Mededeling

Collapse
No announcement yet.

Trage pc (Deze Computer, Mijn Documenten, explorer.exe)

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Trage pc (Deze Computer, Mijn Documenten, explorer.exe)

    Mijn computer is de laatste tijd soms niet vooruit te branden, als ik Deze Computer opent, of Mijn Documenten duurt het erg lang voordat ik wat te zien krijg, en ik krijg telkes een foutmelding van explorer.exe en dw2232.exe of zo, dan loopt me pc vast en kan ik niks meer doen:S Wie kan mij alsjeblieft helpen? Alvast bedankt

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:52:30, on 9-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MSCSPTISRV - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
    O23 - Service: PACSPTISVR - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
    O23 - Service: StyleXPService - Unknown owner - -"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe" (file missing)
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (file missing)
    O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
    O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)

    --
    End of file - 8023 bytes

  • #2
    Ik heb even een nieuwe log gemaakt...


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:29:48, on 12-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MSCSPTISRV - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
    O23 - Service: PACSPTISVR - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
    O23 - Service: StyleXPService - Unknown owner - -"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe" (file missing)
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (file missing)
    O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
    O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)

    --
    End of file - 8071 bytes

    Comment


    • #3
      Start Hijackthis op en kies voor 'Do a system scan only'
      Selecteer alleen de items die hieronder zijn genoemd:

      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

      Klik op 'Fix checked' om de items te verwijderen.

      Download Java Runtime Environment (JRE) 6u4.
      • Scroll omlaag naar : "Java Runtime Environment (JRE) 6u4".
      • Klik op de "Download" knop aan de rechterkant.
      • In het uitklapmenu rechts naast Platform, selecteer Windows
      • Vink aan: "I agree to the Java SE Runtime Environment 6 License Agreement", en klik op Continue.
      • De pagina zal herladen.
      • Klik op de jre-6u4-windows-i586-p.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
      • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
      • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
      • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
      • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
      • Herhaal dit tot alle oudere versies verdwenen zijn.
      • Na het verwijderen van alle oudere versies, herstart je pc.
      • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.



      Download Combofix naar je Bureaublad.
      Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

      OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
      • Dubbelklik op Combofix.exe
        Volg de instructies, aanvaard de disclaimer door 1 (continue) te typen, gevolgd door ENTER.
        Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

      Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
      Plaats dit log in je volgende post samen met een nieuw HijackThis log.

      Windows 10 opstarten in Veilige Modus

      Comment


      • #4
        ComboFix 08-01-18.5 - Eigenaar 2008-01-19 15:15:53.11 - NTFSx86
        Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.580 [GMT 1:00]
        Gestart vanuit: C:\Documents and Settings\Eigenaar\Bureaublad\ComboFix.exe

        WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
        .

        (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        ---- Previous Run -------
        .
        C:\WINDOWS\system32\pskill.exe
        C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat . . . . konden niet verwijderd worden
        C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat . . . . konden niet verwijderd worden

        .
        (((((((((((((((((((( Bestanden Gemaakt van 2007-12-19 to 2008-01-19 ))))))))))))))))))))))))))))))
        .

        2008-01-19 15:04 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
        2008-01-19 15:03 . 2008-01-19 15:03 <DIR> d-------- C:\Program Files\Sun
        2008-01-19 15:03 . 2007-12-14 01:59 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
        2008-01-19 15:00 . 2008-01-19 15:03 <DIR> d-------- C:\Program Files\Java
        2008-01-19 15:00 . 2008-01-19 15:00 <DIR> d-------- C:\Program Files\Common Files\Java
        2008-01-19 14:02 . 2008-01-19 14:02 <DIR> d-------- C:\Program Files\Shock Utility
        2008-01-19 14:02 . 2008-01-19 14:02 65,536 --a------ C:\WINDOWS\IFinst27.exe
        2008-01-19 13:12 . 2008-01-19 13:12 1,374 --a------ C:\WINDOWS\imsins.BAK
        2008-01-19 11:55 . 2008-01-19 11:55 <DIR> d-------- C:\Program Files\Windows Defender
        2008-01-19 10:52 . 2008-01-19 15:13 <DIR> dr-h----- C:\Documents and Settings\Eigenaar\Onlangs geopend
        2008-01-15 20:21 . 2008-01-15 20:23 <DIR> d-------- C:\Program Files\DivX
        2008-01-12 22:02 . 2001-08-17 22:07 56,960 --a--c--- C:\WINDOWS\system32\dllcache\aic78xx.sys
        2008-01-12 22:02 . 2001-08-17 22:07 55,168 --a--c--- C:\WINDOWS\system32\dllcache\aic78u2.sys
        2008-01-12 22:02 . 2001-08-17 20:11 27,678 --a--c--- C:\WINDOWS\system32\dllcache\ali5261.sys
        2008-01-12 22:02 . 2001-08-17 21:52 12,800 --a--c--- C:\WINDOWS\system32\dllcache\aha154x.sys
        2008-01-12 22:00 . 2001-09-06 21:26 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll
        2008-01-10 14:09 . 2008-01-10 14:09 <DIR> d-------- C:\Temp
        2008-01-10 13:38 . 2008-01-12 21:09 <DIR> d-------- C:\Program Files\Common Files\Real
        2008-01-10 13:00 . 2008-01-10 13:00 78,942 --a------ C:\WINDOWS\Icon_1.ico
        2008-01-10 12:59 . 2008-01-10 13:00 <DIR> d-------- C:\WINDOWS\system32\VITrans
        2008-01-10 12:59 . 2006-12-03 17:15 111,104 --a------ C:\WINDOWS\system32\Uharc.exe
        2008-01-10 12:59 . 2006-12-03 17:15 19,968 --a------ C:\WINDOWS\system32\reico.exe
        2008-01-10 12:59 . 2006-12-03 17:14 8,636 --a------ C:\WINDOWS\system32\modifype.exe
        2008-01-09 15:15 . 2002-01-05 14:40 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
        2008-01-09 15:15 . 2003-08-07 15:01 237,568 --a------ C:\WINDOWS\system32\lame_enc.dll
        2008-01-09 12:45 . 2008-01-09 12:45 <DIR> d---s---- C:\WINDOWS\system32\%SystemDrive%
        2008-01-09 12:45 . 2008-01-17 20:41 <DIR> d-------- C:\WINDOWS\_avast4_
        2008-01-07 19:55 . 2008-01-07 19:55 <DIR> d-------- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
        2008-01-07 19:55 . 2005-10-27 15:06 356,096 --a------ C:\WINDOWS\system32\rt61.sys
        2008-01-07 19:55 . 2005-10-20 15:00 243,328 --a------ C:\WINDOWS\system32\rt2500.sys
        2008-01-07 19:55 . 2008-01-07 19:55 20,747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
        2008-01-07 19:55 . 2005-11-07 03:51 7,878 --a------ C:\WINDOWS\system32\RT2500.CAT
        2008-01-07 19:55 . 2005-11-09 04:41 7,870 --a------ C:\WINDOWS\system32\rt61.cat
        2008-01-07 19:55 . 2008-01-07 19:55 920 --a------ C:\WINDOWS\system32\WLAN.INI
        2008-01-07 17:22 . 2008-01-07 17:22 <DIR> d-------- C:\Program Files\Disk Cleaner
        2008-01-07 15:34 . 2008-01-07 15:36 <DIR> d-------- C:\WINDOWS\NV33963876.TMP
        2008-01-06 19:22 . 2008-01-06 19:22 <DIR> d-------- C:\Documents and Settings\Eigenaar\LimeWire Store Purchased
        2008-01-06 19:22 . 2008-01-06 19:22 <DIR> d-------- C:\Documents and Settings\Eigenaar\LimeWire Shared
        2008-01-06 19:21 . 2008-01-06 19:47 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\LimeWirePlus
        2008-01-06 19:18 . 2008-01-06 19:50 <DIR> d-------- C:\Program Files\LimeWire Plus
        2008-01-06 12:51 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
        2008-01-06 12:51 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
        2008-01-06 12:51 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
        2008-01-06 12:51 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
        2008-01-06 12:51 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
        2008-01-06 12:51 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
        2008-01-06 12:51 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
        2008-01-06 12:51 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
        2008-01-05 20:14 . 2008-01-19 11:44 <DIR> d-------- C:\Program Files\SpywareGuard
        2008-01-03 18:54 . 2008-01-03 18:54 249,856 --------- C:\WINDOWS\Setup1.exe
        2008-01-03 18:53 . 2008-01-03 18:53 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
        2008-01-03 15:53 . 2008-01-06 19:47 <DIR> d-------- C:\Documents and Settings\Eigenaar\Incomplete
        2007-12-29 20:41 . 2007-12-29 20:41 <DIR> d-------- C:\Program Files\VSO
        2007-12-29 20:41 . 2008-01-19 15:02 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\Vso
        2007-12-29 20:41 . 2006-09-29 11:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll
        2007-12-29 20:41 . 2006-09-29 11:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll
        2007-12-29 20:41 . 2006-09-29 11:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll
        2007-12-29 20:41 . 2007-12-29 20:41 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
        2007-12-29 20:41 . 2007-12-29 20:41 47,360 --a------ C:\Documents and Settings\Eigenaar\Application Data\pcouffin.sys
        2007-12-28 21:08 . 2007-12-28 21:09 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
        2007-12-28 21:06 . 2004-08-04 14:00 572,928 --a------ C:\WINDOWS\system32\gpedit.dll
        2007-12-28 21:06 . 2004-08-04 14:00 300,032 --a------ C:\WINDOWS\system32\appmgr.dll
        2007-12-28 21:06 . 2004-08-04 14:00 200,192 --a------ C:\WINDOWS\system32\gptext.dll
        2007-12-28 21:06 . 2004-08-04 14:00 175,616 --a------ C:\WINDOWS\system32\appmgmts.dll
        2007-12-28 21:06 . 2004-08-04 14:00 118,272 --a------ C:\WINDOWS\system32\fde.dll
        2007-12-28 21:06 . 2004-08-04 14:00 74,752 --a------ C:\WINDOWS\system32\fdeploy.dll
        2007-12-28 21:06 . 2004-08-04 14:00 34,339 --a------ C:\WINDOWS\system32\gpedit.msc
        2007-12-26 14:47 . 2007-12-26 14:47 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
        2007-12-22 22:59 . 2007-12-22 22:59 <DIR> d-------- C:\Program Files\Logitech
        2007-12-22 22:59 . 2007-12-22 22:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
        2007-12-22 22:59 . 2007-12-22 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
        2007-12-22 22:56 . 2007-12-22 22:59 <DIR> d-------- C:\Program Files\Common Files\logishrd
        2007-12-22 22:56 . 2004-08-04 10:03 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
        2007-12-22 22:56 . 2004-08-04 10:03 54,272 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll

        .
        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-01-19 14:08 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\uTorrent
        2008-01-18 18:39 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
        2008-01-18 18:38 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
        2008-01-17 19:37 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\dvdcss
        2008-01-09 13:12 --------- d-----w C:\Program Files\directx
        2008-01-09 12:50 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\GetRightToGo
        2008-01-07 18:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2007-12-22 15:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
        2007-12-19 19:46 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\skypePM
        2007-12-18 19:49 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Uniblue
        2007-12-18 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hagel Technologies
        2007-12-16 20:36 --------- d-----w C:\Program Files\Teletekstbrowser
        2007-12-16 20:31 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\Yahoo!
        2007-12-15 13:59 --------- d-----w C:\Program Files\VideoLAN
        2007-12-15 13:59 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\vlc
        2007-12-15 13:50 --------- d-----w C:\Program Files\CyberLink
        2007-12-15 13:08 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
        2007-12-15 13:07 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\URSoft
        2007-12-15 12:32 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
        2007-12-13 16:16 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\UseNeXT
        2007-12-11 22:32 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
        2007-12-09 19:46 45,056 ----a-w C:\WINDOWS\system32\sstunst3.exe
        2007-12-07 20:37 --------- d-----w C:\Program Files\Common Files\Nero
        2007-12-07 20:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
        2007-12-07 15:33 --------- d-----w C:\Documents and Settings\Eigenaar\Application Data\teamspeak2
        2007-12-05 19:14 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Xfire
        2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
        2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
        2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
        2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
        2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
        2007-12-05 00:41 7,435,392 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
        2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
        2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
        2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll
        2007-12-05 00:41 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
        2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
        2007-12-05 00:41 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
        2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
        2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
        2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
        2007-12-05 00:41 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll
        2007-12-05 00:41 356,352 ----a-w C:\WINDOWS\system32\nvudisp.exe
        2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll
        2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll
        2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
        2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
        2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
        2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
        2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
        2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
        2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
        2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
        2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
        2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
        2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
        2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
        2007-12-05 00:41 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
        2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
        2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
        2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
        2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
        2007-12-05 00:41 3,715,072 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
        2007-12-05 00:41 3,710,976 ----a-w C:\WINDOWS\system32\nvvitvs.dll
        2007-12-05 00:41 3,420,160 ----a-w C:\WINDOWS\system32\nvgames.dll
        2007-12-05 00:41 3,334,144 ----a-w C:\WINDOWS\system32\nvgamesr.dll
        2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
        2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
        2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
        2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
        2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
        2007-12-05 00:41 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
        2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
        2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
        2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
        2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
        2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll
        2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
        2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
        2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll
        2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll
        2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll
        2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll
        2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll
        2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll
        2007-12-05 00:41 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll
        2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll
        2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll
        2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll
        2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll
        2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll
        2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll
        2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll
        2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll
        2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll
        2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll
        2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll
        2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll
        2007-12-05 00:41 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll
        2007-12-05 00:41 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll
        .

        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360]
        "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
        "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
        "nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
        "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
        "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584]
        "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
        "NoResolveSearch"= 1 (0x1)

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
        "NoBandCustomize"= 0 (0x0)
        "NoMovingBands"= 0 (0x0)
        "NoCloseDragDropBands"= 0 (0x0)

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
        "UIHost"="LogonUI.EXE"

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
        C:\Program Files\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Program Files\AlienGUIse\fastload.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
        "AppInit_DLLs"=wbsys.dll

        [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Alienware Dock.lnk]
        backup=C:\WINDOWS\pss\Alienware Dock.lnkStartup

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
        -C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
        "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
        "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
        "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
        "SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
        "VTTimer"=VTTimer.exe
        "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
        "NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit
        "RTHDCPL"=RTHDCPL.EXE
        "S3Trayp"=S3trayp.exe
        "nwiz"=nwiz.exe /install

        S3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-10 09:06]

        *Newly Created Service* - GTNDIS5
        .
        Inhoud van de 'Gedeelde Taken' map
        "2008-01-18 16:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
        - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
        "2008-01-19 14:13:50 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
        - C:\Program Files\Windows Defender\MpCmdRun.exe
        "2007-12-25 21:36:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
        - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
        "2007-11-05 21:36:36 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
        - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
        .
        **************************************************************************

        catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-01-19 15:17:15
        Windows 5.1.2600 Service Pack 2 NTFS

        scannen van verborgen processen ...

        scannen van verborgen autostart items ...

        scannen van verborgen bestanden ...

        Scan succesvol afgerond
        verborgen bestanden: 0

        **************************************************************************
        .
        --------------------- DLLs Loaded Under Running Processes ---------------------

        PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
        -> C:\Program Files\WinRAR\rarext.dll
        .
        Voltooingstijd: 2008-01-19 15:18:12
        ComboFix-quarantined-files.txt 2008-01-19 14:17:43
        ComboFix2.txt 2008-01-05 19:06:35
        .
        2008-01-19 12:13:50 --- E O F ---


        ----------------------------------------------------------------------

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 15:22, on 2008-01-19
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16574)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Program Files\Windows Defender\MsMpEng.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\AlienGUIse\wbload.exe
        C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        C:\Program Files\Alwil Software\Avast4\ashServ.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
        C:\WINDOWS\ATKKBService.exe
        C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
        C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
        C:\WINDOWS\system32\nvsvc32.exe
        C:\WINDOWS\system32\PnkBstrA.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
        C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
        C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        C:\WINDOWS\system32\RUNDLL32.EXE
        C:\Program Files\Windows Defender\MSASCui.exe
        C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Windows Live\Messenger\msnmsgr.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\wuauclt.exe
        C:\Program Files\Windows Live\Messenger\usnsvc.exe
        C:\WINDOWS\system32\wuauclt.exe
        C:\Program Files\Mozilla Firefox\firefox.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
        O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
        O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
        O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
        O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
        O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
        O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
        O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
        O23 - Service: MSCSPTISRV - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
        O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
        O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
        O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
        O23 - Service: PACSPTISVR - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
        O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
        O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
        O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
        O23 - Service: StyleXPService - Unknown owner - -"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe" (file missing)
        O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (file missing)
        O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
        O23 - Service: Windows Media Player Network Sharing-service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)

        --
        End of file - 7536 bytes

        Comment


        • #5
          Hallo,


          Download Java Runtime Environment (JRE) 6u4.
          • Scroll omlaag naar : "Java Runtime Environment (JRE) 6u4".
          • Klik op de "Download" knop aan de rechterkant.
          • In het uitklapmenu rechts naast Platform, selecteer Windows
          • Vink aan: "I agree to the Java SE Runtime Environment 6 License Agreement", en klik op Continue.
          • De pagina zal herladen.
          • Klik op de jre-6u4-windows-i586-p.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
          • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
          • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
          • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
          • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
          • Herhaal dit tot alle oudere versies verdwenen zijn.
          • Na het verwijderen van alle oudere versies, herstart je pc.
          • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.



          Nog ergens last van nu ??

          Windows 10 opstarten in Veilige Modus

          Comment


          • #6
            Omg, dat heb ik al gedaan xD Maar ik heb nergens last meer van Moet ik combofix nu ook verwijderen?

            Comment


            • #7
              Had je al gedaan , was in het laatste logje niet te zien.

              Je mag alle gebruikte tools en aangemaakte mappen terug verwijderen.

              Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U klik op OK of toets Enter.
              Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.



              geen problemen meer ?

              Windows 10 opstarten in Veilige Modus

              Comment


              • #8
                Nee, bedankt! Mooi dat deze site bestaat

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X