Mededeling

Collapse
No announcement yet.

Msn virus

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Msn virus

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:06:46, on 24-3-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\nHancer\nHancerService.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\nHancer\nHancer.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Last.fm\LastFMHelper.exe
    C:\Program Files\Xfire\xfire.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemonsearch.com/nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O1 - Hosts: 66.98.148.65 auto.search.msn.es
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe"
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [nHancer] "C:\Program Files\nHancer\nHancer.exe" /tray
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-21-1659004503-1965331169-725345543-1004\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Marieke & Marije')
    O4 - HKUS\S-1-5-21-1659004503-1965331169-725345543-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Lucy & Nico')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - S-1-5-21-1659004503-1965331169-725345543-1004 Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Marieke & Marije')
    O4 - S-1-5-21-1659004503-1965331169-725345543-1004 User Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Marieke & Marije')
    O4 - S-1-5-21-1659004503-1965331169-725345543-1005 Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Lucy & Nico')
    O4 - S-1-5-21-1659004503-1965331169-725345543-1005 User Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Lucy & Nico')
    O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1196782879000
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197303728921
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 9348 bytes


    Heb geen idee hoe het er op is gekomen
    Labels: Geen
    • Citaat
  • #2
    Volg deze instructies om ComboFix te downloaden:
    • Voer de instructies op de BleepingComputer pagina uit, inclusief het installeren van de XP Recovery Console
      Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

      OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner,
      schakel dan deze scanner uit en download Combofix opnieuw.
      Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
      • Dubbelklik op Combofix.exe
        Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
        Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.


      Plaats deze log in je volgende post, samen met een vers HijackThis logje.
    Groet,
    Pimmerd
    • Citaat

    Comment

    • #3
      Bedankt voor de snelle reactie!

      Nieuwe HijkackThis log:

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 20:26:21, on 24-3-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Sygate\SPF\smc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Program Files\nHancer\nHancerService.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\PnkBstrA.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\WINDOWS\vsnpstd.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\nHancer\nHancer.exe
      C:\Program Files\DAEMON Tools\daemon.exe
      C:\Program Files\Last.fm\LastFMHelper.exe
      C:\Program Files\Xfire\xfire.exe
      C:\Program Files\Last.fm\LastFM.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\iTunes\iTunes.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemonsearch.com/nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
      O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
      O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe"
      O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
      O4 - HKCU\..\Run: [nHancer] "C:\Program Files\nHancer\nHancer.exe" /tray
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
      O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-21-1659004503-1965331169-725345543-1004\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Marieke & Marije')
      O4 - HKUS\S-1-5-21-1659004503-1965331169-725345543-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Lucy & Nico')
      O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
      O4 - S-1-5-21-1659004503-1965331169-725345543-1004 Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Marieke & Marije')
      O4 - S-1-5-21-1659004503-1965331169-725345543-1004 User Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Marieke & Marije')
      O4 - S-1-5-21-1659004503-1965331169-725345543-1005 Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Lucy & Nico')
      O4 - S-1-5-21-1659004503-1965331169-725345543-1005 User Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (User 'Lucy & Nico')
      O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
      O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
      O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1196782879000
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197303728921
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
      O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
      O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

      --
      End of file - 9340 bytes


      Combofix log:

      ComboFix 08-03-22.3 - Harmen 2008-03-24 20:17:35.1 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.1343 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\Harmen\Bureaublad\ComboFix.exe
      * Nieuw herstelpunt werd aangemaakt

      WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
      .
      -- Other TimeOuts --
      Findstr -MIF:/ "\\TTC\.pdb InsertAdvertisement"
      GREP -i "C:\\Program Files\\[^\\]*\\[^\\]*$"
      VFind -tf -s282624 "C:\Program Files\????????*[0-9].dll"
      CF16971.exe /c " VFind.exe -ltf -s-1000000 -d+2007-12-24 "C:\Program Files\*" >progfile.dat"
      VFind.exe -ltf -s-1000000 -d+2007-12-24 "C:\Program Files\*"
      CF16971.exe /c " dir /a/s/b C:\_desktop.ini C:\desktop_.ini C:\cnsmin* C:\_install.exe >DirRoot"

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\WINDOWS\lnk_dados_2.dll

      .
      (((((((((((((((((((( Bestanden Gemaakt van 2008-02-24 to 2008-03-24 ))))))))))))))))))))))))))))))
      .

      2008-03-24 19:31 . 2008-03-24 19:32 <DIR> d-------- C:\MSNCleaner
      2008-03-24 19:05 . 2008-03-24 19:05 <DIR> d-------- C:\Program Files\Trend Micro
      2008-03-20 19:54 . 2008-03-20 19:54 268 --ah----- C:\sqmdata19.sqm
      2008-03-20 19:54 . 2008-03-20 19:54 244 --ah----- C:\sqmnoopt19.sqm
      2008-03-20 19:15 . 2008-03-20 19:15 268 --ah----- C:\sqmdata18.sqm
      2008-03-20 19:15 . 2008-03-20 19:15 244 --ah----- C:\sqmnoopt18.sqm
      2008-03-20 18:28 . 2008-03-20 18:28 268 --ah----- C:\sqmdata17.sqm
      2008-03-20 18:28 . 2008-03-20 18:28 244 --ah----- C:\sqmnoopt17.sqm
      2008-03-19 18:20 . 2008-03-19 18:20 1,987 --ah----- C:\hpothb07.tif
      2008-03-19 18:20 . 2008-03-19 18:20 1,058 --ah----- C:\hpothb07.dat
      2008-03-19 18:18 . 2008-03-19 18:18 <DIR> d-------- C:\Documents and Settings\Marieke & Marije\Application Data\Hewlett-Packard
      2008-03-18 20:11 . 2008-03-18 20:11 268 --ah----- C:\sqmdata16.sqm
      2008-03-18 20:11 . 2008-03-18 20:11 244 --ah----- C:\sqmnoopt16.sqm
      2008-03-17 20:46 . 2008-03-17 20:46 268 --ah----- C:\sqmdata15.sqm
      2008-03-17 20:46 . 2008-03-17 20:46 244 --ah----- C:\sqmnoopt15.sqm
      2008-03-15 12:44 . 2008-03-15 12:44 268 --ah----- C:\sqmdata14.sqm
      2008-03-15 12:44 . 2008-03-15 12:44 244 --ah----- C:\sqmnoopt14.sqm
      2008-03-14 20:20 . 2008-03-14 20:20 268 --ah----- C:\sqmdata13.sqm
      2008-03-14 20:20 . 2008-03-14 20:20 244 --ah----- C:\sqmnoopt13.sqm
      2008-03-14 12:47 . 2008-03-14 12:47 268 --ah----- C:\sqmdata12.sqm
      2008-03-14 12:47 . 2008-03-14 12:47 244 --ah----- C:\sqmnoopt12.sqm
      2008-03-14 00:06 . 2008-03-14 00:06 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll
      2008-03-13 20:14 . 2008-03-13 20:14 268 --ah----- C:\sqmdata11.sqm
      2008-03-13 20:14 . 2008-03-13 20:14 244 --ah----- C:\sqmnoopt11.sqm
      2008-03-13 17:40 . 2008-03-13 17:40 <DIR> d--h----- C:\WINDOWS\PIF
      2008-03-12 19:10 . 2008-03-12 19:10 172 --ah----- C:\sqmnoopt10.sqm
      2008-03-12 19:10 . 2008-03-12 19:10 172 --ah----- C:\sqmdata10.sqm
      2008-03-12 16:40 . 2008-03-12 16:40 268 --ah----- C:\sqmdata09.sqm
      2008-03-12 16:40 . 2008-03-12 16:40 244 --ah----- C:\sqmnoopt09.sqm
      2008-03-11 17:08 . 2008-03-11 17:08 268 --ah----- C:\sqmdata08.sqm
      2008-03-11 17:08 . 2008-03-11 17:08 244 --ah----- C:\sqmnoopt08.sqm
      2008-03-11 12:58 . 2008-03-24 16:56 268 --ah----- C:\sqmdata07.sqm
      2008-03-11 12:58 . 2008-03-24 16:56 244 --ah----- C:\sqmnoopt07.sqm
      2008-03-10 16:14 . 2008-03-24 12:53 172 --ah----- C:\sqmnoopt06.sqm
      2008-03-10 16:14 . 2008-03-24 12:53 172 --ah----- C:\sqmdata06.sqm
      2008-03-10 15:43 . 2008-03-24 12:26 268 --ah----- C:\sqmdata05.sqm
      2008-03-10 15:43 . 2008-03-24 12:26 244 --ah----- C:\sqmnoopt05.sqm
      2008-03-10 12:32 . 2008-03-22 15:32 268 --ah----- C:\sqmdata04.sqm
      2008-03-10 12:32 . 2008-03-22 15:32 244 --ah----- C:\sqmnoopt04.sqm
      2008-03-09 21:41 . 2008-03-22 12:11 172 --ah----- C:\sqmnoopt03.sqm
      2008-03-09 21:41 . 2008-03-22 12:11 172 --ah----- C:\sqmdata03.sqm
      2008-03-09 20:56 . 2008-03-22 12:08 268 --ah----- C:\sqmdata02.sqm
      2008-03-09 20:56 . 2008-03-22 12:08 244 --ah----- C:\sqmnoopt02.sqm
      2008-03-09 13:01 . 2008-03-21 23:00 268 --ah----- C:\sqmdata01.sqm
      2008-03-09 13:01 . 2008-03-21 23:00 244 --ah----- C:\sqmnoopt01.sqm
      2008-02-27 18:29 . 2008-02-27 18:29 <DIR> d-------- C:\Program Files\iPod
      2008-02-27 18:29 . 2008-03-24 16:57 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-02-27 18:29 . 2008-02-27 18:29 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-02-27 18:28 . 2008-02-27 18:29 <DIR> d-------- C:\Program Files\QuickTime
      2008-02-24 14:12 . 2008-02-24 14:12 <DIR> d---s---- C:\Documents and Settings\Lucy & Nico\UserData

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-03-24 18:06 --------- d-----w C:\Program Files\Java
      2008-03-24 17:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
      2008-03-24 16:21 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
      2008-03-24 16:21 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
      2008-03-24 15:57 --------- d-----w C:\Program Files\Hitman Pro
      2008-03-23 00:10 --------- d-----w C:\Documents and Settings\Harmen\Application Data\uTorrent
      2008-03-20 20:14 --------- d-----w C:\Program Files\Xfire
      2008-03-17 22:08 --------- d-----w C:\Documents and Settings\Harmen\Application Data\Xfire
      2008-02-27 17:29 --------- d-----w C:\Program Files\iTunes
      2008-02-21 19:27 --------- d-----w C:\Program Files\Qtrax_20080125
      2008-02-21 19:26 --------- d-----w C:\Documents and Settings\Harmen\Application Data\Qtrax1
      2008-02-21 19:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\SongbirdVLC
      2008-02-19 17:10 --------- d-----w C:\Documents and Settings\Harmen\Application Data\AVG7
      2008-02-17 17:21 70 ----a-w C:\huff_value.dat
      2008-02-17 17:21 --------- d-----w C:\Documents and Settings\Harmen\Application Data\Ulead Systems
      2008-02-17 17:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
      2008-02-17 16:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-02-17 16:36 --------- d-----w C:\Program Files\Common Files\Ulead Systems
      2008-02-17 16:33 --------- d-----w C:\Program Files\SmartSound Software
      2008-02-17 16:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
      2008-02-17 16:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
      2008-02-17 16:31 --------- d-----w C:\Program Files\Windows Media Components
      2008-02-17 16:31 --------- d-----w C:\Program Files\Ulead Systems
      2008-02-17 16:31 --------- d-----w C:\Program Files\Common Files\SONY Digital Images
      2008-02-17 16:31 --------- d-----w C:\Program Files\Common Files\InstallShield
      2008-02-13 19:21 --------- d-----w C:\Program Files\Easy GIF Animator
      2008-02-05 20:05 --------- d-----w C:\Program Files\America's Army
      2008-02-04 17:33 --------- d-----w C:\Documents and Settings\Marieke & Marije\Application Data\AVG7
      2008-02-04 11:40 --------- d-----w C:\Documents and Settings\Lucy & Nico\Application Data\AVG7
      2008-02-01 15:32 --------- d-----w C:\Documents and Settings\Lucy & Nico\Application Data\DAEMON Tools
      2008-01-30 22:52 --------- d-----w C:\Program Files\Last.fm
      2008-01-27 11:40 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
      2008-01-26 15:44 --------- d-----w C:\Program Files\Electronic Arts
      2008-01-26 15:39 --------- d-----w C:\Program Files\DAEMON Tools
      2008-01-26 15:39 --------- d-----w C:\Documents and Settings\Harmen\Application Data\DAEMON Tools
      2008-01-26 15:36 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
      2008-01-26 15:32 --------- d-----w C:\Documents and Settings\Harmen\Application Data\DAEMON Tools Pro
      2008-01-26 15:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
      2008-01-06 13:58 0 ----a-w C:\Documents and Settings\Harmen\Emails.dat
      2008-01-05 18:05 0 ----a-w C:\Documents and Settings\Lucy & Nico\Emails.dat
      2008-01-05 18:04 0 ----a-w C:\Documents and Settings\Marieke & Marije\Emails.dat
      2008-01-05 16:07 164 ----a-w C:\install.dat
      2008-01-05 16:03 298,104 ----a-w C:\WINDOWS\system32\imon.dll
      2007-12-31 12:46 10 ----a-w C:\Documents and Settings\Lucy & Nico\user.dat
      2007-12-28 14:35 10 ----a-w C:\Documents and Settings\Harmen\user.dat
      2007-12-28 11:48 10 ----a-w C:\Documents and Settings\Marieke & Marije\user.dat
      .

      ------- Sigcheck -------

      2007-12-04 14:30 504832 7bba4ca9e82794985afff1d487a42b40 C:\WINDOWS\system32\winlogon.exe
      .
      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
      "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
      "nHancer"="C:\Program Files\nHancer\nHancer.exe" [2007-10-31 10:43 1519616]
      "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [ ]
      "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2008-01-17 17:51 486856]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-06 15:04 579072]
      "C6501Sound"="c6501.cpl"
      "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008]
      "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 17:14 81920]
      "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632]
      "amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
      "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
      "Hitman Pro Expiration Helper"="C:\Program Files\Hitman Pro\xphelper.exe" [2007-01-30 14:41 596760]
      "snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 17:39 40960]
      "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
      "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-04 14:32 219136]

      C:\Documents and Settings\Harmen\Menu Start\Programma's\Opstarten\
      Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-12-04 16:04:04 106496]
      Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-03-14 00:06:18 2979664]

      C:\Documents and Settings\Marieke & Marije\Menu Start\Programma's\Opstarten\
      Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-12-04 16:04:04 106496]

      C:\Documents and Settings\Lucy & Nico\Menu Start\Programma's\Opstarten\
      Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-12-04 16:04:04 106496]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
      "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hp psc 1000 series.lnk]
      path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\hp psc 1000 series.lnk
      backup=C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hpoddt01.exe.lnk]
      path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\hpoddt01.exe.lnk
      backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup

      [HKLM\~\startupfolder\C:^Documents and Settings^Harmen^Menu Start^Programma's^Opstarten^QuickTV.lnk]
      path=C:\Documents and Settings\Harmen\Menu Start\Programma's\Opstarten\QuickTV.lnk
      backup=C:\WINDOWS\pss\QuickTV.lnkStartup

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
      --a------ 2008-01-17 17:51 486856 C:\Program Files\DAEMON Tools\daemon.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
      --a------ 2004-08-10 04:04 59392 C:\WINDOWS\ehome\ehtray.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
      --a------ 2008-02-19 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
      --a------ 2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
      --a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\QTTask.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wTask]
      C:\WINDOWS\Media\LTaskup.exe

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
      "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
      "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
      "C:\\Program Files\\uTorrent\\uTorrent.exe"=
      "C:\\Program Files\\Last.fm\\LastFM.exe"=
      "C:\\Program Files\\Messenger\\msmsgs.exe"=
      "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
      "C:\\Program Files\\Shareaza\\Shareaza.exe"=
      "C:\\Program Files\\iTunes\\iTunes.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "3389:TCP"= 3389:TCPxpsp2res.dll,-22009

      R3 Cap7134;Cap7134 Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2007-12-04 14:59]
      R3 cm102u32;C-Media CM6501 Like Sound Interface;C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 10:04]
      R3 PhTVTune;Cap713x TVTuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2007-12-04 14:59]

      *Newly Created Service* - CATCHME
      *Newly Created Service* - PNKBSTRK
      .
      Inhoud van de 'Gedeelde Taken' map
      "2008-03-19 17:20:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
      "2008-03-05 18:19:24 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1196792098.job"
      - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
      .
      **************************************************************************

      catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-03-24 20:20:33
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************

      [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vsdatant]
      "ImagePath"=""
      .
      Voltooingstijd: 2008-03-24 20:20:53
      ComboFix-quarantined-files.txt 2008-03-24 19:20:51
      Last edited by harmenstortelde; 24-03-08, 21:27.
      • Citaat

      Comment

      • #4
        Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:

        File::
        C:\WINDOWS\Media\LTaskup.exe
        C:\Documents and Settings\Lucy & Nico\Emails.dat
        C:\Documents and Settings\Harmen\Emails.dat
        C:\Documents and Settings\Marieke & Marije\Emails.dat
        C:\Documents and Settings\Lucy & Nico\user.dat
        C:\Documents and Settings\Harmen\user.dat
        C:\Documents and Settings\Marieke & Marije\user.dat

        Registry::
        [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wTask]

        Sla dit op op je Bureaublad als CFScript.txt

        Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



        Dit zal ComboFix doen herstarten.
        Start opnieuw op als daarom gevraagd wordt,
        en post de inhoud van de Combofix.txt in je volgende antwoord

        Nog problemen?
        Groet,
        Pimmerd
        • Citaat

        Comment

        • #5
          ComboFix 08-03-22.3 - Harmen 2008-03-24 20:31:19.2 - NTFSx86
          Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.1295 [GMT 1:00]
          Gestart vanuit: C:\Documents and Settings\Harmen\Bureaublad\ComboFix.exe
          Command switches used :: C:\Documents and Settings\Harmen\Bureaublad\CFScript.txt
          * Nieuw herstelpunt werd aangemaakt

          WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

          FILE ::
          C:\Documents and Settings\Harmen\Emails.dat
          C:\Documents and Settings\Harmen\user.dat
          C:\Documents and Settings\Lucy & Nico\Emails.dat
          C:\Documents and Settings\Lucy & Nico\user.dat
          C:\Documents and Settings\Marieke & Marije\Emails.dat
          C:\Documents and Settings\Marieke & Marije\user.dat
          C:\WINDOWS\Media\LTaskup.exe
          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\Documents and Settings\Harmen\Emails.dat
          C:\Documents and Settings\Harmen\user.dat
          C:\Documents and Settings\Lucy & Nico\Emails.dat
          C:\Documents and Settings\Lucy & Nico\user.dat
          C:\Documents and Settings\Marieke & Marije\Emails.dat
          C:\Documents and Settings\Marieke & Marije\user.dat

          .
          (((((((((((((((((((( Bestanden Gemaakt van 2008-02-24 to 2008-03-24 ))))))))))))))))))))))))))))))
          .

          2008-03-24 19:31 . 2008-03-24 19:32 <DIR> d-------- C:\MSNCleaner
          2008-03-24 19:05 . 2008-03-24 19:05 <DIR> d-------- C:\Program Files\Trend Micro
          2008-03-20 19:54 . 2008-03-20 19:54 268 --ah----- C:\sqmdata19.sqm
          2008-03-20 19:54 . 2008-03-20 19:54 244 --ah----- C:\sqmnoopt19.sqm
          2008-03-20 19:15 . 2008-03-20 19:15 268 --ah----- C:\sqmdata18.sqm
          2008-03-20 19:15 . 2008-03-20 19:15 244 --ah----- C:\sqmnoopt18.sqm
          2008-03-20 18:28 . 2008-03-20 18:28 268 --ah----- C:\sqmdata17.sqm
          2008-03-20 18:28 . 2008-03-20 18:28 244 --ah----- C:\sqmnoopt17.sqm
          2008-03-19 18:20 . 2008-03-19 18:20 1,987 --ah----- C:\hpothb07.tif
          2008-03-19 18:20 . 2008-03-19 18:20 1,058 --ah----- C:\hpothb07.dat
          2008-03-19 18:18 . 2008-03-19 18:18 <DIR> d-------- C:\Documents and Settings\Marieke & Marije\Application Data\Hewlett-Packard
          2008-03-18 20:11 . 2008-03-18 20:11 268 --ah----- C:\sqmdata16.sqm
          2008-03-18 20:11 . 2008-03-18 20:11 244 --ah----- C:\sqmnoopt16.sqm
          2008-03-17 20:46 . 2008-03-17 20:46 268 --ah----- C:\sqmdata15.sqm
          2008-03-17 20:46 . 2008-03-17 20:46 244 --ah----- C:\sqmnoopt15.sqm
          2008-03-15 12:44 . 2008-03-15 12:44 268 --ah----- C:\sqmdata14.sqm
          2008-03-15 12:44 . 2008-03-15 12:44 244 --ah----- C:\sqmnoopt14.sqm
          2008-03-14 20:20 . 2008-03-14 20:20 268 --ah----- C:\sqmdata13.sqm
          2008-03-14 20:20 . 2008-03-14 20:20 244 --ah----- C:\sqmnoopt13.sqm
          2008-03-14 12:47 . 2008-03-14 12:47 268 --ah----- C:\sqmdata12.sqm
          2008-03-14 12:47 . 2008-03-14 12:47 244 --ah----- C:\sqmnoopt12.sqm
          2008-03-14 00:06 . 2008-03-14 00:06 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll
          2008-03-13 20:14 . 2008-03-13 20:14 268 --ah----- C:\sqmdata11.sqm
          2008-03-13 20:14 . 2008-03-13 20:14 244 --ah----- C:\sqmnoopt11.sqm
          2008-03-13 17:40 . 2008-03-13 17:40 <DIR> d--h----- C:\WINDOWS\PIF
          2008-03-12 19:10 . 2008-03-12 19:10 172 --ah----- C:\sqmnoopt10.sqm
          2008-03-12 19:10 . 2008-03-12 19:10 172 --ah----- C:\sqmdata10.sqm
          2008-03-12 16:40 . 2008-03-12 16:40 268 --ah----- C:\sqmdata09.sqm
          2008-03-12 16:40 . 2008-03-12 16:40 244 --ah----- C:\sqmnoopt09.sqm
          2008-03-11 17:08 . 2008-03-11 17:08 268 --ah----- C:\sqmdata08.sqm
          2008-03-11 17:08 . 2008-03-11 17:08 244 --ah----- C:\sqmnoopt08.sqm
          2008-03-11 12:58 . 2008-03-24 16:56 268 --ah----- C:\sqmdata07.sqm
          2008-03-11 12:58 . 2008-03-24 16:56 244 --ah----- C:\sqmnoopt07.sqm
          2008-03-10 16:14 . 2008-03-24 12:53 172 --ah----- C:\sqmnoopt06.sqm
          2008-03-10 16:14 . 2008-03-24 12:53 172 --ah----- C:\sqmdata06.sqm
          2008-03-10 15:43 . 2008-03-24 12:26 268 --ah----- C:\sqmdata05.sqm
          2008-03-10 15:43 . 2008-03-24 12:26 244 --ah----- C:\sqmnoopt05.sqm
          2008-03-10 12:32 . 2008-03-22 15:32 268 --ah----- C:\sqmdata04.sqm
          2008-03-10 12:32 . 2008-03-22 15:32 244 --ah----- C:\sqmnoopt04.sqm
          2008-03-09 21:41 . 2008-03-22 12:11 172 --ah----- C:\sqmnoopt03.sqm
          2008-03-09 21:41 . 2008-03-22 12:11 172 --ah----- C:\sqmdata03.sqm
          2008-03-09 20:56 . 2008-03-22 12:08 268 --ah----- C:\sqmdata02.sqm
          2008-03-09 20:56 . 2008-03-22 12:08 244 --ah----- C:\sqmnoopt02.sqm
          2008-03-09 13:01 . 2008-03-21 23:00 268 --ah----- C:\sqmdata01.sqm
          2008-03-09 13:01 . 2008-03-21 23:00 244 --ah----- C:\sqmnoopt01.sqm
          2008-02-27 18:29 . 2008-02-27 18:29 <DIR> d-------- C:\Program Files\iPod
          2008-02-27 18:29 . 2008-03-24 16:57 54,156 --ah----- C:\WINDOWS\QTFont.qfn
          2008-02-27 18:29 . 2008-02-27 18:29 1,409 --a------ C:\WINDOWS\QTFont.for
          2008-02-27 18:28 . 2008-02-27 18:29 <DIR> d-------- C:\Program Files\QuickTime
          2008-02-24 14:12 . 2008-02-24 14:12 <DIR> d---s---- C:\Documents and Settings\Lucy & Nico\UserData

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-03-24 18:06 --------- d-----w C:\Program Files\Java
          2008-03-24 17:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
          2008-03-24 16:21 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
          2008-03-24 16:21 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
          2008-03-24 15:57 --------- d-----w C:\Program Files\Hitman Pro
          2008-03-23 00:10 --------- d-----w C:\Documents and Settings\Harmen\Application Data\uTorrent
          2008-03-20 20:14 --------- d-----w C:\Program Files\Xfire
          2008-03-17 22:08 --------- d-----w C:\Documents and Settings\Harmen\Application Data\Xfire
          2008-02-27 17:29 --------- d-----w C:\Program Files\iTunes
          2008-02-21 19:27 --------- d-----w C:\Program Files\Qtrax_20080125
          2008-02-21 19:26 --------- d-----w C:\Documents and Settings\Harmen\Application Data\Qtrax1
          2008-02-21 19:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\SongbirdVLC
          2008-02-19 17:10 --------- d-----w C:\Documents and Settings\Harmen\Application Data\AVG7
          2008-02-17 17:21 70 ----a-w C:\huff_value.dat
          2008-02-17 17:21 --------- d-----w C:\Documents and Settings\Harmen\Application Data\Ulead Systems
          2008-02-17 17:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
          2008-02-17 16:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2008-02-17 16:36 --------- d-----w C:\Program Files\Common Files\Ulead Systems
          2008-02-17 16:33 --------- d-----w C:\Program Files\SmartSound Software
          2008-02-17 16:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
          2008-02-17 16:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
          2008-02-17 16:31 --------- d-----w C:\Program Files\Windows Media Components
          2008-02-17 16:31 --------- d-----w C:\Program Files\Ulead Systems
          2008-02-17 16:31 --------- d-----w C:\Program Files\Common Files\SONY Digital Images
          2008-02-17 16:31 --------- d-----w C:\Program Files\Common Files\InstallShield
          2008-02-13 19:21 --------- d-----w C:\Program Files\Easy GIF Animator
          2008-02-05 20:05 --------- d-----w C:\Program Files\America's Army
          2008-02-04 17:33 --------- d-----w C:\Documents and Settings\Marieke & Marije\Application Data\AVG7
          2008-02-04 11:40 --------- d-----w C:\Documents and Settings\Lucy & Nico\Application Data\AVG7
          2008-02-01 15:32 --------- d-----w C:\Documents and Settings\Lucy & Nico\Application Data\DAEMON Tools
          2008-01-30 22:52 --------- d-----w C:\Program Files\Last.fm
          2008-01-27 11:40 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
          2008-01-26 15:44 --------- d-----w C:\Program Files\Electronic Arts
          2008-01-26 15:39 --------- d-----w C:\Program Files\DAEMON Tools
          2008-01-26 15:39 --------- d-----w C:\Documents and Settings\Harmen\Application Data\DAEMON Tools
          2008-01-26 15:36 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
          2008-01-26 15:32 --------- d-----w C:\Documents and Settings\Harmen\Application Data\DAEMON Tools Pro
          2008-01-26 15:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
          2008-01-05 16:07 164 ----a-w C:\install.dat
          2008-01-05 16:03 298,104 ----a-w C:\WINDOWS\system32\imon.dll
          .

          ------- Sigcheck -------

          2007-12-04 14:30 504832 7bba4ca9e82794985afff1d487a42b40 C:\WINDOWS\system32\winlogon.exe
          .
          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
          "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
          "nHancer"="C:\Program Files\nHancer\nHancer.exe" [2007-10-31 10:43 1519616]
          "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [ ]
          "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2008-01-17 17:51 486856]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-06 15:04 579072]
          "C6501Sound"="c6501.cpl"
          "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008]
          "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 17:14 81920]
          "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632]
          "amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
          "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
          "Hitman Pro Expiration Helper"="C:\Program Files\Hitman Pro\xphelper.exe" [2007-01-30 14:41 596760]
          "snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 17:39 40960]
          "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
          "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-04 14:32 219136]

          C:\Documents and Settings\Harmen\Menu Start\Programma's\Opstarten\
          Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-12-04 16:04:04 106496]
          Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-03-14 00:06:18 2979664]

          C:\Documents and Settings\Marieke & Marije\Menu Start\Programma's\Opstarten\
          Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-12-04 16:04:04 106496]

          C:\Documents and Settings\Lucy & Nico\Menu Start\Programma's\Opstarten\
          Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-12-04 16:04:04 106496]

          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
          "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
          "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hp psc 1000 series.lnk]
          path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\hp psc 1000 series.lnk
          backup=C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hpoddt01.exe.lnk]
          path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\hpoddt01.exe.lnk
          backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup

          [HKLM\~\startupfolder\C:^Documents and Settings^Harmen^Menu Start^Programma's^Opstarten^QuickTV.lnk]
          path=C:\Documents and Settings\Harmen\Menu Start\Programma's\Opstarten\QuickTV.lnk
          backup=C:\WINDOWS\pss\QuickTV.lnkStartup

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
          --a------ 2008-01-17 17:51 486856 C:\Program Files\DAEMON Tools\daemon.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
          --a------ 2004-08-10 04:04 59392 C:\WINDOWS\ehome\ehtray.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
          --a------ 2008-02-19 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
          --a------ 2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
          --a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\QTTask.exe

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
          "EnableFirewall"= 0 (0x0)

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
          "%windir%\\system32\\sessmgr.exe"=
          "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
          "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
          "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
          "C:\\Program Files\\uTorrent\\uTorrent.exe"=
          "C:\\Program Files\\Last.fm\\LastFM.exe"=
          "C:\\Program Files\\Messenger\\msmsgs.exe"=
          "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
          "C:\\Program Files\\Shareaza\\Shareaza.exe"=
          "C:\\Program Files\\iTunes\\iTunes.exe"=

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
          "3389:TCP"= 3389:TCPxpsp2res.dll,-22009

          R3 Cap7134;Cap7134 Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2007-12-04 14:59]
          R3 cm102u32;C-Media CM6501 Like Sound Interface;C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 10:04]
          R3 PhTVTune;Cap713x TVTuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2007-12-04 14:59]

          *Newly Created Service* - CATCHME
          *Newly Created Service* - PNKBSTRK
          .
          Inhoud van de 'Gedeelde Taken' map
          "2008-03-19 17:20:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
          - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
          "2008-03-05 18:19:24 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1196792098.job"
          - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
          .
          **************************************************************************

          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-03-24 20:31:51
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************

          [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vsdatant]
          "ImagePath"=""
          .
          Voltooingstijd: 2008-03-24 20:32:08
          ComboFix-quarantined-files.txt 2008-03-24 19:32:06
          ComboFix2.txt 2008-03-24 19:20:54
          • Citaat

          Comment

          • #6
            Nog problemen?
            Groet,
            Pimmerd
            • Citaat

            Comment

            • #7
              Het lijkt erop dat het opgelost is, maar ik wacht nog even af. Je mag het onderwerp als opgelost maken als je wilt
              Bedankt !!
              • Citaat

              Comment

              • #8
                Het ziet er iig weer goed uit

                Deinstalleer Combofix:
                Ga naar start --> uitvoeren en typ daar: combofix /u
                Combofix wordt nu verwijderd en er wordt een nieuw herstelpunt aangemaakt.

                * Clean de Cache and Cookies in IE:

                * Sluit Internet Explorer.
                * Ga naar Configuratiescherm > Internet Opties > tab Algemeen
                * Klik de Cookies verwijderen knop
                * Klik op de Bestanden verwijderen knop ernaast
                * Vink aan: Ook alle off line items verwijderen, klik OK

                * Clean de Cache and Cookies in Firefox (In geval Firefox geïnstalleerd is):

                * Go to Extra > Opties.
                * Klik Privacy in het menu.
                * Klik op de knop wissen (Geschiedenis, Cookies, Cache).
                * Klik OK om het venster opnieuw te sluiten.

                * Clean andere Temporary files + Prullenbak

                * Ga naar Start > Uitvoeren en typ: cleanmgr en klik ok.
                * Laat het je systeem scannen op bestanden die moeten verwijderd worden
                * Zorg er wel voor dat je daar enkel maar 'tijdelijke bestanden', 'tijdelijke internetbestanden' en 'prullenbak' staan aangevinkt.
                * Klik daarna op OK.
                Groet,
                Pimmerd
                • Citaat

                Comment

                Vorige template Volgende
                Sorry, you are not authorized to view this page
                Working...
                X