Mededeling

Collapse
No announcement yet.

virus(en)

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    virus(en)

    Ik heb een probleem.
    als ik mijn pc opstart geeft mijn NOD32 aan dat winlogon een virus bevat.
    ik heb dit pas sinds gister en ik snap er niks van.
    ik heb het geprobeerd te verwijderen en ik heb gescant met spybot en met me nod32 maar het blijft.
    en als ik bij me nod 32 op verwijderen druk dan staat er dat hij het doet na opnieuw opgestart te hebben start ik opnieuw op staat het er weer.
    ook als ik op internet zit zie ik soms sommige plaatjes die dan weg gaan en komt er te staan spy/maleware gevonden en die brengt me naar de site van winfixer efzo.
    maar dat download ik niet want dat is maleware.
    kan iemand mij helpen dit is me logje van hijackthis


    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 22:17:08, on 29-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\CFusionMX7\runtime\bin\jrunsvc.exe
    C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
    C:\CFusionMX7\runtime\bin\jrun.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
    C:\CFusionMX7\verity\k2\_nti40\bin\k2server.exe
    C:\CFusionMX7\verity\k2\_nti40\bin\k2index.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Gebruiker\Mijn documenten\My Completed Downloads\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {689A016C-B62E-459F-92F0-041E19EA8A58} - C:\WINDOWS\system32\tusrp.dll
    O2 - BHO: (no name) - {6C7ECEC3-D4DD-4DCF-A465-FE5708735801} - C:\WINDOWS\system32\opnkl.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {80BB55D5-0982-4A14-95AE-B5B293FF85B6} - C:\WINDOWS\system32\ssqommj.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
    O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
    O4 - HKCU\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
    O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: ScanPanel.lnk = C:\ScanPanel\ScnPanel.exe
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O20 - Winlogon Notify: ssqommj - C:\WINDOWS\SYSTEM32\ssqommj.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ColdFusion MX 7 Application Server - Macromedia Inc. - C:\CFusionMX7\runtime\bin\jrunsvc.exe
    O23 - Service: ColdFusion MX 7 Search Server - Verity, Inc. - C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

    --
    End of file - 9235 bytes





    MVG Mikaa
    Labels: Geen
    • Citaat
  • #2
    Hallo,

    Je gebruikt een oude versie van HijackThis. Best dat je eerst update naar de nieuwste versie: http://www.trendsecure.com/portal/en...HJTInstall.exe

    Sluit alle open vensters.
    Start HijackThis nog een keer en plaats een vinkje bij de volgende items:

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {689A016C-B62E-459F-92F0-041E19EA8A58} - C:\WINDOWS\system32\tusrp.dll
    O2 - BHO: (no name) - {6C7ECEC3-D4DD-4DCF-A465-FE5708735801} - C:\WINDOWS\system32\opnkl.dll (file missing)
    O2 - BHO: (no name) - {80BB55D5-0982-4A14-95AE-B5B293FF85B6} - C:\WINDOWS\system32\ssqommj.dll
    O20 - Winlogon Notify: ssqommj - C:\WINDOWS\SYSTEM32\ssqommj.dll

    Klik daarna op "Fix checked" en sluit HijackThis af.


    Download combofix.exe: http://www.bleepingcomputer.com/comb...uikt-te-worden
    Plaats het op je bureaublad.
    Dubbelklik er op om het programma te starten.
    In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
    • Citaat

    Comment

    • #3
      Bedankt voor de snelle reactie, hier zijn de logs waar je om vroeg.



      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 15:24:41, on 30-1-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16574)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\VTTimer.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\CFusionMX7\runtime\bin\jrunsvc.exe
      C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
      C:\CFusionMX7\runtime\bin\jrun.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\WINDOWS\system32\svchost.exe
      C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
      C:\CFusionMX7\verity\k2\_nti40\bin\k2server.exe
      C:\CFusionMX7\verity\k2\_nti40\bin\k2index.exe
      C:\Program Files\Common Files\Teleca Shared\Generic.exe
      C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\BitLord\BitLord.exe
      C:\Program Files\Windows NT\Bureau-accessoires\WORDPAD.EXE
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\DAP\DAP.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
      O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
      O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
      O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
      O4 - HKCU\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe
      O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
      O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: ScanPanel.lnk = C:\ScanPanel\ScnPanel.exe
      O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
      O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
      O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html
      O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
      O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
      O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: ColdFusion MX 7 Application Server - Macromedia Inc. - C:\CFusionMX7\runtime\bin\jrunsvc.exe
      O23 - Service: ColdFusion MX 7 Search Server - Verity, Inc. - C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
      O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
      O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

      --
      End of file - 8363 bytes




      ComboFix 08-01-30.6 - Gebruiker 2008-01-30 15:28:45.1 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.417 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\Gebruiker\Bureaublad\ComboFix.exe
      * Nieuw herstelpunt werd aangemaakt

      WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
      .

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\WINDOWS\system32\tusrp.dll
      C:\WINDOWS\system32\lknpo.ini
      C:\WINDOWS\system32\lknpo.ini2
      C:\WINDOWS\system32\prsut.ini
      C:\WINDOWS\system32\prsut.ini2
      C:\WINDOWS\system32\pskill.exe
      C:\WINDOWS\system32\tusrp.dll

      .
      (((((((((((((((((((( Bestanden Gemaakt van 2007-12-28 to 2008-01-30 ))))))))))))))))))))))))))))))
      .

      2008-01-30 15:24 . 2008-01-30 15:24 <DIR> d-------- C:\Program Files\Trend Micro
      2008-01-29 21:56 . 2008-01-29 21:56 92 --a------ C:\WINDOWS\wininit.ini
      2008-01-29 21:37 . 2008-01-29 21:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-01-29 20:45 . 2008-01-29 20:45 39,424 --a------ C:\WINDOWS\system32\ssqommj.V99dll
      2008-01-29 20:45 . 2008-01-29 20:45 39,424 --a------ C:\WINDOWS\system32\ssqommj.V98dll
      2008-01-29 20:45 . 2008-01-29 20:45 39,424 --a------ C:\WINDOWS\system32\ssqommj.V97dll
      2008-01-29 20:45 . 2008-01-29 20:45 39,424 --a------ C:\WINDOWS\system32\ssqommj.V96dll
      2008-01-29 20:43 . 2008-01-29 20:43 39,424 --a------ C:\WINDOWS\system32\ssqommj.V72dll
      2008-01-29 20:42 . 2008-01-29 20:42 39,424 --a------ C:\WINDOWS\system32\ssqommj.Vdll
      2008-01-27 23:12 . 2008-01-27 23:11 737,280 --a------ C:\WINDOWS\iun6002.exe
      2008-01-27 23:12 . 2008-01-27 23:13 39,424 --------- C:\WINDOWS\system32\ssqommj.dll
      2008-01-27 22:53 . 2008-01-29 22:15 <DIR> d-------- C:\Program Files\vghd
      2008-01-24 15:51 . 2008-01-24 15:52 <DIR> d-------- C:\Program Files\Guild Wars
      2008-01-21 11:20 . 2008-01-21 11:20 <DIR> d-------- C:\WINDOWS\system32\VIRepair
      2008-01-20 21:05 . 2008-01-20 21:07 <DIR> d-------- C:\Program Files\SpeedBit Video Accelerator
      2008-01-20 21:02 . 2008-01-30 15:36 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
      2008-01-20 21:01 . 2008-01-20 21:12 <DIR> d-------- C:\Program Files\DAP
      2008-01-20 21:01 . 2008-01-20 21:01 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx
      2008-01-20 21:01 . 2008-01-20 21:01 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx
      2008-01-20 21:01 . 2008-01-20 21:01 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
      2008-01-13 22:25 . 2008-01-13 22:25 <DIR> d-------- C:\Program Files\ESTsoft
      2008-01-13 22:25 . 2008-01-13 22:25 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\ESTsoft
      2008-01-13 21:32 . 2008-01-13 21:32 <DIR> d-------- C:\Program Files\WebWriter3
      2008-01-12 12:15 . 2008-01-12 12:15 <DIR> d-------- C:\Program Files\CoffeeCup Software
      2008-01-11 18:04 . 2008-01-11 18:04 30,720 --a------ C:\WINDOWS\6816White12.dat
      2008-01-11 18:04 . 2008-01-11 18:04 4 --a------ C:\WINDOWS\6816Error.dat
      2008-01-11 18:03 . 2008-01-11 18:03 30,720 --a------ C:\WINDOWS\6816Dark12.dat
      2008-01-11 18:03 . 2008-01-11 18:03 6 --a------ C:\WINDOWS\6816Exposure.dat
      2008-01-11 18:03 . 2008-01-11 18:03 3 --a------ C:\WINDOWS\6816Offset.dat
      2008-01-11 18:03 . 2008-01-11 18:03 3 --a------ C:\WINDOWS\6816Gain.dat
      2008-01-11 18:02 . 2001-09-06 21:27 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll
      2008-01-11 18:02 . 2001-09-06 21:27 87,040 --a--c--- C:\WINDOWS\system32\dllcache\wiafbdrv.dll
      2008-01-11 18:02 . 2001-10-18 11:01 45,056 -ra------ C:\WINDOWS\GetKey.dll
      2008-01-11 18:02 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
      2008-01-11 18:02 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
      2008-01-11 00:05 . 2008-01-11 00:05 <DIR> d-------- C:\Program Files\WarZone
      2008-01-11 00:05 . 2008-01-11 00:05 <DIR> d-------- C:\Program Files\Microprose
      2008-01-10 19:53 . 2008-01-10 19:53 <DIR> d-------- C:\Program Files\VirtualDJ
      2008-01-10 19:01 . 2008-01-10 19:06 <DIR> d-------- C:\Program Files\VDJ5
      2008-01-10 00:35 . 2008-01-10 00:35 <DIR> d-------- C:\Program Files\MP3 Player Utilities 4.05
      2008-01-09 23:25 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
      2008-01-09 17:43 . 2008-01-09 17:43 1,355 --a------ C:\WINDOWS\imsins.BAK
      2008-01-07 17:11 . 2005-11-30 21:20 2,314,332 --a------ C:\WINDOWS\system32\LIBMMD.DLL
      2008-01-07 17:11 . 1998-06-23 22:00 609,584 --a------ C:\WINDOWS\system32\comctl32.ocx
      2008-01-07 17:11 . 2000-05-22 15:58 115,920 --a------ C:\WINDOWS\system32\msinet.ocx
      2008-01-07 16:40 . 2008-01-07 16:40 379 --a------ C:\WINDOWS\ODBC.INI
      2008-01-07 16:38 . 2008-01-07 16:38 <DIR> d-------- C:\WINDOWS\ShellNew
      2008-01-07 16:38 . 2008-01-07 16:38 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Microsoft Web Folders
      2008-01-07 01:45 . 2008-01-07 01:49 <DIR> d-------- C:\Mijn Web paginas
      2008-01-07 01:43 . 2008-01-07 01:43 <DIR> d-------- C:\Program Files\WinHTTrack
      2008-01-06 21:17 . 2008-01-06 21:17 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\ViStart
      2008-01-06 21:15 . 2008-01-06 21:15 <DIR> d-------- C:\Program Files\WinFlip
      2008-01-06 21:15 . 2008-01-06 21:15 <DIR> d-------- C:\Program Files\TrueTransparency
      2008-01-06 21:15 . 2008-01-21 11:20 <DIR> d-------- C:\Program Files\Styler
      2008-01-06 21:15 . 2008-01-06 21:15 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Styler
      2008-01-06 21:12 . 2008-01-06 21:12 78,942 --a------ C:\WINDOWS\Icon_1.ico
      2008-01-06 21:11 . 2008-01-21 11:21 <DIR> d-------- C:\WINDOWS\system32\VITrans
      2008-01-06 21:11 . 2008-01-06 21:15 <DIR> d-------- C:\VTPFiles
      2008-01-06 21:11 . 2006-12-03 17:15 111,104 --a------ C:\WINDOWS\system32\Uharc.exe
      2008-01-06 21:11 . 2006-12-03 17:15 19,968 --a------ C:\WINDOWS\system32\reico.exe
      2008-01-06 21:11 . 2006-12-03 17:14 8,636 --a------ C:\WINDOWS\system32\modifype.exe
      2007-12-30 16:30 . 2007-12-30 16:30 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Jasc
      2007-12-21 17:08 . 2007-12-21 17:08 20 --ah----- C:\qpmd8378.bin
      2007-12-21 17:07 . 2007-12-21 17:07 49,152 --a------ C:\WINDOWS\system32\cfperfmon_mx.dll
      2007-12-21 17:05 . 2007-12-21 17:06 <DIR> d--h----- C:\Program Files\Zero G Registry
      2007-12-21 17:03 . 2007-12-21 17:03 <DIR> d--h----- C:\Documents and Settings\Gebruiker\InstallAnywhere
      2007-12-20 00:37 . 2007-12-21 16:59 <DIR> d-------- C:\Program Files\Macromedia
      2007-12-20 00:37 . 2007-12-20 00:38 <DIR> d-------- C:\Program Files\Common Files\Macromedia
      2007-12-19 18:10 . 2007-12-19 18:10 <DIR> d-------- C:\Program Files\SmartFTP Client 2.5 Setup Files
      2007-12-19 18:10 . 2008-01-07 20:04 <DIR> d-------- C:\Program Files\SmartFTP Client
      2007-12-19 17:43 . 2007-12-19 17:43 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\U3
      2007-12-19 17:12 . 2007-12-19 17:13 <DIR> d-------- C:\Program Files\Jasc Software Inc
      2007-12-19 17:00 . 2008-01-30 15:28 <DIR> dr-h----- C:\Documents and Settings\Gebruiker\Onlangs geopend
      2007-12-19 01:36 . 2007-12-19 01:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
      2007-12-19 01:33 . 2007-12-19 01:33 <DIR> d-------- C:\Program Files\Bonjour
      2007-12-19 01:25 . 2007-12-19 01:25 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
      2007-12-17 01:57 . 2008-01-13 23:23 754 --a------ C:\WINDOWS\WORDPAD.INI
      2007-12-15 23:20 . 2007-12-15 23:20 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\SmartFTP
      2007-12-12 23:20 . 2008-01-09 17:45 624 --a------ C:\WINDOWS\system32\MRT.INI
      2007-12-12 13:20 . 2007-12-12 13:20 <DIR> d-------- C:\Program Files\NCH Swift Sound
      2007-12-12 13:20 . 2007-12-12 13:20 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\NCH Swift Sound
      2007-12-12 13:20 . 2007-12-12 13:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
      2007-12-11 23:32 . 2007-12-11 23:32 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\SecondLife
      2007-12-11 20:28 . 2007-12-11 20:28 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
      2007-12-11 20:28 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
      2007-12-11 20:28 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
      2007-12-11 20:28 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
      2007-12-11 20:26 . 2008-01-09 23:27 <DIR> d-------- C:\Program Files\Common Files\Adobe
      2007-12-11 19:38 . 2008-01-22 00:09 <DIR> d-------- C:\Program Files\iTunes
      2007-12-11 19:38 . 2007-12-11 19:38 <DIR> d-------- C:\Program Files\iPod
      2007-12-11 19:38 . 2008-01-15 00:15 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Apple Computer
      2007-12-11 19:38 . 2008-01-30 15:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2007-12-11 19:38 . 2007-12-11 19:38 1,409 --a------ C:\WINDOWS\QTFont.for
      2007-12-11 19:37 . 2007-12-11 19:38 <DIR> d-------- C:\Program Files\QuickTime
      2007-12-11 19:37 . 2007-12-11 19:37 <DIR> d-------- C:\Program Files\Common Files\Apple
      2007-12-11 19:37 . 2007-12-11 19:37 <DIR> d-------- C:\Program Files\Apple Software Update
      2007-12-11 19:37 . 2007-12-11 19:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
      2007-12-11 19:37 . 2007-12-11 19:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
      2007-12-11 16:01 . 2007-12-11 16:01 <DIR> d-------- C:\Program Files\PowerISO
      2007-12-07 00:33 . 2007-12-07 00:33 <DIR> d-------- C:\WINDOWS\NPCommon

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-01-27 22:03 --------- d-----w C:\Program Files\EA GAMES
      2008-01-14 19:55 --------- d-----w C:\Documents and Settings\Gebruiker\Application Data\LimeWirePlus
      2008-01-11 16:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-01-07 15:38 --------- d-----w C:\Program Files\microsoft frontpage
      2007-12-17 23:23 44,239 ----a-w C:\sound32.dll
      2007-12-16 21:15 --------- d-----w C:\Program Files\MSN Messenger
      2007-12-16 21:15 --------- d-----w C:\Program Files\Messenger Plus! Live
      2007-12-05 18:03 --------- d-----w C:\Program Files\Microsoft Games
      2007-12-03 19:05 --------- d-----w C:\Program Files\FLStudio addons
      2007-12-03 19:04 --------- d-----w C:\Program Files\Image-Line
      2007-11-30 14:14 --------- d-----w C:\Program Files\7-Zip
      2007-11-30 13:36 --------- d-----w C:\Program Files\FL Studio 7
      2007-11-29 12:25 --------- d-----w C:\Program Files\Counter-Strike 1.6
      2007-11-28 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
      2007-11-28 18:24 --------- d-----w C:\Program Files\Windows Live
      2007-11-28 18:22 4,229,496 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
      2007-11-28 18:22 --------- d-----w C:\Program Files\Illustrate
      2007-11-28 18:22 --------- d-----w C:\Documents and Settings\Gebruiker\Application Data\AccurateRip
      2007-11-28 13:16 --------- d-----w C:\Program Files\GameSpy Arcade
      2007-11-28 02:00 --------- d-----w C:\Program Files\MSXML 4.0
      2007-11-07 09:30 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll
      2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
      2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
      2007-10-10 23:54 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6C7ECEC3-D4DD-4DCF-A465-FE5708735801}]
      C:\WINDOWS\system32\opnkl.dll

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{80BB55D5-0982-4A14-95AE-B5B293FF85B6}]
      2008-01-27 23:13 39424 --------- C:\WINDOWS\system32\ssqommj.dll

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03 15360]
      "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-11-20 18:09 5674352]
      "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
      "LClock"="C:\Program Files\LClock\lclock.exe" [ ]
      "Vista Sidebar"="C:\Program Files\Vista Sidebar\sidebar.exe" [ ]
      "ViStart"="C:\Program Files\ViStart\ViStart.exe" [ ]
      "ViOrb"="C:\Program Files\ViOrb\ViOrb.exe" [ ]
      "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "VTTimer"="VTTimer.exe" [2005-03-07 20:33 53248 C:\WINDOWS\system32\VTTimer.exe]
      "VTTrayp"="VTtrayp.exe" [2006-04-11 09:06 176128 C:\WINDOWS\system32\VTTrayp.exe]
      "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01 32768]
      "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40 155648]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
      "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
      "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:03 110592 C:\WINDOWS\system32\bthprops.cpl]
      "SoundMan"="SOUNDMAN.EXE" [2006-08-02 22:12 577536 C:\WINDOWS\soundman.exe]
      "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-06 16:49 949376]
      "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-07 01:05 200704]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-14 23:43 286720]
      "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11 267048]
      "DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2008-01-20 21:01 4576768]
      "SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2008-01-20 21:05 2283120]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03 15360]

      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
      Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-09 23:27:06 113664]
      Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 15:05:56 65588]
      ScanPanel.lnk - C:\ScanPanel\ScnPanel.exe [2008-01-11 17:56:25 1748992]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{80BB55D5-0982-4A14-95AE-B5B293FF85B6}"= C:\WINDOWS\system32\ssqommj.dll [2008-01-27 23:13 39424]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqommj]
      ssqommj.dll 2008-01-27 23:13 39424 C:\WINDOWS\system32\ssqommj.dll

      R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 04:38]
      R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 04:39]
      R2 ColdFusion MX 7 Application Server;ColdFusion MX 7 Application Server;"C:\CFusionMX7\runtime\bin\jrunsvc.exe" [2005-01-24 18:59]
      R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-01-20 21:05]
      R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start
      S2 ColdFusion MX 7 Search Server;ColdFusion MX 7 Search Server;"C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe" -cfg "C:\CFusionMX7\verity\k2\common\verity.cfg"
      S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;C:\Documents and Settings\Gebruiker\Bureaublad\Marche_Hack_Pack\Marche Hack Pack\IlvMoney1105.sys
      S3 K320bus;Sony Ericsson K320 driver (WDM);C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 11:10]
      S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 11:10]
      S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 11:10]
      S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 11:10]
      S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 11:10]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{320b8d5c-9a6f-11dc-8e4f-806d6172696f}]
      \Shell\AutoRun\command - E:\autorun.exe
      \Shell\readit\command - notepad readme.doc

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{328a92c2-975c-11dc-86b4-806d6172696f}]
      \Shell\AutoRun\command - D:\Setup\check.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9df370d6-ae4a-11dc-a997-001617a7e0f2}]
      \Shell\AutoRun\command - M:\LaunchU3.exe -a

      .
      Inhoud van de 'Gedeelde Taken' map
      "2008-01-25 07:46:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
      .
      **************************************************************************

      catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-01-30 15:36:15
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      --------------------- DLLs Geladen Onder Lopende Processen ---------------------

      PROCESS: C:\WINDOWS\system32\winlogon.exe
      -> C:\WINDOWS\system32\ssqommj.dll

      PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
      -> C:\WINDOWS\system32\ssqommj.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      C:\WINDOWS\system32\VTTimer.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Eset\nod32kui.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\CFusionMX7\runtime\bin\jrunsvc.exe
      C:\CFusionMX7\runtime\bin\jrun.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
      C:\Program Files\Common Files\Teleca Shared\Generic.exe
      C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
      C:\Program Files\BitLord\BitLord.exe
      .
      **************************************************************************
      .
      Voltooingstijd: 2008-01-30 15:39:56 - machine was rebooted
      ComboFix-quarantined-files.txt 2008-01-30 14:39:48
      .
      2008-01-09 16:45:09 --- E O F ---
      • Citaat

      Comment

      • #4
        Open een kladblokbestand.
        Kopieer de ondestaande code, en plak deze in het kladblokbestand.
        Sla het kladblokbestand op als CFScript.txt
        Code:
        File::
C:\WINDOWS\wininit.ini
C:\WINDOWS\system32\ssqommj.V99dll
C:\WINDOWS\system32\ssqommj.V98dll
C:\WINDOWS\system32\ssqommj.V97dll
C:\WINDOWS\system32\ssqommj.V96dll
C:\WINDOWS\system32\ssqommj.V72dll
C:\WINDOWS\system32\ssqommj.Vdll
C:\WINDOWS\system32\ssqommj.dll

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6C7ECEC3-D4DD-4DCF-A465-FE5708735801}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{80BB55D5-0982-4A14-95AE-B5B293FF85B6}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqommj]
        Sleep nu het bestand CFScript.txt in het bestand ComboFix.exe

        ComboFix zal opnieuw starten.
        Wanneer ComboFix klaar is, dit kan na een herstart zijn, opent er een logfile.
        Post de inhoud van de logfile.
        • Citaat

        Comment

        • #5
          Er word nu aan gegeven dat mijn windows niet legaal is ?
          khoop dat dat weer normaal word want ik heb geen windows cd en kan hem dus nit opnieuw instaleren want ik heb deze computer gekocht met windows erop


          ComboFix 08-01-30.6 - Gebruiker 2008-01-30 19:24:16.2 - NTFSx86
          Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.452 [GMT 1:00]
          Gestart vanuit: C:\Documents and Settings\Gebruiker\Bureaublad\ComboFix.exe
          Command switches used :: C:\Documents and Settings\Gebruiker\Bureaublad\CFScript.txt
          * Nieuw herstelpunt werd aangemaakt

          WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

          FILE
          C:\WINDOWS\system32\ssqommj.dll
          C:\WINDOWS\system32\ssqommj.V72dll
          C:\WINDOWS\system32\ssqommj.V96dll
          C:\WINDOWS\system32\ssqommj.V97dll
          C:\WINDOWS\system32\ssqommj.V98dll
          C:\WINDOWS\system32\ssqommj.V99dll
          C:\WINDOWS\system32\ssqommj.Vdll
          C:\WINDOWS\wininit.ini
          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\WINDOWS\system32\ssqommj.dll
          C:\WINDOWS\system32\fccax.dll
          C:\WINDOWS\system32\ssqommj.dll
          C:\WINDOWS\system32\ssqommj.V72dll
          C:\WINDOWS\system32\ssqommj.V96dll
          C:\WINDOWS\system32\ssqommj.V97dll
          C:\WINDOWS\system32\ssqommj.V98dll
          C:\WINDOWS\system32\ssqommj.V99dll
          C:\WINDOWS\system32\ssqommj.Vdll
          C:\WINDOWS\system32\xaccf.ini
          C:\WINDOWS\system32\xaccf.ini2
          C:\WINDOWS\wininit.ini

          .
          (((((((((((((((((((( Bestanden Gemaakt van 2007-12-28 to 2008-01-30 ))))))))))))))))))))))))))))))
          .

          2008-01-30 15:24 . 2008-01-30 15:24 <DIR> d-------- C:\Program Files\Trend Micro
          2008-01-29 21:37 . 2008-01-30 15:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
          2008-01-29 20:43 . 2008-01-29 20:43 39,424 --a------ C:\WINDOWS\system32\ssqommj.V71dll
          2008-01-29 20:42 . 2008-01-29 20:42 39,424 --a------ C:\WINDOWS\system32\ssqommj.V40dll
          2008-01-27 23:12 . 2008-01-27 23:11 737,280 --a------ C:\WINDOWS\iun6002.exe
          2008-01-27 22:53 . 2008-01-29 22:15 <DIR> d-------- C:\Program Files\vghd
          2008-01-24 15:51 . 2008-01-24 15:52 <DIR> d-------- C:\Program Files\Guild Wars
          2008-01-21 11:20 . 2008-01-21 11:20 <DIR> d-------- C:\WINDOWS\system32\VIRepair
          2008-01-20 21:05 . 2008-01-20 21:07 <DIR> d-------- C:\Program Files\SpeedBit Video Accelerator
          2008-01-20 21:02 . 2008-01-30 19:30 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
          2008-01-20 21:01 . 2008-01-20 21:12 <DIR> d-------- C:\Program Files\DAP
          2008-01-20 21:01 . 2008-01-20 21:01 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx
          2008-01-20 21:01 . 2008-01-20 21:01 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx
          2008-01-20 21:01 . 2008-01-20 21:01 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
          2008-01-13 22:25 . 2008-01-13 22:25 <DIR> d-------- C:\Program Files\ESTsoft
          2008-01-13 22:25 . 2008-01-13 22:25 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\ESTsoft
          2008-01-13 21:32 . 2008-01-13 21:32 <DIR> d-------- C:\Program Files\WebWriter3
          2008-01-12 12:15 . 2008-01-12 12:15 <DIR> d-------- C:\Program Files\CoffeeCup Software
          2008-01-11 18:04 . 2008-01-11 18:04 30,720 --a------ C:\WINDOWS\6816White12.dat
          2008-01-11 18:04 . 2008-01-11 18:04 4 --a------ C:\WINDOWS\6816Error.dat
          2008-01-11 18:03 . 2008-01-11 18:03 30,720 --a------ C:\WINDOWS\6816Dark12.dat
          2008-01-11 18:03 . 2008-01-11 18:03 6 --a------ C:\WINDOWS\6816Exposure.dat
          2008-01-11 18:03 . 2008-01-11 18:03 3 --a------ C:\WINDOWS\6816Offset.dat
          2008-01-11 18:03 . 2008-01-11 18:03 3 --a------ C:\WINDOWS\6816Gain.dat
          2008-01-11 18:02 . 2001-09-06 21:27 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll
          2008-01-11 18:02 . 2001-09-06 21:27 87,040 --a--c--- C:\WINDOWS\system32\dllcache\wiafbdrv.dll
          2008-01-11 18:02 . 2001-10-18 11:01 45,056 -ra------ C:\WINDOWS\GetKey.dll
          2008-01-11 18:02 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
          2008-01-11 18:02 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
          2008-01-11 00:05 . 2008-01-11 00:05 <DIR> d-------- C:\Program Files\WarZone
          2008-01-11 00:05 . 2008-01-11 00:05 <DIR> d-------- C:\Program Files\Microprose
          2008-01-10 19:53 . 2008-01-10 19:53 <DIR> d-------- C:\Program Files\VirtualDJ
          2008-01-10 19:01 . 2008-01-10 19:06 <DIR> d-------- C:\Program Files\VDJ5
          2008-01-10 00:35 . 2008-01-10 00:35 <DIR> d-------- C:\Program Files\MP3 Player Utilities 4.05
          2008-01-09 23:25 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
          2008-01-09 17:43 . 2008-01-09 17:43 1,355 --a------ C:\WINDOWS\imsins.BAK
          2008-01-07 17:11 . 2005-11-30 21:20 2,314,332 --a------ C:\WINDOWS\system32\LIBMMD.DLL
          2008-01-07 17:11 . 1998-06-23 22:00 609,584 --a------ C:\WINDOWS\system32\comctl32.ocx
          2008-01-07 17:11 . 2000-05-22 15:58 115,920 --a------ C:\WINDOWS\system32\msinet.ocx
          2008-01-07 16:40 . 2008-01-07 16:40 379 --a------ C:\WINDOWS\ODBC.INI
          2008-01-07 16:38 . 2008-01-07 16:38 <DIR> d-------- C:\WINDOWS\ShellNew
          2008-01-07 16:38 . 2008-01-07 16:38 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Microsoft Web Folders
          2008-01-07 01:45 . 2008-01-07 01:49 <DIR> d-------- C:\Mijn Web paginas
          2008-01-07 01:43 . 2008-01-07 01:43 <DIR> d-------- C:\Program Files\WinHTTrack
          2008-01-06 21:17 . 2008-01-06 21:17 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\ViStart
          2008-01-06 21:15 . 2008-01-06 21:15 <DIR> d-------- C:\Program Files\WinFlip
          2008-01-06 21:15 . 2008-01-06 21:15 <DIR> d-------- C:\Program Files\TrueTransparency
          2008-01-06 21:15 . 2008-01-21 11:20 <DIR> d-------- C:\Program Files\Styler
          2008-01-06 21:15 . 2008-01-06 21:15 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Styler
          2008-01-06 21:12 . 2008-01-06 21:12 78,942 --a------ C:\WINDOWS\Icon_1.ico
          2008-01-06 21:11 . 2008-01-21 11:21 <DIR> d-------- C:\WINDOWS\system32\VITrans
          2008-01-06 21:11 . 2008-01-06 21:15 <DIR> d-------- C:\VTPFiles
          2008-01-06 21:11 . 2006-12-03 17:15 111,104 --a------ C:\WINDOWS\system32\Uharc.exe
          2008-01-06 21:11 . 2006-12-03 17:15 19,968 --a------ C:\WINDOWS\system32\reico.exe
          2008-01-06 21:11 . 2006-12-03 17:14 8,636 --a------ C:\WINDOWS\system32\modifype.exe
          2007-12-30 16:30 . 2007-12-30 16:30 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Jasc
          2007-12-21 17:08 . 2007-12-21 17:08 20 --ah----- C:\qpmd8378.bin
          2007-12-21 17:07 . 2007-12-21 17:07 49,152 --a------ C:\WINDOWS\system32\cfperfmon_mx.dll
          2007-12-21 17:05 . 2007-12-21 17:06 <DIR> d--h----- C:\Program Files\Zero G Registry
          2007-12-21 17:03 . 2007-12-21 17:03 <DIR> d--h----- C:\Documents and Settings\Gebruiker\InstallAnywhere
          2007-12-20 00:37 . 2007-12-21 16:59 <DIR> d-------- C:\Program Files\Macromedia
          2007-12-20 00:37 . 2007-12-20 00:38 <DIR> d-------- C:\Program Files\Common Files\Macromedia
          2007-12-19 18:10 . 2007-12-19 18:10 <DIR> d-------- C:\Program Files\SmartFTP Client 2.5 Setup Files
          2007-12-19 18:10 . 2008-01-07 20:04 <DIR> d-------- C:\Program Files\SmartFTP Client
          2007-12-19 17:43 . 2007-12-19 17:43 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\U3
          2007-12-19 17:12 . 2007-12-19 17:13 <DIR> d-------- C:\Program Files\Jasc Software Inc
          2007-12-19 17:00 . 2008-01-30 19:22 <DIR> dr-h----- C:\Documents and Settings\Gebruiker\Onlangs geopend
          2007-12-19 01:36 . 2007-12-19 01:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
          2007-12-19 01:33 . 2007-12-19 01:33 <DIR> d-------- C:\Program Files\Bonjour
          2007-12-19 01:25 . 2007-12-19 01:25 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
          2007-12-17 01:57 . 2008-01-13 23:23 754 --a------ C:\WINDOWS\WORDPAD.INI
          2007-12-15 23:20 . 2007-12-15 23:20 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\SmartFTP
          2007-12-12 23:20 . 2008-01-09 17:45 624 --a------ C:\WINDOWS\system32\MRT.INI
          2007-12-12 13:20 . 2007-12-12 13:20 <DIR> d-------- C:\Program Files\NCH Swift Sound
          2007-12-12 13:20 . 2007-12-12 13:20 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\NCH Swift Sound
          2007-12-12 13:20 . 2007-12-12 13:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
          2007-12-11 23:32 . 2007-12-11 23:32 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\SecondLife
          2007-12-11 20:28 . 2007-12-11 20:28 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
          2007-12-11 20:28 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
          2007-12-11 20:28 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
          2007-12-11 20:28 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
          2007-12-11 20:26 . 2008-01-09 23:27 <DIR> d-------- C:\Program Files\Common Files\Adobe
          2007-12-11 19:38 . 2008-01-22 00:09 <DIR> d-------- C:\Program Files\iTunes
          2007-12-11 19:38 . 2007-12-11 19:38 <DIR> d-------- C:\Program Files\iPod
          2007-12-11 19:38 . 2008-01-15 00:15 <DIR> d-------- C:\Documents and Settings\Gebruiker\Application Data\Apple Computer
          2007-12-11 19:38 . 2008-01-30 19:30 54,156 --ah----- C:\WINDOWS\QTFont.qfn
          2007-12-11 19:38 . 2007-12-11 19:38 1,409 --a------ C:\WINDOWS\QTFont.for
          2007-12-11 19:37 . 2007-12-11 19:38 <DIR> d-------- C:\Program Files\QuickTime
          2007-12-11 19:37 . 2007-12-11 19:37 <DIR> d-------- C:\Program Files\Common Files\Apple
          2007-12-11 19:37 . 2007-12-11 19:37 <DIR> d-------- C:\Program Files\Apple Software Update
          2007-12-11 19:37 . 2007-12-11 19:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
          2007-12-11 19:37 . 2007-12-11 19:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
          2007-12-11 16:01 . 2007-12-11 16:01 <DIR> d-------- C:\Program Files\PowerISO
          2007-12-07 00:33 . 2007-12-07 00:33 <DIR> d-------- C:\WINDOWS\NPCommon
          2007-12-07 00:33 . 1998-01-09 01:27 722,192 --a------ C:\WINDOWS\system32\VB40032.DLL
          2007-12-07 00:33 . 1996-11-17 00:00 37,376 --a------ C:\WINDOWS\system32\VEN2232.OLB
          2007-12-06 16:49 . 2007-12-06 16:49 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
          2007-12-06 16:49 . 2007-12-06 16:49 298,104 --a------ C:\WINDOWS\system32\imon.dll
          2007-12-06 16:49 . 2007-12-06 16:49 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
          2007-12-06 16:48 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-01-27 22:03 --------- d-----w C:\Program Files\EA GAMES
          2008-01-14 19:55 --------- d-----w C:\Documents and Settings\Gebruiker\Application Data\LimeWirePlus
          2008-01-11 16:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2008-01-07 15:38 --------- d-----w C:\Program Files\microsoft frontpage
          2007-12-17 23:23 44,239 ----a-w C:\sound32.dll
          2007-12-16 21:15 --------- d-----w C:\Program Files\MSN Messenger
          2007-12-16 21:15 --------- d-----w C:\Program Files\Messenger Plus! Live
          2007-12-05 18:03 --------- d-----w C:\Program Files\Microsoft Games
          2007-12-03 19:05 --------- d-----w C:\Program Files\FLStudio addons
          2007-12-03 19:04 --------- d-----w C:\Program Files\Image-Line
          2007-11-30 14:14 --------- d-----w C:\Program Files\7-Zip
          2007-11-30 13:36 --------- d-----w C:\Program Files\FL Studio 7
          2007-11-29 12:25 --------- d-----w C:\Program Files\Counter-Strike 1.6
          2007-11-28 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
          2007-11-28 18:24 --------- d-----w C:\Program Files\Windows Live
          2007-11-28 18:22 --------- d-----w C:\Program Files\Illustrate
          2007-11-28 18:22 --------- d-----w C:\Documents and Settings\Gebruiker\Application Data\AccurateRip
          2007-11-28 13:16 --------- d-----w C:\Program Files\GameSpy Arcade
          2007-11-28 02:00 --------- d-----w C:\Program Files\MSXML 4.0
          .

          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03 15360]
          "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-11-20 18:09 5674352]
          "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
          "LClock"="C:\Program Files\LClock\lclock.exe" [ ]
          "Vista Sidebar"="C:\Program Files\Vista Sidebar\sidebar.exe" [ ]
          "ViStart"="C:\Program Files\ViStart\ViStart.exe" [ ]
          "ViOrb"="C:\Program Files\ViOrb\ViOrb.exe" [ ]
          "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "VTTimer"="VTTimer.exe" [2005-03-07 20:33 53248 C:\WINDOWS\system32\VTTimer.exe]
          "VTTrayp"="VTtrayp.exe" [2006-04-11 09:06 176128 C:\WINDOWS\system32\VTTrayp.exe]
          "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01 32768]
          "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40 155648]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
          "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
          "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:03 110592 C:\WINDOWS\system32\bthprops.cpl]
          "SoundMan"="SOUNDMAN.EXE" [2006-08-02 22:12 577536 C:\WINDOWS\soundman.exe]
          "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-06 16:49 949376]
          "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-07 01:05 200704]
          "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-14 23:43 286720]
          "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11 267048]
          "DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2008-01-20 21:01 4576768]
          "SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2008-01-20 21:05 2283120]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03 15360]

          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
          Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-09 23:27:06 113664]
          Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 15:05:56 65588]
          ScanPanel.lnk - C:\ScanPanel\ScnPanel.exe [2008-01-11 17:56:25 1748992]

          R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 04:38]
          R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 04:39]
          R2 ColdFusion MX 7 Application Server;ColdFusion MX 7 Application Server;"C:\CFusionMX7\runtime\bin\jrunsvc.exe" [2005-01-24 18:59]
          R2 ColdFusion MX 7 Search Server;ColdFusion MX 7 Search Server;"C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe" -cfg "C:\CFusionMX7\verity\k2\common\verity.cfg"
          R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-01-20 21:05]
          R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start
          S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;C:\Documents and Settings\Gebruiker\Bureaublad\Marche_Hack_Pack\Marche Hack Pack\IlvMoney1105.sys
          S3 K320bus;Sony Ericsson K320 driver (WDM);C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 11:10]
          S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 11:10]
          S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 11:10]
          S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 11:10]
          S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 11:10]

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{320b8d5c-9a6f-11dc-8e4f-806d6172696f}]
          \Shell\AutoRun\command - E:\autorun.exe
          \Shell\readit\command - notepad readme.doc

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{328a92c2-975c-11dc-86b4-806d6172696f}]
          \Shell\AutoRun\command - D:\Setup\check.exe

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9df370d6-ae4a-11dc-a997-001617a7e0f2}]
          \Shell\AutoRun\command - M:\LaunchU3.exe -a

          .
          Inhoud van de 'Gedeelde Taken' map
          "2008-01-25 07:46:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
          - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
          .
          **************************************************************************

          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-01-30 19:30:25
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************
          .
          ------------------------ Other Running Processes ------------------------
          .
          C:\WINDOWS\system32\VTTimer.exe
          C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
          C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
          C:\WINDOWS\system32\rundll32.exe
          C:\Program Files\Eset\nod32kui.exe
          C:\Program Files\iTunes\iTunesHelper.exe
          C:\Program Files\Messenger\msmsgs.exe
          C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
          C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
          C:\Program Files\Common Files\Teleca Shared\Generic.exe
          C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
          C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          C:\Program Files\Bonjour\mDNSResponder.exe
          C:\CFusionMX7\runtime\bin\jrunsvc.exe
          C:\CFusionMX7\runtime\bin\jrun.exe
          C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
          C:\Program Files\Common Files\LightScribe\LSSrvc.exe
          C:\Program Files\Eset\nod32krn.exe
          C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
          C:\CFusionMX7\verity\k2\_nti40\bin\k2server.exe
          C:\CFusionMX7\verity\k2\_nti40\bin\k2index.exe
          C:\Program Files\iPod\bin\iPodService.exe
          C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
          C:\WINDOWS\system32\WgaTray.exe
          .
          **************************************************************************
          .
          Voltooingstijd: 2008-01-30 19:33:40 - machine was rebooted
          ComboFix-quarantined-files.txt 2008-01-30 18:33:37
          ComboFix2.txt 2008-01-30 14:39:56
          .
          2008-01-09 16:45:09 --- E O F ---
          • Citaat

          Comment

          • #6
            Hoe draait de computer nu?
            • Citaat

            Comment

            • #7
              nergens meer last van
              maar ik heb nu geen legale windows dus kan niet updaten :S
              • Citaat

              Comment

              • #8
                Heb je een legale windows, dan is er geen probleem.
                Je kan Microsoft contacteren en die lossen het op.

                De melding van een illegale windows is niet het gevolg van de acties die ik je heb laten ondernemen.
                Last edited by Marckie; 30-01-08, 20:48.
                • Citaat

                Comment

                • #9
                  ohhh ok :P
                  • Citaat

                  Comment

                  • #10
                    Voer een onlinescan uit met de ESET Online Scanner.
                    Vink aan: YES, I accept the Terms Of Use.
                    Klik op de knop Start.
                    Klik daarna op de knop Install.
                    Klik op Start.

                    De scanner zal nu initialiseren en updaten.
                    Vink Remove found threats NIET aan, tenzij dit gevraagd wordt.
                    Klik op de knop Scan.

                    Wacht geduldig af tot de scan voltooid is, dit kan een tijdje duren.
                    Wanneer de scan klaar is, klik je op de tab Details.
                    Kopiëer en plak de inhoud van dit venster in je volgende post.
                    (Je vindt dit ook terug als C:\Program Files\EsetOnlineScanner\log.txt)
                    • Citaat

                    Comment

                    Vorige template Volgende
                    Sorry, you are not authorized to view this page
                    Working...
                    X