS\system32\ctfmon .exe
    </pre>[/code:1:92f3fb84e7]


    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]
    2008-04-22 07:55 1470488 –a—— C:\Program Files\LimewirePlus\tbLim1.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C6A043BF-A08F-4979-9080-E3B3DEF462D0}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}"= "C:\Program Files\LimewirePlus\tbLim1.dll" [2008-04-22 07:55 1470488]

    [HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}"= C:\Program Files\LimewirePlus\tbLim1.dll [2008-04-22 07:55 1470488]

    [HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03 15360]
    "Systweak Memory Optimizer"="c:\program files\advanced system optimizer\memtuneup.exe" [2007-06-22 11:55 119024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-10-25 09:26 1410304]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "ParentalControl"="C:\Program Files\Parental Control\ParentalControl.exe" [2008-04-01 00:02 6096384]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03 15360]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 17:38 39264]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    D-Link AirPlus.lnk - C:\Program Files\D-Link AirPlus\AirPlus.exe [2007-02-20 21:26:15 262144]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 18:15:56 65588]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableClock"= 0 (0x0)
    "NoDispCPL"= 0 (0x0)
    "DisableTaskMgr"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoMultiIE"= 0 (0x0)
    "LWA"= 0 (0x0)
    "LWB"= 0 (0x0)
    "LWC"= 0 (0x0)
    "LWD"= 0 (0x0)
    "LWE"= 0 (0x0)
    "LWF"= 0 (0x0)
    "LWG"= 0 (0x0)
    "LWH"= 0 (0x0)
    "LWI"= 0 (0x0)
    "LWJ"= 0 (0x0)
    "LWK"= 0 (0x0)
    "LWL"= 0 (0x0)
    "LWM"= 0 (0x0)
    "LWN"= 0 (0x0)
    "LWO"= 0 (0x0)
    "LWP"= 0 (0x0)
    "LWQ"= 0 (0x0)
    "LWR"= 0 (0x0)
    "LWS"= 0 (0x0)
    "LWT"= 0 (0x0)
    "LWU"= 0 (0x0)
    "LWV"= 0 (0x0)
    "LWW"= 0 (0x0)
    "LWX"= 0 (0x0)
    "LWY"= 0 (0x0)
    "LWZ"= 0 (0x0)
    "NoRun"= 0 (0x0)
    "NoFind"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\iifecda]
    iifecda.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\WINDOWS\\system32\\sessmgr.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Parental Control\\ParentalControl.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "57148:TCP"= 57148:TCP:*:Disabled:Utorrent

    R1 cp_drv;Crawler Parental Control Driver;C:\Documents and Settings\All Users\Application Data\ParentalControl\cp_drv.sys [2008-04-20 12:07]
    R1 cp_tdifw_drv;cp_tdifw_drv;C:\Documents and Settings\All Users\Application Data\ParentalControl\cp_tdifw_drv.sys [2008-04-20 12:07]
    R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-10-25 09:27]
    S1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys []
    S2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys []
    S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2007-11-17 23:48]
    S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 16:54]
    S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 16:54]
    S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 16:54]
    S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 16:54]
    S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 16:54]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 12:33]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 12:33]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 12:33]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 12:33]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 12:33]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e80d9b6e-c116-11db-92db-00047627c0d4}]
    \Shell\AutoRun\command - E:\LaunchU3.exe -a

    .
    Inhoud van de 'Gedeelde Taken' map
    "2008-04-11 06:22:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-04-23 06:02:51 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
    - C:\Program Files\Windows Defender\MpCmdRun.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-23 20:24:58
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ———————— Other Running Processes ————————
    .
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\WINDOWS\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2008-04-23 20:31:00 - machine was rebooted [NJK]
    ComboFix-quarantined-files.txt 2008-04-23 18:30:51

    Pre-Run: 10,948,124,672 bytes beschikbaar
    Post-Run: 11,167,629,312 bytes beschikbaar

    WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
    C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

    239 — E O F — 2008-04-20 09:53:57
    ****
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:34:18, on 23-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Parental Control\ParentalControl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\program files\advanced system optimizer\memtuneup.exe
    C:\Program Files\D-Link AirPlus\AirPlus.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32
    otepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {C6A043BF-A08F-4979-9080-E3B3DEF462D0} - (no file)
    O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ParentalControl] C:\Program Files\Parental Control\ParentalControl.exe /SERVICE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer\memtuneup.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: D-Link AirPlus.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193593939655
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O20 - Winlogon Notify: iifecda - iifecda.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)


    End of file - 5819 bytes
    ***

    de nieuwe logjes… een echte verbetering is tot op heden niet merkbaar…
    Heb je overigens ook nog een mening/advies over m'n vraag betreffend een goede set-up?




  • Wat betreft een goede setup/jouw voorstel:

    NOD32 is een goede keuze voor aintivirus, hoor ik vele positieve verhalen over.

    Aangezien de windows Firewall alleen verkeer van buitenaf monitort en geen bescherming biedt tegen verkeer van binnenuit, kan je misschien beter kiezen voor een aparte firewall. Gratis opties zijn o.a. Zonealarm, Comodo en Sunbelt (voorheen Kerio). Een aparte firewall vereist wel wat moeite omdat je programma's eenmalig toestemming moet geven om internet op te mogen.

    Firefox is mooi, maar nog mooier met een paar addons. Noscript maakt het geheel nog veiliger en Adblock Plus helpt mooi tegen teveel reclame.

    Ik zou als ik jouw was er nog een spywareprog bijzetten (Spybot S&D is gratis en goed) en daar regelmatig een scan mee doen.

    Vergeet verder niet dat een veilig systeem ook een uptodate systeem is en dat je dus regelmatig nieuwe virusupdates en de kritische updates voor XP moet downloaden (kan je automatisch instellen).
  • da's goede info voor in de toekomst! daar kan ik wat mee!
    zie jij in de logjes nog redenen waarom e.e.a. zo slecht blijft werken?
    Het lijkt wel alsof ik bijv. 2 firewalls heb lopen… in de veilige modes met netwerk gaat ie als een trein maar dan leest alles zo lastig :wink:
  • Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
    [b:bd823423ea]
    File::
    C:\WINDOWS\system32
    qstv.ini2

    RenV::
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
    C:\Program Files\PowerISO\PWRISOVM .EXE
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher .exe
    C:\Program Files\TomTom HOME 2\HOMERunner .exe
    C:\Program Files\uTorrent\uTorrent .exe
    C:\Program Files\Windows Defender\MSASCui .exe
    C:\WINDOWS\system32\ctfmon .exe

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C6A043BF-A08F-4979-9080-E3B3DEF462D0}]
    [-HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]
    [-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\iifecda]
    [/b:bd823423ea]
    Sla dit op op je Bureaublad als [b:bd823423ea]CFScript.txt[/b:bd823423ea]

    Sleep [b:bd823423ea]CFScript.txt[/b:bd823423ea] in [b:bd823423ea]ComboFix.exe[/b:bd823423ea] zoals getoond in onderstaand voorbeeld :

    [img:bd823423ea]http://users.pandora.be/bluepatchy/miekiemoes/images/CFScript.gif[/img:bd823423ea]

    Dit zal [b:bd823423ea]ComboFix[/b:bd823423ea] doen herstarten.
    Start opnieuw op als daarom gevraagd wordt,
    en post de inhoud van de [b:bd823423ea]Combofix.txt[/b:bd823423ea] in je volgende antwoord samen met een nieuw HijackThislogje.

    Nog problemen?

  • we gaan tussen de middag weer eens kijken!
    alvast bedankt!

    Ik hoor over panda ook erg goede dingen maar heb alleen het idee dat panda mijn systeem meer verzwaard dan NOD32… klop die gedachte een beetje?
  • Klopt, weet uit eigen ervaring (pc ouders) dat Panda redelijk wat resources wegslurpt.
  • is het een idee om Comodo Firewall Pro PLUS te nemen?
    en zo ja, kan ik dan iets anders weg laten?
  • Plus-versie is volgens mij antivirus en firewall in een. Ik ben niet bekend met dit product en weet dus niet of het een antivirus van het niveau NOD32 is.

    Misschien dus beter om je geld uit te geven NOD32 als bewezen goede aankoop voor antivirus en de gratis comodo pro als firewall ernaast te zetten.
  • klinkt als een goed advies! bedankt! :P
  • **
  • [b:73033d6089]opdacht voltooid! zie hier de bijbehorende logjes…[/b:73033d6089]

    ComboFix 08-04-22.5 - NJK 2008-04-24 12:39:25.2 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.31.1043.18.68 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\NJK\Bureaublad\ComboFix.exe
    Command switches used :: E:\CFScript.txt
    * Nieuw herstelpunt werd aangemaakt
    * Resident AV is active


    FILE ::
    C:\WINDOWS\system32
    qstv.ini2
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32
    qstv.ini2

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2008-03-24 to 2008-04-24 ))))))))))))))))))))))))))))))
    .

    2008-04-24 07:32 . 2008-04-24 12:37 54,156 –ah—– C:\WINDOWS\QTFont.qfn
    2008-04-24 07:32 . 2008-04-24 07:32 1,409 –a—— C:\WINDOWS\QTFont.for
    2008-04-23 20:17 . 2008-04-23 20:17 1,024 –ah—– C:\WINDOWS\system32\config\systemprofile
    tuser.dat.LOG
    2008-04-23 07:43 . 2008-04-23 07:43 <DIR> d——– C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-23 07:43 . 2008-04-23 07:43 <DIR> d——– C:\Documents and Settings\NJK\Application Data\Malwarebytes
    2008-04-23 07:43 . 2008-04-23 07:43 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-04-22 12:45 . 2008-04-22 12:45 <DIR> d——– C:\Program Files\Trend Micro
    2008-04-21 17:19 . 2008-04-22 07:39 165 –a—— C:\WINDOWS\startUp manager.INI
    2008-04-21 17:11 . 2008-04-21 17:11 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\Systweak
    2008-04-21 12:52 . 2008-04-23 21:30 605 –a—— C:\WINDOWS\Uninstall Manager.INI
    2008-04-21 12:43 . 2008-04-21 12:43 <DIR> d——– C:\Documents and Settings\NJK\Application Data\Systweak
    2008-04-21 12:41 . 2008-04-21 12:42 <DIR> d——– C:\Program Files\Advanced System Optimizer
    2008-04-20 20:17 . 2008-04-20 20:17 42 –a—— C:\WINDOWS\system32\AK083E209605E394C.lie
    2008-04-20 12:04 . 2008-04-20 12:35 <DIR> d——– C:\Program Files\Parental Control
    2008-04-20 12:04 . 2008-04-24 12:43 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ParentalControl
    2008-04-19 17:40 . 2008-04-19 17:40 <DIR> d——– C:\Documents and Settings\Natalie\Application Data\ParentalControl
    2008-04-19 16:57 . 2008-04-19 16:57 <DIR> d——– C:\Documents and Settings\test\Application Data\ParentalControl
    2008-04-19 16:29 . 2008-02-22 02:33 69,632 –a—— C:\WINDOWS\system32\javacpl.cpl
    2008-04-19 16:28 . 2008-04-19 16:28 <DIR> d——– C:\Program Files\Common Files\Java
    2008-04-19 15:39 . 2008-04-19 15:39 230 –a—— C:\WINDOWS\system32\spupdsvc.inf
    2008-04-19 15:06 . 2008-04-19 15:06 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\ParentalControl
    2008-04-19 14:58 . 2008-04-19 14:58 <DIR> d——– C:\Documents and Settings\NJK\Application Data\ParentalControl
    2008-04-19 10:47 . 2008-04-19 14:48 <DIR> d——– C:\Program Files\Common Files\Panda Software
    2008-04-19 09:55 . 2008-04-24 12:39 <DIR> d——– C:\Program Files\uTorrent
    2008-04-19 09:55 . 2008-04-19 09:55 <DIR> d——– C:\Documents and Settings\NJK\Application Data\uTorrent
    2008-04-18 18:08 . 2008-04-18 18:08 <DIR> d——– C:\Documents and Settings\All Users\Application Data\sentinel
    2008-04-18 12:50 . 2008-04-18 18:05 <DIR> d——– C:\Program Files\Panda Security
    2008-04-18 12:44 . 2008-04-19 15:47 2,688 –a—— C:\WINDOWS\mozver.dat
    2008-04-17 17:20 . 2008-04-19 16:56 <DIR> d——– C:\Program Files\Mozilla Firefox(2)
    2008-04-17 17:20 . 2008-04-17 17:20 0 –a—— C:\WINDOWS
    sreg.dat
    2008-04-16 22:34 . 2008-04-16 22:34 <DIR> d——– C:\Documents and Settings\test\Application Data\ESET
    2008-04-16 22:34 . 2008-04-16 22:34 <DIR> d——– C:\Documents and Settings\NJK\Application Data\ESET
    2008-04-16 22:16 . 2008-04-16 22:16 <DIR> d——– C:\Program Files\Lavasoft
    2008-04-16 22:16 . 2008-04-19 15:21 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-04-16 17:18 . 2008-04-20 21:49 <DIR> d——– C:\Program Files\Google
    2008-04-15 17:53 . 2008-04-15 17:53 <DIR> d——– C:\Program Files\Webteh
    2008-04-15 17:15 . 2008-04-16 22:27 <DIR> d——– C:\Program Files\ESET
    2008-04-15 17:15 . 2008-04-16 22:27 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ESET
    2008-04-14 00:13 . 2008-04-14 00:13 <DIR> d——– C:\N360_BACKUP
    2008-04-13 17:15 . 2008-04-15 15:44 <DIR> d——– C:\Program Files\Norton 360
    2008-04-13 17:11 . 2008-04-22 12:40 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Symantec
    2008-04-13 17:09 . 2008-04-22 12:40 <DIR> d——– C:\Program Files\Common Files\Symantec Shared
    2008-04-13 17:07 . 2007-03-21 20:39 1,060,864 –a—— C:\WINDOWS\system32\MFC71.DLL
    2008-04-13 17:07 . 2008-04-13 17:07 1,047,552 –a—— C:\WINDOWS\system32\mfc71u.dll
    2008-04-13 17:07 . 2008-04-13 17:07 608,448 –a—— C:\WINDOWS\system32\comctl32.ocx
    2008-04-13 17:07 . 2008-04-13 17:07 89,088 –a—— C:\WINDOWS\system32\atl71.dll
    2008-04-13 13:48 . 2008-04-13 13:48 <DIR> d——– C:\Documents and Settings\Natalie\Application Data\vlc
    2008-04-12 21:54 . 2008-04-13 16:50 <DIR> d——– C:\Program Files\WinISO
    2008-04-12 21:32 . 2008-04-12 21:32 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\vlc
    2008-04-12 21:20 . 2008-04-15 17:52 <DIR> d——– C:\Program Files\VideoLAN
    2008-04-12 11:39 . 2008-04-12 11:39 <DIR> d——– C:\fsaua.data
    2008-04-06 18:36 . 2008-04-17 18:53 <DIR> d——– C:\Program Files\Spybot - Search & Destroy
    2008-04-06 18:36 . 2008-04-17 19:57 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-04-06 14:52 . 2008-04-06 15:15 <DIR> d——– C:\Program Files\Spyware Doctor
    2008-04-06 13:21 . 2008-02-27 16:52 49,152 –a—— C:\WINDOWS\system32\ArmAccess.dll
    2008-04-06 13:19 . 2008-04-06 15:15 <DIR> d-a—— C:\Documents and Settings\All Users\Application Data\TEMP
    2008-04-06 12:07 . 2008-04-06 12:07 51,355 –a—— C:\WINDOWS\system32\muzika.xm
    2008-03-29 11:20 . 2008-03-29 11:20 <DIR> d——– C:\Documents and Settings\Sandra\Application Data\Apple Computer

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-24 10:39 ——— d—–w C:\Program Files\Windows Defender
    2008-04-24 10:39 ——— d—–w C:\Program Files\TomTom HOME 2
    2008-04-24 10:39 ——— d—–w C:\Program Files\PowerISO
    2008-04-19 14:29 ——— d—–w C:\Program Files\Java
    2008-04-19 13:19 12,632 —-a-w C:\WINDOWS\system32\lsdelete.exe
    2008-04-19 08:08 ——— d—–w C:\Documents and Settings\All Users\Application Data\avg7
    2008-04-18 16:03 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2008-04-18 10:37 ——— d—–w C:\Documents and Settings\NJK\Application Data\AVG7
    2008-04-16 17:21 ——— d—–w C:\Documents and Settings\Sandra\Application Data\AVG7
    2008-04-13 20:37 ——— d—–w C:\Program Files\Windows Live Safety Center
    2008-04-13 20:35 ——— d—–w C:\Program Files\Windows Live
    2008-04-10 15:34 ——— d—–w C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-04-09 17:43 ——— d—–w C:\Documents and Settings\NJK\Application Data\LimeWire
    2008-04-06 10:23 ——— d—–w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-04-05 09:56 ——— d—–w C:\Documents and Settings\Gast\Application Data\AVG7
    2008-03-29 21:31 ——— d—–w C:\Documents and Settings\Natalie\Application Data\Apple Computer
    2008-03-28 21:48 ——— d—–w C:\Documents and Settings\NJK\Application Data\Apple Computer
    2008-03-20 08:10 1,845,376 —-a-w C:\WINDOWS\system32\win32k.sys
    2008-03-03 06:54 ——— d—–w C:\Program Files\Common Files\Adobe
    2008-02-27 06:50 ——— d—–w C:\Program Files\LimeWire
    2008-02-27 06:46 ——— d—–w C:\Program Files\LimeWire Plus
    2008-02-24 20:32 ——— d—–w C:\Documents and Settings\test\Application Data\Apple Computer
    2008-02-20 06:51 282,624 —-a-w C:\WINDOWS\system32\gdi32.dll
    2008-02-20 05:39 45,568 —-a-w C:\WINDOWS\system32\dnsrslvr.dll
    2008-02-16 09:05 662,528 —-a-w C:\WINDOWS\system32\wininet.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-04-23_20.30.29.04 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-23 18:24:01 2,048 –s-a-w C:\WINDOWS\bootstat.dat
    + 2008-04-24 10:36:40 2,048 –s-a-w C:\WINDOWS\bootstat.dat
    - 2004-08-04 08:03:27 15,360 —-a-w C:\WINDOWS\system32\ctfmon.exe
    + 2008-01-20 11:38:07 15,360 —-a-w C:\WINDOWS\system32\ctfmon.exe
    - 2004-08-04 08:03:27 15,360 -c–a-w C:\WINDOWS\system32\dllcache\ctfmon.exe
    + 2008-01-20 11:38:07 15,360 -c–a-w C:\WINDOWS\system32\dllcache\ctfmon.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-20 13:38 15360]
    "Systweak Memory Optimizer"="c:\program files\advanced system optimizer\memtuneup.exe" [2007-06-22 11:55 119024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-19 23:37 39792]
    "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-10-25 09:26 1410304]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "ParentalControl"="C:\Program Files\Parental Control\ParentalControl.exe" [2008-04-01 00:02 6096384]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-20 13:38 15360]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 17:38 39264]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    D-Link AirPlus.lnk - C:\Program Files\D-Link AirPlus\AirPlus.exe [2007-02-20 21:26:15 262144]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 18:15:56 65588]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableClock"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\WINDOWS\\system32\\sessmgr.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Parental Control\\ParentalControl.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "57148:TCP"= 57148:TCP:*:Disabled:Utorrent

    R1 cp_drv;Crawler Parental Control Driver;C:\Documents and Settings\All Users\Application Data\ParentalControl\cp_drv.sys [2008-04-20 12:07]
    R1 cp_tdifw_drv;cp_tdifw_drv;C:\Documents and Settings\All Users\Application Data\ParentalControl\cp_tdifw_drv.sys [2008-04-20 12:07]
    R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-10-25 09:27]
    S1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys []
    S2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys []
    S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2007-11-17 23:48]
    S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 16:54]
    S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 16:54]
    S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 16:54]
    S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 16:54]
    S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 16:54]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 12:33]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 12:33]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 12:33]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 12:33]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 12:33]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e80d9b6e-c116-11db-92db-00047627c0d4}]
    \Shell\AutoRun\command - E:\LaunchU3.exe -a

    *Newly Created Service* - CATCHME
    .
    Inhoud van de 'Gedeelde Taken' map
    "2008-04-11 06:22:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-04-23 06:02:51 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
    - C:\Program Files\Windows Defender\MpCmdRun.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-24 12:42:49
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2008-04-24 12:45:46
    ComboFix-quarantined-files.txt 2008-04-24 10:45:29
    ComboFix2.txt 2008-04-23 18:31:02

    Pre-Run: 11,461,812,224 bytes beschikbaar
    Post-Run: 11,448,365,056 bytes beschikbaar

    195 — E O F — 2008-04-20 09:53:57
    [b:73033d6089]en een hijackthis log…[/b:73033d6089]

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:46:46, on 24-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Parental Control\ParentalControl.exe
    C:\program files\advanced system optimizer\memtuneup.exe
    C:\Program Files\D-Link AirPlus\AirPlus.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [ParentalControl] C:\Program Files\Parental Control\ParentalControl.exe /SERVICE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer\memtuneup.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: D-Link AirPlus.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193593939655
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)


    End of file - 5607 bytes


    [b:73033d6089]heb de wijzigingen nog niet kunnen testen… maar het surfen ging (nog) steeds niet heel erg snel… en de doorverwijzing naar safe-site doet het ook nog…[/b:73033d6089]
    [i:73033d6089]nou snap ik de logjes niet maar ik lees elke keer nog iets over [panda]. Ik heb dat programma enige tijd geleden verwijderd… moet daar nog iets mee gebeuren?[/i:73033d6089]



Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.