Mededeling

Collapse
No announcement yet.

Ongewenste pagina's

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Ongewenste pagina's

    Als ik zit te internetten of helemaal niks doe krijg ik telkens dezelfde pagina geopent, hij vraagt of ik een programma wil installeren, en als ik op annuleren klik, komen er nog 2 pagina's tevoorschijn. Soms erg lastig weg te klikken Wie kan mij alsjeblieft helpen?
    Tis geen Trojan. Ik heb um al gescant met Avast 4.7

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:31:48, on 4-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: BDEX System - {059947A2-838E-4773-9EE2-8AB8F53C2EDE} - C:\WINDOWS\dxpvqlmgtv.dll
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: The ensfolr - {7D1AD5EB-9902-4FF0-986F-CA498179A53B} - C:\WINDOWS\ensfolr.dll
    O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
    O21 - SSODL: bklgvsf - {D45D5D3F-3371-40C0-916A-D849DBE4434E} - C:\WINDOWS\bklgvsf.dll (file missing)
    O21 - SSODL: ampkfst - {9FCFEB31-8703-4DF2-B3BA-43C7786BB76E} - C:\WINDOWS\ampkfst.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MSCSPTISRV - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
    O23 - Service: PACSPTISVR - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
    O23 - Service: StyleXPService - Unknown owner - -"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe" (file missing)
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (file missing)
    O23 - Service: WMP54Gv4SVC - Unknown owner - -"C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe" (file missing)
    O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)

    --
    End of file - 8421 bytes
    Last edited by mark_90; 04-01-08, 18:36.
    Labels: Geen
    • Citaat
  • #2
    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RVAXO.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht tesamen met een nieuw logje van HijackThis.
    • Citaat

    Comment

    • #3
      ----------------RVAXO.exe first run-------------

      Files found:

      C:\WINDOWS\ensfolr.dll
      C:\WINDOWS\ampkfst.dll
      C:\WINDOWS\dxpvqlmgtv.dll
      C:\WINDOWS\dat.txt
      C:\WINDOWS\rs.txt
      C:\WINDOWS\foxflpd.exe

      Uninstallers Rogue scanners:


      Folders Found:


      Hosts-file was reset, If you use a custom hosts file please replace it...

      --------------RVAXO.exe last run---------------

      Files found:

      Folders Found:

      --------------RVAXO.exe finished----------------


      HijackThis log:

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:58:37, on 4-1-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16574)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\AlienGUIse\wbload.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\WINDOWS\ATKKBService.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\PnkBstrA.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
      O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: MSCSPTISRV - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
      O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
      O23 - Service: PACSPTISVR - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
      O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
      O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
      O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
      O23 - Service: StyleXPService - Unknown owner - -"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe" (file missing)
      O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (file missing)
      O23 - Service: WMP54Gv4SVC - Unknown owner - -"C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe" (file missing)
      O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)

      --
      End of file - 7521 bytes
      • Citaat

      Comment

      • #4
        Open de map RVAXO op je bureaublad en dubbelklik Uninstall.cmd
        Dit zal alles van RVAXO doen verwijderen.

        Download Combofix naar je Bureaublad.
        Dubbelklik op Combofix.exe
        Kies voor "Continue" door 1 te typen gevolgd door ENTER.
        Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
        Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
        Plaats deze log in je volgende post.

        NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
        • Citaat

        Comment

        • #5
          ComboFix 08-01-05.1 - Eigenaar 2008-01-04 20:03:24.9 - NTFSx86
          Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.587 [GMT 1:00]
          Gestart vanuit: C:\Documents and Settings\Eigenaar\Bureaublad\ComboFix.exe
          * Nieuw herstelpunt werd aangemaakt
          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\Documents and Settings\Eigenaar\Application Data\inst.exe

          .
          (((((((((((((((((((( Bestanden Gemaakt van 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))
          .

          2008-01-04 20:02 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
          2008-01-04 17:39 . 2008-01-04 17:58 <DIR> dr-h----- C:\Documents and Settings\Eigenaar\Onlangs geopend
          2008-01-03 18:54 . 2008-01-03 18:54 <DIR> d-------- C:\Program Files\SubSync
          2008-01-03 18:54 . 2008-01-03 18:54 249,856 --------- C:\WINDOWS\Setup1.exe
          2008-01-03 18:53 . 2008-01-03 18:53 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
          2008-01-03 15:53 . 2008-01-03 15:53 <DIR> d-------- C:\Documents and Settings\Eigenaar\Incomplete
          2008-01-03 15:53 . 2008-01-03 16:46 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\LimeWirePlus
          2007-12-29 20:41 . 2007-12-29 20:41 <DIR> d-------- C:\Program Files\VSO
          2007-12-29 20:41 . 2008-01-03 16:51 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Vso
          2007-12-29 20:41 . 2006-09-29 11:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll
          2007-12-29 20:41 . 2006-09-29 11:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll
          2007-12-29 20:41 . 2006-09-29 11:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll
          2007-12-29 20:41 . 2007-12-29 20:41 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
          2007-12-29 20:41 . 2007-12-29 20:41 47,360 --a------ C:\Documents and Settings\Eigenaar\Application Data\pcouffin.sys
          2007-12-28 21:08 . 2007-12-28 21:09 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
          2007-12-28 21:06 . 2004-08-04 14:00 572,928 --a------ C:\WINDOWS\system32\gpedit.dll
          2007-12-28 21:06 . 2004-08-04 14:00 300,032 --a------ C:\WINDOWS\system32\appmgr.dll
          2007-12-28 21:06 . 2004-08-04 14:00 200,192 --a------ C:\WINDOWS\system32\gptext.dll
          2007-12-28 21:06 . 2004-08-04 14:00 175,616 --a------ C:\WINDOWS\system32\appmgmts.dll
          2007-12-28 21:06 . 2004-08-04 14:00 118,272 --a------ C:\WINDOWS\system32\fde.dll
          2007-12-28 21:06 . 2004-08-04 14:00 74,752 --a------ C:\WINDOWS\system32\fdeploy.dll
          2007-12-28 21:06 . 2004-08-04 14:00 34,339 --a------ C:\WINDOWS\system32\gpedit.msc
          2007-12-26 14:47 . 2007-12-26 14:47 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
          2007-12-22 22:59 . 2007-12-22 22:59 <DIR> d-------- C:\Program Files\Logitech
          2007-12-22 22:59 . 2007-12-22 22:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
          2007-12-22 22:59 . 2007-12-22 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
          2007-12-22 22:56 . 2007-12-22 22:59 <DIR> d-------- C:\Program Files\Common Files\logishrd
          2007-12-22 22:56 . 2004-08-04 10:03 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
          2007-12-22 22:56 . 2004-08-04 10:03 54,272 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
          2007-12-18 22:24 . 2007-12-18 22:25 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
          2007-12-18 20:48 . 2007-12-18 20:48 1,720,086 --a------ C:\WINDOWS\system32\TmpA14318437
          2007-12-18 17:48 . 2007-12-18 18:02 754 --a------ C:\WINDOWS\WORDPAD.INI
          2007-12-17 17:34 . 2007-12-18 16:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
          2007-12-16 21:31 . 2007-12-16 21:31 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Yahoo!
          2007-12-15 15:20 . 2007-12-15 15:20 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\dvdcss
          2007-12-15 14:59 . 2007-12-15 14:59 <DIR> d-------- C:\Program Files\VideoLAN
          2007-12-15 14:59 . 2007-12-15 14:59 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\vlc
          2007-12-15 14:07 . 2007-12-15 14:07 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\URSoft
          2007-12-15 13:32 . 2007-12-19 20:46 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\skypePM
          2007-12-15 13:32 . 2007-12-15 13:32 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
          2007-12-15 13:31 . 2007-12-22 16:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
          2007-12-13 16:47 . 2007-12-13 17:16 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\UseNeXT
          2007-12-11 23:32 . 2007-12-11 23:32 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
          2007-12-09 20:46 . 2007-12-09 20:46 45,056 --a------ C:\WINDOWS\system32\sstunst3.exe
          2007-12-08 17:10 . 2007-12-08 17:11 <DIR> d-------- C:\Program Files\Disk Cleaner
          2007-12-07 21:34 . 2007-12-07 21:37 <DIR> d-------- C:\Program Files\Common Files\Nero
          2007-12-07 18:21 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
          2007-12-07 18:21 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
          2007-12-07 18:21 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
          2007-12-07 18:21 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
          2007-12-07 18:21 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
          2007-12-07 18:21 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
          2007-12-07 18:21 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
          2007-12-07 18:21 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
          2007-12-07 16:54 . 2007-12-07 16:54 <DIR> d-------- C:\WINDOWS\system32\URTTemp
          2007-12-07 16:33 . 2007-12-07 16:33 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\teamspeak2
          2007-12-07 16:33 . 2007-12-07 16:33 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
          2007-12-05 20:14 . 2007-12-05 20:14 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-01-04 18:54 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\uTorrent
          2008-01-03 12:56 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
          2008-01-03 12:56 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
          2007-12-21 16:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2007-12-18 19:49 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Uniblue
          2007-12-16 20:36 --------- d-----w C:\Program Files\Teletekstbrowser
          2007-12-15 13:50 --------- d-----w C:\Program Files\CyberLink
          2007-12-15 13:08 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
          2007-12-07 20:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
          2007-12-07 17:21 --------- d-----w C:\Program Files\directx
          2007-12-04 16:22 22,328 ----a-w C:\Documents and Settings\Eigenaar\Application Data\PnkBstrK.sys
          2007-12-04 16:21 674,600 ----a-w C:\WINDOWS\system32\pbsvc.exe
          2007-12-04 16:21 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
          2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
          2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
          2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
          2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
          2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
          2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
          2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
          2007-12-02 21:01 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Talkback
          2007-12-01 13:09 --------- d-----w C:\Program Files\Activision
          2007-11-30 14:19 --------- d-----w C:\Program Files\Alwil Software
          2007-11-28 14:13 --------- d-----w C:\Program Files\AlienGUIse
          2007-11-28 11:50 --------- d-----w C:\Program Files\SystemRequirementsLab
          2007-11-22 16:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
          2007-11-21 20:36 --------- d-----w C:\Program Files\Messenger Plus! Live
          2007-11-18 21:26 --------- d-----w C:\Program Files\Common Files\Stardock
          2007-11-13 16:35 --------- d-----w C:\Program Files\DAMN NFO Viewer
          2007-11-13 15:08 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\GoFetch!
          2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
          2007-11-12 20:34 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\TuneUp Software
          2007-11-12 20:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
          2007-11-11 23:16 62,070 ----a-w C:\WINDOWS\system32\Fix.bat
          2007-11-10 20:22 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\AccurateRip
          2007-11-07 19:46 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Media Player Classic
          2007-11-07 11:49 98,304 ----a-w C:\WINDOWS\system32\SoftAheadCert.dll
          2007-11-07 10:09 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
          2007-11-07 10:08 --------- d-----w C:\Program Files\Windows Live
          2007-11-07 10:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
          2007-11-07 10:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
          2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
          2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
          2007-10-23 13:20 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
          2007-10-22 07:51 972,072 ----a-w C:\WINDOWS\UNRecode.exe
          2007-10-22 02:49 867,848 ----a-w C:\Program Files\NOV2007_d3dx10_36_x64.cab
          2007-10-22 02:49 807,132 ----a-w C:\Program Files\NOV2007_d3dx10_36_x86.cab
          2007-10-22 02:49 49,392 ----a-w C:\Program Files\NOV2007_X3DAudio_x64.cab
          2007-10-22 02:49 44,850 ----a-w C:\Program Files\dxdllreg_x86.cab
          2007-10-22 02:49 21,744 ----a-w C:\Program Files\NOV2007_X3DAudio_x86.cab
          2007-10-22 02:49 200,010 ----a-w C:\Program Files\NOV2007_XACT_x64.cab
          2007-10-22 02:49 151,512 ----a-w C:\Program Files\NOV2007_XACT_x86.cab
          2007-10-22 02:49 1,805,306 ----a-w C:\Program Files\NOV2007_d3dx9_36_x64.cab
          2007-10-22 02:49 1,712,608 ----a-w C:\Program Files\NOV2007_d3dx9_36_x86.cab
          2007-10-22 02:37 17,928 ----a-w C:\WINDOWS\system32\X3DAudio1_2.dll
          2007-10-22 02:31 976,020 ------w C:\Program Files\BDAXP.cab
          2007-10-22 02:31 917,318 ------w C:\Program Files\Apr2006_MDX1_x86.cab
          2007-10-22 02:31 88,102 ------w C:\Program Files\AUG2006_xinput_x64.cab
          2007-10-22 02:31 87,989 ------w C:\Program Files\Apr2006_xinput_x64.cab
          2007-10-22 02:31 86,925 ------w C:\Program Files\Oct2005_xinput_x64.cab
          2007-10-22 02:31 86,802 ----a-w C:\Program Files\dxupdate.cab
          2007-10-22 02:31 855,886 ------w C:\Program Files\AUG2007_d3dx10_35_x64.cab
          2007-10-22 02:31 800,467 ------w C:\Program Files\AUG2007_d3dx10_35_x86.cab
          2007-10-22 02:31 76,808 ----a-w C:\Program Files\DSETUP.dll
          2007-10-22 02:31 702,644 ------w C:\Program Files\JUN2007_d3dx10_34_x64.cab
          2007-10-22 02:31 702,212 ------w C:\Program Files\APR2007_d3dx10_33_x64.cab
          2007-10-22 02:31 702,072 ------w C:\Program Files\JUN2007_d3dx10_34_x86.cab
          2007-10-22 02:31 699,465 ------w C:\Program Files\APR2007_d3dx10_33_x86.cab
          2007-10-22 02:31 56,902 ------w C:\Program Files\APR2007_xinput_x86.cab
          2007-10-22 02:31 502,792 ----a-w C:\Program Files\DXSETUP.exe
          2007-10-22 02:31 47,018 ------w C:\Program Files\AUG2006_xinput_x86.cab
          2007-10-22 02:31 46,898 ------w C:\Program Files\Apr2006_xinput_x86.cab
          2007-10-22 02:31 46,247 ------w C:\Program Files\Oct2005_xinput_x86.cab
          2007-10-22 02:31 4,163,518 ------w C:\Program Files\Apr2006_MDX1_x86_Archive.cab
          2007-10-22 02:31 213,767 ------w C:\Program Files\DEC2006_d3dx10_00_x64.cab
          2007-10-22 02:31 201,696 ------w C:\Program Files\AUG2007_XACT_x64.cab
          2007-10-22 02:31 200,722 ------w C:\Program Files\JUN2007_XACT_x64.cab
          2007-10-22 02:31 199,366 ------w C:\Program Files\APR2007_XACT_x64.cab
          2007-10-22 02:31 198,275 ------w C:\Program Files\FEB2007_XACT_x64.cab
          2007-10-22 02:31 193,435 ------w C:\Program Files\DEC2006_XACT_x64.cab
          2007-10-22 02:31 192,680 ------w C:\Program Files\DEC2006_d3dx10_00_x86.cab
          2007-10-22 02:31 183,863 ------w C:\Program Files\AUG2006_XACT_x64.cab
          2007-10-22 02:31 183,321 ------w C:\Program Files\OCT2006_XACT_x64.cab
          2007-10-22 02:31 181,745 ------w C:\Program Files\JUN2006_XACT_x64.cab
          2007-10-22 02:31 180,021 ------w C:\Program Files\Apr2006_XACT_x64.cab
          2007-10-22 02:31 179,247 ------w C:\Program Files\Feb2006_XACT_x64.cab
          2007-10-22 02:31 156,612 ------w C:\Program Files\AUG2007_XACT_x86.cab
          2007-10-22 02:31 156,509 ------w C:\Program Files\JUN2007_XACT_x86.cab
          2007-10-22 02:31 154,825 ------w C:\Program Files\APR2007_XACT_x86.cab
          2007-10-22 02:31 151,583 ------w C:\Program Files\FEB2007_XACT_x86.cab
          2007-10-22 02:31 146,559 ------w C:\Program Files\DEC2006_XACT_x86.cab
          2007-10-22 02:31 138,977 ------w C:\Program Files\OCT2006_XACT_x86.cab
          2007-10-22 02:31 138,195 ------w C:\Program Files\AUG2006_XACT_x86.cab
          2007-10-22 02:31 134,631 ------w C:\Program Files\JUN2006_XACT_x86.cab
          2007-10-22 02:31 133,991 ------w C:\Program Files\Apr2006_XACT_x86.cab
          2007-10-22 02:31 133,297 ------w C:\Program Files\Feb2006_XACT_x86.cab
          2007-10-22 02:31 13,265,040 ------w C:\Program Files\dxnt.cab
          2007-10-22 02:31 100,417 ------w C:\Program Files\APR2007_xinput_x64.cab
          2007-10-22 02:31 1,803,760 ------w C:\Program Files\AUG2007_d3dx9_35_x64.cab
          2007-10-22 02:31 1,711,752 ------w C:\Program Files\AUG2007_d3dx9_35_x86.cab
          .

          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360]
          "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "NvCplDaemon"="-C:\WINDOWS\system32\NvCpl.dll" [ ]
          "NvMediaCenter"="-C:\WINDOWS\system32\NvMcTray.dll" [ ]
          "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
          "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]
          "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
          "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
          "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]

          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
          "NoResolveSearch"= 1 (0x1)

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
          "NoBandCustomize"= 0 (0x0)
          "NoMovingBands"= 0 (0x0)
          "NoCloseDragDropBands"= 0 (0x0)

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
          "UIHost"="LogonUI.EXE"

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
          C:\Program Files\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Program Files\AlienGUIse\fastload.dll

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
          "AppInit_DLLs"=wbsys.dll

          [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Alienware Dock.lnk]
          backup=C:\WINDOWS\pss\Alienware Dock.lnkStartup

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
          -C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
          "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
          "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
          "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
          "SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
          "VTTimer"=VTTimer.exe
          "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
          "NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit
          "RTHDCPL"=RTHDCPL.EXE
          "S3Trayp"=S3trayp.exe
          "nwiz"=nwiz.exe /install

          S3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-10 09:06]

          .
          Inhoud van de 'Gedeelde Taken' map
          "2007-12-28 16:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
          - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
          "2007-12-25 21:36:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
          - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
          "2007-11-05 21:36:36 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
          - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
          .
          **************************************************************************

          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-01-05 20:05:37
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************
          .
          Voltooingstijd: 2008-01-05 20:06:34
          ComboFix-quarantined-files.txt 2008-01-05 19:06:06
          ComboFix2.txt 2007-12-28 20:40:27
          .
          2007-12-26 13:49:47 --- E O F ---
          • Citaat

          Comment

          • #6
            Ik zie geen foute dingen meer

            Ga naar Start - Uitvoeren en geef hier het volgende in:
            Combofix /U
            Druk daarna op OK.
            Let op: Er moet een spatie tussen Combofix en /U zitten.

            Dit zal Combofix deïnstalleren.

            Dan denk ik dat we klaar zijn
            • Citaat

            Comment

            • #7
              Okee, als er nog wat mis is hoor je t wel, bedankt he!
              Last edited by mark_90; 04-01-08, 20:20.
              • Citaat

              Comment

              • #8
                Combofix even opnieuw downloaden en opnieuw uitvoeren.
                Daarna opnieuw Combofix /U proberen.
                • Citaat

                Comment

                • #9
                  Het is gelukt! Bedankt!
                  • Citaat

                  Comment

                  • #10
                    Graag gedaan hoor
                    • Citaat

                    Comment

                    Vorige template Volgende
                    Sorry, you are not authorized to view this page
                    Working...
                    X