Mededeling

Collapse
No announcement yet.

Willen jullie aub naar mijn log kijken?

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Willen jullie aub naar mijn log kijken?

    Ik heb volop problemen met mijn nieuwe pc. Zelfs mijn virusscanner wordt geinfecteerd.
    Heb Spybot en Ad-aware al laten scannen.
    Kwam al vanalles uit.

    Nu dus mijn log hier.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:14:18, on 19-1-2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conime.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Windows\system32\pmkih.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {B41B09D1-9E05-43F7-A4BA-AA3D7FE88848} - C:\Windows\system32\pmkih.dll (file missing)
    O2 - BHO: {3e53b976-a97f-e3a8-7ed4-2e4e15f388fc} - {cf883f51-e4e2-4de7-8a3e-f79a679b35e3} - C:\Windows\system32\msrwtyka.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV.exe
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\khfgh.dll,#1
    O4 - HKLM\..\Run: [07f176a2] rundll32.exe "C:\Windows\system32\kqqujhts.dll",b
    O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV .exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5209/mcfscan.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

    --
    End of file - 8032 bytes


    Bedankt alvast voor jullie hulp.

  • #2
    Hallo,

    Hoe kom je aan deze infectie?

    Je gebruikt een oude versie van HijackThis. Best dat je deze versie gebruikt: http://www.trendsecure.com/portal/en...HJTInstall.exe

    F3 - REG:win.ini: load=C:\Windows\system32\pmkih.exe
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {B41B09D1-9E05-43F7-A4BA-AA3D7FE88848} - C:\Windows\system32\pmkih.dll (file missing)
    O2 - BHO: {3e53b976-a97f-e3a8-7ed4-2e4e15f388fc} - {cf883f51-e4e2-4de7-8a3e-f79a679b35e3} - C:\Windows\system32\msrwtyka.dll (file missing)
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\khfgh.dll,#1
    O4 - HKLM\..\Run: [07f176a2] rundll32.exe "C:\Windows\system32\kqqujhts.dll",b


    Klik daarna op "Fix checked" en sluit HijackThis af.

    Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Plaats het op je bureaublad.
    Dubbelklik er op om het programma te starten.
    In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

    Comment


    • #3
      [QUOTE=Marckie;312651]



      F3 - REG:win.ini: load=C:\Windows\system32\pmkih.exe
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: (no name) - {B41B09D1-9E05-43F7-A4BA-AA3D7FE88848} - C:\Windows\system32\pmkih.dll (file missing)
      O2 - BHO: {3e53b976-a97f-e3a8-7ed4-2e4e15f388fc} - {cf883f51-e4e2-4de7-8a3e-f79a679b35e3} - C:\Windows\system32\msrwtyka.dll (file missing)
      O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\khfgh.dll,#1
      O4 - HKLM\..\Run: [07f176a2] rundll32.exe "C:\Windows\system32\kqqujhts.dll",b


      QUOTE]

      Bedankt voor je snelle hulp.
      Maat ik begrijp niet wat ik met dit bovenstaande moet doen.
      Dat staat in mijn log???
      En wat moet ik er dan mee doen?

      Comment


      • #4
        Had al begrepen wat de bedoeling was, denk ik.
        Hier komen mij logs.

        Hijjack log:

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 19:35:43, on 19-1-2008
        Platform: Windows Vista (WinNT 6.00.1904)
        MSIE: Internet Explorer v7.00 (7.00.6000.16575)
        Boot mode: Normal

        Running processes:
        C:\Windows\system32\Dwm.exe
        C:\Windows\Explorer.EXE
        C:\Windows\WindowsMobile\wmdc.exe
        C:\Program Files\Grisoft\AVG7\avgcc.exe
        C:\Program Files\Windows Sidebar\sidebar.exe
        C:\Program Files\Windows Media Player\wmpnscfg.exe
        C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
        C:\Windows\system32\taskeng.exe
        C:\Program Files\Windows Sidebar\sidebar.exe
        C:\Windows\System32\mobsync.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
        O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
        O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
        O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV.exe
        O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV .exe
        O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
        O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
        O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
        O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
        O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
        O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
        O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEEM')
        O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
        O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
        O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
        O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
        O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
        O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
        O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
        O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
        O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
        O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
        O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O13 - Gopher Prefix:
        O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
        O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
        O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
        O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
        O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5209/mcfscan.cab
        O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
        O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
        O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
        O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
        O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
        O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
        O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
        O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
        O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
        O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
        O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
        O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

        --
        End of file - 7225 bytes


        En van combofix:

        ComboFix 08-01-18.5 - Beheerder 2008-01-19 19:37:27.3 - NTFSx86
        Microsoft® Windows Vista™ Business 6.0.6000.0.1252.1.1043.18.1335 [GMT 1:00]
        Gestart vanuit: D:\Desktop\ComboFix.exe

        WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
        .

        (((((((((((((((((((( Bestanden Gemaakt van 2007-12-19 to 2008-01-19 ))))))))))))))))))))))))))))))
        .

        2008-01-19 19:00 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe
        2008-01-19 17:13 . 2008-01-19 17:13 <DIR> d-------- C:\Program Files\Trend Micro
        2008-01-19 16:14 . 2008-01-19 16:14 <DIR> d-------- C:\Users\All Users\Lavasoft
        2008-01-19 16:14 . 2008-01-19 16:14 <DIR> d-------- C:\ProgramData\Lavasoft
        2008-01-19 16:14 . 2008-01-19 16:14 <DIR> d-------- C:\Program Files\Lavasoft
        2008-01-19 16:04 . 2008-01-19 16:04 94 --a------ C:\Windows\wininit.ini
        2008-01-19 15:33 . 2008-01-19 16:48 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
        2008-01-19 15:33 . 2008-01-19 16:48 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
        2008-01-19 14:25 . 2008-01-19 15:29 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\SUPERAntiSpyware.com
        2008-01-19 14:25 . 2008-01-19 14:25 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
        2008-01-19 14:25 . 2008-01-19 14:25 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
        2008-01-19 14:25 . 2008-01-19 15:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
        2008-01-19 08:56 . 2008-01-19 08:58 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\AVG7
        2008-01-19 08:56 . 2008-01-19 08:56 <DIR> d-------- C:\Users\All Users\Grisoft
        2008-01-19 08:56 . 2008-01-19 08:56 <DIR> d-------- C:\ProgramData\Grisoft
        2008-01-19 08:56 . 2008-01-19 08:56 9,216 --a------ C:\Windows\System32\avgwlntf.dll
        2008-01-17 21:48 . 2008-01-17 21:47 512,096 --a------ C:\Windows\System32\drivers\amon.sys
        2008-01-17 21:48 . 2008-01-17 21:47 298,104 --a------ C:\Windows\System32\imon.dll
        2008-01-17 21:48 . 2008-01-17 21:47 15,424 --a------ C:\Windows\System32\drivers\nod32drv.sys
        2008-01-17 21:11 . 2008-01-17 21:11 0 --ah----- C:\ProgramData.LOG2
        2008-01-17 21:11 . 2008-01-17 21:11 0 --ah----- C:\ProgramData.LOG1
        2008-01-17 18:32 . 2008-01-17 18:45 4,317,184 --a------ C:\Windows\RtHDVCpl .exe
        2008-01-17 18:23 . 2008-01-17 18:30 <DIR> d-------- C:\Windows\BDOSCAN8
        2008-01-17 18:13 . 2008-01-17 18:13 <DIR> d-------- C:\Windows\McAfee.com
        2008-01-17 17:58 . 2008-01-17 19:50 <DIR> d-------- C:\Users\Beheerder\.housecall6.6
        2008-01-17 16:37 . 2008-01-17 18:45 3,584 --a------ C:\Windows\System32\hkcmd .exe
        2008-01-17 16:23 . 2004-10-07 13:39 89,088 --a------ C:\Windows\System32\atl71.dll
        2008-01-17 16:12 . 2008-01-17 16:12 163,904 --a------ C:\Windows\System32\dirfvafi.dll
        2008-01-17 10:31 . 2008-01-17 10:31 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\Ashampoo
        2008-01-17 10:29 . 2008-01-17 10:29 <DIR> d-------- C:\Users\All Users\ashampoo
        2008-01-17 10:29 . 2008-01-17 10:29 <DIR> d-------- C:\ProgramData\ashampoo
        2008-01-17 10:29 . 2008-01-17 10:29 <DIR> d-------- C:\Program Files\Ashampoo
        2008-01-15 19:58 . 2008-01-15 19:58 16,070 --a------ C:\Windows\System32\results.xml
        2008-01-15 19:55 . 2008-01-15 19:55 <DIR> d-------- C:\Users\Beheerder\{10ee69cc-d4ee-482c-8f46-50b0ba7c9ebc}
        2008-01-15 19:53 . 2008-01-15 19:53 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\Sony Corporation
        2008-01-15 18:42 . 2008-01-15 18:42 <DIR> d-------- C:\Program Files\Sony
        2008-01-15 18:41 . 2008-01-15 18:41 <DIR> d-------- C:\Users\All Users\Sony Corporation
        2008-01-15 18:41 . 2008-01-15 18:41 <DIR> d-------- C:\ProgramData\Sony Corporation
        2008-01-13 10:59 . 2008-01-13 10:59 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
        2008-01-12 09:19 . 2008-01-12 09:19 <DIR> d-------- C:\Program Files\Enigma Software Group
        2008-01-12 08:26 . 2008-01-12 08:26 2,560 --a------ C:\Windows\_MSRSTRT.EXE
        2008-01-11 13:50 . 2008-01-11 13:50 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\PCToolsFirewallPlus
        2008-01-11 13:47 . 2008-01-17 21:57 <DIR> d-a------ C:\Users\All Users\TEMP
        2008-01-11 13:47 . 2008-01-17 21:57 <DIR> d-a------ C:\ProgramData\TEMP
        2008-01-11 13:33 . 2008-01-19 16:14 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
        2008-01-11 13:32 . 2008-01-11 13:33 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\GetRightToGo
        2008-01-11 13:32 . 2008-01-11 13:32 <DIR> d-------- C:\Downloads
        2008-01-11 08:58 . 2008-01-19 08:58 <DIR> d-------- C:\Users\All Users\Avg7
        2008-01-11 08:58 . 2008-01-19 08:58 <DIR> d-------- C:\ProgramData\Avg7
        2008-01-10 19:14 . 2008-01-17 09:59 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\LimeWirePlus
        2008-01-10 19:12 . 2008-01-10 19:12 <DIR> d-------- C:\Windows\Sun
        2008-01-10 19:12 . 2008-01-13 18:07 <DIR> d-------- C:\Users\All Users\Google
        2008-01-10 19:12 . 2007-09-24 23:31 69,632 --a------ C:\Windows\System32\javacpl.cpl
        2008-01-10 19:11 . 2008-01-10 19:12 <DIR> d-------- C:\Program Files\Java
        2008-01-10 19:11 . 2008-01-10 19:11 <DIR> d-------- C:\Program Files\Common Files\Java
        2008-01-10 19:03 . 2008-01-12 08:27 <DIR> d-------- C:\Program Files\LimewirePlus
        2008-01-10 19:03 . 2008-01-17 09:48 <DIR> d-------- C:\Program Files\LimeWire Plus
        2008-01-10 16:06 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll
        2008-01-10 16:06 . 2007-05-16 16:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll
        2008-01-10 16:06 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll
        2008-01-10 16:06 . 2007-05-16 16:45 1,124,720 --a------ C:\Windows\System32\D3DCompiler_34.dll
        2008-01-10 16:06 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll
        2008-01-10 16:06 . 2007-05-16 16:45 443,752 --a------ C:\Windows\System32\d3dx10_34.dll
        2008-01-10 16:06 . 2007-04-04 18:53 81,768 --a------ C:\Windows\System32\xinput1_3.dll
        2008-01-10 06:53 . 2008-01-10 06:53 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
        2008-01-10 06:53 . 2008-01-10 06:53 216,760 --a------ C:\Windows\System32\drivers\netio.sys
        2008-01-10 06:53 . 2008-01-10 06:53 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
        2008-01-10 06:53 . 2008-01-10 06:53 24,064 --a------ C:\Windows\System32\netcfg.exe
        2008-01-10 06:53 . 2008-01-10 06:53 22,016 --a------ C:\Windows\System32\netiougc.exe
        2008-01-10 06:52 . 2008-01-10 06:52 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
        2008-01-10 06:52 . 2008-01-10 06:52 1,686,016 --a------ C:\Windows\System32\gameux.dll
        2008-01-10 06:52 . 2008-01-10 06:52 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
        2008-01-10 06:52 . 2008-01-10 06:52 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
        2008-01-10 06:52 . 2008-01-10 06:52 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
        2008-01-10 06:52 . 2008-01-10 06:52 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
        2008-01-10 06:52 . 2008-01-10 06:52 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
        2008-01-10 06:52 . 2008-01-10 06:52 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
        2008-01-10 06:52 . 2008-01-10 06:52 17,464 --a------ C:\Windows\System32\drivers\intelide.sys
        2008-01-10 06:51 . 2008-01-10 06:51 11,776 --a------ C:\Windows\System32\sbunattend.exe
        2008-01-09 22:22 . 2008-01-09 22:22 <DIR> d--h----- C:\Windows\PIF
        2008-01-09 18:39 . 2008-01-14 07:39 <DIR> d-------- C:\Program Files\Google
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\Apple Computer
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Users\All Users\Apple Computer
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Users\All Users\Apple
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\ProgramData\Apple Computer
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\ProgramData\Apple
        2008-01-09 18:26 . 2008-01-17 13:12 <DIR> d-------- C:\Program Files\QuickTime
        2008-01-09 18:26 . 2008-01-17 13:12 <DIR> d-------- C:\Program Files\iTunes
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Program Files\iPod
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Program Files\Common Files\Apple
        2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Program Files\Apple Software Update
        2008-01-09 18:26 . 2008-01-17 06:55 54,156 --ah----- C:\Windows\QTFont.qfn
        2008-01-09 18:26 . 2008-01-09 18:27 1,409 --a------ C:\Windows\QTFont.for
        2008-01-08 23:18 . 2008-01-08 23:18 <DIR> d-------- C:\Program Files\DivX
        2008-01-08 22:13 . 2008-01-08 22:13 <DIR> d-------- C:\Program Files\Fox
        2008-01-08 22:08 . 1997-05-12 17:53 314,368 --a------ C:\Windows\uninst.exe
        2008-01-08 20:57 . 2008-01-08 20:57 268 --ah----- C:\sqmdata00.sqm
        2008-01-08 20:57 . 2008-01-08 20:57 244 --ah----- C:\sqmnoopt00.sqm
        2008-01-08 20:29 . 2006-10-26 19:56 32,592 --a------ C:\Windows\System32\msonpmon.dll
        2008-01-08 20:28 . 2008-01-08 20:28 <DIR> d-------- C:\Program Files\Microsoft Works

        .
        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-01-19 10:49 --------- d-----w C:\Program Files\Common Files\Adobe
        2008-01-15 19:59 319,456 ----a-w C:\Windows\DIFxAPI.dll
        2008-01-15 19:59 --------- d-----w C:\Program Files\Realtek
        2008-01-15 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2008-01-12 11:06 --------- d-----w C:\ProgramData\Microsoft Help
        2008-01-10 05:58 --------- d-----w C:\Program Files\Windows Sidebar
        2008-01-10 05:58 --------- d-----w C:\Program Files\Windows Mail
        2008-01-10 05:52 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
        2008-01-10 05:52 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
        2008-01-10 05:52 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
        2008-01-10 05:52 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
        2008-01-08 19:28 --------- d-----w C:\Program Files\MSBuild
        2008-01-05 18:20 8,704 ----a-w C:\Windows\System32\hcrstco.dll
        2008-01-05 18:20 8,704 ----a-w C:\Windows\System32\hccoin.dll
        2008-01-05 18:20 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
        2008-01-05 18:20 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
        2008-01-05 18:20 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
        2008-01-05 18:20 542,720 ----a-w C:\Windows\System32\sysmain.dll
        2008-01-05 18:20 502,784 ----a-w C:\Windows\System32\wlansvc.dll
        2008-01-05 18:20 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
        2008-01-05 18:20 47,104 ----a-w C:\Windows\System32\wlanapi.dll
        2008-01-05 18:20 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
        2008-01-05 18:20 297,984 ----a-w C:\Windows\System32\wlansec.dll
        2008-01-05 18:20 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
        2008-01-05 18:20 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
        2008-01-05 18:20 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
        2008-01-05 18:20 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys
        2008-01-05 18:20 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
        2008-01-05 18:20 2,923,520 ----a-w C:\Windows\explorer.exe
        2008-01-05 18:20 2,027,008 ----a-w C:\Windows\System32\win32k.sys
        2008-01-05 18:20 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys
        2008-01-05 18:20 1,327,104 ----a-w C:\Windows\System32\quartz.dll
        2008-01-05 18:19 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
        2008-01-05 18:19 824,832 ----a-w C:\Windows\System32\wininet.dll
        2008-01-05 18:19 56,320 ----a-w C:\Windows\System32\iesetup.dll
        2008-01-05 18:19 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
        2008-01-05 18:19 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
        2008-01-05 18:19 223,232 ----a-w C:\Windows\System32\WMASF.DLL
        2007-12-14 10:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe
        2007-11-29 22:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
        2007-11-29 22:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
        2007-10-25 09:26 53,248 ----a-w C:\Windows\bdoscandel.exe
        2007-10-19 18:25 174 --sha-w C:\Program Files\desktop.ini
        2007-10-19 17:45 8,192 ----a-w C:\Windows\System32\riched32.dll
        2007-10-19 17:45 77,824 ----a-w C:\Windows\System32\rascfg.dll
        2007-10-19 17:45 52,736 ----a-w C:\Windows\System32\rasdiag.dll
        2007-10-19 17:45 384,000 ----a-w C:\Windows\System32\netcfgx.dll
        2007-10-19 17:45 32,768 ----a-w C:\Windows\System32\rasmxs.dll
        2007-10-19 17:45 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
        2007-10-19 17:45 22,016 ----a-w C:\Windows\System32\rasser.dll
        2007-10-19 17:45 13,824 ----a-w C:\Windows\System32\icsunattend.exe
        2007-10-19 17:44 694,784 ----a-w C:\Windows\System32\localspl.dll
        2007-10-19 17:44 36,864 ----a-w C:\Windows\System32\cdd.dll
        2007-10-19 17:44 33,280 ----a-w C:\Windows\System32\traffic.dll
        2007-10-19 17:44 15,360 ----a-w C:\Windows\System32\pacerprf.dll
        2007-10-19 17:44 134,656 ----a-w C:\Windows\System32\dps.dll
        2007-10-19 17:44 13,824 ----a-w C:\Windows\System32\wshqos.dll
        2007-10-19 17:43 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
        2007-10-19 17:43 7,680 ----a-w C:\Windows\System32\spwmp.dll
        2007-10-19 17:43 4,096 ----a-w C:\Windows\System32\dxmasf.dll
        2007-10-19 17:43 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
        2007-10-19 17:42 88,576 ----a-w C:\Windows\System32\avifil32.dll
        2007-10-19 17:42 82,944 ----a-w C:\Windows\System32\mciavi32.dll
        2007-10-19 17:42 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
        2007-10-19 17:42 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
        2007-10-19 17:42 69,632 ----a-w C:\Windows\System32\sendmail.dll
        2007-10-19 17:42 65,024 ----a-w C:\Windows\System32\avicap32.dll
        2007-10-19 17:42 61,440 ----a-w C:\Windows\System32\ntprint.exe
        2007-10-19 17:42 31,232 ----a-w C:\Windows\System32\msvidc32.dll
        2007-10-19 17:42 269,824 ----a-w C:\Windows\System32\schannel.dll
        2007-10-19 17:42 220,160 ----a-w C:\Windows\System32\ntprint.dll
        2007-10-19 17:42 123,904 ----a-w C:\Windows\System32\msvfw32.dll
        2007-10-19 17:42 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
        2007-10-19 17:42 12,800 ----a-w C:\Windows\System32\msrle32.dll
        2007-10-19 17:42 105,984 ----a-w C:\Windows\System32\CscMig.dll
        2007-10-19 17:42 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
        2007-10-19 17:42 1,984,512 ----a-w C:\Windows\System32\authui.dll
        2007-10-19 16:39 84,480 ----a-w C:\Windows\System32\INETRES.dll
        2007-10-19 16:39 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
        2007-10-19 16:39 750,080 ----a-w C:\Windows\System32\qmgr.dll
        2007-10-19 16:39 737,792 ----a-w C:\Windows\System32\inetcomm.dll
        2007-10-19 16:28 53,080 ----a-w C:\Windows\System32\wuauclt.exe
        2007-10-19 16:28 43,352 ----a-w C:\Windows\System32\wups2.dll
        2007-10-19 16:28 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
        2007-10-19 16:28 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
        2007-10-19 16:27 80,896 ----a-w C:\Windows\System32\wudriver.dll
        2007-10-19 16:27 549,720 ----a-w C:\Windows\System32\wuapi.dll
        2007-10-19 16:27 33,624 ----a-w C:\Windows\System32\wups.dll
        2007-10-19 16:27 31,232 ----a-w C:\Windows\System32\wuapp.exe
        2007-10-19 16:27 163,000 ----a-w C:\Windows\System32\wuwebv.dll
        .
        Code:
        <pre>
        ----a-w           949,376 2008-01-18 06:39:03  C:\Program Files\ESET\nod32kui .exe
        ----a-w         4,317,184 2008-01-17 17:45:37  C:\Windows\RtHDVCpl .exe
        ----a-w             3,584 2008-01-17 17:45:36  C:\Windows\System32\hkcmd .exe
        </pre>

        ((((((((((((((((((((((((((((( [email protected]_19.20.51.57 )))))))))))))))))))))))))))))))))))))))))
        .
        - 2008-01-19 18:18:51 67,584 --s-a-w C:\Windows\bootstat.dat
        + 2008-01-19 18:31:59 67,584 --s-a-w C:\Windows\bootstat.dat
        - 2008-01-07 08:27:06 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.da t
        + 2008-01-19 18:29:57 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.da t
        - 2008-01-07 08:27:06 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
        + 2008-01-19 18:29:57 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
        - 2008-01-07 08:27:06 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
        + 2008-01-19 18:29:57 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
        - 2008-01-19 18:19:03 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
        + 2008-01-19 18:33:37 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
        + 2008-01-19 18:33:37 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
        - 2008-01-19 18:19:03 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
        + 2008-01-19 18:33:32 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
        + 2008-01-19 18:33:32 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
        - 2008-01-19 15:50:22 104,570 ----a-w C:\Windows\System32\perfc009.dat
        + 2008-01-19 18:38:15 104,570 ----a-w C:\Windows\System32\perfc009.dat
        - 2008-01-19 15:50:22 123,636 ----a-w C:\Windows\System32\perfc013.dat
        + 2008-01-19 18:38:15 123,636 ----a-w C:\Windows\System32\perfc013.dat
        - 2008-01-19 15:50:22 612,848 ----a-w C:\Windows\System32\perfh009.dat
        + 2008-01-19 18:38:15 612,848 ----a-w C:\Windows\System32\perfh009.dat
        - 2008-01-19 15:50:22 692,336 ----a-w C:\Windows\System32\perfh013.dat
        + 2008-01-19 18:38:15 692,336 ----a-w C:\Windows\System32\perfh013.dat
        - 2008-01-19 15:46:24 10,680 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1025942971-30602797-3602768030-1000_UserData.bin
        + 2008-01-19 18:33:58 11,076 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1025942971-30602797-3602768030-1000_UserData.bin
        - 2008-01-19 15:46:24 51,856 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
        + 2008-01-19 18:33:58 51,872 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
        - 2008-01-19 15:46:23 48,022 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
        + 2008-01-19 18:33:57 48,160 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
        .
        -- Snapshot reset to current date --
        .
        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 06:51 1232896]
        "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [ ]
        "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
        "AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [ ]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-15 09:47 1006264]
        "RtHDVCpl"="RtHDVCpl.exe"
        "Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" [ ]
        "HTV Agent"="C:\Program Files\HTV\HTV.exe" [ ]
        "HTV Agent"="C:\Program Files\HTV\HTV .exe" [ ]
        "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-19 08:56 579072]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-19 08:56 219136]

        C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
        Mediacontrole Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-01-15 18:42:31]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
        "EnableLUA"= 0 (0x0)

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
        avgwlntf.dll 2008-01-19 08:56 9216 C:\Windows\System32\avgwlntf.dll

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
        "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

        R2 RapiMgr;Op Windows Mobile gebaseerde apparaatverbinding;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
        R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot
        R2 WcesComm;Op Windows Mobile 2003 gebaseerde apparaatverbinding;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
        R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\atl01v32.sys [2006-11-15 15:24]
        R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-12-12 03:49]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
        LocalService REG_MULTI_SZ nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
        LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc CscService TabletInputService UmRdpService wlansvc WPDBusEnum EMDMgmt
        LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
        LocalServiceNetworkRestricted REG_MULTI_SZ DHCP eventlog AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc PnrpAutoReg
        WindowsMobile REG_MULTI_SZ wcescomm rapimgr
        LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7217d408-4b04-11dc-8af3-806e6f6e6963}]
        \shell\AutoRun\command - G:\autorun.exe

        .
        **************************************************************************

        catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-01-19 19:39:01
        Windows 6.0.6000 NTFS

        scannen van verborgen processen ...

        scannen van verborgen autostart items ...

        scannen van verborgen bestanden ...

        Scan succesvol afgerond
        verborgen bestanden: 0

        **************************************************************************
        .
        Voltooingstijd: 2008-01-19 19:39:54
        ComboFix-quarantined-files.txt 2008-01-19 18:39:51
        ComboFix2.txt 2008-01-19 18:29:14
        ComboFix3.txt 2008-01-19 18:21:33
        .
        2008-01-11 06:32:00 --- E O F ---



        Tijdens het scannen van Combofix gaf mijn AVG-virusscanner, die ik er nu bij heb gezet omdat mijn eigen virusscanner het niet meer doet, 2x een melding van een threat. Die ik niet kon schonen of verwijderen. Dus kon ik alleen maar op ignore klikken.

        Ik hoop dat jullie mij kunnen helpen.

        Comment


        • #5
          Je moest de hijackthislog maken na het uitvoeren van combofix.
          Jij hebt deze gemaakt voor het gebruik van combofix.
          Belangrijk is dat je de instructies correct uitvoert.

          Open een kladblokbestand.
          Kopieer de ondestaande code, en plak deze in het kladblokbestand.
          Sla het kladblokbestand op als CFScript.txt
          Code:
          FILE::
          C:\Windows\wininit.ini
          
          Registry::
          [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
          
          RenV::
          C:\Program Files\ESET\nod32kui .exe
          C:\Windows\RtHDVCpl .exe
          C:\Windows\System32\hkcmd .exe
          Sleep nu het bestand CFScript.txt in het bestand ComboFix.exe

          ComboFix zal opnieuw starten.
          Wanneer ComboFix klaar is, dit kan na een herstart zijn, opent er een logfile.
          Post de inhoud van de logfile.
          Maak een nieuwe hijackthislog en post deze.
          Last edited by Marckie; 20-01-08, 10:57.

          Comment


          • #6
            Heb je gebruikersaccountbeheer uitgeschakeld op deze computer.

            Comment


            • #7
              Ja, die is uitgeschakeld. Is dat goed of juist niet?

              Comment


              • #8
                Ik ga nu de dingen doen die je hierboven beschreven hebt.
                Sorry dat ik het niet helemaal juist had gedaan.

                Comment


                • #9
                  Combofix:

                  ComboFix 08-01-18.5 - Beheerder 2008-01-20 11:52:24.4 - NTFSx86
                  Microsoft® Windows Vista™ Business 6.0.6000.0.1252.1.1043.18.1268 [GMT 1:00]
                  Gestart vanuit: D:\Desktop\ComboFix.exe
                  Command switches used :: D:\Desktop\CFScript.txt

                  WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

                  FILE
                  C:\Windows\wininit.ini
                  .

                  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                  .

                  C:\Windows\system32\hkcmd.exe
                  C:\Windows\wininit.ini

                  .
                  (((((((((((((((((((( Bestanden Gemaakt van 2007-12-20 to 2008-01-20 ))))))))))))))))))))))))))))))
                  .

                  2008-01-20 11:04 . 2008-01-20 11:03 512,096 --a------ C:\Windows\System32\drivers\amon.sys
                  2008-01-20 11:04 . 2008-01-20 11:03 298,104 --a------ C:\Windows\System32\imon.dll
                  2008-01-20 11:04 . 2008-01-20 11:03 15,424 --a------ C:\Windows\System32\drivers\nod32drv.sys
                  2008-01-20 10:59 . 2008-01-20 10:59 <DIR> d-------- C:\Users\All Users\Avg7
                  2008-01-20 10:59 . 2008-01-20 10:59 <DIR> d-------- C:\ProgramData\Avg7
                  2008-01-20 10:40 . 2008-01-17 18:09 102,664 --a------ C:\Windows\System32\drivers\tmcomm.sys
                  2008-01-19 19:00 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe
                  2008-01-19 17:13 . 2008-01-19 17:13 <DIR> d-------- C:\Program Files\Trend Micro
                  2008-01-19 16:14 . 2008-01-19 16:14 <DIR> d-------- C:\Users\All Users\Lavasoft
                  2008-01-19 16:14 . 2008-01-19 16:14 <DIR> d-------- C:\ProgramData\Lavasoft
                  2008-01-19 16:14 . 2008-01-19 16:14 <DIR> d-------- C:\Program Files\Lavasoft
                  2008-01-19 15:33 . 2008-01-19 16:48 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
                  2008-01-19 15:33 . 2008-01-19 16:48 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
                  2008-01-19 14:25 . 2008-01-19 15:29 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\SUPERAntiSpyware.com
                  2008-01-19 14:25 . 2008-01-19 14:25 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
                  2008-01-19 14:25 . 2008-01-19 14:25 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
                  2008-01-19 14:25 . 2008-01-19 15:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
                  2008-01-17 21:11 . 2008-01-17 21:11 0 --ah----- C:\ProgramData.LOG2
                  2008-01-17 21:11 . 2008-01-17 21:11 0 --ah----- C:\ProgramData.LOG1
                  2008-01-17 18:32 . 2008-01-17 18:45 4,317,184 --a------ C:\Windows\RtHDVCpl.exe
                  2008-01-17 18:23 . 2008-01-17 18:30 <DIR> d-------- C:\Windows\BDOSCAN8
                  2008-01-17 18:13 . 2008-01-17 18:13 <DIR> d-------- C:\Windows\McAfee.com
                  2008-01-17 17:58 . 2008-01-20 10:40 <DIR> d-------- C:\Users\Beheerder\.housecall6.6
                  2008-01-17 16:23 . 2004-10-07 13:39 89,088 --a------ C:\Windows\System32\atl71.dll
                  2008-01-17 10:31 . 2008-01-17 10:31 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\Ashampoo
                  2008-01-17 10:29 . 2008-01-17 10:29 <DIR> d-------- C:\Users\All Users\ashampoo
                  2008-01-17 10:29 . 2008-01-17 10:29 <DIR> d-------- C:\ProgramData\ashampoo
                  2008-01-17 10:29 . 2008-01-17 10:29 <DIR> d-------- C:\Program Files\Ashampoo
                  2008-01-15 19:58 . 2008-01-15 19:58 16,070 --a------ C:\Windows\System32\results.xml
                  2008-01-15 19:55 . 2008-01-15 19:55 <DIR> d-------- C:\Users\Beheerder\{10ee69cc-d4ee-482c-8f46-50b0ba7c9ebc}
                  2008-01-15 19:53 . 2008-01-15 19:53 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\Sony Corporation
                  2008-01-15 18:42 . 2008-01-15 18:42 <DIR> d-------- C:\Program Files\Sony
                  2008-01-15 18:41 . 2008-01-15 18:41 <DIR> d-------- C:\Users\All Users\Sony Corporation
                  2008-01-15 18:41 . 2008-01-15 18:41 <DIR> d-------- C:\ProgramData\Sony Corporation
                  2008-01-13 10:59 . 2008-01-13 10:59 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
                  2008-01-12 09:19 . 2008-01-12 09:19 <DIR> d-------- C:\Program Files\Enigma Software Group
                  2008-01-12 08:26 . 2008-01-12 08:26 2,560 --a------ C:\Windows\_MSRSTRT.EXE
                  2008-01-11 13:50 . 2008-01-11 13:50 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\PCToolsFirewallPlus
                  2008-01-11 13:47 . 2008-01-17 21:57 <DIR> d-a------ C:\Users\All Users\TEMP
                  2008-01-11 13:47 . 2008-01-17 21:57 <DIR> d-a------ C:\ProgramData\TEMP
                  2008-01-11 13:33 . 2008-01-19 16:14 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
                  2008-01-11 13:32 . 2008-01-11 13:33 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\GetRightToGo
                  2008-01-11 13:32 . 2008-01-11 13:32 <DIR> d-------- C:\Downloads
                  2008-01-10 19:14 . 2008-01-17 09:59 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\LimeWirePlus
                  2008-01-10 19:12 . 2008-01-10 19:12 <DIR> d-------- C:\Windows\Sun
                  2008-01-10 19:12 . 2008-01-13 18:07 <DIR> d-------- C:\Users\All Users\Google
                  2008-01-10 19:12 . 2007-09-24 23:31 69,632 --a------ C:\Windows\System32\javacpl.cpl
                  2008-01-10 19:11 . 2008-01-10 19:12 <DIR> d-------- C:\Program Files\Java
                  2008-01-10 19:11 . 2008-01-10 19:11 <DIR> d-------- C:\Program Files\Common Files\Java
                  2008-01-10 19:03 . 2008-01-12 08:27 <DIR> d-------- C:\Program Files\LimewirePlus
                  2008-01-10 19:03 . 2008-01-17 09:48 <DIR> d-------- C:\Program Files\LimeWire Plus
                  2008-01-10 16:06 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll
                  2008-01-10 16:06 . 2007-05-16 16:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll
                  2008-01-10 16:06 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll
                  2008-01-10 16:06 . 2007-05-16 16:45 1,124,720 --a------ C:\Windows\System32\D3DCompiler_34.dll
                  2008-01-10 16:06 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll
                  2008-01-10 16:06 . 2007-05-16 16:45 443,752 --a------ C:\Windows\System32\d3dx10_34.dll
                  2008-01-10 16:06 . 2007-04-04 18:53 81,768 --a------ C:\Windows\System32\xinput1_3.dll
                  2008-01-10 06:53 . 2008-01-10 06:53 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
                  2008-01-10 06:53 . 2008-01-10 06:53 216,760 --a------ C:\Windows\System32\drivers\netio.sys
                  2008-01-10 06:53 . 2008-01-10 06:53 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
                  2008-01-10 06:53 . 2008-01-10 06:53 24,064 --a------ C:\Windows\System32\netcfg.exe
                  2008-01-10 06:53 . 2008-01-10 06:53 22,016 --a------ C:\Windows\System32\netiougc.exe
                  2008-01-10 06:52 . 2008-01-10 06:52 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
                  2008-01-10 06:52 . 2008-01-10 06:52 1,686,016 --a------ C:\Windows\System32\gameux.dll
                  2008-01-10 06:52 . 2008-01-10 06:52 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
                  2008-01-10 06:52 . 2008-01-10 06:52 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
                  2008-01-10 06:52 . 2008-01-10 06:52 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
                  2008-01-10 06:52 . 2008-01-10 06:52 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
                  2008-01-10 06:52 . 2008-01-10 06:52 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
                  2008-01-10 06:52 . 2008-01-10 06:52 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
                  2008-01-10 06:52 . 2008-01-10 06:52 17,464 --a------ C:\Windows\System32\drivers\intelide.sys
                  2008-01-10 06:51 . 2008-01-10 06:51 11,776 --a------ C:\Windows\System32\sbunattend.exe
                  2008-01-09 22:22 . 2008-01-09 22:22 <DIR> d--h----- C:\Windows\PIF
                  2008-01-09 18:39 . 2008-01-14 07:39 <DIR> d-------- C:\Program Files\Google
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Users\Beheerder\AppData\Roaming\Apple Computer
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Users\All Users\Apple Computer
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Users\All Users\Apple
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\ProgramData\Apple Computer
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\ProgramData\Apple
                  2008-01-09 18:26 . 2008-01-17 13:12 <DIR> d-------- C:\Program Files\QuickTime
                  2008-01-09 18:26 . 2008-01-17 13:12 <DIR> d-------- C:\Program Files\iTunes
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Program Files\iPod
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Program Files\Common Files\Apple
                  2008-01-09 18:26 . 2008-01-09 18:26 <DIR> d-------- C:\Program Files\Apple Software Update
                  2008-01-09 18:26 . 2008-01-17 06:55 54,156 --ah----- C:\Windows\QTFont.qfn
                  2008-01-09 18:26 . 2008-01-09 18:27 1,409 --a------ C:\Windows\QTFont.for
                  2008-01-08 23:18 . 2008-01-08 23:18 <DIR> d-------- C:\Program Files\DivX
                  2008-01-08 22:13 . 2008-01-08 22:13 <DIR> d-------- C:\Program Files\Fox
                  2008-01-08 22:08 . 1997-05-12 17:53 314,368 --a------ C:\Windows\uninst.exe
                  2008-01-08 20:57 . 2008-01-08 20:57 268 --ah----- C:\sqmdata00.sqm
                  2008-01-08 20:57 . 2008-01-08 20:57 244 --ah----- C:\sqmnoopt00.sqm
                  2008-01-08 20:29 . 2006-10-26 19:56 32,592 --a------ C:\Windows\System32\msonpmon.dll
                  2008-01-08 20:28 . 2008-01-08 20:28 <DIR> d-------- C:\Program Files\Microsoft Works
                  2008-01-08 20:27 . 2008-01-08 20:27 <DIR> d-------- C:\Program Files\Microsoft.NET
                  2008-01-08 20:25 . 2008-01-08 20:25 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
                  2008-01-08 20:24 . 2008-01-08 20:24 <DIR> dr-h----- C:\MSOCache
                  2008-01-08 19:02 . 2008-01-08 20:58 <DIR> d-------- C:\Users\Beheerder\Contacts
                  2008-01-08 19:01 . 2008-01-08 19:01 <DIR> d-------- C:\Program Files\MSN Messenger
                  2008-01-08 07:14 . 2008-01-08 07:14 311,296 --a------ C:\Windows\System32\mswmdm.dll

                  .
                  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  2008-01-19 10:49 --------- d-----w C:\Program Files\Common Files\Adobe
                  2008-01-15 19:59 319,456 ----a-w C:\Windows\DIFxAPI.dll
                  2008-01-15 19:59 --------- d-----w C:\Program Files\Realtek
                  2008-01-15 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
                  2008-01-12 11:06 --------- d-----w C:\ProgramData\Microsoft Help
                  2008-01-10 05:58 --------- d-----w C:\Program Files\Windows Sidebar
                  2008-01-10 05:58 --------- d-----w C:\Program Files\Windows Mail
                  2008-01-10 05:52 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
                  2008-01-10 05:52 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
                  2008-01-10 05:52 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
                  2008-01-10 05:52 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
                  2008-01-08 19:28 --------- d-----w C:\Program Files\MSBuild
                  2008-01-05 18:20 8,704 ----a-w C:\Windows\System32\hcrstco.dll
                  2008-01-05 18:20 8,704 ----a-w C:\Windows\System32\hccoin.dll
                  2008-01-05 18:20 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
                  2008-01-05 18:20 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
                  2008-01-05 18:20 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
                  2008-01-05 18:20 542,720 ----a-w C:\Windows\System32\sysmain.dll
                  2008-01-05 18:20 502,784 ----a-w C:\Windows\System32\wlansvc.dll
                  2008-01-05 18:20 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
                  2008-01-05 18:20 47,104 ----a-w C:\Windows\System32\wlanapi.dll
                  2008-01-05 18:20 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
                  2008-01-05 18:20 297,984 ----a-w C:\Windows\System32\wlansec.dll
                  2008-01-05 18:20 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
                  2008-01-05 18:20 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
                  2008-01-05 18:20 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
                  2008-01-05 18:20 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys
                  2008-01-05 18:20 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
                  2008-01-05 18:20 2,923,520 ----a-w C:\Windows\explorer.exe
                  2008-01-05 18:20 2,027,008 ----a-w C:\Windows\System32\win32k.sys
                  2008-01-05 18:20 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys
                  2008-01-05 18:20 1,327,104 ----a-w C:\Windows\System32\quartz.dll
                  2008-01-05 18:19 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
                  2008-01-05 18:19 824,832 ----a-w C:\Windows\System32\wininet.dll
                  2008-01-05 18:19 56,320 ----a-w C:\Windows\System32\iesetup.dll
                  2008-01-05 18:19 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
                  2008-01-05 18:19 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
                  2008-01-05 18:19 223,232 ----a-w C:\Windows\System32\WMASF.DLL
                  2007-12-14 10:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe
                  2007-11-29 22:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
                  2007-11-29 22:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
                  2007-10-25 09:26 53,248 ----a-w C:\Windows\bdoscandel.exe
                  2007-10-19 18:25 174 --sha-w C:\Program Files\desktop.ini
                  .

                  ((((((((((((((((((((((((((((( snapshot_2008-01-19_19.39.15,95 )))))))))))))))))))))))))))))))))))))))))
                  .
                  - 2008-01-19 18:31:59 67,584 --s-a-w C:\Windows\bootstat.dat
                  + 2008-01-20 10:08:04 67,584 --s-a-w C:\Windows\bootstat.dat
                  - 2008-01-19 18:01:00 151,552 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
                  + 2008-01-20 10:52:02 151,552 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
                  - 2008-01-19 18:01:00 151,552 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000002\NTUSER.DAT
                  + 2008-01-20 10:52:02 151,552 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000002\NTUSER.DAT
                  - 2008-01-19 18:01:00 1,601,536 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
                  + 2008-01-20 10:52:02 1,605,632 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
                  - 2008-01-19 18:01:00 1,789,952 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
                  + 2008-01-20 10:52:02 1,794,048 ----a-w C:\Windows\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
                  - 2008-01-19 18:33:37 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
                  + 2008-01-20 10:09:39 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
                  + 2008-01-20 10:09:39 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
                  - 2008-01-19 18:33:32 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
                  + 2008-01-20 10:09:34 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
                  + 2008-01-20 10:09:34 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
                  - 2008-01-19 18:01:23 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
                  + 2008-01-20 10:52:18 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
                  + 2008-01-20 10:52:18 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
                  - 2008-01-19 18:38:15 104,570 ----a-w C:\Windows\System32\perfc009.dat
                  + 2008-01-20 10:12:32 104,570 ----a-w C:\Windows\System32\perfc009.dat
                  - 2008-01-19 18:38:15 123,636 ----a-w C:\Windows\System32\perfc013.dat
                  + 2008-01-20 10:12:32 123,636 ----a-w C:\Windows\System32\perfc013.dat
                  - 2008-01-19 18:38:15 612,848 ----a-w C:\Windows\System32\perfh009.dat
                  + 2008-01-20 10:12:32 612,848 ----a-w C:\Windows\System32\perfh009.dat
                  - 2008-01-19 18:38:15 692,336 ----a-w C:\Windows\System32\perfh013.dat
                  + 2008-01-20 10:12:32 692,336 ----a-w C:\Windows\System32\perfh013.dat
                  - 2008-01-19 18:33:58 11,076 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1025942971-30602797-3602768030-1000_UserData.bin
                  + 2008-01-20 10:09:59 11,180 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1025942971-30602797-3602768030-1000_UserData.bin
                  - 2008-01-19 18:33:58 51,872 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
                  + 2008-01-20 10:09:58 51,888 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
                  - 2008-01-19 18:33:57 48,160 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
                  + 2008-01-20 10:09:57 48,488 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
                  - 2008-01-19 08:50:42 86,110 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
                  + 2008-01-19 21:09:56 106,474 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
                  .
                  -- Snapshot reset to current date --
                  .
                  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  REGEDIT4
                  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

                  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 06:51 1232896]
                  "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [ ]
                  "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
                  "AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [ ]

                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-15 09:47 1006264]
                  "RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 18:45 4317184 C:\Windows\RtHDVCpl.exe]
                  "Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" [ ]
                  "HTV Agent"="C:\Program Files\HTV\HTV.exe" [ ]
                  "HTV Agent"="C:\Program Files\HTV\HTV .exe" [ ]
                  "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-01-18 07:39 949376]

                  C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                  Mediacontrole Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-01-15 18:42:31]

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                  "EnableLUA"= 0 (0x0)

                  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
                  "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

                  R2 RapiMgr;Op Windows Mobile gebaseerde apparaatverbinding;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
                  R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot
                  R2 WcesComm;Op Windows Mobile 2003 gebaseerde apparaatverbinding;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
                  R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\atl01v32.sys [2006-11-15 15:24]
                  R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-12-12 03:49]

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
                  LocalService REG_MULTI_SZ nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
                  LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc CscService TabletInputService UmRdpService wlansvc WPDBusEnum EMDMgmt
                  LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
                  LocalServiceNetworkRestricted REG_MULTI_SZ DHCP eventlog AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc PnrpAutoReg
                  WindowsMobile REG_MULTI_SZ wcescomm rapimgr
                  LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

                  .
                  **************************************************************************

                  catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                  Rootkit scan 2008-01-20 11:54:21
                  Windows 6.0.6000 NTFS

                  scannen van verborgen processen ...

                  scannen van verborgen autostart items ...

                  scannen van verborgen bestanden ...

                  Scan succesvol afgerond
                  verborgen bestanden: 0

                  **************************************************************************
                  .
                  Voltooingstijd: 2008-01-20 11:55:12
                  ComboFix-quarantined-files.txt 2008-01-20 10:55:10
                  ComboFix2.txt 2008-01-19 18:39:55
                  ComboFix3.txt 2008-01-19 18:29:14
                  ComboFix4.txt 2008-01-19 18:21:33
                  .
                  2008-01-11 06:32:00 --- E O F ---


                  Hijackthislog:

                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 11:56:40, on 20-1-2008
                  Platform: Windows Vista (WinNT 6.00.1904)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16575)
                  Boot mode: Normal

                  Running processes:
                  C:\Windows\system32\Dwm.exe
                  C:\Windows\system32\taskeng.exe
                  C:\Windows\WindowsMobile\wmdc.exe
                  C:\Program Files\Windows Sidebar\sidebar.exe
                  C:\Program Files\Windows Media Player\wmpnscfg.exe
                  C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
                  C:\Program Files\Windows Sidebar\sidebar.exe
                  C:\Windows\system32\conime.exe
                  C:\Windows\explorer.exe
                  C:\Windows\system32\notepad.exe
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
                  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
                  O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
                  O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
                  O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV.exe
                  O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV .exe
                  O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
                  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
                  O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
                  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
                  O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
                  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
                  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
                  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
                  O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
                  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
                  O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
                  O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                  O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
                  O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
                  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
                  O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                  O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                  O13 - Gopher Prefix:
                  O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
                  O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
                  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
                  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                  O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5209/mcfscan.cab
                  O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
                  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                  O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                  O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
                  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
                  O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
                  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
                  O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

                  --
                  End of file - 6513 bytes


                  Bedankt voor je hulp.
                  Ik hoop dat ik het nu goed heb gedaan.

                  Comment


                  • #10
                    Oorspronkelijk geplaatst door jolandacb Bekijk Berichten
                    Ja, die is uitgeschakeld. Is dat goed of juist niet?
                    Als gebruikersaccountbeheer ingeschakeld is, heeft malware heel wat minder kans op je computer en had je dit soort zaken kunnen vermijden.

                    Microsoft heeft dit niet voor niets geïntegreerd in Vista!

                    Comment


                    • #11
                      Zijn er nog problemen nu?
                      Uitgezonderd een aantal programma's die misschien niet meer werken?

                      Comment


                      • #12
                        Oorspronkelijk geplaatst door Marckie Bekijk Berichten
                        Als gebruikersaccountbeheer ingeschakeld is, heeft malware heel wat minder kans op je computer en had je dit soort zaken kunnen vermijden.

                        Microsoft heeft dit niet voor niets geïntegreerd in Vista!
                        Ik heb overwachts een nieuwe pc moeten kopen, en daar zit dus Vista op.
                        Ik heb nog geen tijd gehad om me daarin te verdiepen, omdat ik naast 32 uur werken ook een man, gezin en huishouden heb bij te houden.
                        Weet jij wel hoe intensief dat is?
                        Maar ik heb hem nu ingeschakeld.

                        Comment


                        • #13
                          Oorspronkelijk geplaatst door Marckie Bekijk Berichten
                          Zijn er nog problemen nu?
                          Uitgezonderd een aantal programma's die misschien niet meer werken?

                          Ik was vanmiddag niet thuis, zal nu weer het één en ander gan proberen.
                          Tot dusver geen problemen meer.
                          Ik heb nu ad-aware er op, en Spybot. Deze 2 zal ik regelmatig laten draaien.
                          Is het verstandig nu ook nog Zonealarm firewall er op te doen?

                          En ik heb er nu weer NOD32 op.
                          Klopt het dat bij de handmatige scan van NOD32 ( onde de kop beveiligingsmodules) er foutmeldingen komen als:
                          Fout bij het scannen van de MBRsector van 3.harde schijf.

                          Comment


                          • #14
                            Ik weet best hoe intensief een gezinsleven met een (fulltime)job kan zijn.
                            Ik snap alleen niet wat dit te maken met heeft met het al dan niet uitschakelen van gebruikersaccountbeheer?
                            Je geeft zelf aan dat je UAC uitgeschakeld hebt.
                            Ik wil je enkel maar waarschuwen dat je Vista-computer met gebruikersaccountbeheer (UAC) ingeschakeld, een stuk veiliger is en dat je hoogstwaarschijnlijk alle ellende had kunnen voorkomen.
                            ZoneAlarm mag je installeren.
                            Waarschijnlijk kan NOD32 de MBR van schijf drie niet lezen en geeft ie daarom een error.
                            Wat de oorzaak daarvan is weet ik niet.

                            Comment


                            • #15
                              [QUOTE=Marckie;313038]Ik weet best hoe intensief een gezinsleven met een (fulltime)job kan zijn.
                              Ik snap alleen niet wat dit te maken met heeft met het al dan niet uitschakelen van gebruikersaccountbeheer?
                              Je geeft zelf aan dat je UAC uitgeschakeld hebt.
                              Ik wil je enkel maar waarschuwen dat je Vista-computer met gebruikersaccountbeheer (UAC) ingeschakeld, een stuk veiliger is en dat je hoogstwaarschijnlijk alle ellende had kunnen voorkomen.
                              ZoneAlarm mag je installeren.
                              QUOTE]

                              Ik bedoelde het als grapje hoor, dus het was beslist niet verkeerd bedoeld.
                              Ik zal me wat verder verdiepen in Vista zodat ik weet hoe alles verder ingeschakeld moet zijn.
                              Bedankt voor al je hulp.

                              Groetjes Jolanda

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X