Mededeling

Collapse
No announcement yet.

Scherm word blauw na opstarten.

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Scherm word blauw na opstarten.

    Hey, ik heb nu de volgende problemen:

    mijn scherm word blauw, als ik na het opstarten heb ingelogd, en alle programmas zijn geladen.
    dit was gister niet. ook toen ik DEAMON tools lite installer ging opstarten kreeg ik een installer, maar deze bleek niet van DEAMON tools te zijn (dit weet ik nu, omdat ik na de instal de installer opnieuw opende, die anders was)
    Mijn " ' " kan niet meer op letters worden geplaatst ('e, 'a, etc).

    Daarom heb ik Hier een HJT 'en een Combofix logje
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:48:40, on 11-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\FlashGet\FlashGet.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Documents and Settings\Erwin\Bureaublad\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.slizone.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Program Files\comodo\cfp.exe" -s
    O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WhatPulse] D:\Program Files\WhatPulse\WhatPulse.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
    O4 - HKCU\..\RunOnce: [Install_] "D:\DOCUME~1\Erwin\LOCALS~1\Temp\setup.exe" /TempCopy
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
    O4 - Startup: Secunia PSI (RC1).lnk = C:\Program Files\Secunia\PSI (RC1)\psi.exe
    O8 - Extra context menu item: &Ontvang alles met FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Ontvang met FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1196095283453
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd/boardid/BoardID.cab
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - D:\Program Files\comodo\cmdagent.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: wampapache - Apache Software Foundation - D:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - D:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe

    --
    End of file - 8670 bytes

    COmbofix

    ComboFix 08-01-09.2 - Erwin 2008-01-11 20:36:51.3 - NTFSx86 NETWORK
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.712 [GMT 1:00]
    Gestart vanuit: C:\Downloads\ComboFix.exe
    .
    The following files were disabled during the run:
    C:\WINDOWS\system32\guard32.dll


    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\Outlook Express\hokevofa4444.dll
    C:\Program Files\Outlook Express\hokevofa83122.dll

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2007-12-11 to 2008-01-11 ))))))))))))))))))))))))))))))
    .

    2008-01-11 20:36 . 2008-01-11 20:36 <DIR> d----c--- C:\Downloads
    2008-01-11 19:51 . 2008-01-11 19:51 <DIR> d----c--- C:\Program Files\Microsoft SQL Server
    2008-01-11 19:49 . 2008-01-11 19:49 <DIR> d----c--- C:\Program Files\Microsoft Device Emulator
    2008-01-11 19:48 . 2008-01-11 19:48 <DIR> d----c--- C:\Program Files\Windows Mobile 5.0 SDK R2
    2008-01-11 19:47 . 2008-01-11 20:36 <DIR> d----c--- C:\Program Files\FlashGet
    2008-01-11 19:46 . 2008-01-11 19:46 <DIR> d----c--- C:\Program Files\Microsoft Synchronization Services
    2008-01-11 19:46 . 2008-01-11 19:46 <DIR> d----c--- C:\Program Files\Microsoft SQL Server Compact Edition
    2008-01-11 19:36 . 2008-01-11 19:36 <DIR> d----c--- D:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
    2008-01-11 19:30 . 2008-01-11 19:30 <DIR> d----c--- C:\WINDOWS\symbols
    2008-01-11 19:28 . 2008-01-11 19:37 <DIR> d----c--- C:\Program Files\Microsoft Visual Studio 9.0
    2008-01-11 19:28 . 2008-01-11 19:28 <DIR> d----c--- C:\Program Files\Microsoft SDKs
    2008-01-11 19:28 . 2008-01-11 19:32 <DIR> d----c--- C:\Program Files\HTML Help Workshop
    2008-01-11 19:28 . 2008-01-11 19:37 <DIR> d----c--- C:\Program Files\Common Files\Merge Modules
    2008-01-11 19:28 . 2008-01-11 19:28 <DIR> d----c--- C:\Program Files\CE Remote Tools
    2008-01-11 19:24 . 2008-01-11 19:24 <DIR> d----c--- C:\Program Files\Macromedia
    2008-01-11 19:24 . 2008-01-11 19:24 <DIR> d----c--- C:\Program Files\Common Files\Macromedia
    2008-01-11 19:24 . 2002-12-06 20:37 199 --a--c--- C:\WINDOWS\swacnfg.ini
    2008-01-11 19:05 . 2008-01-11 19:05 <DIR> d----c--- C:\Program Files\Microsoft Web Designer Tools
    2008-01-11 19:05 . 2008-01-11 19:05 <DIR> dr-h-c--- C:\MSOCache
    2008-01-11 19:02 . 2008-01-11 19:02 <DIR> d----c--- C:\WINDOWS\system32\XPSViewer
    2008-01-11 19:02 . 2008-01-11 19:02 <DIR> d----c--- C:\Program Files\Reference Assemblies
    2008-01-11 19:02 . 2008-01-11 19:32 <DIR> d----c--- C:\Program Files\MSBuild
    2008-01-11 19:01 . 2006-06-29 13:07 14,048 -----c--- C:\WINDOWS\system32\spmsg2.dll
    2008-01-11 19:00 . 2008-01-11 19:00 <DIR> d----c--- C:\Director MX
    2008-01-11 18:57 . 2008-01-11 18:57 <DIR> d----c--- C:\Program Files\MSXML 6.0
    2008-01-10 18:46 . 2008-01-10 18:46 54,156 --ah-c--- C:\WINDOWS\QTFont.qfn
    2008-01-10 18:46 . 2008-01-10 18:46 1,409 --a--c--- C:\WINDOWS\QTFont.for
    2008-01-10 18:21 . 2008-01-10 18:21 <DIR> d----c--- C:\Program Files\NVIDIA Corporation
    2008-01-10 18:17 . 2008-01-10 18:17 <DIR> d----c--- C:\Program Files\NVIDIA nTune Performance Application
    2008-01-10 18:02 . 2008-01-10 18:15 <DIR> d----c--- C:\Program Files\MagicISO
    2008-01-10 18:00 . 2008-01-10 18:00 632 --a--c--- C:\WINDOWS\CoD.INI
    2008-01-10 17:58 . 2008-01-10 18:07 <DIR> d----c--- C:\Program Files\Call of Duty
    2008-01-10 17:52 . 2008-01-10 18:38 <DIR> d----c--- D:\Documents and Settings\Erwin\Application Data\DAEMON Tools
    2008-01-10 17:52 . 2008-01-10 17:52 <DIR> d----c--- C:\Program Files\DAEMON Tools Lite
    2008-01-10 17:16 . 2008-01-11 20:29 <DIR> d----c--- D:\Documents and Settings\Erwin\Application Data\Hamachi
    2008-01-10 17:16 . 2008-01-11 18:57 <DIR> d----c--- C:\WINDOWS\LastGood.Tmp
    2008-01-10 17:16 . 2008-01-10 17:16 <DIR> d----c--- C:\Program Files\Hamachi
    2008-01-10 17:16 . 2008-01-10 17:16 25,280 --a--c--- C:\WINDOWS\system32\drivers\hamachi.sys
    2008-01-09 18:07 . 2008-01-09 18:08 1,355 --a--c--- C:\WINDOWS\imsins.BAK
    2008-01-09 18:01 . 2008-01-09 18:01 715,248 --a--c--- C:\WINDOWS\system32\drivers\sptd.sys
    2008-01-09 15:36 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\drivers\usbccgp.sys
    2008-01-09 15:36 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
    2008-01-09 15:36 . 2004-08-04 00:57 14,848 --a--c--- C:\WINDOWS\system32\drivers\kbdhid.sys
    2008-01-09 15:36 . 2004-08-04 00:57 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
    2008-01-07 07:36 . 2008-01-07 07:36 29,184 --a--c--- C:\WINDOWS\system32\MSINET.oca
    2008-01-05 21:57 . 2007-12-05 02:53 356,352 --a--c--- C:\WINDOWS\system32\NVUNINST.EXE
    2008-01-05 21:56 . 2008-01-05 21:56 <DIR> d----c--- C:\NVIDIA
    2008-01-05 21:43 . 2008-01-05 21:43 <DIR> d----c--- C:\Program Files\OpenAL
    2008-01-05 21:27 . 2008-01-05 21:27 <DIR> d----c--- D:\Documents and Settings\Erwin\Application Data\InstallShield Installation Information
    2008-01-05 21:10 . 2008-01-05 21:10 <DIR> d----c--- C:\Program Files\Unreal Tournament 3
    2008-01-05 21:10 . 2007-07-19 18:14 3,727,720 --a--c--- C:\WINDOWS\system32\d3dx9_35.dll
    2008-01-05 21:10 . 2007-07-19 18:14 1,358,192 --a--c--- C:\WINDOWS\system32\D3DCompiler_35.dll
    2008-01-05 21:10 . 2007-07-19 18:14 444,776 --a--c--- C:\WINDOWS\system32\d3dx10_35.dll
    2008-01-05 21:09 . 2008-01-05 21:09 <DIR> d----c--- C:\WINDOWS\system32\AGEIA
    2008-01-05 21:09 . 2008-01-05 21:09 <DIR> d----c--- C:\Program Files\AGEIA Technologies
    2008-01-05 17:55 . 2007-09-24 23:31 69,632 --a--c--- C:\WINDOWS\system32\javacpl.cpl
    2007-12-21 18:38 . 2007-12-21 18:38 <DIR> d----c--- C:\Program Files\Secunia
    2007-12-21 17:26 . 2007-12-21 17:32 <DIR> d----c--- C:\WINDOWS\system32\NtmsData
    2007-12-18 19:12 . 2007-12-21 15:16 <DIR> d----c--- C:\Program Files\ZeldaOnline Backup
    2007-12-18 17:54 . 2007-12-18 17:54 <DIR> d----c--- C:\Program Files\Shutdown Logoff Reboot ActiveX
    2007-12-18 17:54 . 2007-12-18 17:54 69,414 --a--c--- C:\WINDOWS\system32\uninst.exe
    2007-12-17 14:33 . 2007-11-27 18:30 139,008 --a--c--- C:\WINDOWS\system32\guard32.dll.vir
    2007-12-17 14:32 . 2007-12-17 14:32 <DIR> d----c--- D:\Documents and Settings\Erwin\Bluetooth Software
    2007-12-17 14:19 . 2008-01-05 21:43 413,696 --a--c--- C:\WINDOWS\system32\wrap_oal.dll
    2007-12-17 14:19 . 2008-01-05 21:43 110,592 --a--c--- C:\WINDOWS\system32\OpenAL32.dll
    2007-12-17 14:17 . 2007-12-17 14:17 <DIR> d----c--- C:\WINDOWS\system32\Futuremark
    2007-12-17 14:17 . 2004-10-25 20:02 21,664 --a--c--- C:\WINDOWS\system32\drivers\Entech.sys
    2007-12-17 14:17 . 1999-11-02 10:01 6,173 --a--c--- C:\WINDOWS\system32\drivers\Entech.vxd
    2007-12-17 14:17 . 2004-06-22 15:44 5,632 --a--c--- C:\WINDOWS\system32\drivers\Entech64.sys
    2007-12-17 14:17 . 2001-11-19 19:05 3,972 --a--c--- C:\WINDOWS\system32\drivers\PciBus.sys
    2007-12-17 14:15 . 2007-12-17 14:15 <DIR> d----c--- C:\Program Files\Futuremark
    2007-12-16 20:52 . 2007-12-16 20:52 <DIR> d----c--- C:\Program Files\NVTweak
    2007-12-16 18:32 . 2007-12-16 18:32 <DIR> d----c--- C:\VAIO
    2007-12-16 18:32 . 2005-08-15 16:54 1,536 --a--c--- C:\WINDOWS\system32\hidec.exe
    2007-12-16 17:45 . 2007-12-16 17:45 <DIR> d----c--- C:\WINDOWS\wb
    2007-12-16 15:57 . 2007-12-16 16:14 <DIR> d----c--- D:\Documents and Settings\Erwin\Application Data\SecondLife
    2007-12-16 15:56 . 2007-12-16 15:57 <DIR> d----c--- C:\Program Files\SecondLife
    2007-12-16 15:42 . 2007-12-16 15:42 <DIR> d----c--- C:\Program Files\SystemRequirementsLab
    2007-12-16 10:34 . 2007-12-16 10:34 <DIR> d----c--- C:\Program Files\vbNFSMWMegaTrainer
    2007-12-16 10:34 . 2007-12-16 10:34 249,856 -----c--- C:\WINDOWS\Setup1.exe
    2007-12-16 10:34 . 2007-12-16 10:34 73,216 --a--c--- C:\WINDOWS\ST6UNST.EXE
    2007-12-16 10:00 . 2003-06-25 16:05 266,360 --a--c--- C:\WINDOWS\system32\TweakUI.exe
    2007-12-16 10:00 . 2002-06-21 15:09 160,217 --a--c--- C:\WINDOWS\system32\PowerToysLicense.rtf
    2007-12-16 09:49 . 2007-12-16 10:10 <DIR> d----c--- C:\Program Files\EA GAMES
    2007-12-15 14:31 . 2007-12-16 18:32 <DIR> d----c--- C:\Program Files\Windows Sidebar
    2007-12-15 14:26 . 2008-01-11 20:15 <DIR> dr-h-c--- D:\Documents and Settings\Erwin\Onlangs geopend
    2007-12-15 14:24 . 2004-08-04 01:03 21,504 --a--c--- C:\WINDOWS\system32\hidserv.dll
    2007-12-15 14:24 . 2004-08-04 01:03 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
    2007-12-15 14:22 . 2007-12-15 14:22 <DIR> d----c--- C:\Program Files\ANYCOM
    2007-12-15 14:22 . 2007-09-12 11:01 879,496 --a--c--- C:\WINDOWS\system32\drivers\btkrnl.sys
    2007-12-15 14:22 . 2007-08-30 13:02 539,432 --a--c--- C:\WINDOWS\system32\drivers\btaudio.sys
    2007-12-15 14:22 . 2007-06-29 11:38 156,392 --a--c--- C:\WINDOWS\system32\drivers\btwdndis.sys
    2007-12-15 14:22 . 2007-03-23 09:50 106,557 --a--c--- C:\WINDOWS\system32\btw_ci.dll
    2007-12-15 14:22 . 2007-08-27 12:58 74,656 --a--c--- C:\WINDOWS\system32\drivers\btwusb.sys
    2007-12-15 14:22 . 2007-03-31 12:02 55,352 --a--c--- C:\WINDOWS\system32\drivers\btwhid.sys
    2007-12-15 14:22 . 2007-03-23 09:50 37,424 --a--c--- C:\WINDOWS\system32\drivers\btport.sys
    2007-12-15 14:21 . 2007-12-15 14:21 <DIR> d----c--- C:\Program Files\ANYCOM_Blue_USB_200_250_v5_1_0_4200
    2007-12-15 09:26 . 2007-12-15 09:26 69 --a--c--- C:\WINDOWS\NeroDigital.ini
    2007-12-14 16:34 . 2007-12-14 16:34 20 ---hsc--- C:\ntuser.ini
    2007-12-13 17:36 . 2007-12-13 17:36 <DIR> d----c--- C:\WINDOWS\.jagex_cache_32

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-11 19:29 --------- dc----w D:\Documents and Settings\Erwin\Application Data\uTorrent
    2008-01-11 18:43 --------- dc----w D:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-01-10 17:24 --------- dc----w C:\Program Files\SpeedFan
    2008-01-10 17:22 --------- dc-h--w C:\Program Files\InstallShield Installation Information
    2008-01-10 17:18 --------- dc----w C:\Program Files\Common Files\InstallShield
    2008-01-05 20:12 --------- dc----w C:\Program Files\Windows Live Safety Center
    2008-01-05 20:09 --------- dc----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-01-05 20:03 --------- dc----w C:\Program Files\TuneUp Utilities 2007
    2008-01-05 19:54 --------- dc----w C:\Program Files\VstPlugins
    2008-01-05 19:54 --------- dc----w C:\Program Files\Image-Line
    2008-01-05 16:55 --------- dc----w C:\Program Files\Java
    2007-12-17 16:07 5,120 -c--a-w C:\WINDOWS\system32\BReWErS.dll
    2007-12-15 13:26 --------- dc----w C:\Program Files\CCleaner
    2007-12-14 22:27 --------- dc----w C:\Program Files\vbGORE1013
    2007-12-13 19:05 22,328 -c--a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-12-13 19:05 103,736 -c--a-w C:\WINDOWS\system32\PnkBstrB.exe
    2007-12-07 19:34 --------- dc----w C:\Program Files\Erwin-Tom
    2007-12-06 17:28 --------- dc----w D:\Documents and Settings\Erwin\Application Data\TuneUp Software
    2007-12-06 17:27 --------- dc----w D:\Documents and Settings\All Users\Application Data\TuneUp Software
    2007-12-05 15:54 503,564 -c--a-w C:\WINDOWS\system32\RVAXO.bat
    2007-12-05 15:05 --------- dc----w C:\Program Files\Electronic Arts
    2007-12-05 00:41 81,920 -c--a-w C:\WINDOWS\system32\nvwddi.dll
    2007-12-05 00:41 81,920 -c--a-w C:\WINDOWS\system32\nvmctray.dll
    2007-12-05 00:41 8,523,776 -c--a-w C:\WINDOWS\system32\nvcpl.dll
    2007-12-05 00:41 753,664 -c--a-w C:\WINDOWS\system32\nvcplui.exe
    2007-12-05 00:41 7,435,392 -c--a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
    2007-12-05 00:41 6,901,760 -c--a-w C:\WINDOWS\system32\nvoglnt.dll
    2007-12-05 00:41 6,549,504 -c--a-w C:\WINDOWS\system32\nvdisps.dll
    2007-12-05 00:41 5,773,568 -c--a-w C:\WINDOWS\system32\nv4_disp.dll
    2007-12-05 00:41 466,944 -c--a-w C:\WINDOWS\system32\nvshell.dll
    2007-12-05 00:41 45,056 -c--a-w C:\WINDOWS\system32\nvmccsrs.dll
    2007-12-05 00:41 442,368 -c--a-w C:\WINDOWS\system32\nvappbar.exe
    2007-12-05 00:41 425,984 -c--a-w C:\WINDOWS\system32\keystone.exe
    2007-12-05 00:41 385,024 -c--a-w C:\WINDOWS\system32\nvapi.dll
    2007-12-05 00:41 356,352 -c--a-w C:\WINDOWS\system32\nvudisp.exe
    2007-12-05 00:41 35,328 -c--a-w C:\WINDOWS\system32\nvcodins.dll
    2007-12-05 00:41 35,328 -c--a-w C:\WINDOWS\system32\nvcod.dll
    2007-12-05 00:41 307,200 -c--a-w C:\WINDOWS\system32\nvexpbar.dll
    2007-12-05 00:41 3,710,976 -c--a-w C:\WINDOWS\system32\nvvitvs.dll
    2007-12-05 00:41 3,420,160 -c--a-w C:\WINDOWS\system32\nvgames.dll
    2007-12-05 00:41 286,720 -c--a-w C:\WINDOWS\system32\nvnt4cpl.dll
    2007-12-05 00:41 229,376 -c--a-w C:\WINDOWS\system32\nvmccs.dll
    2007-12-05 00:41 2,498,560 -c--a-w C:\WINDOWS\system32\nvwss.dll
    2007-12-05 00:41 188,416 -c--a-w C:\WINDOWS\system32\nvmccss.dll
    2007-12-05 00:41 155,716 -c--a-w C:\WINDOWS\system32\nvsvc32.exe
    2007-12-05 00:41 147,456 -c--a-w C:\WINDOWS\system32\nvcolor.exe
    2007-12-05 00:41 1,703,936 -c--a-w C:\WINDOWS\system32\nvwdmcpl.dll
    2007-12-05 00:41 1,626,112 -c--a-w C:\WINDOWS\system32\nwiz.exe
    2007-12-05 00:41 1,474,560 -c--a-w C:\WINDOWS\system32\nview.dll
    2007-12-05 00:41 1,339,392 -c--a-w C:\WINDOWS\system32\nvdspsch.exe
    2007-12-05 00:41 1,228,800 -c--a-w C:\WINDOWS\system32\nvmobls.dll
    2007-12-05 00:41 1,089,536 -c--a-w C:\WINDOWS\system32\nvcuda.dll
    2007-12-05 00:41 1,019,904 -c--a-w C:\WINDOWS\system32\nvwimg.dll
    2007-12-03 20:31 --------- dc----w C:\Program Files\none
    2007-12-03 20:28 --------- dc----w D:\Documents and Settings\Erwin\Application Data\Caphyon
    2007-12-03 20:26 --------- dc----w C:\Program Files\Caphyon
    2007-12-02 16:45 --------- dc----w C:\Program Files\ASIO4ALL v2
    2007-12-02 16:22 --------- dc----w D:\Documents and Settings\All Users\Application Data\DVD Shrink
    2007-12-02 14:18 --------- dc----w C:\Program Files\WarRock
    2007-12-02 13:47 --------- dc----w D:\Documents and Settings\Erwin\Application Data\InstallShield
    2007-12-02 09:37 --------- dc-h--w D:\Documents and Settings\All Users\Application Data\~0
    2007-12-02 09:36 --------- dc----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-12-01 19:29 --------- dc----w D:\Documents and Settings\All Users\Application Data\CodeGear
    2007-12-01 16:37 98,304 -c--a-w C:\WINDOWS\system32\CmdLineExt.dll
    2007-12-01 14:12 --------- dc----w C:\Program Files\Need for Speed Carbon
    2007-12-01 13:52 --------- dc----w D:\Documents and Settings\Erwin\Application Data\Borland
    2007-12-01 13:28 --------- dc----w C:\Program Files\Microsoft Visual Studio 8
    2007-12-01 13:26 --------- dc----w C:\Program Files\Microsoft.NET
    2007-12-01 12:05 --------- dc----w D:\Documents and Settings\Erwin\Application Data\SQLyog
    2007-11-30 18:54 --------- dc----w C:\Program Files\QuickTime
    2007-11-30 13:43 --------- dc----w D:\Documents and Settings\Erwin\Application Data\Notepad++
    2007-11-30 12:46 --------- dc----w C:\Program Files\Common Files\Adobe
    2007-11-30 12:46 --------- dc----w C:\Program Files\Bonjour
    2007-11-30 06:56 --------- dc----w C:\Program Files\Web Publish
    2007-11-29 15:50 4,096 -c--a-w C:\WINDOWS\system32\sysres.dll
    2007-11-29 15:50 38,567 -c--a-w C:\WINDOWS\system32\pcpbios.exe
    2007-11-28 19:33 --------- dc----w D:\Documents and Settings\Erwin\Application Data\Winamp
    2007-11-28 19:31 22,328 -c--a-w D:\Documents and Settings\Erwin\Application Data\PnkBstrK.sys
    2007-11-28 14:43 --------- dc----w D:\Documents and Settings\Erwin\Application Data\FileZilla
    2007-11-28 14:14 315,392 -c--a-w C:\WINDOWS\HideWin.exe
    2007-11-28 14:14 --------- dc----w C:\Program Files\Realtek
    2007-11-27 20:00 --------- dc----w D:\Documents and Settings\All Users\Application Data\FLEXnet
    2007-11-27 19:50 --------- dc----w C:\Program Files\Common Files\Macrovision Shared
    2007-11-27 19:45 --------- dc----w D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-11-27 18:49 --------- dc----w C:\Program Files\uTorrent
    2007-11-27 17:44 --------- dc----w D:\Documents and Settings\All Users\Application Data\Avira
    2007-11-27 17:34 --------- dc----w D:\Documents and Settings\All Users\Application Data\comodo
    2007-11-27 17:30 79,096 -c--a-w C:\WINDOWS\system32\drivers\cmdGuard.sys
    2007-11-27 17:30 23,672 -c--a-w C:\WINDOWS\system32\drivers\cmdhlp.sys
    2007-11-27 17:30 --------- dc----w D:\Documents and Settings\Erwin\Application Data\Comodo
    2007-11-27 17:09 352,410 -c--a-w C:\WINDOWS\opeB1.exe
    2007-11-27 17:09 111,731 -c--a-w C:\WINDOWS\system32\opeBD.exe
    2007-11-27 17:04 --------- dc----w D:\Documents and Settings\All Users\Application Data\WinZip
    2007-11-26 21:11 --------- dc----w D:\Documents and Settings\Erwin\Application Data\Talkback
    2007-11-26 20:42 53,248 -c--a-w C:\WINDOWS\system32\CSVer.dll
    2007-11-26 20:31 --------- dc----w C:\Program Files\Windows Live
    2007-11-26 20:30 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2007-11-26 20:19 --------- dc----w C:\Program Files\Intel
    2007-11-26 20:16 --------- dc----w D:\Documents and Settings\All Users\Application Data\nView_Profiles
    2007-11-26 19:57 --------- dc----w D:\Documents and Settings\All Users\Application Data\WLInstaller
    2005-07-29 15:24 472 -csha-r C:\WINDOWS\R2VicnVpa2Vy\lZp2wBpDuZpV.vbs
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-12-03 18:20 5724184]
    "WhatPulse"="D:\Program Files\WhatPulse\WhatPulse.exe" [2006-08-21 18:48 665600]
    "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2007-11-26 22:07 219952]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-01-03 14:54 486856]
    "NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 19:25 81920]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Install_"="D:\DOCUME~1\Erwin\LOCALS~1\Temp\setup.exe" [2007-11-08 18:05 711160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
    "nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
    "PWRISOVM.EXE"="D:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-07 01:05 200704]
    "COMODO Firewall Pro"="D:\Program Files\comodo\cfp.exe" [2007-11-27 18:30 1481984]
    "avgnt"="D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-11-27 18:46 249896]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
    "Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 09:10 2007088]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360]

    D:\Documents and Settings\Erwin\Menu Start\Programma's\Opstarten\
    hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [2008-01-10 17:16:31]
    Secunia PSI (RC1).lnk - C:\Program Files\Secunia\PSI (RC1)\psi.exe [2007-12-18 14:18:52]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMConfigurePrograms"= 1 (0x1)
    "NoRecentDocsNetHood"= 1 (0x1)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel"= 1 (0x1)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    --a------ 2004-08-04 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a--c--- 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Osem]
    D:\DOCUME~1\Erwin\MIJNDO~1\RACLE~1\regsvr32.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\runner1]
    C:\WINDOWS\mrofinu1000106.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "usnjsvc"=3 (0x3)

    S1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2007-11-27 18:30]
    S1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2007-11-27 18:30]
    S2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-04 13:00]
    S3 projectx1;projectx1;D:\Documents and Settings\Erwin\Bureaublad\hack\Chaos Hack pack V1.0\ProjectX_3.0 Engine\ProjectX3.0 Tux-Hack\FelipeZe.sys
    S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2007-09-21 02:52]
    S3 wampapache;wampapache;"D:\wamp\bin\apache\apache2.2.6\bin\httpd.exe" [2007-09-05 08:59]
    S3 wampmysqld;wampmysqld;D:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe wampmysqld
    S4 msvsmon90;Visual Studio 2008 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe" [2007-11-07 08:58]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
    \Shell\AutoRun\command - G:\Install.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
    \Shell\AutoRun\command - H:\SETUP.EXE /AUTORUN

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    \Shell\AutoRun\command - I:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
    \Shell\AutoRun\command - J:\setup\rsrc\Autorun.exe
    \Shell\dinstall\command - J:\Directx\dxsetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
    \Shell\AutoRun\command - K:\Installer.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
    \Shell\AutoRun\command - L:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
    \Shell\AutoRun\command - M:\FrameworkCheck.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
    \Shell\AutoRun\command - N:\setup\rsrc\Autorun.exe
    \Shell\dinstall\command - N:\Directx\dxsetup.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\Windows Sidebar]
    C:\WINDOWS\system32\hidec /W C:\VAIO\Tools\REGTLIB.EXE "C:\Program Files\Windows Sidebar\sidebar.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{34A19196-274E-4D75-9D30-D7A45A0A4178}]
    "C:\Program Files\Windows Sidebar\.\regsvr32.exe" /s wlsrvc.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6B9228DA-9C15-419e-856C-19E768A13BDC}]
    "C:\Program Files\Windows Sidebar\.\regsvr32.exe" /s sbdrop.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BADA65A0-86B7-462B-B720-CE66655C73F5}]
    regsvr32 /s C:\VAIO\.\vshellext.dll
    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-12-21 16:16:42 C:\WINDOWS\Tasks\1-Click Maintenance.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-11 20:40:37
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\guard32.dll

    PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
    -> C:\WINDOWS\system32\guard32.dll
    .
    Voltooingstijd: 2008-01-11 20:41:01
    ComboFix-quarantined-files.txt 2008-01-11 19:40:59
    ComboFix2.txt 2007-11-28 13:51:26
    ComboFix3.txt 2007-11-27 17:41:54
    .
    2008-01-09 17:09:05 --- E O F ---


    Mvg Erwin
    Labels: Geen
    • Citaat
  • #2
    Doe dit maar eens:
    Download Dr.Web CureIt en sla het op je bureaublad op.
    • Dubbelklik drweb-cureit.exe en sta het toe om te express scan te starten.
      Indien er een popup verschijnt met het voorstel tot kopen/50% korting mag je deze sluiten.
    • De express scan zal de bestanden scannen die momenteel in het geheugen geladen zijn. Wanneer er iets gevonden wordt klik op 'alles selecteren' kies nu voor 'repareren' en uit het kleine menutje dat verschijnt kies je 'verplaatsen'.
    • Kies bovenaan in het menu voor Language/Taal en wijzig deze naar Dutch (Nederlands) indien deze bij jou anders staat ingesteld.
    • Druk op F9, kies daarna voor het tabblad Acties en stel daar het volgende in onder Malware:
      • Adware: Verplaats
      • Dialers: Verplaats
      • Jokes: Rapportage
      • Riskware: Rapportage
      • Hacktools: Verplaats
      • Haal dan het vinkje weg bij 'Prompt bij actie'.
    • Kies daarna voor het tabblad Scan en verwijder het vinkje bij Heuristische analyse.
      Druk vervolgens op Toepassen gevolgd door OK.
    • Eenmaal als de korte scan is beëindigd vink je aan: Volledige scan.
      Druk daarna op het groene pijltje (start knop) om de scan te starten.
    • Gevonden bestanden worden naar '%USERPROFILE%\DocterWeb\Quarantine' -map verplaatst indien het herstellen niet mogelijk is.
    • Nadat de scan gedaan is ga dan naar Bestand en kies Rapportage lijst opslaan.
      Bewaar deze op je bureaublad en sluit daarna Dr.Web CureIt.
    • Herstart vervolgens de computer!! Dit is een belangrijke stap want het kan zijn dat Dr.Web CureIt bestanden zal verplaatsen/verwijderen tijdens herstart.
    • Na het herstarten, kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.
    Post ook een nieuw logje van Hijackthis
    • Citaat

    Comment

    • #3
      Ondertussen al gefixt, was probleem in bios ivm onboard kaart en een of andere opstartitem wat fout was :S
      • Citaat

      Comment

      • #4
        Mooi zo, dan zet ik je topic op "Opgelost"
        • Citaat

        Comment

        Vorige template Volgende
        Sorry, you are not authorized to view this page
        Working...
        X