Mededeling

Collapse
No announcement yet.

Kan niets openen zonder recame

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Kan niets openen zonder recame

    Ik kan hier niets meer openen zonder dat er reclame of andere pop-ups in mijn scherm komen.
    Heb ook geprobeert een systeem herstel te doen maar kwam niet verder als 1 dag ervoor.
    Heb hier mijn log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:40:03, on 18-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
    C:\Program Files\McAfee\Common Framework\UdaterUI.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door chello broadband n.v.
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
    O4 - HKLM\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [64000f09] rundll32.exe "C:\WINDOWS\system32\bscrhjqq.dll",b
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190392974656
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

    --
    End of file - 9324 bytes

  • #2
    Schakel Spybot's TeaTimer even uit, omdat deze de fix in de weg kan zitten:
    - Start Spybot
    - Ga naar Mode > selecteer Advanced Mode
    - Ga naar Tools en klik op het Resident-icoon in de lijst
    - Haal het vinkje weg bij Resident TeaTimer en klik OK
    - Herstart de computer

    Download vervolgens ResetTeaTimer.bat naar je Bureaublad.
    Dubbelklik op ResetTeaTimer.bat om alle entries in TeaTimer te verwijderen.
    Als de computer schoon is, kun je TeaTimer weer aan zetten


    1 )
    Download Malwarebytes' Anti-Malware op je bureaublad.
    Dubbelklik mbam-setup.exe en kies voor "Next" om de tool te installeren.
    Als de installatie voltooid is zet je vinkjes bij "Update MalwareBytes' Anti-Malware" en bij "Launch MalwareBytes' Anti-Malware".
    Druk daarna op "Finish".
    Kies in het hoofdscherm voor de tab "Scanner" en selecteer het keuzerondje "Perform full scan".
    Druk op de knop "Scan" en zorg dat al je harde schijven/partities aangevinkt staan.
    Druk dan op de knop "Start Scan".
    Wanneer de scan voltooid is klik je op OK, daarna op "Show Results" om de resultaten te zien.
    Zorg ervoor dat alles aangevinkt is, klik daarna op "Remove Selected".
    Als het programma je computer wil laten herstarten, sta je dit toe.
    Daarna opent een logje(mbam-log-XX-XX-XXXX(xx-xx-xx).txt)
    Post deze log in je volgende bericht.


    2 )
    Volg de instructies zoals beschreven op de volgende pagina: hoe-dient-combofix-gebruikt-te-worden

    Gebruik je Vista, dan hoeft de Recovery Console niet te worden geinstalleerd.
    Is er iets niet duidelijk, dan vraag je het.
    Als het tooltje klaar is, opent er een logfile (C:\combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Heey alvast bedankt, ik gaat eens aan de slag en vermaakme wel ff.
      Je hoort snel van me.

      Gr Lennaert.

      Comment


      • #4
        Hierbij mijn mbam-log:

        Malwarebytes' Anti-Malware 1.11
        Database versie: 651

        Scan type: Volledige Scan (C:\|E:\|F:\|)
        Objecten gescand: 106137
        Verstreken tijd: 2 hour(s), 20 minute(s), 37 second(s)

        Geheugenprocessen geïnfecteerd: 0
        Geheugenmodulen geïnfecteerd: 4
        Registersleutels geïnfecteerd: 18
        Registerwaarden geïnfecteerd: 2
        Registerdata bestanden geïnfecteerd: 2
        Mappen geïnfecteerd: 0
        Bestanden geïnfecteerd: 14

        Geheugenprocessen geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Geheugenmodulen geïnfecteerd:
        C:\WINDOWS\system32\bscrhjqq.dll (Trojan.Vundo) -> Unloaded module successfully.
        C:\WINDOWS\system32\iifefEVP.dll (Trojan.Vundo) -> Unloaded module successfully.
        C:\WINDOWS\system32\mlJArolJ.dll (Trojan.Vundo) -> Unloaded module successfully.
        C:\WINDOWS\system32\lxkoxdtg.dll (Trojan.Vundo) -> Unloaded module successfully.

        Registersleutels geïnfecteerd:
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed5823c-10f9-42fe-b88f-07814c97d18c} (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{fed5823c-10f9-42fe-b88f-07814c97d18c} (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljarolj (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_CLASSES_ROOT\CLSID\{22bf1662-b3d1-4a68-a055-7ce67fca1098} (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22bf1662-b3d1-4a68-a055-7ce67fca1098} (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

        Registerwaarden geïnfecteerd:
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\64000f09 (Trojan.Vundo) -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.

        Registerdata bestanden geïnfecteerd:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\iifefevp -> Quarantined and deleted successfully.
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\iifefevp -> Quarantined and deleted successfully.

        Mappen geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Bestanden geïnfecteerd:
        C:\WINDOWS\system32\bscrhjqq.dll (Trojan.Vundo) -> Delete on reboot.
        C:\WINDOWS\system32\qqjhrcsb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\iifefEVP.dll (Trojan.Vundo) -> Delete on reboot.
        C:\WINDOWS\system32\PVEfefii.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\PVEfefii.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\mlJArolJ.dll (Trojan.Vundo) -> Delete on reboot.
        C:\Documents and Settings\Lennaert\Local Settings\Temporary Internet Files\Content.IE5\TO2XB3XF\kriv[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\Documents and Settings\Lennaert\Local Settings\Temporary Internet Files\Content.IE5\WTSL0AMN\glas[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP276\A0049813.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP276\A0049814.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP277\A0050907.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP278\A0050947.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP278\A0050948.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
        C:\WINDOWS\system32\lxkoxdtg.dll (Trojan.Vundo) -> Delete on reboot.

        Comment


        • #5
          Hierbij mijn andere 2 logjes:

          ComboFix 08-04-17.1 - Lennaert 2008-04-19 6:52:40.1 - NTFSx86
          Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.476 [GMT 2:00]
          Gestart vanuit: C:\Documents and Settings\Lennaert\Bureaublad\ComboFix.exe
          Command switches used :: C:\Documents and Settings\Lennaert\Bureaublad\WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
          * Nieuw herstelpunt werd aangemaakt
          * Resident AV is active

          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\WINDOWS\cookies.ini
          C:\WINDOWS\pskt.ini
          C:\WINDOWS\system32\aghwqwns.dll
          C:\WINDOWS\system32\gaxggesp.ini
          C:\WINDOWS\system32\iifefEVP.dll
          C:\WINDOWS\system32\lxkoxdtg.dll
          C:\WINDOWS\system32\mcrh.tmp
          C:\WINDOWS\system32\mlJArolJ.dll
          C:\WINDOWS\system32\OpopAccf.ini
          C:\WINDOWS\system32\OpopAccf.ini2
          C:\WINDOWS\system32\pseggxag.dll
          C:\WINDOWS\system32\PVEfefii.ini
          C:\WINDOWS\system32\PVEfefii.ini2

          .
          (((((((((((((((((((( Bestanden Gemaakt van 2008-03-19 to 2008-04-19 ))))))))))))))))))))))))))))))
          .

          2008-04-19 06:51 . 2008-04-19 06:51 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
          2008-04-19 06:42 . 2008-04-19 06:42 109,734 --a------ C:\WINDOWS\BM67333c95.xml
          2008-04-18 21:55 . 2008-04-18 21:55 <DIR> d-------- C:\Documents and Settings\Lennaert\Application Data\Malwarebytes
          2008-04-18 21:54 . 2008-04-18 21:54 0 --a------ C:\Debug.QC6
          2008-04-18 21:50 . 2008-04-18 21:54 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
          2008-04-18 21:50 . 2008-04-18 21:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
          2008-04-18 21:45 . 2008-04-18 21:45 <DIR> d-------- C:\Program Files\Common Files\Download Manager
          2008-04-18 06:33 . 2008-04-19 06:44 1,541,089 ---hs---- C:\WINDOWS\system32\qqjhrcsb.ini
          2008-04-17 22:58 . 2008-04-17 23:01 211 --a------ C:\WINDOWS\wininit.ini
          2008-04-17 22:42 . 2008-04-17 22:42 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
          2008-04-17 22:42 . 2008-04-17 23:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
          2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Lavasoft
          2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
          2008-04-17 20:53 . 2008-04-17 21:28 <DIR> d-------- C:\Program Files\EsetOnlineScanner
          2008-04-17 20:45 . 2008-04-17 20:45 <DIR> d-------- C:\Program Files\Trend Micro
          2008-04-17 18:43 . 2008-04-17 23:07 1,529,654 ---hs---- C:\WINDOWS\system32\wwhechun.ini
          2008-04-16 19:10 . 2008-04-17 22:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
          2008-04-05 11:48 . 2006-06-08 04:49 344,064 -ra------ C:\WINDOWS\system32\drivers\rt73.sys
          2008-04-05 11:48 . 2005-10-17 19:50 245,376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys
          2008-04-05 11:48 . 2002-09-09 21:01 61,440 --a------ C:\WINDOWS\system32\ASUSW32N50.dll
          2008-04-05 11:48 . 2002-09-09 19:54 16,269 --a------ C:\WINDOWS\system32\ASNDIS5.sys
          2008-04-05 11:48 . 2001-04-16 05:48 15,577 --a------ C:\WINDOWS\system32\ASNDIS3.vxd
          2008-03-24 22:46 . 2008-03-24 22:46 268 --ah----- C:\sqmdata03.sqm
          2008-03-24 22:46 . 2008-03-24 22:46 244 --ah----- C:\sqmnoopt03.sqm

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-04-19 04:48 --------- d-----w C:\Program Files\SPAMfighter
          2008-04-18 21:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
          2008-04-17 21:11 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\LimeWire
          2008-04-17 16:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
          2008-04-16 17:55 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Azureus
          2008-04-12 04:36 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Vso
          2008-04-05 09:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2008-04-05 09:48 --------- d-----w C:\Program Files\ASUS
          2008-04-05 09:45 --------- d-----w C:\Program Files\RALINK
          2008-03-31 19:00 --------- d-----w C:\Program Files\Messenger Plus! Live
          2008-03-19 17:39 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\AdobeUM
          2008-03-14 17:48 --------- d-----w C:\Program Files\Azureus
          2008-02-28 20:33 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
          2008-02-28 20:33 --------- d-----w C:\Program Files\Windows Live
          2008-02-28 20:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
          2007-09-17 17:26 87,608 -c--a-w C:\Documents and Settings\Lennaert\Application Data\inst.exe
          2007-09-17 17:26 47,360 -c--a-w C:\Documents and Settings\Lennaert\Application Data\pcouffin.sys
          .

          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{355559FC-9D02-4D79-84C2-AEDB94223A24}]
          C:\WINDOWS\system32\fccApopO.dll

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C80CC19-B5C2-4C62-B3D3-6800B3B9C69A}]

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C14E6230-757D-4246-81CE-B34E2940C722}]

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FED5823C-10F9-42FE-B88F-07814C97D18C}]

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360]
          "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
          "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
          "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-16 21:35 68856]
          "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24 167368]
          "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 17:21 1449984]
          "WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
          "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472]
          "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [2007-02-22 20:50 112216]
          "McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 11:27 136768]
          "SoundMan"="SOUNDMAN.EXE" [2006-11-16 23:42 577536 C:\WINDOWS\soundman.exe]
          "AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 08:25 363008]
          "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
          "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 15:40 155648]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
          "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08 813912]
          "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 16:15 221184]
          "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 17:15 454656]
          "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 17:06 212992]
          "NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 02:12 2658304]
          "WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
          "SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-01-02 18:03 308880]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:03 15360]

          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
          Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
          Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-16 21:35:35 126136]
          InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-09-24 06:46:51 114688]

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
          "%windir%\\system32\\sessmgr.exe"=
          "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
          "C:\\Program Files\\Azureus\\Azureus.exe"=
          "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
          "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
          "C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
          "C:\\Program Files\\Microsoft Office\\OFFICE11\\POWERPNT.EXE"=
          "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
          "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

          R1 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]
          R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2008-01-02 18:03]
          S1 SysTool;SysTool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\SysTool.sys [2006-11-10 15:08]
          S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]


          [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{26A8E9B1-F6A4-59B8-0503-060005050503}]
          C:\WINDOWS\system32\iexplorere.exe
          .
          Inhoud van de 'Gedeelde Taken' map
          "2007-09-17 05:22:10 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job"
          - C:\Program Files\Microsoft IntelliType Pro\itype.exe
          .
          **************************************************************************

          catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-04-19 06:56:28
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 13

          **************************************************************************
          .
          ------------------------ Other Running Processes ------------------------
          .
          C:\WINDOWS\system32\ati2evxx.exe
          C:\WINDOWS\system32\ati2evxx.exe
          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          C:\Program Files\McAfee\Common Framework\FrameworkService.exe
          C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
          C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
          C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
          C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
          C:\Program Files\RealVNC\VNC4\winvnc4.exe
          C:\Program Files\McAfee\Common Framework\Mctray.exe
          C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
          C:\WINDOWS\system32\msiexec.exe
          C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
          C:\Program Files\Logitech\Video\FxSvr2.exe
          C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
          C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
          .
          **************************************************************************
          .
          Voltooingstijd: 2008-04-19 6:58:40 - machine was rebooted
          ComboFix-quarantined-files.txt 2008-04-19 04:58:37

          Pre-Run: 81,739,030,528 bytes beschikbaar
          Post-Run: 82,045,272,064 bytes beschikbaar

          WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
          [boot loader]
          timeout=2
          default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
          [operating systems]
          multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer
          C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
          .
          2008-04-09 21:08:02 --- E O F ---


          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 7:01:38, on 19-4-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16640)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\Ati2evxx.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\Ati2evxx.exe
          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          C:\Program Files\McAfee\Common Framework\FrameworkService.exe
          C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
          C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
          C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
          C:\Program Files\SPAMfighter\sfus.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\RealVNC\VNC4\WinVNC4.exe
          C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
          C:\Program Files\McAfee\Common Framework\UdaterUI.exe
          C:\WINDOWS\SOUNDMAN.EXE
          C:\Program Files\McAfee\Common Framework\McTray.exe
          C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
          C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
          C:\Program Files\Microsoft IntelliType Pro\itype.exe
          C:\WINDOWS\system32\LVCOMSX.EXE
          C:\Program Files\Logitech\Video\LogiTray.exe
          C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
          C:\Program Files\SPAMfighter\SFAgent.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
          C:\Program Files\DAEMON Tools\daemon.exe
          C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
          C:\WINDOWS\system32\msiexec.exe
          C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
          C:\Program Files\Logitech\Video\FxSvr2.exe
          C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
          C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
          C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
          C:\Program Files\Google\Google Updater\GoogleUpdater.exe
          C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
          C:\WINDOWS\system32\wuauclt.exe
          C:\WINDOWS\system32\wuauclt.exe
          C:\WINDOWS\explorer.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
          O2 - BHO: (no name) - {355559FC-9D02-4D79-84C2-AEDB94223A24} - C:\WINDOWS\system32\fccApopO.dll (file missing)
          O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
          O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
          O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
          O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
          O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
          O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
          O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
          O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
          O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
          O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
          O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
          O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
          O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
          O4 - HKLM\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
          O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
          O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
          O4 - HKCU\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
          O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
          O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
          O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
          O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
          O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
          O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
          O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
          O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190392974656
          O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
          O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
          O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
          O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
          O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
          O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
          O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
          O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

          --
          End of file - 9954 bytes

          Mvg Lennaert.

          Comment


          • #6
            Open Kladblok, kopieer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:

            • File::
              C:\WINDOWS\system32\qqjhrcsb.ini
              C:\WINDOWS\wininit.ini
              C:\WINDOWS\system32\wwhechun.ini
              C:\WINDOWS\system32\fccApopO.dll
              C:\Windows\System32\winner32.exe


              Registry::
              [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{355559FC-9D02-4D79-84C2-AEDB94223A24}]
              [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C80CC19-B5C2-4C62-B3D3-6800B3B9C69A}]
              [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C14E6230-757D-4246-81CE-B34E2940C722}]
              [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FED5823C-10F9-42FE-B88F-07814C97D18C}]

            Sla dit op op je Bureaublad als CFScript.txt.

            Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



            Dit zal ComboFix doen herstarten.

            Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord.
            Plaats ook een nieuw hjt logje en vertel even hoe het nu gaat aub.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              ComboFix 08-04-17.1 - Lennaert 2008-04-19 17:03:08.2 - NTFSx86
              Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.501 [GMT 2:00]
              Gestart vanuit: C:\Documents and Settings\Lennaert\Bureaublad\ComboFix.exe
              Command switches used :: C:\Documents and Settings\Lennaert\Bureaublad\CFScript.txt
              * Nieuw herstelpunt werd aangemaakt
              * Resident AV is active


              FILE ::
              C:\WINDOWS\system32\fccApopO.dll
              C:\WINDOWS\system32\qqjhrcsb.ini
              C:\Windows\System32\winner32.exe
              C:\WINDOWS\system32\wwhechun.ini
              C:\WINDOWS\wininit.ini
              .

              (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
              .

              C:\WINDOWS\system32\qqjhrcsb.ini
              C:\WINDOWS\system32\wwhechun.ini
              C:\WINDOWS\wininit.ini

              .
              (((((((((((((((((((( Bestanden Gemaakt van 2008-03-19 to 2008-04-19 ))))))))))))))))))))))))))))))
              .

              2008-04-19 06:51 . 2008-04-19 06:51 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
              2008-04-19 06:42 . 2008-04-19 06:42 109,734 --a------ C:\WINDOWS\BM67333c95.xml
              2008-04-18 21:55 . 2008-04-18 21:55 <DIR> d-------- C:\Documents and Settings\Lennaert\Application Data\Malwarebytes
              2008-04-18 21:54 . 2008-04-18 21:54 0 --a------ C:\Debug.QC6
              2008-04-18 21:50 . 2008-04-18 21:54 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
              2008-04-18 21:50 . 2008-04-18 21:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
              2008-04-18 21:45 . 2008-04-18 21:45 <DIR> d-------- C:\Program Files\Common Files\Download Manager
              2008-04-17 22:42 . 2008-04-17 22:42 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
              2008-04-17 22:42 . 2008-04-17 23:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
              2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Lavasoft
              2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
              2008-04-17 20:53 . 2008-04-17 21:28 <DIR> d-------- C:\Program Files\EsetOnlineScanner
              2008-04-17 20:45 . 2008-04-17 20:45 <DIR> d-------- C:\Program Files\Trend Micro
              2008-04-16 19:10 . 2008-04-17 22:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
              2008-04-05 11:48 . 2006-06-08 04:49 344,064 -ra------ C:\WINDOWS\system32\drivers\rt73.sys
              2008-04-05 11:48 . 2005-10-17 19:50 245,376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys
              2008-04-05 11:48 . 2002-09-09 21:01 61,440 --a------ C:\WINDOWS\system32\ASUSW32N50.dll
              2008-04-05 11:48 . 2002-09-09 19:54 16,269 --a------ C:\WINDOWS\system32\ASNDIS5.sys
              2008-04-05 11:48 . 2001-04-16 05:48 15,577 --a------ C:\WINDOWS\system32\ASNDIS3.vxd
              2008-03-24 22:46 . 2008-03-24 22:46 268 --ah----- C:\sqmdata03.sqm
              2008-03-24 22:46 . 2008-03-24 22:46 244 --ah----- C:\sqmnoopt03.sqm

              .
              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              2008-04-19 04:57 --------- d-----w C:\Program Files\SPAMfighter
              2008-04-18 21:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
              2008-04-17 21:11 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\LimeWire
              2008-04-17 16:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
              2008-04-16 17:55 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Azureus
              2008-04-12 04:36 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Vso
              2008-04-05 09:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
              2008-04-05 09:48 --------- d-----w C:\Program Files\ASUS
              2008-04-05 09:45 --------- d-----w C:\Program Files\RALINK
              2008-03-31 19:00 --------- d-----w C:\Program Files\Messenger Plus! Live
              2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
              2008-03-19 17:39 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\AdobeUM
              2008-03-14 17:48 --------- d-----w C:\Program Files\Azureus
              2008-03-01 13:05 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
              2008-02-28 20:33 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
              2008-02-28 20:33 --------- d-----w C:\Program Files\Windows Live
              2008-02-28 20:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
              2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
              2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
              2008-02-11 07:39 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll
              2008-02-11 07:39 237,568 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll
              2008-02-08 11:53 110,592 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
              2008-02-05 06:48 77,824 ----a-w C:\WINDOWS\system32\OnlineScannerUninstaller.exe
              2007-09-17 17:26 87,608 -c--a-w C:\Documents and Settings\Lennaert\Application Data\inst.exe
              2007-09-17 17:26 47,360 -c--a-w C:\Documents and Settings\Lennaert\Application Data\pcouffin.sys
              .

              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              REGEDIT4
              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360]
              "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
              "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
              "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-16 21:35 68856]
              "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24 167368]
              "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 17:21 1449984]
              "WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
              "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472]
              "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [2007-02-22 20:50 112216]
              "McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 11:27 136768]
              "SoundMan"="SOUNDMAN.EXE" [2006-11-16 23:42 577536 C:\WINDOWS\soundman.exe]
              "AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 08:25 363008]
              "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
              "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 15:40 155648]
              "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
              "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08 813912]
              "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 16:15 221184]
              "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 17:15 454656]
              "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 17:06 212992]
              "NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 02:12 2658304]
              "WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
              "SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-01-02 18:03 308880]

              [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
              "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:03 15360]

              C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
              Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
              Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-16 21:35:35 126136]
              InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-09-24 06:46:51 114688]

              [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
              "%windir%\\system32\\sessmgr.exe"=
              "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
              "C:\\Program Files\\Azureus\\Azureus.exe"=
              "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
              "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
              "C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
              "C:\\Program Files\\Microsoft Office\\OFFICE11\\POWERPNT.EXE"=
              "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
              "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

              R1 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]
              R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2008-01-02 18:03]
              S1 SysTool;SysTool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\SysTool.sys [2006-11-10 15:08]
              S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]


              [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{26A8E9B1-F6A4-59B8-0503-060005050503}]
              C:\WINDOWS\system32\iexplorere.exe
              .
              Inhoud van de 'Gedeelde Taken' map
              "2007-09-17 05:22:10 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job"
              - C:\Program Files\Microsoft IntelliType Pro\itype.exe
              .
              **************************************************************************

              catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
              Rootkit scan 2008-04-19 17:04:23
              Windows 5.1.2600 Service Pack 2 NTFS

              scannen van verborgen processen ...

              scannen van verborgen autostart items ...

              scannen van verborgen bestanden ...

              Scan succesvol afgerond
              verborgen bestanden: 0

              **************************************************************************
              .
              Voltooingstijd: 2008-04-19 17:04:56
              ComboFix-quarantined-files.txt 2008-04-19 15:04:50
              ComboFix2.txt 2008-04-19 04:58:41

              Pre-Run: 82,050,322,432 bytes beschikbaar
              Post-Run: 82,039,234,560 bytes beschikbaar
              .
              2008-04-09 21:08:02 --- E O F ---

              Comment


              • #8
                Mag ik ook een nieuw HJT logje aub.

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  Hierbij mijn hjt logje:

                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 18:58:43, on 19-4-2008
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16640)
                  Boot mode: Normal

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\Ati2evxx.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\WINDOWS\system32\Ati2evxx.exe
                  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  C:\Program Files\McAfee\Common Framework\FrameworkService.exe
                  C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
                  C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
                  C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
                  C:\Program Files\SPAMfighter\sfus.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Program Files\RealVNC\VNC4\WinVNC4.exe
                  C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
                  C:\Program Files\McAfee\Common Framework\UdaterUI.exe
                  C:\WINDOWS\SOUNDMAN.EXE
                  C:\Program Files\McAfee\Common Framework\McTray.exe
                  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
                  C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                  C:\Program Files\Microsoft IntelliType Pro\itype.exe
                  C:\WINDOWS\system32\LVCOMSX.EXE
                  C:\Program Files\Logitech\Video\LogiTray.exe
                  C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
                  C:\Program Files\SPAMfighter\SFAgent.exe
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
                  C:\Program Files\DAEMON Tools\daemon.exe
                  C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
                  C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
                  C:\Program Files\Logitech\Video\FxSvr2.exe
                  C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
                  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
                  C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                  C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
                  C:\WINDOWS\system32\wuauclt.exe
                  C:\Program Files\Windows Live\Messenger\usnsvc.exe
                  C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
                  C:\WINDOWS\system32\notepad.exe
                  C:\WINDOWS\explorer.exe
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
                  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                  O2 - BHO: (no name) - {355559FC-9D02-4D79-84C2-AEDB94223A24} - (no file)
                  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
                  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
                  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                  O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
                  O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
                  O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
                  O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
                  O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
                  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                  O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
                  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
                  O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
                  O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
                  O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
                  O4 - HKLM\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
                  O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
                  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
                  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                  O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
                  O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
                  O4 - HKCU\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
                  O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
                  O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
                  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                  O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                  O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
                  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                  O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                  O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
                  O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
                  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190392974656
                  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                  O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
                  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
                  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
                  O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
                  O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
                  O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
                  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
                  O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
                  O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

                  --
                  End of file - 10063 bytes

                  Comment


                  • #10
                    Mijn pc draait voor me gevoel weer lekker, start weer snel op en geen rommel als ik een internet pagina open.
                    Is het hier mee gedaan?

                    Gr Lennaert.

                    Comment


                    • #11
                      Hallo ,


                      Schakel Spybot's TeaTimer even uit, omdat deze de fix in de weg kan zitten:
                      - Start Spybot
                      - Ga naar Mode > selecteer Advanced Mode
                      - Ga naar Tools en klik op het Resident-icoon in de lijst
                      - Haal het vinkje weg bij Resident TeaTimer en klik OK
                      - Herstart de computer

                      Download vervolgens ResetTeaTimer.bat naar je Bureaublad.
                      Dubbelklik op ResetTeaTimer.bat om alle entries in TeaTimer te verwijderen.
                      Als de computer schoon is, kun je TeaTimer weer aan zetten

                      Start Hijackthis op en kies voor 'Do a system scan only'
                      Selecteer alleen de items die hieronder zijn genoemd:

                      O2 - BHO: (no name) - {355559FC-9D02-4D79-84C2-AEDB94223A24} - (no file)
                      O4 - HKLM\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
                      O4 - HKCU\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"

                      Sluit alle vensters behalve Hijackthis
                      Klik op 'Fix checked' om de items te verwijderen.

                      Download Java Runtime Environment (JRE) 6u6.
                      • Scroll omlaag naar : "Java Runtime Environment (JRE) 6 Update 6".
                      • Klik op de "Download" knop aan de rechterkant.
                      • Vink aan: "Accept License Agreement", en klik op Continue.
                      • De pagina zal herladen.
                      • Klik op de Windows Offline Installation, Multi-language link ONDER Windows Platform - Java SE Runtime Environment 6 Update 6 en bewaar het op je Bureaublad.
                      • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
                      • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst. (met Java Runtime Environment (JRE of J2SE) in de naam.
                      • Herhaal dit tot alle oudere versies verdwenen zijn.
                      • Na het verwijderen van alle oudere versies, herstart je pc.
                      • Dubbelklik vervolgens op jre-6u6-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


                      Plaats even een nieuw HJT logje aub

                      Windows 10 opstarten in Veilige Modus

                      Comment


                      • #12
                        Hierbij mijn nieuw hjt logje:

                        Logfile of Trend Micro HijackThis v2.0.2
                        Scan saved at 8:28:43, on 20-4-2008
                        Platform: Windows XP SP2 (WinNT 5.01.2600)
                        MSIE: Internet Explorer v7.00 (7.00.6000.16640)
                        Boot mode: Normal

                        Running processes:
                        C:\WINDOWS\System32\smss.exe
                        C:\WINDOWS\system32\winlogon.exe
                        C:\WINDOWS\system32\services.exe
                        C:\WINDOWS\system32\lsass.exe
                        C:\WINDOWS\system32\Ati2evxx.exe
                        C:\WINDOWS\system32\svchost.exe
                        C:\WINDOWS\System32\svchost.exe
                        C:\WINDOWS\system32\Ati2evxx.exe
                        C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                        C:\WINDOWS\Explorer.EXE
                        C:\WINDOWS\system32\spoolsv.exe
                        C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                        C:\Program Files\McAfee\Common Framework\FrameworkService.exe
                        C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
                        C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
                        C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
                        C:\Program Files\SPAMfighter\sfus.exe
                        C:\WINDOWS\System32\svchost.exe
                        C:\Program Files\RealVNC\VNC4\WinVNC4.exe
                        C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
                        C:\Program Files\McAfee\Common Framework\UdaterUI.exe
                        C:\WINDOWS\SOUNDMAN.EXE
                        C:\Program Files\McAfee\Common Framework\McTray.exe
                        C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
                        C:\Program Files\Microsoft IntelliType Pro\itype.exe
                        C:\WINDOWS\system32\LVCOMSX.EXE
                        C:\Program Files\Logitech\Video\LogiTray.exe
                        C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
                        C:\Program Files\SPAMfighter\SFAgent.exe
                        C:\WINDOWS\system32\ctfmon.exe
                        C:\Program Files\Logitech\Video\FxSvr2.exe
                        C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
                        C:\Program Files\DAEMON Tools\daemon.exe
                        C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
                        C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
                        C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
                        C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
                        C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                        C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
                        C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
                        C:\WINDOWS\system32\msiexec.exe
                        C:\WINDOWS\system32\wuauclt.exe
                        C:\Program Files\Internet Explorer\iexplore.exe
                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
                        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                        O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
                        O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
                        O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                        O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
                        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                        O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
                        O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
                        O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
                        O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
                        O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
                        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                        O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
                        O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
                        O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
                        O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
                        O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
                        O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
                        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
                        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                        O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
                        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                        O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                        O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
                        O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
                        O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
                        O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
                        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                        O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                        O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
                        O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
                        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
                        O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                        O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                        O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
                        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
                        O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
                        O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190392974656
                        O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                        O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
                        O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                        O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
                        O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
                        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                        O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
                        O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
                        O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
                        O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
                        O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
                        O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
                        O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

                        --
                        End of file - 9745 bytes

                        Comment


                        • #13
                          Logje is schoon, was java update niet gelukt ??

                          Windows 10 opstarten in Veilige Modus

                          Comment


                          • #14
                            ik heb java geinstald en geen problemen ermee gehad.
                            is het niet te zien dan?

                            Comment


                            • #15
                              Java\jre1.6.0_03 staat in het logje, nieuwste versie is 6.6

                              Windows 10 opstarten in Veilige Modus

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X