Mededeling

Collapse
No announcement yet.

Ongewenste pagina's

Collapse
X
Collapse
  •  
  • Page of 1
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Ongewenste pagina's

    Als ik zit te internetten of helemaal niks doe krijg ik telkens dezelfde pagina geopent, hij vraagt of ik een programma wil installeren, en als ik op annuleren klik, komen er nog 2 pagina's tevoorschijn. Soms erg lastig weg te klikken Wie kan mij alsjeblieft helpen?
    Tis geen Trojan. Ik heb um al gescant met Avast 4.7

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:31:48, on 4-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: BDEX System - {059947A2-838E-4773-9EE2-8AB8F53C2EDE} - C:\WINDOWS\dxpvqlmgtv.dll
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: The ensfolr - {7D1AD5EB-9902-4FF0-986F-CA498179A53B} - C:\WINDOWS\ensfolr.dll
    O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
    O21 - SSODL: bklgvsf - {D45D5D3F-3371-40C0-916A-D849DBE4434E} - C:\WINDOWS\bklgvsf.dll (file missing)
    O21 - SSODL: ampkfst - {9FCFEB31-8703-4DF2-B3BA-43C7786BB76E} - C:\WINDOWS\ampkfst.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MSCSPTISRV - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
    O23 - Service: PACSPTISVR - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
    O23 - Service: StyleXPService - Unknown owner - -"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe" (file missing)
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (file missing)
    O23 - Service: WMP54Gv4SVC - Unknown owner - -"C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe" (file missing)
    O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)

    --
    End of file - 8421 bytes
    Last edited by mark_90; 04-01-08, 18:36.
    Labels: Geen
      • Citaat
    • #2
      Download: RVAXO.exe
      • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
      • Open nu de map RVAXO op je bureaublad en dubbeklik RVAXO.cmd
        Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
      • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
      • Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
        Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
      • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
      • Post de inhoud van de logfile in je volgende bericht tesamen met een nieuw logje van HijackThis.
        • Citaat

        Comment

        • #3
          ----------------RVAXO.exe first run-------------

          Files found:

          C:\WINDOWS\ensfolr.dll
          C:\WINDOWS\ampkfst.dll
          C:\WINDOWS\dxpvqlmgtv.dll
          C:\WINDOWS\dat.txt
          C:\WINDOWS\rs.txt
          C:\WINDOWS\foxflpd.exe

          Uninstallers Rogue scanners:


          Folders Found:


          Hosts-file was reset, If you use a custom hosts file please replace it...

          --------------RVAXO.exe last run---------------

          Files found:

          Folders Found:

          --------------RVAXO.exe finished----------------


          HijackThis log:

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 19:58:37, on 4-1-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16574)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\AlienGUIse\wbload.exe
          C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
          C:\Program Files\Alwil Software\Avast4\ashServ.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
          C:\WINDOWS\ATKKBService.exe
          C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
          C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
          C:\WINDOWS\system32\nvsvc32.exe
          C:\WINDOWS\system32\PnkBstrA.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
          C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
          C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
          C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
          C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Windows Live\Messenger\msnmsgr.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\wuauclt.exe
          C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
          C:\Program Files\Mozilla Firefox\firefox.exe
          C:\Program Files\Windows Live\Messenger\usnsvc.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
          O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
          O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
          O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
          O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
          O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
          O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
          O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
          O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
          O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
          O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
          O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
          O23 - Service: MSCSPTISRV - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
          O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
          O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
          O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
          O23 - Service: PACSPTISVR - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
          O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
          O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
          O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
          O23 - Service: StyleXPService - Unknown owner - -"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe" (file missing)
          O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (file missing)
          O23 - Service: WMP54Gv4SVC - Unknown owner - -"C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe" (file missing)
          O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)

          --
          End of file - 7521 bytes
            • Citaat

            Comment

            • #4
              Open de map RVAXO op je bureaublad en dubbelklik Uninstall.cmd
              Dit zal alles van RVAXO doen verwijderen.

              Download Combofix naar je Bureaublad.
              Dubbelklik op Combofix.exe
              Kies voor "Continue" door 1 te typen gevolgd door ENTER.
              Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
              Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
              Plaats deze log in je volgende post.

              NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
                • Citaat

                Comment

                • #5
                  ComboFix 08-01-05.1 - Eigenaar 2008-01-04 20:03:24.9 - NTFSx86
                  Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.587 [GMT 1:00]
                  Gestart vanuit: C:\Documents and Settings\Eigenaar\Bureaublad\ComboFix.exe
                  * Nieuw herstelpunt werd aangemaakt
                  .

                  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                  .

                  C:\Documents and Settings\Eigenaar\Application Data\inst.exe

                  .
                  (((((((((((((((((((( Bestanden Gemaakt van 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))
                  .

                  2008-01-04 20:02 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
                  2008-01-04 17:39 . 2008-01-04 17:58 <DIR> dr-h----- C:\Documents and Settings\Eigenaar\Onlangs geopend
                  2008-01-03 18:54 . 2008-01-03 18:54 <DIR> d-------- C:\Program Files\SubSync
                  2008-01-03 18:54 . 2008-01-03 18:54 249,856 --------- C:\WINDOWS\Setup1.exe
                  2008-01-03 18:53 . 2008-01-03 18:53 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
                  2008-01-03 15:53 . 2008-01-03 15:53 <DIR> d-------- C:\Documents and Settings\Eigenaar\Incomplete
                  2008-01-03 15:53 . 2008-01-03 16:46 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\LimeWirePlus
                  2007-12-29 20:41 . 2007-12-29 20:41 <DIR> d-------- C:\Program Files\VSO
                  2007-12-29 20:41 . 2008-01-03 16:51 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Vso
                  2007-12-29 20:41 . 2006-09-29 11:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll
                  2007-12-29 20:41 . 2006-09-29 11:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll
                  2007-12-29 20:41 . 2006-09-29 11:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll
                  2007-12-29 20:41 . 2007-12-29 20:41 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
                  2007-12-29 20:41 . 2007-12-29 20:41 47,360 --a------ C:\Documents and Settings\Eigenaar\Application Data\pcouffin.sys
                  2007-12-28 21:08 . 2007-12-28 21:09 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
                  2007-12-28 21:06 . 2004-08-04 14:00 572,928 --a------ C:\WINDOWS\system32\gpedit.dll
                  2007-12-28 21:06 . 2004-08-04 14:00 300,032 --a------ C:\WINDOWS\system32\appmgr.dll
                  2007-12-28 21:06 . 2004-08-04 14:00 200,192 --a------ C:\WINDOWS\system32\gptext.dll
                  2007-12-28 21:06 . 2004-08-04 14:00 175,616 --a------ C:\WINDOWS\system32\appmgmts.dll
                  2007-12-28 21:06 . 2004-08-04 14:00 118,272 --a------ C:\WINDOWS\system32\fde.dll
                  2007-12-28 21:06 . 2004-08-04 14:00 74,752 --a------ C:\WINDOWS\system32\fdeploy.dll
                  2007-12-28 21:06 . 2004-08-04 14:00 34,339 --a------ C:\WINDOWS\system32\gpedit.msc
                  2007-12-26 14:47 . 2007-12-26 14:47 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
                  2007-12-22 22:59 . 2007-12-22 22:59 <DIR> d-------- C:\Program Files\Logitech
                  2007-12-22 22:59 . 2007-12-22 22:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
                  2007-12-22 22:59 . 2007-12-22 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
                  2007-12-22 22:56 . 2007-12-22 22:59 <DIR> d-------- C:\Program Files\Common Files\logishrd
                  2007-12-22 22:56 . 2004-08-04 10:03 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
                  2007-12-22 22:56 . 2004-08-04 10:03 54,272 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
                  2007-12-18 22:24 . 2007-12-18 22:25 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
                  2007-12-18 20:48 . 2007-12-18 20:48 1,720,086 --a------ C:\WINDOWS\system32\TmpA14318437
                  2007-12-18 17:48 . 2007-12-18 18:02 754 --a------ C:\WINDOWS\WORDPAD.INI
                  2007-12-17 17:34 . 2007-12-18 16:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
                  2007-12-16 21:31 . 2007-12-16 21:31 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Yahoo!
                  2007-12-15 15:20 . 2007-12-15 15:20 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\dvdcss
                  2007-12-15 14:59 . 2007-12-15 14:59 <DIR> d-------- C:\Program Files\VideoLAN
                  2007-12-15 14:59 . 2007-12-15 14:59 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\vlc
                  2007-12-15 14:07 . 2007-12-15 14:07 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\URSoft
                  2007-12-15 13:32 . 2007-12-19 20:46 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\skypePM
                  2007-12-15 13:32 . 2007-12-15 13:32 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
                  2007-12-15 13:31 . 2007-12-22 16:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
                  2007-12-13 16:47 . 2007-12-13 17:16 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\UseNeXT
                  2007-12-11 23:32 . 2007-12-11 23:32 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
                  2007-12-09 20:46 . 2007-12-09 20:46 45,056 --a------ C:\WINDOWS\system32\sstunst3.exe
                  2007-12-08 17:10 . 2007-12-08 17:11 <DIR> d-------- C:\Program Files\Disk Cleaner
                  2007-12-07 21:34 . 2007-12-07 21:37 <DIR> d-------- C:\Program Files\Common Files\Nero
                  2007-12-07 18:21 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
                  2007-12-07 18:21 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
                  2007-12-07 18:21 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
                  2007-12-07 18:21 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
                  2007-12-07 18:21 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
                  2007-12-07 18:21 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
                  2007-12-07 18:21 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
                  2007-12-07 18:21 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
                  2007-12-07 16:54 . 2007-12-07 16:54 <DIR> d-------- C:\WINDOWS\system32\URTTemp
                  2007-12-07 16:33 . 2007-12-07 16:33 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\teamspeak2
                  2007-12-07 16:33 . 2007-12-07 16:33 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
                  2007-12-05 20:14 . 2007-12-05 20:14 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire

                  .
                  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  2008-01-04 18:54 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\uTorrent
                  2008-01-03 12:56 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
                  2008-01-03 12:56 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
                  2007-12-21 16:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
                  2007-12-18 19:49 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Uniblue
                  2007-12-16 20:36 --------- d-----w C:\Program Files\Teletekstbrowser
                  2007-12-15 13:50 --------- d-----w C:\Program Files\CyberLink
                  2007-12-15 13:08 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
                  2007-12-07 20:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
                  2007-12-07 17:21 --------- d-----w C:\Program Files\directx
                  2007-12-04 16:22 22,328 ----a-w C:\Documents and Settings\Eigenaar\Application Data\PnkBstrK.sys
                  2007-12-04 16:21 674,600 ----a-w C:\WINDOWS\system32\pbsvc.exe
                  2007-12-04 16:21 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
                  2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
                  2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
                  2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
                  2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
                  2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
                  2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
                  2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
                  2007-12-02 21:01 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Talkback
                  2007-12-01 13:09 --------- d-----w C:\Program Files\Activision
                  2007-11-30 14:19 --------- d-----w C:\Program Files\Alwil Software
                  2007-11-28 14:13 --------- d-----w C:\Program Files\AlienGUIse
                  2007-11-28 11:50 --------- d-----w C:\Program Files\SystemRequirementsLab
                  2007-11-22 16:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
                  2007-11-21 20:36 --------- d-----w C:\Program Files\Messenger Plus! Live
                  2007-11-18 21:26 --------- d-----w C:\Program Files\Common Files\Stardock
                  2007-11-13 16:35 --------- d-----w C:\Program Files\DAMN NFO Viewer
                  2007-11-13 15:08 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\GoFetch!
                  2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
                  2007-11-12 20:34 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\TuneUp Software
                  2007-11-12 20:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
                  2007-11-11 23:16 62,070 ----a-w C:\WINDOWS\system32\Fix.bat
                  2007-11-10 20:22 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\AccurateRip
                  2007-11-07 19:46 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Media Player Classic
                  2007-11-07 11:49 98,304 ----a-w C:\WINDOWS\system32\SoftAheadCert.dll
                  2007-11-07 10:09 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
                  2007-11-07 10:08 --------- d-----w C:\Program Files\Windows Live
                  2007-11-07 10:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
                  2007-11-07 10:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
                  2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
                  2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
                  2007-10-23 13:20 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
                  2007-10-22 07:51 972,072 ----a-w C:\WINDOWS\UNRecode.exe
                  2007-10-22 02:49 867,848 ----a-w C:\Program Files\NOV2007_d3dx10_36_x64.cab
                  2007-10-22 02:49 807,132 ----a-w C:\Program Files\NOV2007_d3dx10_36_x86.cab
                  2007-10-22 02:49 49,392 ----a-w C:\Program Files\NOV2007_X3DAudio_x64.cab
                  2007-10-22 02:49 44,850 ----a-w C:\Program Files\dxdllreg_x86.cab
                  2007-10-22 02:49 21,744 ----a-w C:\Program Files\NOV2007_X3DAudio_x86.cab
                  2007-10-22 02:49 200,010 ----a-w C:\Program Files\NOV2007_XACT_x64.cab
                  2007-10-22 02:49 151,512 ----a-w C:\Program Files\NOV2007_XACT_x86.cab
                  2007-10-22 02:49 1,805,306 ----a-w C:\Program Files\NOV2007_d3dx9_36_x64.cab
                  2007-10-22 02:49 1,712,608 ----a-w C:\Program Files\NOV2007_d3dx9_36_x86.cab
                  2007-10-22 02:37 17,928 ----a-w C:\WINDOWS\system32\X3DAudio1_2.dll
                  2007-10-22 02:31 976,020 ------w C:\Program Files\BDAXP.cab
                  2007-10-22 02:31 917,318 ------w C:\Program Files\Apr2006_MDX1_x86.cab
                  2007-10-22 02:31 88,102 ------w C:\Program Files\AUG2006_xinput_x64.cab
                  2007-10-22 02:31 87,989 ------w C:\Program Files\Apr2006_xinput_x64.cab
                  2007-10-22 02:31 86,925 ------w C:\Program Files\Oct2005_xinput_x64.cab
                  2007-10-22 02:31 86,802 ----a-w C:\Program Files\dxupdate.cab
                  2007-10-22 02:31 855,886 ------w C:\Program Files\AUG2007_d3dx10_35_x64.cab
                  2007-10-22 02:31 800,467 ------w C:\Program Files\AUG2007_d3dx10_35_x86.cab
                  2007-10-22 02:31 76,808 ----a-w C:\Program Files\DSETUP.dll
                  2007-10-22 02:31 702,644 ------w C:\Program Files\JUN2007_d3dx10_34_x64.cab
                  2007-10-22 02:31 702,212 ------w C:\Program Files\APR2007_d3dx10_33_x64.cab
                  2007-10-22 02:31 702,072 ------w C:\Program Files\JUN2007_d3dx10_34_x86.cab
                  2007-10-22 02:31 699,465 ------w C:\Program Files\APR2007_d3dx10_33_x86.cab
                  2007-10-22 02:31 56,902 ------w C:\Program Files\APR2007_xinput_x86.cab
                  2007-10-22 02:31 502,792 ----a-w C:\Program Files\DXSETUP.exe
                  2007-10-22 02:31 47,018 ------w C:\Program Files\AUG2006_xinput_x86.cab
                  2007-10-22 02:31 46,898 ------w C:\Program Files\Apr2006_xinput_x86.cab
                  2007-10-22 02:31 46,247 ------w C:\Program Files\Oct2005_xinput_x86.cab
                  2007-10-22 02:31 4,163,518 ------w C:\Program Files\Apr2006_MDX1_x86_Archive.cab
                  2007-10-22 02:31 213,767 ------w C:\Program Files\DEC2006_d3dx10_00_x64.cab
                  2007-10-22 02:31 201,696 ------w C:\Program Files\AUG2007_XACT_x64.cab
                  2007-10-22 02:31 200,722 ------w C:\Program Files\JUN2007_XACT_x64.cab
                  2007-10-22 02:31 199,366 ------w C:\Program Files\APR2007_XACT_x64.cab
                  2007-10-22 02:31 198,275 ------w C:\Program Files\FEB2007_XACT_x64.cab
                  2007-10-22 02:31 193,435 ------w C:\Program Files\DEC2006_XACT_x64.cab
                  2007-10-22 02:31 192,680 ------w C:\Program Files\DEC2006_d3dx10_00_x86.cab
                  2007-10-22 02:31 183,863 ------w C:\Program Files\AUG2006_XACT_x64.cab
                  2007-10-22 02:31 183,321 ------w C:\Program Files\OCT2006_XACT_x64.cab
                  2007-10-22 02:31 181,745 ------w C:\Program Files\JUN2006_XACT_x64.cab
                  2007-10-22 02:31 180,021 ------w C:\Program Files\Apr2006_XACT_x64.cab
                  2007-10-22 02:31 179,247 ------w C:\Program Files\Feb2006_XACT_x64.cab
                  2007-10-22 02:31 156,612 ------w C:\Program Files\AUG2007_XACT_x86.cab
                  2007-10-22 02:31 156,509 ------w C:\Program Files\JUN2007_XACT_x86.cab
                  2007-10-22 02:31 154,825 ------w C:\Program Files\APR2007_XACT_x86.cab
                  2007-10-22 02:31 151,583 ------w C:\Program Files\FEB2007_XACT_x86.cab
                  2007-10-22 02:31 146,559 ------w C:\Program Files\DEC2006_XACT_x86.cab
                  2007-10-22 02:31 138,977 ------w C:\Program Files\OCT2006_XACT_x86.cab
                  2007-10-22 02:31 138,195 ------w C:\Program Files\AUG2006_XACT_x86.cab
                  2007-10-22 02:31 134,631 ------w C:\Program Files\JUN2006_XACT_x86.cab
                  2007-10-22 02:31 133,991 ------w C:\Program Files\Apr2006_XACT_x86.cab
                  2007-10-22 02:31 133,297 ------w C:\Program Files\Feb2006_XACT_x86.cab
                  2007-10-22 02:31 13,265,040 ------w C:\Program Files\dxnt.cab
                  2007-10-22 02:31 100,417 ------w C:\Program Files\APR2007_xinput_x64.cab
                  2007-10-22 02:31 1,803,760 ------w C:\Program Files\AUG2007_d3dx9_35_x64.cab
                  2007-10-22 02:31 1,711,752 ------w C:\Program Files\AUG2007_d3dx9_35_x86.cab
                  .

                  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  REGEDIT4
                  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

                  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360]
                  "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "NvCplDaemon"="-C:\WINDOWS\system32\NvCpl.dll" [ ]
                  "NvMediaCenter"="-C:\WINDOWS\system32\NvMcTray.dll" [ ]
                  "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
                  "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]
                  "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
                  "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
                  "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]

                  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
                  "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
                  "NoResolveSearch"= 1 (0x1)

                  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
                  "NoBandCustomize"= 0 (0x0)
                  "NoMovingBands"= 0 (0x0)
                  "NoCloseDragDropBands"= 0 (0x0)

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
                  "UIHost"="LogonUI.EXE"

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
                  C:\Program Files\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Program Files\AlienGUIse\fastload.dll

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
                  "AppInit_DLLs"=wbsys.dll

                  [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Alienware Dock.lnk]
                  backup=C:\WINDOWS\pss\Alienware Dock.lnkStartup

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
                  -C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

                  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
                  "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
                  "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
                  "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
                  "SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
                  "VTTimer"=VTTimer.exe
                  "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
                  "NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit
                  "RTHDCPL"=RTHDCPL.EXE
                  "S3Trayp"=S3trayp.exe
                  "nwiz"=nwiz.exe /install

                  S3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-10 09:06]

                  .
                  Inhoud van de 'Gedeelde Taken' map
                  "2007-12-28 16:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
                  - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
                  "2007-12-25 21:36:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
                  - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
                  "2007-11-05 21:36:36 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
                  - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
                  .
                  **************************************************************************

                  catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                  Rootkit scan 2008-01-05 20:05:37
                  Windows 5.1.2600 Service Pack 2 NTFS

                  scannen van verborgen processen ...

                  scannen van verborgen autostart items ...

                  scannen van verborgen bestanden ...

                  Scan succesvol afgerond
                  verborgen bestanden: 0

                  **************************************************************************
                  .
                  Voltooingstijd: 2008-01-05 20:06:34
                  ComboFix-quarantined-files.txt 2008-01-05 19:06:06
                  ComboFix2.txt 2007-12-28 20:40:27
                  .
                  2007-12-26 13:49:47 --- E O F ---
                    • Citaat

                    Comment

                    • #6
                      Ik zie geen foute dingen meer

                      Ga naar Start - Uitvoeren en geef hier het volgende in:
                      Combofix /U
                      Druk daarna op OK.
                      Let op: Er moet een spatie tussen Combofix en /U zitten.

                      Dit zal Combofix deïnstalleren.

                      Dan denk ik dat we klaar zijn
                        • Citaat

                        Comment

                        • #7
                          Okee, als er nog wat mis is hoor je t wel, bedankt he!
                          Last edited by mark_90; 04-01-08, 20:20.
                            • Citaat

                            Comment

                            • #8
                              Combofix even opnieuw downloaden en opnieuw uitvoeren.
                              Daarna opnieuw Combofix /U proberen.
                                • Citaat

                                Comment

                                • #9
                                  Het is gelukt! Bedankt!
                                    • Citaat

                                    Comment

                                    • #10
                                      Graag gedaan hoor
                                        • Citaat

                                        Comment

                                        Vorige template Volgende
                                        Sorry, you are not authorized to view this page
                                        Working...
                                        X
                                        😀
                                        🥰
                                        🤢
                                        😎
                                        😡
                                        👍
                                        👎