Mededeling

Collapse
No announcement yet.

Problemen internet explorer & bureaublad

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Problemen internet explorer & bureaublad

    Goedenmorgen,

    Ik heb 2 problemen. Een daarvan is mijn Internet Explorer. Wanneer ik die wil opstarten geeft het een fout en wordt internet explorer niet opgestart. Mijn tweede probleem is dat soms alles op mijn bureaublad verdwijnt. Ik zie dan alleen dan nog maar mijn achtergrond. Als ik dan cntr+alt+dlt doe en afmelden en weer aanmelden doe, doet alles het weer normaal.

    Zou iemand mij hiermee misschien kunnen helpen? Alvast bedankt!

    HijackThisLog:


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:17:01, on 24-3-2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\Rundll32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [64dcc1ed] rundll32.exe "C:\WINDOWS\System32\ufwbjewg.dll",b
    O4 - HKLM\..\Run: [BM67eff271] Rundll32.exe "C:\WINDOWS\System32\ubmrotvp.dll",s
    O4 - HKUS\S-1-5-18\..\Run: (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: (User 'Default user')
    O8 - Extra context menu item: &Ontvang alles met FlashGet - D:\Flashget\jc_all.htm
    O8 - Extra context menu item: &Ontvang met FlashGet - D:\Flashget\jc_link.htm
    O16 - DPF: {9B935470-AD4A-11D5-B63E-00C04FAEDB18} (Oracle JInitiator 1.1.8.16) - https://top.cbr.nl:4000/jinit/jinit11816.exe
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O20 - AppInit_DLLs: C:\WINDOWS\System32\sms22hrdhr.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 2736 bytes
    Labels: Geen
    • Citaat
  • #2
    Waarom heb je nog geen SP2 ??

    Volg de instructies zoals beschreven op de volgende pagina: hoe-dient-combofix-gebruikt-te-worden

    Gebruik je Vista, dan hoeft de Recovery Console niet te worden geinstalleerd.
    Is er iets niet duidelijk, dan vraag je het.
    Als het tooltje klaar is, opent er een logfile (C:\combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
    • Citaat

    Comment

    • #3
      Combo fix en HJTL

      ComboFix 08-03-23.5 - Emre 2008-03-24 13:33:57.1 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.0.1252.1.1043.18.309 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\Emre\Bureaublad\ComboFix.exe
      * Nieuw herstelpunt werd aangemaakt
      .

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Program Files\PopsMedia Site Adviser
      C:\WINDOWS\BM67eff271.xml
      C:\WINDOWS\cookies.ini
      C:\WINDOWS\pskt.ini
      C:\WINDOWS\system32\aswtvwmc.ini
      C:\WINDOWS\system32\bdeeg.ini
      C:\WINDOWS\system32\bdeeg.ini2
      C:\WINDOWS\system32\bffyfoer.dll
      C:\WINDOWS\system32\bgnbdbva.ini
      C:\WINDOWS\system32\bhtcdmbe.ini
      C:\WINDOWS\system32\biqeopvh.ini
      C:\WINDOWS\system32\bjcqsjok.dll
      C:\WINDOWS\system32\bqpdeefj.dll
      C:\WINDOWS\system32\cartclio.ini
      C:\WINDOWS\system32\censygpr.dll
      C:\WINDOWS\system32\cokmxwsi.dll
      C:\WINDOWS\system32\components
      C:\WINDOWS\system32\components\browser.xpt
      C:\WINDOWS\system32\components\FeedConverter.js
      C:\WINDOWS\system32\components\FeedProcessor.js
      C:\WINDOWS\system32\components\FeedWriter.js
      C:\WINDOWS\system32\components\jar50.dll
      C:\WINDOWS\system32\components\jsconsole-clhandler.js
      C:\WINDOWS\system32\components\jsd3250.dll
      C:\WINDOWS\system32\components\myspell.dll
      C:\WINDOWS\system32\components\nsBookmarkTransactionManager.js
      C:\WINDOWS\system32\components\nsBrowserContentHandler.js
      C:\WINDOWS\system32\components\nsBrowserGlue.js
      C:\WINDOWS\system32\components\nsCloseAllWindows.js
      C:\WINDOWS\system32\components\nsDefaultCLH.js
      C:\WINDOWS\system32\components\nsDictionary.js
      C:\WINDOWS\system32\components\nsExtensionManager.js
      C:\WINDOWS\system32\components\nsHelperAppDlg.js
      C:\WINDOWS\system32\components\nsMicrosummaryService.js
      C:\WINDOWS\system32\components\nsPostUpdateWin.js
      C:\WINDOWS\system32\components\nsProxyAutoConfig.js
      C:\WINDOWS\system32\components\nsSafebrowsingApplication.js
      C:\WINDOWS\system32\components\nsSearchService.js
      C:\WINDOWS\system32\components\nsSearchSuggestions.js
      C:\WINDOWS\system32\components\nsSessionStartup.js
      C:\WINDOWS\system32\components\nsSessionStore.js
      C:\WINDOWS\system32\components\nsSetDefaultBrowser.js
      C:\WINDOWS\system32\components\nsSidebar.js
      C:\WINDOWS\system32\components\nsUpdateService.js
      C:\WINDOWS\system32\components\nsUrlClassifierLib.js
      C:\WINDOWS\system32\components\nsUrlClassifierListManager.js
      C:\WINDOWS\system32\components\nsUrlClassifierTable.js
      C:\WINDOWS\system32\components\nsURLFormatter.js
      C:\WINDOWS\system32\components\nsXmlRpcClient.js
      C:\WINDOWS\system32\components\spellchk.dll
      C:\WINDOWS\system32\components\WebContentConverter.js
      C:\WINDOWS\system32\components\xpinstal.dll
      C:\WINDOWS\system32\dfludmmc.dll
      C:\WINDOWS\system32\dijasapp.ini
      C:\WINDOWS\system32\eafljeee.ini
      C:\WINDOWS\system32\ebcvemia.dll
      C:\WINDOWS\system32\esswuhqn.ini
      C:\WINDOWS\system32\ficdnplp.ini
      C:\WINDOWS\system32\fkuolsqq.ini
      C:\WINDOWS\system32\flvdibev.dll
      C:\WINDOWS\system32\frkvgejy.dll
      C:\WINDOWS\system32\fthtolpd.dll
      C:\WINDOWS\system32\ganbwpvq.ini
      C:\WINDOWS\system32\gbmcptyi.dll
      C:\WINDOWS\system32\geedb.dll
      C:\WINDOWS\system32\gfascxsn.dll
      C:\WINDOWS\system32\gwejbwfu.ini
      C:\WINDOWS\system32\hciqnein.dll
      C:\WINDOWS\system32\hptcoavp.ini
      C:\WINDOWS\system32\huhwsraj.dll
      C:\WINDOWS\system32\ibsycrkd.dll
      C:\WINDOWS\system32\jacjsmcr.dll
      C:\WINDOWS\system32\jarswhuh.ini
      C:\WINDOWS\system32\jftfegps.ini
      C:\WINDOWS\system32\jjlupmqy.dll
      C:\WINDOWS\system32\jkvbjjsu.dll
      C:\WINDOWS\system32\juvloofm.dll
      C:\WINDOWS\system32\ljdnwvws.ini
      C:\WINDOWS\system32\loeeioyo.dll
      C:\WINDOWS\system32\lrxbddfb.dll
      C:\WINDOWS\system32\mcrh.tmp
      C:\WINDOWS\system32\mfuogqna.dll
      C:\WINDOWS\system32\mkvpidbn.ini
      C:\WINDOWS\system32\mmembcki.dll
      C:\WINDOWS\system32\mprkcubn.dll
      C:\WINDOWS\system32\mwyvrvbv.dll
      C:\WINDOWS\system32\mxfoeocw.dll
      C:\WINDOWS\system32\nbuckrpm.ini
      C:\WINDOWS\system32\nckratgg.dll
      C:\WINDOWS\system32\nienqich.ini
      C:\WINDOWS\system32\nyuudtxg.dll
      C:\WINDOWS\system32\oehuppex.dll
      C:\WINDOWS\system32\oilctrac.dll
      C:\WINDOWS\system32\okqmcptw.ini
      C:\WINDOWS\system32\owmowmpi.dll
      C:\WINDOWS\system32\pgpgulxr.dll
      C:\WINDOWS\system32\plxhfkcx.dll
      C:\WINDOWS\system32\pnbfibwn.dll
      C:\WINDOWS\system32\ptfuyvvi.ini
      C:\WINDOWS\system32\pukfxrid.ini
      C:\WINDOWS\system32\qqsloukf.dll
      C:\WINDOWS\system32\qsmaulyr.dll
      C:\WINDOWS\system32\qyxyhwal.dll
      C:\WINDOWS\system32\rtlcswdd.ini
      C:\WINDOWS\system32\rvpbkysk.ini
      C:\WINDOWS\system32\rxlugpgp.ini
      C:\WINDOWS\system32\rxypwvhu.ini
      C:\WINDOWS\system32\ryluamsq.ini
      C:\WINDOWS\system32\slpfaooy.dll
      C:\WINDOWS\system32\spgvdcag.ini
      C:\WINDOWS\system32\ssgvhwry.ini
      C:\WINDOWS\system32\swvwndjl.dll
      C:\WINDOWS\system32\tpbmclke.dll
      C:\WINDOWS\system32\ttwkjnll.ini
      C:\WINDOWS\system32\txbhevrb.dll
      C:\WINDOWS\system32\ubmrotvp.dll
      C:\WINDOWS\system32\ufwbjewg.dll
      C:\WINDOWS\system32\upehxunn.dll
      C:\WINDOWS\system32\vkyrnfev.dll
      C:\WINDOWS\system32\vmntcvhn.ini
      C:\WINDOWS\system32\vvruptny.dll
      C:\WINDOWS\system32\vwktjsxe.dll
      C:\WINDOWS\system32\wckbsikd.ini
      C:\WINDOWS\system32\wrqyvgjy.dll
      C:\WINDOWS\system32\wsnwpkkx.dll
      C:\WINDOWS\system32\wtpcmqko.dll
      C:\WINDOWS\system32\wvntabvj.ini
      C:\WINDOWS\system32\wvsnsqlc.ini
      C:\WINDOWS\system32\xalijvtj.dll
      C:\WINDOWS\system32\xcblxvoy.dll
      C:\WINDOWS\system32\xejhyywr.dll
      C:\WINDOWS\system32\xeppuheo.ini
      C:\WINDOWS\system32\xpclvjqw.dll
      C:\WINDOWS\system32\xpunymfr.ini
      C:\WINDOWS\system32\xsnfetyy.dll
      C:\WINDOWS\system32\xtkfmwad.dll
      C:\WINDOWS\system32\xycixpwy.dll
      C:\WINDOWS\system32\ygyrnlrd.ini
      C:\WINDOWS\system32\yjvooejq.ini
      C:\WINDOWS\system32\ykqwbffk.dll
      C:\WINDOWS\system32\ylinhxoe.ini
      C:\WINDOWS\system32\yovxlbcx.ini
      C:\WINDOWS\system32\yqmpuljj.ini
      C:\WINDOWS\system32\yviwkufx.ini

      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      -------\Legacy_IPRIP
      -------\Service_Iprip


      (((((((((((((((((((( Bestanden Gemaakt van 2008-02-24 to 2008-03-24 ))))))))))))))))))))))))))))))
      .

      2008-03-21 13:54 . 2008-03-21 13:54 35,328 --a------ C:\WINDOWS\system32\sms22hrdhr.dll
      2008-03-21 13:54 . 2008-03-21 13:54 262 --a------ C:\WINDOWS\system32\winsms.dll
      2008-03-18 20:51 . 2008-03-19 20:52 1,534,309 ---hs---- C:\WINDOWS\system32\xcxkphkp.ini
      2008-03-17 20:57 . 2008-03-17 20:57 93,760 --a------ C:\WINDOWS\system32\imhdaums.dll
      2008-03-17 20:55 . 2008-03-17 20:55 1,358,887 ---hs---- C:\WINDOWS\system32\jepiomit.ini
      2008-03-17 20:54 . 2008-03-17 20:54 87,616 --a------ C:\WINDOWS\system32\timoipej.dll
      2008-03-17 20:51 . 2008-03-17 20:51 91,200 --a------ C:\WINDOWS\system32\bqnpugby.dll
      2008-03-17 15:44 . 2008-03-17 15:44 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-03-17 15:44 . 2008-03-17 15:44 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-03-16 20:52 . 2008-03-18 17:36 1,312,656 ---hs---- C:\WINDOWS\system32\eykwdtpx.ini
      2008-03-13 19:38 . 2008-03-14 20:06 1,457,959 ---hs---- C:\WINDOWS\system32\eydmuvuq.ini
      2008-03-12 19:43 . 2008-03-13 18:17 1,320,704 ---hs---- C:\WINDOWS\system32\udtootjb.ini
      2008-03-11 19:41 . 2008-03-11 19:42 1,315,110 ---hs---- C:\WINDOWS\system32\jqblorps.ini
      2008-03-11 19:41 . 2008-03-11 19:41 86,592 --a------ C:\WINDOWS\system32\sprolbqj.dll
      2008-03-11 19:38 . 2008-03-11 19:38 93,248 --a------ C:\WINDOWS\system32\smllilog.dll
      2008-03-11 19:35 . 2008-03-11 19:35 90,688 --a------ C:\WINDOWS\system32\iapfvwgr.dll
      2008-03-09 19:37 . 2008-03-09 19:51 1,308,641 ---hs---- C:\WINDOWS\system32\jlimhdxd.ini
      2008-03-09 19:37 . 2008-03-09 19:37 86,592 --a------ C:\WINDOWS\system32\dxdhmilj.dll
      2008-03-09 19:35 . 2008-03-09 19:35 91,200 --a------ C:\WINDOWS\system32\deovcypr.dll
      2008-03-09 19:34 . 2008-03-09 19:34 89,664 --a------ C:\WINDOWS\system32\dwfhgifh.dll
      2008-03-08 19:40 . 2008-03-09 19:41 1,308,281 ---hs---- C:\WINDOWS\system32\gjlyxqvb.ini
      2008-03-07 19:35 . 2008-03-08 19:36 1,307,981 ---hs---- C:\WINDOWS\system32\whndjslm.ini
      2008-03-06 19:36 . 2008-03-06 19:36 96,320 --a------ C:\WINDOWS\system32\selpanya.dll
      2008-03-06 19:34 . 2008-03-06 19:34 2,381,563 ---hs---- C:\WINDOWS\system32\swpgnjyg.ini
      2008-03-06 19:34 . 2008-03-06 19:34 91,200 --a------ C:\WINDOWS\system32\gyjngpws.dll
      2008-03-06 19:33 . 2008-03-06 19:33 92,736 --a------ C:\WINDOWS\system32\qpncnbuc.dll
      2008-03-05 19:36 . 2008-03-05 19:36 96,832 --a------ C:\WINDOWS\system32\xujdxiud.dll
      2008-03-05 19:33 . 2008-03-06 19:34 2,453,430 ---hs---- C:\WINDOWS\system32\ngsbyrhb.ini
      2008-03-05 19:31 . 2008-03-05 19:31 91,712 --a------ C:\WINDOWS\system32\tgydkobb.dll
      2008-03-04 13:31 . 2008-03-05 19:31 2,369,227 ---hs---- C:\WINDOWS\system32\aetcsjsy.ini
      2008-03-03 09:25 . 2008-03-04 13:29 2,520,239 ---hs---- C:\WINDOWS\system32\flrvkcrg.ini
      2008-03-02 12:02 . 2008-03-02 12:02 84,544 --a------ C:\WINDOWS\system32\llnjkwtt.dll
      2008-03-02 11:59 . 2008-03-02 11:59 89,664 --a------ C:\WINDOWS\system32\etitqtyn.dll
      2008-02-29 18:21 . 2008-02-29 18:21 88,640 --a------ C:\WINDOWS\system32\xwgjjnjh.dll
      2008-02-29 18:19 . 2008-02-29 18:19 91,712 --a------ C:\WINDOWS\system32\rjixajiy.dll
      2008-02-28 12:54 . 2008-02-28 12:54 89,664 --a------ C:\WINDOWS\system32\joitffiu.dll
      2008-02-28 12:48 . 2008-02-28 12:48 91,712 --a------ C:\WINDOWS\system32\klerdhwg.dll
      2008-02-28 07:38 . 2008-02-28 07:38 <DIR> d-------- C:\Documents and Settings\Mehmet.LEVENT\WINDOWS
      2008-02-26 12:15 . 2008-02-27 12:45 414 ---hs---- C:\WINDOWS\system32\delqsmjt.ini
      2008-02-26 00:12 . 2002-07-18 10:25 847,120 --a------ C:\WINDOWS\system32\msdxm.ocx
      2008-02-26 00:12 . 2002-07-18 10:25 499,472 --a------ C:\WINDOWS\system32\dxmasf.dll
      2008-02-26 00:12 . 2002-07-18 10:25 251,904 --a------ C:\WINDOWS\system32\strmdll.dll
      2008-02-26 00:11 . 2008-02-26 00:12 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
      2008-02-26 00:10 . 2008-02-26 00:11 <DIR> d-------- C:\WINDOWS\Windows Update Setup-bestanden
      2008-02-26 00:10 . 2008-02-26 00:10 <DIR> d-------- C:\WINDOWS\Geschiedenis
      2008-02-25 23:29 . 2008-02-25 23:29 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-03-24 02:02 --------- d-----w C:\Program Files\res
      2008-03-24 00:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-03-21 12:45 --------- d-----w C:\Documents and Settings\Emre\Application Data\LimeWire
      2008-03-18 12:41 --------- d-----w C:\Program Files\Winamp Toolbar
      2008-03-18 12:41 --------- d-----w C:\Program Files\Spybot - Search & Destroy
      2008-03-18 12:40 --------- d-----w C:\Program Files\MSN Messenger
      2008-03-03 15:19 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonIJPLM
      2008-02-25 22:43 --------- d-----w C:\Program Files\uninstall
      2008-02-25 22:43 --------- d-----w C:\Program Files\components
      2008-02-25 22:43 --------- d-----w C:\Program Files\chrome
      2008-02-12 20:14 --------- d-----w C:\Program Files\updates
      2008-02-04 15:05 --------- d-----w C:\Documents and Settings\Emre\Application Data\Canon
      2008-01-24 05:32 187,920 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\install_nl[4].exe
      2008-01-20 19:25 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[21].exe
      2008-01-20 19:24 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[20].exe
      2008-01-20 19:24 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[18].exe
      2008-01-20 19:24 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[17].exe
      2008-01-20 19:23 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[16].exe
      2008-01-20 19:23 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[14].exe
      2008-01-20 19:23 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[10].exe
      2008-01-20 19:22 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[13].exe
      2008-01-20 19:20 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[8].exe
      2008-01-20 19:20 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[12].exe
      2008-01-20 19:20 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[11].exe
      2007-10-12 21:17 25,479 ----a-w C:\Program Files\install.log
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
      2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
      "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 21:06 1135968]

      [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
      [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
      [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
      [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 14:53 88024]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-08-25 14:25 28672]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
      "UIHost"="LogonUI.EXE"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=C:\WINDOWS\System32\sms22hrdhr.dll

      R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 08:20]
      R3 SPC610NC;Philips SPC500NC Webcam;C:\WINDOWS\System32\DRIVERS\SPC610NC.SYS [2005-10-13 16:41]

      *Newly Created Service* - ALG
      *Newly Created Service* - IPNAT
      .
      Inhoud van de 'Gedeelde Taken' map
      "2008-03-20 20:57:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
      "2008-03-23 00:00:00 C:\WINDOWS\Tasks\At26.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-24 01:00:00 C:\WINDOWS\Tasks\At27.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-24 02:00:00 C:\WINDOWS\Tasks\At28.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-02-28 03:00:00 C:\WINDOWS\Tasks\At29.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-02-04 04:00:00 C:\WINDOWS\Tasks\At30.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-02-04 05:00:00 C:\WINDOWS\Tasks\At31.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-02-04 06:00:00 C:\WINDOWS\Tasks\At32.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-20 07:00:00 C:\WINDOWS\Tasks\At33.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-21 08:00:00 C:\WINDOWS\Tasks\At34.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 09:00:00 C:\WINDOWS\Tasks\At35.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 10:00:00 C:\WINDOWS\Tasks\At36.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 11:00:00 C:\WINDOWS\Tasks\At37.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-24 12:00:00 C:\WINDOWS\Tasks\At38.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 13:00:00 C:\WINDOWS\Tasks\At39.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 14:00:00 C:\WINDOWS\Tasks\At40.job"
      - C:\WINDOWS\System32\RQQ10e42.exe

      "2008-03-21 15:00:00 C:\WINDOWS\Tasks\At41.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-21 16:00:00 C:\WINDOWS\Tasks\At42.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 17:00:00 C:\WINDOWS\Tasks\At43.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 18:00:00 C:\WINDOWS\Tasks\At44.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 19:00:00 C:\WINDOWS\Tasks\At45.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 20:00:00 C:\WINDOWS\Tasks\At46.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 21:00:00 C:\WINDOWS\Tasks\At47.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      "2008-03-23 21:59:59 C:\WINDOWS\Tasks\At48.job"
      - C:\WINDOWS\System32\RQQ10e42.exe
      .
      **************************************************************************

      catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-03-24 13:49:42
      Windows 5.1.2600 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      ------------------------ Other Running Processes ------------------------
      .
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\System32\tcpsvcs.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\WINDOWS\System32\wdfmgr.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      .
      **************************************************************************
      .
      Voltooingstijd: 2008-03-24 13:51:09 - machine was rebooted
      ComboFix-quarantined-files.txt 2008-03-24 12:51:07



      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 13:54:18, on 24-3-2008
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
      C:\WINDOWS\System32\tcpsvcs.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\Program Files\Mozilla Firefox\firefox.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
      O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Flashget\jccatch.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Flashget\getflash.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'Default user')
      O8 - Extra context menu item: &Ontvang alles met FlashGet - D:\Flashget\jc_all.htm
      O8 - Extra context menu item: &Ontvang met FlashGet - D:\Flashget\jc_link.htm
      O16 - DPF: {9B935470-AD4A-11D5-B63E-00C04FAEDB18} (Oracle JInitiator 1.1.8.16) - https://top.cbr.nl:4000/jinit/jinit11816.exe
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O20 - AppInit_DLLs: C:\WINDOWS\System32\sms22hrdhr.dll
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
      O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

      --
      End of file - 3689 bytes
      • Citaat

      Comment

      • #4
        Het is nog niet opgelost.

        Oorspronkelijk geplaatst door Steggel Bekijk Berichten
        Waarom heb je nog geen SP2 ??
        • Citaat

        Comment

        • #5
          Heb de pc 2e hands gekocht...volgens mij is de windows die er op zit niet legaal. Dus kan ik SP2 niet krijgen. Andere manier?
          • Citaat

          Comment

          • #6
            Nee,

            Zonder SP2 is jou PC veel meer vatbaar voor virussen.
            Dan zou je volgens mij eerst opnieuw Windows moeten kopen.

            Open Kladblok, kopieer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:


            • File::
              C:\WINDOWS\system32\sms22hrdhr.dll
              C:\WINDOWS\system32\winsms.dll
              C:\WINDOWS\system32\xcxkphkp.ini
              C:\WINDOWS\system32\imhdaums.dll
              C:\WINDOWS\system32\jepiomit.ini
              C:\WINDOWS\system32\timoipej.dll
              C:\WINDOWS\system32\bqnpugby.dll
              C:\WINDOWS\system32\eykwdtpx.ini
              C:\WINDOWS\system32\eydmuvuq.ini
              C:\WINDOWS\system32\udtootjb.ini
              C:\WINDOWS\system32\jqblorps.ini
              C:\WINDOWS\system32\sprolbqj.dll
              C:\WINDOWS\system32\smllilog.dll
              C:\WINDOWS\system32\iapfvwgr.dll
              C:\WINDOWS\system32\jlimhdxd.ini
              C:\WINDOWS\system32\dxdhmilj.dll
              C:\WINDOWS\system32\deovcypr.dll
              C:\WINDOWS\system32\dwfhgifh.dll
              C:\WINDOWS\system32\gjlyxqvb.ini
              C:\WINDOWS\system32\whndjslm.ini
              C:\WINDOWS\system32\selpanya.dll
              C:\WINDOWS\system32\swpgnjyg.ini
              C:\WINDOWS\system32\gyjngpws.dll
              C:\WINDOWS\system32\qpncnbuc.dll
              C:\WINDOWS\system32\xujdxiud.dll
              C:\WINDOWS\system32\ngsbyrhb.ini
              C:\WINDOWS\system32\tgydkobb.dll
              C:\WINDOWS\system32\aetcsjsy.ini
              C:\WINDOWS\system32\flrvkcrg.ini
              C:\WINDOWS\system32\llnjkwtt.dll
              C:\WINDOWS\system32\etitqtyn.dll
              C:\WINDOWS\system32\xwgjjnjh.dll
              C:\WINDOWS\system32\rjixajiy.dll
              C:\WINDOWS\system32\joitffiu.dll
              C:\WINDOWS\system32\klerdhwg.dll
              C:\WINDOWS\system32\delqsmjt.ini
              C:\WINDOWS\System32\RQQ10e42.exe
              C:\WINDOWS\Tasks\At26.job
              C:\WINDOWS\Tasks\At27.job
              C:\WINDOWS\Tasks\At28.job
              C:\WINDOWS\Tasks\At29.job
              C:\WINDOWS\Tasks\At30.job
              C:\WINDOWS\Tasks\At31.job
              C:\WINDOWS\Tasks\At31.job
              C:\WINDOWS\Tasks\At32.job
              C:\WINDOWS\Tasks\At33.job
              C:\WINDOWS\Tasks\At34.job
              C:\WINDOWS\Tasks\At35.job
              C:\WINDOWS\Tasks\At36.job
              C:\WINDOWS\Tasks\At37.job
              C:\WINDOWS\Tasks\At38.job
              C:\WINDOWS\Tasks\At39.job
              C:\WINDOWS\Tasks\At40.job
              C:\WINDOWS\Tasks\At41.job
              C:\WINDOWS\Tasks\At42.job
              C:\WINDOWS\Tasks\At43.job
              C:\WINDOWS\Tasks\At44.job
              C:\WINDOWS\Tasks\At45.job
              C:\WINDOWS\Tasks\At46.job
              C:\WINDOWS\Tasks\At47.job
              C:\WINDOWS\Tasks\At48.job

              Registry::
              [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
              "AppInit_DLLs"=""


            Sla dit op op je Bureaublad als CFScript.txt.

            Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



            Dit zal ComboFix doen herstarten.

            Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord.
            • Citaat

            Comment

            • #7
              ComboFix 08-03-23.5 - Emre 2008-03-24 18:37:48.3 - NTFSx86
              Microsoft Windows XP Professional 5.1.2600.0.1252.1.1043.18.262 [GMT 1:00]
              Gestart vanuit: C:\Documents and Settings\Emre\Bureaublad\ComboFix.exe
              Command switches used :: C:\Documents and Settings\Emre\Bureaublad\CFScript.txt
              * Nieuw herstelpunt werd aangemaakt

              FILE ::
              C:\WINDOWS\system32\aetcsjsy.ini
              C:\WINDOWS\system32\bqnpugby.dll
              C:\WINDOWS\system32\delqsmjt.ini
              C:\WINDOWS\system32\deovcypr.dll
              C:\WINDOWS\system32\dwfhgifh.dll
              C:\WINDOWS\system32\dxdhmilj.dll
              C:\WINDOWS\system32\etitqtyn.dll
              C:\WINDOWS\system32\eydmuvuq.ini
              C:\WINDOWS\system32\eykwdtpx.ini
              C:\WINDOWS\system32\flrvkcrg.ini
              C:\WINDOWS\system32\gjlyxqvb.ini
              C:\WINDOWS\system32\gyjngpws.dll
              C:\WINDOWS\system32\iapfvwgr.dll
              C:\WINDOWS\system32\imhdaums.dll
              C:\WINDOWS\system32\jepiomit.ini
              C:\WINDOWS\system32\jlimhdxd.ini
              C:\WINDOWS\system32\joitffiu.dll
              C:\WINDOWS\system32\jqblorps.ini
              C:\WINDOWS\system32\klerdhwg.dll
              C:\WINDOWS\system32\llnjkwtt.dll
              C:\WINDOWS\system32\ngsbyrhb.ini
              C:\WINDOWS\system32\qpncnbuc.dll
              C:\WINDOWS\system32\rjixajiy.dll
              C:\WINDOWS\System32\RQQ10e42.exe
              C:\WINDOWS\system32\selpanya.dll
              C:\WINDOWS\system32\smllilog.dll
              C:\WINDOWS\system32\sms22hrdhr.dll
              C:\WINDOWS\system32\sprolbqj.dll
              C:\WINDOWS\system32\swpgnjyg.ini
              C:\WINDOWS\system32\tgydkobb.dll
              C:\WINDOWS\system32\timoipej.dll
              C:\WINDOWS\system32\udtootjb.ini
              C:\WINDOWS\system32\whndjslm.ini
              C:\WINDOWS\system32\winsms.dll
              C:\WINDOWS\system32\xcxkphkp.ini
              C:\WINDOWS\system32\xujdxiud.dll
              C:\WINDOWS\system32\xwgjjnjh.dll
              C:\WINDOWS\Tasks\At26.job
              C:\WINDOWS\Tasks\At27.job
              C:\WINDOWS\Tasks\At28.job
              C:\WINDOWS\Tasks\At29.job
              C:\WINDOWS\Tasks\At30.job
              C:\WINDOWS\Tasks\At31.job
              C:\WINDOWS\Tasks\At32.job
              C:\WINDOWS\Tasks\At33.job
              C:\WINDOWS\Tasks\At34.job
              C:\WINDOWS\Tasks\At35.job
              C:\WINDOWS\Tasks\At36.job
              C:\WINDOWS\Tasks\At37.job
              C:\WINDOWS\Tasks\At38.job
              C:\WINDOWS\Tasks\At39.job
              C:\WINDOWS\Tasks\At40.job
              C:\WINDOWS\Tasks\At41.job
              C:\WINDOWS\Tasks\At42.job
              C:\WINDOWS\Tasks\At43.job
              C:\WINDOWS\Tasks\At44.job
              C:\WINDOWS\Tasks\At45.job
              C:\WINDOWS\Tasks\At46.job
              C:\WINDOWS\Tasks\At47.job
              C:\WINDOWS\Tasks\At48.job
              .

              (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
              .

              C:\WINDOWS\system32\aetcsjsy.ini
              C:\WINDOWS\system32\bqnpugby.dll
              C:\WINDOWS\system32\delqsmjt.ini
              C:\WINDOWS\system32\deovcypr.dll
              C:\WINDOWS\system32\dwfhgifh.dll
              C:\WINDOWS\system32\dxdhmilj.dll
              C:\WINDOWS\system32\etitqtyn.dll
              C:\WINDOWS\system32\eydmuvuq.ini
              C:\WINDOWS\system32\eykwdtpx.ini
              C:\WINDOWS\system32\flrvkcrg.ini
              C:\WINDOWS\system32\gjlyxqvb.ini
              C:\WINDOWS\system32\gyjngpws.dll
              C:\WINDOWS\system32\iapfvwgr.dll
              C:\WINDOWS\system32\imhdaums.dll
              C:\WINDOWS\system32\jepiomit.ini
              C:\WINDOWS\system32\jlimhdxd.ini
              C:\WINDOWS\system32\joitffiu.dll
              C:\WINDOWS\system32\jqblorps.ini
              C:\WINDOWS\system32\klerdhwg.dll
              C:\WINDOWS\system32\llnjkwtt.dll
              C:\WINDOWS\system32\ngsbyrhb.ini
              C:\WINDOWS\system32\qpncnbuc.dll
              C:\WINDOWS\system32\rjixajiy.dll
              C:\WINDOWS\system32\selpanya.dll
              C:\WINDOWS\system32\smllilog.dll
              C:\WINDOWS\system32\sms22hrdhr.dll
              C:\WINDOWS\system32\sprolbqj.dll
              C:\WINDOWS\system32\swpgnjyg.ini
              C:\WINDOWS\system32\tgydkobb.dll
              C:\WINDOWS\system32\timoipej.dll
              C:\WINDOWS\system32\udtootjb.ini
              C:\WINDOWS\system32\whndjslm.ini
              C:\WINDOWS\system32\xcxkphkp.ini
              C:\WINDOWS\system32\xujdxiud.dll
              C:\WINDOWS\system32\xwgjjnjh.dll
              C:\WINDOWS\Tasks\At26.job
              C:\WINDOWS\Tasks\At27.job
              C:\WINDOWS\Tasks\At28.job
              C:\WINDOWS\Tasks\At29.job
              C:\WINDOWS\Tasks\At30.job
              C:\WINDOWS\Tasks\At31.job
              C:\WINDOWS\Tasks\At32.job
              C:\WINDOWS\Tasks\At33.job
              C:\WINDOWS\Tasks\At34.job
              C:\WINDOWS\Tasks\At35.job
              C:\WINDOWS\Tasks\At36.job
              C:\WINDOWS\Tasks\At37.job
              C:\WINDOWS\Tasks\At38.job
              C:\WINDOWS\Tasks\At39.job
              C:\WINDOWS\Tasks\At40.job
              C:\WINDOWS\Tasks\At41.job
              C:\WINDOWS\Tasks\At42.job
              C:\WINDOWS\Tasks\At43.job
              C:\WINDOWS\Tasks\At44.job
              C:\WINDOWS\Tasks\At45.job
              C:\WINDOWS\Tasks\At46.job
              C:\WINDOWS\Tasks\At47.job
              C:\WINDOWS\Tasks\At48.job

              .
              (((((((((((((((((((( Bestanden Gemaakt van 2008-02-24 to 2008-03-24 ))))))))))))))))))))))))))))))
              .

              2008-03-24 15:53 . 2008-03-24 16:03 <DIR> d-------- C:\WINDOWS\Windows Update Setup Files
              2008-03-17 15:44 . 2008-03-17 15:44 54,156 --ah----- C:\WINDOWS\QTFont.qfn
              2008-03-17 15:44 . 2008-03-17 15:44 1,409 --a------ C:\WINDOWS\QTFont.for
              2008-02-28 07:38 . 2008-02-28 07:38 <DIR> d-------- C:\Documents and Settings\Mehmet.LEVENT\WINDOWS
              2008-02-26 00:12 . 2002-07-18 10:25 847,120 --a------ C:\WINDOWS\system32\msdxm.ocx
              2008-02-26 00:12 . 2002-07-18 10:25 499,472 --a------ C:\WINDOWS\system32\dxmasf.dll
              2008-02-26 00:12 . 2002-07-18 10:25 251,904 --a------ C:\WINDOWS\system32\strmdll.dll
              2008-02-26 00:11 . 2008-02-26 00:12 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
              2008-02-26 00:10 . 2008-02-26 00:11 <DIR> d-------- C:\WINDOWS\Windows Update Setup-bestanden
              2008-02-26 00:10 . 2008-02-26 00:10 <DIR> d-------- C:\WINDOWS\Geschiedenis
              2008-02-26 00:10 . 2008-03-24 15:43 16,384 --a------ C:\WINDOWS\Active Setup Log.BAK
              2008-02-25 23:29 . 2008-02-25 23:29 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy

              .
              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              2008-03-24 02:02 --------- d-----w C:\Program Files\res
              2008-03-24 00:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
              2008-03-21 12:45 --------- d-----w C:\Documents and Settings\Emre\Application Data\LimeWire
              2008-03-18 12:41 --------- d-----w C:\Program Files\Winamp Toolbar
              2008-03-18 12:41 --------- d-----w C:\Program Files\Spybot - Search & Destroy
              2008-03-18 12:40 --------- d-----w C:\Program Files\MSN Messenger
              2008-03-03 15:19 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonIJPLM
              2008-02-25 22:43 --------- d-----w C:\Program Files\uninstall
              2008-02-25 22:43 --------- d-----w C:\Program Files\components
              2008-02-25 22:43 --------- d-----w C:\Program Files\chrome
              2008-02-12 20:14 --------- d-----w C:\Program Files\updates
              2008-02-04 15:05 --------- d-----w C:\Documents and Settings\Emre\Application Data\Canon
              2008-01-24 05:32 187,920 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\install_nl[4].exe
              2008-01-20 19:25 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[21].exe
              2008-01-20 19:24 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[20].exe
              2008-01-20 19:24 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[18].exe
              2008-01-20 19:24 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[17].exe
              2008-01-20 19:23 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[16].exe
              2008-01-20 19:23 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[14].exe
              2008-01-20 19:23 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[10].exe
              2008-01-20 19:22 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[13].exe
              2008-01-20 19:20 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[8].exe
              2008-01-20 19:20 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[12].exe
              2008-01-20 19:20 257,552 ----a-w C:\Documents and Settings\Mehmet.LEVENT\Application Data\setup_nl[11].exe
              2007-10-12 21:17 25,479 ----a-w C:\Program Files\install.log
              .

              ------- Sigcheck -------

              2007-08-03 16:59 609280 6397ca9a73f583ca4ed03dc7ddbb0178 C:\WINDOWS\system32\wininet.dll
              2007-08-03 16:59 609280 6397ca9a73f583ca4ed03dc7ddbb0178 C:\WINDOWS\system32\dllcache\wininet.dll
              .
              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              REGEDIT4
              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

              [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
              2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

              [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
              "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 21:06 1135968]

              [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
              [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
              [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
              [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 14:53 88024]
              "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]

              [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
              "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-08-25 14:25 28672]

              [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
              "UIHost"="LogonUI.EXE"

              [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
              SecurityProviders msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll

              R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 08:20]
              R3 SPC610NC;Philips SPC500NC Webcam;C:\WINDOWS\System32\DRIVERS\SPC610NC.SYS [2005-10-13 16:41]

              .
              Inhoud van de 'Gedeelde Taken' map
              "2008-03-20 20:57:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
              - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
              .
              **************************************************************************

              catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
              Rootkit scan 2008-03-24 18:42:33
              Windows 5.1.2600 NTFS

              scannen van verborgen processen ...

              scannen van verborgen autostart items ...

              scannen van verborgen bestanden ...

              Scan succesvol afgerond
              verborgen bestanden: 0

              **************************************************************************
              .
              ------------------------ Other Running Processes ------------------------
              .
              C:\WINDOWS\System32\Ati2evxx.exe
              C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
              C:\WINDOWS\System32\tcpsvcs.exe
              C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
              C:\WINDOWS\System32\wdfmgr.exe
              C:\WINDOWS\system32\Ati2evxx.exe
              .
              **************************************************************************
              .
              Voltooingstijd: 2008-03-24 18:43:53 - machine was rebooted
              ComboFix-quarantined-files.txt 2008-03-24 17:43:50
              ComboFix2.txt 2008-03-24 17:32:51
              ComboFix3.txt 2008-03-24 12:51:10
              • Citaat

              Comment

              • #8
                Owhja...vergeten ...Internet Explorer doet het nu wel weer......mijn bureablad is ook goed tot nu toe.
                Nog verder iets te zien uit de Combo fix?
                • Citaat

                Comment

                • #9
                  Niet meer verkeerd in het log van Combofix.

                  Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U
                  Klik op OK of toets Enter.
                  Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.

                  Gebruik in het vervolg geen illegale software en ook geen cracks.

                  Ik zal deze als opgelost markeren.
                  • Citaat

                  Comment

                  • #10
                    Gedaan. Hartstikke bedankt!
                    • Citaat

                    Comment

                    Vorige template Volgende
                    Sorry, you are not authorized to view this page
                    Working...
                    X