Mededeling

Collapse
No announcement yet.

Controle logje

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Controle logje

    Even een controle logje

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:49:37, on 28-12-2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16386)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\wpcumi.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\FrostWire\FrostWire.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=laptop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O1 - Hosts: ::1 localhost
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
    O4 - HKLM\..\Run: [LanzarP2006] "C:\Users\floris!\AppData\Local\Temp\{24967DEC-2BC0-4229-A8DC-CB9CDCFC1889}\{EEBA9416-3207-47E0-9022-116440599DBC}\P2006tmp\Install.exe" /SETUP:"/l0x0013"
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG Firewall Service (AVGFw2kv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfw2kv.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: MySQL51 - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: VMware Registration Service (vmserverdWin32) - Unknown owner - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe (file missing)
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 8573 bytes
    Labels: Geen
    • Citaat
  • #2
    Ik begrijp wel dat het langer duurt :Kick:
    • Citaat

    Comment

    • #3
      Kickje
      • Citaat

      Comment

      • #4
        Alweer kick
        • Citaat

        Comment

        • #5
          Bitdefender rapporteert virus.

          Goedenavond

          Ik scan wekelijks met Avast! en Avira.
          Ik was eens benieuwd in een ander Antivirus programma dus ik probeer Bitdefender. Meteen vind hij wat en ik weet niet of ik verder actie moet ondernemen. Log van Bitdefender:

          //-----------------------------------------------------------------
          //
          // Product BitDefender Free Edition v10
          // Product 10.2
          //
          // Created on: 13/01/2008 16:31:39
          //
          //-----------------------------------------------------------------


          Virus Statistics

          Scan path : C:\Windows
          C:\Program Files
          Folders : 13677
          Files : 41976
          Memory processes scanned : 0
          Archives : 0
          Runtime packers : 1435
          Identified viruses : 1
          Infected files : 1
          Memory processes infected : 0
          Suspect files : 0
          Warnings : 0
          Disinfected files : 0
          Deleted files : 1
          Moved files : 0
          I/O errors : 7
          Scan time : 00:26:04
          Scan speed (files/sec) : 26

          Virus definitions : 970523
          Scan plugins : 16
          Archive plugins : 41
          Unpack plugins : 7
          Mail plugins : 6
          System plugins : 5

          Virus scan options

          Detection
          [X] Scan boot sectors
          [ ] Memory Processes
          [ ] Scan archives
          [X] Scan runtime packers
          [X] Scan email

          File mask
          [X] Programs
          [ ] All files
          [ ] User defined extensions:
          [ ] Exclude extensions: ;

          Action

          Infected objects
          [ ] Ignore
          [X] Disinfect
          [ ] Delete
          [ ] Move to quarantine
          [ ] Prompt user

          Second action
          [ ] Ignore
          [ ] Delete
          [X] Move to quarantine
          [ ] Prompt user

          Virus scan options
          [X] Enable warnings
          [ ] Enable heuristics
          [ ] Show all files in log
          [X] Report file: C:\Users\Floris\AppData\Local\Temp\1200238299.log

          Spyware scan options

          [X] Scan for riskware
          [ ] Skip dial and applications from scan
          [ ] Registry keys
          [ ] Cookies


          Summary:

          C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll Detected: Adware.Fotomoto.L
          C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll Deleted


          Kan dit nog kwaad en moet ik nog verder actie ondernemen ?

          Log van Hijackthis:

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 20:25:46, on 13-1-2008
          Platform: Windows Vista (WinNT 6.00.1904)
          MSIE: Internet Explorer v7.00 (7.00.6000.16386)
          Boot mode: Normal

          Running processes:
          C:\Windows\Explorer.EXE
          C:\Windows\system32\taskeng.exe
          C:\Windows\System32\wpcumi.exe
          C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
          C:\Program Files\Softwin\BitDefender10\bdmcon.exe
          C:\Program Files\Softwin\BitDefender10\bdagent.exe
          C:\Program Files\Windows Sidebar\sidebar.exe
          C:\Windows\ehome\ehtray.exe
          C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
          C:\Program Files\Shock Utility\Shock4Way3D\Shock4Way3D.exe
          C:\Program Files\Real Desktop\Real Desktop.exe
          C:\Windows\ehome\ehmsas.exe
          C:\Program Files\Windows Sidebar\sidebar.exe
          C:\Windows\system32\conime.exe
          C:\Windows\system32\wuauclt.exe
          C:\Program Files\Internet Explorer\ieuser.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
          C:\HijackThis.exe

          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=laptop
          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
          O1 - Hosts: ::1 localhost
          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
          O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - (no file)
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
          O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
          O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
          O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
          O4 - HKLM\..\Run: [LanzarP2006] "C:\Users\floris!\AppData\Local\Temp\{24967DEC-2BC0-4229-A8DC-CB9CDCFC1889}\{EEBA9416-3207-47E0-9022-116440599DBC}\P2006tmp\Install.exe" /SETUP:"/l0x0013"
          O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
          O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
          O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
          O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
          O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
          O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
          O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
          O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
          O4 - HKCU\..\Run: [Shock4Way3D] C:\Program Files\Shock Utility\Shock4Way3D\Shock4Way3D.exe
          O4 - HKCU\..\Run: [Real Desktop] "C:\Program Files\Real Desktop\Real Desktop.exe"
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
          O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
          O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O13 - Gopher Prefix:
          O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
          O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.nl/scanforvirus-en/kavwebscan_unicode.cab
          O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
          O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
          O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
          O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
          O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
          O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
          O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
          O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
          O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
          O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
          O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
          O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
          O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
          O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
          O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
          O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
          O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
          O23 - Service: MySQL51 - Unknown owner - C:\Program.exe (file missing)
          O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
          O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
          O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
          O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
          O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
          O23 - Service: VMware Registration Service (vmserverdWin32) - Unknown owner - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe (file missing)
          O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
          O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
          O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

          --
          End of file - 9039 bytes

          Bedankt
          • Citaat

          Comment

          • #6
            Ik heb ook Combofix gedraait :


            ComboFix 08-01-13.1 - Floris 2008-01-13 22:12:04.1 - NTFSx86
            Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.333 [GMT 1:00]
            Gestart vanuit: C:\Users\Floris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V3NGRRWX\ComboFix[1].exe
            * Nieuw herstelpunt werd aangemaakt
            .
            The following files were disabled during the run:
            C:\Windows\system32\sockspy.dll


            (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
            .

            C:\Windows\system32\wmatime.dll
            C:\Windows\system32\x64

            .
            (((((((((((((((((((( Bestanden Gemaakt van 2007-12-13 to 2008-01-13 ))))))))))))))))))))))))))))))
            .

            2008-01-13 22:09 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe
            2008-01-13 16:59 . 2008-01-13 16:59 <DIR> d-------- C:\Users\Floris\AppData\Roaming\Bitdefender
            2008-01-13 16:30 . 2008-01-13 22:12 81,984 --a------ C:\Windows\System32\bdod.bin
            2008-01-13 16:28 . 2008-01-13 16:29 <DIR> d-------- C:\Users\All Users\BitDefender
            2008-01-13 16:28 . 2008-01-13 16:29 <DIR> d-------- C:\ProgramData\BitDefender
            2008-01-13 14:02 . 2008-01-13 14:03 <DIR> d-------- C:\Program Files\Real Desktop
            2008-01-13 12:56 . 2008-01-13 12:56 <DIR> d-------- C:\Windows\System32\Kaspersky Lab
            2008-01-12 22:38 . 2008-01-12 22:44 <DIR> d-------- C:\Program Files\SphereXP
            2008-01-12 22:02 . 2008-01-12 22:02 <DIR> d-------- C:\Program Files\Shock Utility
            2008-01-12 22:02 . 2008-01-12 22:02 65,536 --a------ C:\Windows\IFinst27.exe
            2008-01-12 21:49 . 2008-01-12 21:49 <DIR> d-------- C:\Program Files\Project Looking Glass
            2008-01-12 20:51 . 2008-01-12 20:51 <DIR> d-------- C:\Users\All Users\Avira
            2008-01-12 20:51 . 2008-01-12 20:51 <DIR> d-------- C:\ProgramData\Avira
            2008-01-12 20:51 . 2008-01-12 20:51 <DIR> d-------- C:\Program Files\Avira
            2008-01-11 17:41 . 2008-01-11 17:41 0 --ah----- C:\ProgramData.LOG2
            2008-01-11 17:41 . 2008-01-11 17:41 0 --ah----- C:\ProgramData.LOG1
            2008-01-11 17:32 . 2008-01-11 17:32 <DIR> d-------- C:\Users\All Users\Avg7
            2008-01-11 17:32 . 2008-01-11 17:32 <DIR> d-------- C:\ProgramData\Avg7
            2008-01-11 15:39 . 2007-11-17 18:04 267,592 --a------ C:\Program Files\Uninstall Ask Toolbar.dll
            2008-01-11 15:38 . 2008-01-11 15:38 <DIR> d-------- C:\Users\Floris\AppData\Roaming\Leadertech
            2008-01-10 20:04 . 2008-01-10 21:32 <DIR> d-------- C:\Program Files\SpywareGuard
            2008-01-10 19:56 . 2008-01-10 19:56 <DIR> d-------- C:\Users\Reen\AppData\Roaming\WinPatrol
            2008-01-10 19:16 . 2008-01-10 19:16 <DIR> d-------- C:\Users\Floris\AppData\Roaming\WinPatrol
            2008-01-10 19:16 . 2008-01-10 19:16 <DIR> d-------- C:\Program Files\BillP Studios
            2008-01-09 21:04 . 2008-01-09 21:04 200 --a------ C:\Users\Reen\tijdelijk.reg
            2008-01-09 20:15 . 2008-01-09 20:15 64,270 --a------ C:\Users\Reen\versie 2 hrm.zip
            2008-01-08 18:34 . 2008-01-08 18:34 1,249,213 --a------ C:\Users\Reen\Flooball.zip
            2008-01-08 18:32 . 2008-01-08 18:32 <DIR> d-------- C:\Program Files\7-Zip
            2008-01-08 18:10 . 2008-01-08 18:10 2,337,696 --a------ C:\Users\Reen\Flooball.exe
            2008-01-08 07:58 . 2008-01-08 07:58 <DIR> d-------- C:\Users\Floris\AppData\Roaming\Uniblue
            2008-01-08 07:57 . 2008-01-08 07:57 <DIR> d-------- C:\Program Files\Uniblue
            2008-01-07 20:00 . 2008-01-07 20:00 9,641,089 --a------ C:\Users\Floris\Fooball.exe
            2008-01-06 18:33 . 2008-01-06 18:33 <DIR> d-------- C:\Program Files\Game_Maker7
            2008-01-05 21:53 . 2008-01-05 21:53 <DIR> d-------- C:\Program Files\Microsoft Windows OneCare Live
            2008-01-05 10:46 . 2008-01-11 17:40 <DIR> d-------- C:\Program Files\DivX
            2008-01-02 22:17 . 2008-01-02 22:17 <DIR> d-------- C:\Program Files\Microsoft.NET
            2008-01-02 16:40 . 2008-01-02 16:40 <DIR> d-------- C:\Program Files\MSECache
            2008-01-01 20:22 . 2008-01-01 20:22 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
            2008-01-01 20:06 . 2008-01-01 20:06 <DIR> d-------- C:\Windows\System32\URTTEMP
            2007-12-31 23:05 . 2007-12-04 15:51 42,912 --a------ C:\Windows\System32\drivers\aswTdi.sys
            2007-12-31 23:05 . 2007-12-04 15:53 23,152 --a------ C:\Windows\System32\drivers\aswRdr.sys
            2007-12-31 23:04 . 2007-12-31 23:04 <DIR> d-------- C:\Program Files\Alwil Software
            2007-12-31 23:04 . 2007-12-04 14:04 837,496 --a------ C:\Windows\System32\aswBoot.exe
            2007-12-31 23:04 . 2004-01-09 10:13 380,928 --a------ C:\Windows\System32\actskin4.ocx
            2007-12-31 23:04 . 2007-12-04 13:54 95,608 --a------ C:\Windows\System32\AvastSS.scr
            2007-12-31 23:04 . 2007-12-04 15:52 45,648 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
            2007-12-29 21:14 . 2006-11-02 11:23 <DIR> dr------- C:\Users\Mcx1\Videos
            2007-12-29 21:14 . 2006-11-02 11:23 <DIR> d-------- C:\Users\Mcx1\Saved Games
            2007-12-29 21:14 . 2006-11-02 11:23 <DIR> dr------- C:\Users\Mcx1\Pictures
            2007-12-29 21:14 . 2006-11-02 11:23 <DIR> dr------- C:\Users\Mcx1\Music
            2007-12-29 21:14 . 2006-11-02 11:23 <DIR> dr------- C:\Users\Mcx1\Links
            2007-12-29 21:14 . 2006-11-02 11:23 <DIR> dr------- C:\Users\Mcx1\Downloads
            2007-12-29 21:14 . 2007-12-29 21:14 <DIR> dr------- C:\Users\Mcx1\Documents
            2007-12-29 21:14 . 2007-12-29 21:14 <DIR> d--h----- C:\Users\Mcx1\AppData
            2007-12-26 10:41 . 2007-12-30 21:36 <DIR> d-a------ C:\Users\All Users\TEMP
            2007-12-26 10:41 . 2007-12-30 21:36 <DIR> d-a------ C:\ProgramData\TEMP
            2007-12-24 15:31 . 2007-12-24 15:31 <DIR> d-------- C:\Users\Floris\Phone Browser
            2007-12-24 15:31 . 2007-12-24 15:31 <DIR> d-------- C:\Users\Floris\AppData\Roaming\PC Suite
            2007-12-24 13:55 . 2007-12-24 13:55 <DIR> d-------- C:\Users\Floris\AppData\Roaming\Apple Computer

            .
            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            2008-01-13 16:22 --------- d-----w C:\ProgramData\WinZip
            2008-01-12 21:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
            2008-01-12 21:16 --------- d-----w C:\Program Files\Deep Sleep
            2008-01-12 10:17 --------- d-----w C:\Users\Floris\AppData\Roaming\FrostWire
            2008-01-12 10:15 --------- d-----w C:\Program Files\WarRock
            2008-01-11 21:36 --------- d-----w C:\Program Files\HyCam2
            2008-01-11 16:55 --------- d-----w C:\Program Files\MAIET
            2008-01-11 16:53 --------- d-----w C:\Program Files\Common Files\Symantec Shared
            2008-01-11 16:42 --------- d-----w C:\Program Files\Hitman Pro
            2008-01-11 16:39 --------- d-----w C:\Program Files\Zylom Games
            2008-01-11 15:26 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
            2008-01-11 14:33 --------- d-----w C:\Users\Floris\AppData\Roaming\Lavasoft
            2008-01-11 14:33 --------- d-----w C:\Program Files\Lavasoft
            2008-01-08 07:36 --------- d-----w C:\Program Files\WhatPulse
            2008-01-02 21:21 --------- d-----w C:\Program Files\Microsoft Works
            2008-01-01 20:01 --------- d-----w C:\ProgramData\Microsoft Help
            2008-01-01 19:50 --------- d-----w C:\Program Files\MSBuild
            2007-12-30 17:16 2,560 ----a-w C:\Windows\system32\drivers\mchInjDrv.sys
            2007-12-12 19:08 282 ----a-w C:\Users\Floris\Virus2.bat
            2007-12-12 19:04 57 ----a-w C:\Users\Floris\Internet Explorer Updater.bat
            2007-12-12 16:28 47,104 ----a-w C:\Windows\system32\drivers\avgwfp.sys
            2007-12-09 17:21 --------- d-----w C:\Program Files\Microsoft Games
            2007-12-09 17:21 --------- d-----w C:\Program Files\EA GAMES
            2007-12-09 17:20 --------- d-----w C:\Program Files\WM Converter
            2007-12-09 17:20 --------- d-----w C:\Program Files\vLite
            2007-12-09 17:14 --------- d-----w C:\Program Files\Soldier of Fortune II - SP Demo
            2007-12-09 17:14 --------- d-----w C:\Program Files\nLite
            2007-12-09 17:13 --------- d-----w C:\Program Files\SHOUTcast
            2007-12-09 17:13 --------- d-----w C:\Program Files\PacMan Adventures 3D
            2007-12-09 17:12 --------- d-----w C:\Users\Floris\AppData\Roaming\Media Player Classic
            2007-12-09 15:32 --------- d-----w C:\Users\Floris\AppData\Roaming\InstallShield
            2007-12-09 10:49 --------- d-----w C:\Users\Floris\AppData\Roaming\Winamp
            2007-12-09 10:45 --------- d-----w C:\Program Files\Winamp
            2007-12-08 21:42 --------- d-----w C:\Users\Floris\AppData\Roaming\LimeWire
            2007-12-08 09:46 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
            2007-12-08 09:45 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe
            2007-12-07 17:53 --------- d-----w C:\Program Files\Virtools
            2007-12-05 18:10 --------- d-----w C:\Users\Floris\AppData\Roaming\ICAClient
            2007-12-02 18:58 --------- d-----w C:\Users\Reen\AppData\Roaming\PeerNetworking
            2007-12-02 15:47 --------- d-----w C:\Users\Floris\AppData\Roaming\PeerNetworking
            2007-12-02 09:39 --------- d-----w C:\Users\Reen\AppData\Roaming\HP
            2007-12-02 09:15 --------- d-----w C:\ProgramData\Symantec
            2007-12-02 00:40 --------- d-----w C:\Program Files\Mozilla Thunderbird
            2007-12-02 00:40 --------- d-----w C:\Program Files\Mozilla Sunbird
            2007-12-01 21:41 --------- d-----w C:\Program Files\Common Files\Panda Software
            2007-12-01 20:33 --------- d-----w C:\ProgramData\Prevx
            2007-12-01 14:42 --------- d-----w C:\Program Files\Jasc Software Inc
            2007-12-01 14:34 --------- d-----w C:\Program Files\Common Files\Adobe
            2007-12-01 13:04 --------- d-----w C:\Program Files\Blender Foundation
            2007-11-30 14:00 --------- d-----w C:\Program Files\Norton Security Scan
            2007-11-26 08:44 --------- d-----w C:\ProgramData\VMware
            2007-11-24 20:22 --------- d-----w C:\Program Files\NEXON
            2007-11-24 02:22 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
            2007-11-22 20:45 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
            2007-11-22 20:41 --------- d-----w C:\Program Files\Windows Live
            2007-11-22 19:41 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
            2007-11-22 19:00 --------- d-----w C:\ProgramData\WLInstaller
            2007-11-21 16:36 40,733 ----a-w C:\Windows\System32\rightonadz-uninst.exe
            2007-11-20 16:09 --------- d-----w C:\Program Files\FrostWire
            2007-11-18 20:14 --------- d-----w C:\Program Files\Common Files\Xara
            2007-11-16 16:30 --------- d-----w C:\Program Files\QuickTime
            2007-11-16 16:25 --------- d-----w C:\ProgramData\Apple
            2007-11-16 16:25 --------- d-----w C:\Program Files\Apple Software Update
            2007-10-23 16:49 586,752 ----a-w C:\Windows\WLXPGSS.SCR
            2007-04-25 14:37 32 ----a-r C:\Users\All Users\hash.dat
            2007-04-25 14:37 32 ----a-r C:\ProgramData\hash.dat
            2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini
            2007-02-23 14:06 22 --sha-w C:\Windows\SMINST\HPCD.sys
            .

            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            .
            REGEDIT4
            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 13:35 1196032]
            "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
            "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
            "Shock4Way3D"="C:\Program Files\Shock Utility\Shock4Way3D\Shock4Way3D.exe" [2007-12-28 16:10 1158656]
            "Real Desktop"="C:\Program Files\Real Desktop\Real Desktop.exe" [2007-12-18 14:49 5689344]

            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 10:45 222208]
            "LanzarP2006"="C:\Users\floris!\AppData\Local\Temp\{24967DEC-2BC0-4229-A8DC-CB9CDCFC1889}\{EEBA9416-3207-47E0-9022-116440599DBC}\P2006tmp\Install.exe" [ ]
            "WPCUMI"="C:\Windows\system32\WpcUmi.exe" [2006-11-02 13:35 176128]
            "WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2007-10-26 17:06 292152]
            "BDMCon"="C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe" [2007-04-02 16:48 290816]
            "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]

            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
            "Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]

            [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
            "LogonHoursAction"= 2 (0x2)
            "DontDisplayLogonHoursWarnings"= 1 (0x1)

            [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk]
            path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk
            backup=C:\Windows\pss\Google Updater.lnk.CommonStartup
            backupExtension=.CommonStartup

            [HKLM\~\startupfolder\C:^Users^floris!^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.2 .lnk]
            path=C:\Users\floris!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.2 .lnk
            backup=C:\Windows\pss\OpenOffice.org 2.2 .lnk.Startup
            backupExtension=.Startup

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
            C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
            --a------ 2007-10-10 19:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
            -ra------ 2007-03-01 09:37 2321600 C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASuite]
            C:\Program Files\ASuite\ASuite.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CaretakerNotifier]
            C:\Program Files\SurfRight\Caretaker\Notifier.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
            c:\Program Files\Common Files\Symantec Shared\ccApp.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
            --a------ 2005-03-31 08:30 1106944 C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
            --a------ 2006-11-02 13:35 125440 C:\Windows\ehome\ehTray.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hitman Pro Expiration Helper]
            C:\Program Files\Hitman Pro\xphelper.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
            --a------ 2006-11-06 10:05 106496 C:\Windows\system32\hkcmd.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
            --a------ 2006-12-04 12:39 46704 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
            --a------ 2005-02-16 23:11 49152 C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
            --a------ 2006-10-18 09:32 472800 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
            --a------ 2006-11-06 10:02 98304 C:\Windows\system32\igfxtray.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
            C:\Program Files\iTunes\iTunesHelper.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
            --a------ 2007-01-19 11:54 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
            c:\Program Files\Norton Internet Security\osCheck.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
            --a------ 2005-03-22 08:39 167936 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
            --a------ 2006-11-06 10:02 81920 C:\Windows\system32\igfxpers.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
            --a------ 2006-11-06 10:58 159744 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
            --------- 2006-12-02 16:32 167936 C:\Program Files\HP\QuickPlay\QPService.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
            --a------ 2007-10-19 20:16 286720 C:\Program Files\QuickTime\QTTask.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
            --a------ 2006-11-02 13:35 1196032 C:\Program Files\Windows Sidebar\sidebar.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
            --a------ 2007-02-08 01:16 77824 C:\Program Files\Java\jre1.6.0\bin\jusched.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
            C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
            --a------ 2007-09-03 09:37 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
            --a------ 2006-11-15 07:02 815104 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall_CToolbar]
            C:\Windows\Temp\CTun.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
            --a------ 2007-05-01 21:46 56112 C:\Program Files\VMware\VMware Player\hqtray.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]
            --a------ 2006-10-18 09:56 317152 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhatPulse]
            --a------ 2006-08-21 18:48 665600 C:\Program Files\WhatPulse\WhatPulse.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
            --a------ 2007-10-10 06:28 36352 C:\Program Files\Winamp\winampa.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
            --a------ 2006-11-02 13:34 1004136 C:\Program Files\Windows Defender\MSASCui.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
            %windir%\WindowsMobile\wmdSync.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
            --a------ 2006-11-02 13:36 201728 C:\Program Files\Windows Media Player\WMPNSCFG.exe

            R1 mchInjDrv;madCodeHook DLL injection driver;C:\Windows\system32\Drivers\mchInjDrv.sys [2007-12-30 18:16]
            R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
            R2 RapiMgr;Op Windows Mobile gebaseerde apparaatverbinding;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
            R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot
            R2 WcesComm;Op Windows Mobile 2003 gebaseerde apparaatverbinding;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
            R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 18:39]
            R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 11:29]
            R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2006-12-18 22:31]
            R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2006-12-18 22:31]
            R3 vmkbd;VMware kbd;C:\Windows\system32\drivers\VMkbd.sys [2007-05-01 21:46]
            S2 MySQL51;MySQL51;"C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld"
            S2 vmserverdWin32;VMware Registration Service;C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
            S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-17 17:20]
            S3 NETw3v32;Stuurprogramma voor Intel(R) PRO/Wireless 3945ABG-adapter onder Windows Vista 32-bits;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-09 10:02]
            S3 UMPass;Microsoft UMPass-stuurprogramma;C:\Windows\system32\DRIVERS\umpass.sys [2006-11-02 09:55]

            [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
            LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
            WindowsMobile REG_MULTI_SZ wcescomm rapimgr
            LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

            *Newly Created Service* - PROCEXP90
            .
            Inhoud van de 'Gedeelde Taken' map
            "2008-01-11 21:06:32 C:\Windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
            - C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
            .
            **************************************************************************

            catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
            Rootkit scan 2008-01-13 22:16:31
            Windows 6.0.6000 NTFS

            scannen van verborgen processen ...

            scannen van verborgen autostart items ...

            scannen van verborgen bestanden ...

            Scan succesvol afgerond
            verborgen bestanden: 0

            **************************************************************************
            .
            Voltooingstijd: 2008-01-13 22:17:52
            ComboFix-quarantined-files.txt 2008-01-13 21:17:48
            .
            2008-01-11 22:02:28 --- E O F ---
            • Citaat

            Comment

            • #7
              Logjes zien er schoon uit.

              Je draait meerdere virusscanners naast elkaar, dit kan problemen opleveren en gaat zeker ten koste van de goede werking van je systeem.
              Ik stel voor dat je een keuze maakt welke virusscanner je wilt blijven gebruiken en dat je dan die andere deïnstalleerd.

              Als je dat gedaan hebt post je een nieuw logje van Hijackthis en vertel dan of er nog problemen zijn
              • Citaat

              Comment

              • #8
                Ik heb Avira en Avast! eraf gehaald
                Maar ik wil overstappen op een andere gratis virusscanner
                Wat raad jij mij aan ?
                Het liefst met real-time bescherming

                Logfile of Trend Micro HijackThis v2.0.2
                Scan saved at 21:02:29, on 14-1-2008
                Platform: Windows Vista (WinNT 6.00.1904)
                MSIE: Internet Explorer v7.00 (7.00.6000.16386)
                Boot mode: Normal

                Running processes:
                C:\Windows\system32\taskeng.exe
                C:\Windows\Explorer.EXE
                C:\Windows\System32\wpcumi.exe
                C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
                C:\Program Files\Softwin\BitDefender10\bdmcon.exe
                C:\Program Files\Softwin\BitDefender10\bdagent.exe
                C:\Program Files\Windows Sidebar\sidebar.exe
                C:\Windows\ehome\ehtray.exe
                C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
                C:\Program Files\Shock Utility\Shock4Way3D\Shock4Way3D.exe
                C:\Windows\system32\wuauclt.exe
                C:\Windows\ehome\ehmsas.exe
                C:\Program Files\Internet Explorer\ieuser.exe
                C:\Program Files\Internet Explorer\iexplore.exe
                C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
                C:\HijackThis.exe

                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=laptop
                R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
                O1 - Hosts: ::1 localhost
                O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
                O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
                O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
                O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
                O4 - HKLM\..\Run: [LanzarP2006] "C:\Users\floris!\AppData\Local\Temp\{24967DEC-2BC0-4229-A8DC-CB9CDCFC1889}\{EEBA9416-3207-47E0-9022-116440599DBC}\P2006tmp\Install.exe" /SETUP:"/l0x0013"
                O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
                O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
                O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
                O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
                O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
                O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
                O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
                O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
                O4 - HKCU\..\Run: [Shock4Way3D] C:\Program Files\Shock Utility\Shock4Way3D\Shock4Way3D.exe
                O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
                O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
                O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
                O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
                O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
                O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                O13 - Gopher Prefix:
                O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
                O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.nl/scanforvirus-en/kavwebscan_unicode.cab
                O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
                O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
                O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
                O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
                O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
                O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
                O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
                O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
                O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
                O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
                O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
                O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
                O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
                O23 - Service: MySQL51 - Unknown owner - C:\Program.exe (file missing)
                O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
                O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
                O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
                O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
                O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
                O23 - Service: VMware Registration Service (vmserverdWin32) - Unknown owner - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe (file missing)
                O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
                O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
                O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

                --
                End of file - 7653 bytes
                • Citaat

                Comment

                • #9
                  Logje lijkt me OK.

                  Blijft AVG Free over: http://free.grisoft.com/doc/download...virus/us/frt/0
                  • Citaat

                  Comment

                  • #10
                    Oorspronkelijk geplaatst door smeenk Bekijk Berichten
                    Logje lijkt me OK.

                    Blijft AVG Free over: http://free.grisoft.com/doc/download-free-anti-virus/us/frt/0
                    Ok Bedankt
                    • Citaat

                    Comment

                    • #11
                      Graag gedaan hoor
                      • Citaat

                      Comment

                      Vorige template Volgende
                      Sorry, you are not authorized to view this page
                      Working...
                      X