Mededeling

Collapse
No announcement yet.

Taakbeheer uitgeschakeld

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Taakbeheer uitgeschakeld

    Hallo,

    Ik krijg sinds een week de melding dat Windows taakbeheer is uitgeschakeld...
    Ik plaatste dit al op het forum en daar werd mij verteld hier even mijn logje te plaatsen en dat iemand me hier zou kunnen helpen?

    Ik heb overigens de laatste tijd ook wat last gehad van spyware etc, maar ik heb met McAfee alles verwijderd wat er te vinden was...

    Komt ie:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:23:44, on 22-5-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rodajcfans.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {8141DD7E-53C4-423F-BE36-AAD22F294EC7} - C:\WINDOWS\system32\geBtSMGy.dll (file missing)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: QXK Rhythm - {D4E26A3A-80E0-4467-B116-4F0DC4441C4A} - C:\WINDOWS\fvowketqxfo.dll (file missing)
    O3 - Toolbar: pvnsmfor - {755F70ED-8112-4AEA-B77B-E11296C79DA7} - C:\WINDOWS\pvnsmfor.dll (file missing)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Service] C:\DOCUME~1\LUKEW~1\LOCALS~1\Temp\svchost.exe
    O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [advap32] C:\DOCUME~1\LUKEW~1\LOCALS~1\Temp\stdcons.exe/r
    O4 - HKLM\..\Run: [6cf995af] rundll32.exe "C:\WINDOWS\system32\tsgbkini.dll",b
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: McAfee Application Installer Cleanup (0300721211317090) (0300721211317090mcinstcleanup) - McAfee, Inc. - C:\DOCUME~1\LUKEW~1\LOCALS~1\Temp\030072~1.EXE
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    --
    End of file - 9354 bytes

  • #2
    Hallo,

    Sluit alle open vensters.
    Start HijackThis nog een keer en plaats een vinkje bij de volgende items:

    O2 - BHO: (no name) - {8141DD7E-53C4-423F-BE36-AAD22F294EC7} - C:\WINDOWS\system32\geBtSMGy.dll (file missing)
    O2 - BHO: QXK Rhythm - {D4E26A3A-80E0-4467-B116-4F0DC4441C4A} - C:\WINDOWS\fvowketqxfo.dll (file missing)
    O3 - Toolbar: pvnsmfor - {755F70ED-8112-4AEA-B77B-E11296C79DA7} - C:\WINDOWS\pvnsmfor.dll (file missing)
    O4 - HKLM\..\Run: [Windows Service] C:\DOCUME~1\LUKEW~1\LOCALS~1\Temp\svchost.exe
    O4 - HKLM\..\Run: [advap32] C:\DOCUME~1\LUKEW~1\LOCALS~1\Temp\stdcons.exe/r
    O4 - HKLM\..\Run: [6cf995af] rundll32.exe "C:\WINDOWS\system32\tsgbkini.dll",b


    Klik daarna op "Fix checked" en sluit HijackThis af.

    Download combofix.exe van deze site: http://www.bleepingcomputer.com/comb...uikt-te-worden
    Volg de instructies die daar gegeven worden. Is er iets niet duidelijk, dan vraag je het.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

    Comment


    • #3
      Dit is het nieuwe Hijackthislog:

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 23:53:31, on 25-5-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16640)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
      C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
      c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
      c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
      C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Program Files\McAfee\MPF\MPFSrv.exe
      C:\Program Files\McAfee\MSK\MskSrver.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\oodag.exe
      c:\PROGRA~1\mcafee.com\agent\mcagent.exe
      C:\WINDOWS\system32\PnkBstrA.exe
      C:\WINDOWS\system32\SearchIndexer.exe
      C:\WINDOWS\system32\WgaTray.exe
      C:\WINDOWS\Mixer.exe
      C:\Program Files\Nero\Nero 7\InCD\InCD.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
      C:\WINDOWS\explorer.exe
      C:\WINDOWS\system32\notepad.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rodajcfans.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
      O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
      O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O23 - Service: McAfee Application Installer Cleanup (0285441211537378) (0285441211537378mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\028544~1.EXE
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
      O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
      O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
      O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
      O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
      O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
      O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
      O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
      O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
      O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

      --
      End of file - 8168 bytes






      En hier het Combofix.txt bestandje:

      ComboFix 08-05-21.3 - Luke W 2008-05-22 22:56:39.1 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.28 [GMT 2:00]
      Gestart vanuit: C:\Documents and Settings\Luke W\Bureaublad\ComboFix.exe
      Command switches used :: C:\Documents and Settings\Luke W\Bureaublad\WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
      * Nieuw herstelpunt werd aangemaakt
      * Resident AV is active

      .

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\WINDOWS\system32\_000003_.tmp.dll
      C:\WINDOWS\system32\_000006_.tmp.dll
      C:\WINDOWS\system32\_000007_.tmp.dll
      C:\WINDOWS\system32\_000008_.tmp.dll
      C:\WINDOWS\system32\_000009_.tmp.dll
      C:\WINDOWS\system32\_000010_.tmp.dll
      C:\WINDOWS\system32\_000011_.tmp.dll
      C:\WINDOWS\system32\cemcaqwr.ini
      C:\WINDOWS\system32\cqyxjbkn.ini
      C:\WINDOWS\system32\ifnogkrp.ini
      C:\WINDOWS\system32\inikbgst.ini
      C:\WINDOWS\system32\mcrh.tmp
      C:\WINDOWS\system32\ptogseqy.ini
      C:\WINDOWS\system32\tsgbkini.dll
      C:\WINDOWS\system32\ufiwwsxp.ini
      C:\WINDOWS\system32\vmbhirhr.ini
      C:\WINDOWS\system32\yGMStBeg.ini
      C:\WINDOWS\system32\yGMStBeg.ini2

      .
      (((((((((((((((((((( Bestanden Gemaakt van 2008-04-22 to 2008-05-22 ))))))))))))))))))))))))))))))
      .

      2008-05-22 17:19 . 2008-05-22 17:19 <DIR> d-------- C:\Program Files\Trend Micro
      2008-05-22 16:40 . 2008-05-22 16:40 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
      2008-05-21 21:55 . 2008-05-21 21:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
      2008-05-20 23:08 . 2008-05-22 23:05 9,053 --a------ C:\WINDOWS\system32\Config.MPF
      2008-05-20 23:04 . 2006-03-03 08:07 143,360 --a------ C:\WINDOWS\system32\dunzip32.dll
      2008-05-20 22:59 . 2007-11-22 06:44 201,320 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys
      2008-05-20 22:59 . 2007-11-22 06:44 79,304 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys
      2008-05-20 22:59 . 2007-12-02 12:51 40,488 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys
      2008-05-20 22:59 . 2007-11-22 06:44 35,240 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys
      2008-05-20 22:59 . 2007-11-22 06:44 33,832 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys
      2008-05-20 22:58 . 2007-07-13 06:20 113,952 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys
      2008-05-20 22:55 . 2008-05-20 22:56 <DIR> d-------- C:\Program Files\McAfee.com
      2008-05-20 22:54 . 2008-05-22 17:43 <DIR> d-------- C:\Program Files\McAfee
      2008-05-20 22:54 . 2008-05-20 22:59 <DIR> d-------- C:\Program Files\Common Files\McAfee
      2008-05-20 22:29 . 2008-05-20 23:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
      2008-05-20 22:26 . 2008-05-21 13:07 <DIR> d-------- C:\Program Files\McAfee2
      2008-05-18 16:00 . 2008-05-18 04:00 160,256 --a------ C:\WINDOWS\system32\17E.tmp
      2008-05-18 04:00 . 2008-05-17 16:00 160,256 --a------ C:\WINDOWS\system32\17A.tmp
      2008-05-17 16:00 . 2008-05-17 03:59 160,256 --a------ C:\WINDOWS\system32\176.tmp
      2008-05-17 03:59 . 2008-05-16 15:59 160,256 --a------ C:\WINDOWS\system32\172.tmp
      2008-05-16 15:59 . 2008-05-16 03:59 160,256 --a------ C:\WINDOWS\system32\16E.tmp
      2008-05-16 03:59 . 2008-05-15 15:58 160,256 --a------ C:\WINDOWS\system32\16A.tmp
      2008-05-15 17:21 . 2008-05-15 17:21 <DIR> d-------- C:\Documents and Settings\Luke W\Application Data\AXPDefender
      2008-05-15 15:53 . 2008-05-18 16:00 160,256 --a------ C:\WINDOWS\system32\blackster.scr
      2008-05-15 15:52 . 2008-05-15 15:57 269,334 --a------ C:\WINDOWS\system32\ctfmonb.bmp
      2008-05-15 15:48 . 2008-05-15 15:48 <DIR> d-------- C:\Program Files\directx
      2008-05-13 16:22 . 2008-05-14 17:41 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
      2008-05-13 16:22 . 2008-05-13 16:22 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
      2008-05-13 16:22 . 2008-05-14 17:41 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
      2008-04-29 18:38 . 2008-04-29 18:41 <DIR> d-------- C:\WINDOWS\nview
      2008-04-29 18:38 . 2006-10-22 12:22 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
      2008-04-29 18:38 . 2008-05-22 23:05 88,566 --a------ C:\WINDOWS\system32\nvapps.xml
      2008-04-29 18:38 . 2006-10-22 12:22 17,056 --a------ C:\WINDOWS\system32\nvdisp.nvu
      2008-04-29 18:37 . 2006-10-22 15:06 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
      2008-04-29 18:36 . 2008-04-29 18:36 <DIR> d-------- C:\NVIDIA
      2008-04-29 18:29 . 2008-04-29 18:29 <DIR> d-------- C:\Program Files\Lavalys
      2008-04-28 19:36 . 2008-04-28 19:36 244 --ah----- C:\sqmnoopt08.sqm
      2008-04-28 19:36 . 2008-04-28 19:36 232 --ah----- C:\sqmdata08.sqm

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-05-20 20:41 --------- d-----w C:\Documents and Settings\Luke W\Application Data\uTorrent
      2008-05-13 13:53 --------- d-----w C:\Program Files\Last.fm
      2008-04-20 21:48 --------- d-----w C:\Program Files\Windows Live Toolbar
      2008-04-16 20:19 --------- d-----w C:\Program Files\Windows Live
      2008-04-16 18:03 --------- d-----w C:\Program Files\Skype
      2008-04-16 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
      2008-04-06 22:47 --------- d-----w C:\Program Files\Java
      2008-04-02 19:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP
      2008-03-31 16:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
      2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
      2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll
      2008-03-24 22:59 49 ----a-w C:\xmp.bat
      2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
      2008-03-01 13:05 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360]
      "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:54 5674352]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
      "C-Media Mixer"="Mixer.exe" [2002-10-15 19:00 1818624 C:\WINDOWS\mixer.exe]
      "InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2006-12-08 11:56 1053184]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
      "OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-05-11 03:08 2512392]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
      "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
      "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]
      "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]
      "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-11-01 19:12 582992]
      "McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [2007-11-30 05:42 1164576]
      "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 01:03 160256]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:03 15360]

      C:\Documents and Settings\Luke W\Menu Start\Programma's\Opstarten\
      Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Desktop Search.lnk]
      path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Windows Desktop Search.lnk
      backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
      --a------ 2007-01-15 17:14 147456 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
      --a------ 2007-09-18 16:16 171464 C:\Program Files\DAEMON Tools\daemon.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
      --a------ 2007-09-26 15:42 267064 C:\Program Files\iTunes\iTunesHelper.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
      --a------ 2006-01-12 16:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusDisableNotify"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\uTorrent\\uTorrent.exe"=
      "C:\\Program Files\\iTunes\\iTunes.exe"=
      "C:\\Program Files\\Last.fm\\LastFM.exe"=
      "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\MSN Messenger\\livecall.exe"=
      "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "3389:TCP"= 3389:TCPxpsp2res.dll,-22009

      S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 00:00]

      .
      Inhoud van de 'Gedeelde Taken' map
      "2008-05-20 20:57:16 C:\WINDOWS\Tasks\McDefragTask.job"
      - c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
      "2008-05-20 20:57:11 C:\WINDOWS\Tasks\McQcTask.job"
      - c:\PROGRA~1\mcafee\mqc\QcConsol.exe
      .
      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-05-22 23:05:39
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************

      [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
      "ImagePath"="\??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt"
      .
      ------------------------ Other Running Processes ------------------------
      .
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
      C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
      C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
      C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
      C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Program Files\McAfee\MPF\MpfSrv.exe
      C:\Program Files\McAfee\MSK\msksrver.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\oodag.exe
      C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
      C:\WINDOWS\system32\PnkBstrA.exe
      C:\WINDOWS\system32\searchindexer.exe
      C:\WINDOWS\system32\WgaTray.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
      .
      **************************************************************************
      .
      Voltooingstijd: 2008-05-22 23:14:14 - machine was rebooted
      ComboFix-quarantined-files.txt 2008-05-22 21:14:00

      Pre-Run: 40,078,061,568 bytes beschikbaar
      Post-Run: 41,776,451,584 bytes beschikbaar

      WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
      [boot loader]
      timeout=2
      default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
      [operating systems]
      multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
      C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

      196 --- E O F --- 2008-05-14 01:04:46

      Comment


      • #4
        Ziet er goed uit.
        Zijn er nog problemen?

        Comment


        • #5
          Nee eigenlijk niet

          Thanks a lot!!!

          Luke

          Comment


          • #6
            Graag gedaan.

            Doe dit nog:
            Ga naar Start - Uitvoeren en tik in: ComboFix /u
            Druk op Enter.

            Ga naar Kaspersky Online Scanner en klik onderaan op Accept.
            Deze scanner werkt uitsluitend met Internet Explorer 6 en hoger !!
            Het zou kunnen dat je aan de bovenkant van je scherm op een gele balk moet klikken om ActiveX bestanden die Kaspersky nodig heeft om te kunnen scannen te downloaden. Sta dit toe.
            • Het programma begint nu met het downloaden van de laatste definitie files. Hierna klik je op Next.
            • Klik vervolgens op de toets Scan Settings.
              Onder de tekst Scan using the following antivirus database: kies je de tweede mogelijkheid: extended - protect your .....
              Onder de tekst Scan options: zet je de twee vinkjes: Scan Archives .... en Scan Mail Bases ....
            • Klik dan op de toets OK.
            • Start nu het scannen door op de tekst My Computer te klikken.


              Hou er rekening mee dat deze scan een tijdje in beslag neemt.
            • Eenmaal de scan volledig is krijg je de gelegenheid om het scanrapport op te slaan.
              Klik op de toets Save Report As te klikken. Sla het rapport op je Bureaublad op met als naam kavscan.txt

            Post dit rapport in je volgende bericht.

            Comment


            • #7
              -------------------------------------------------------------------------------
              KASPERSKY ONLINE SCANNER REPORT
              Tuesday, May 27, 2008 3:57:33 PM
              Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
              Kaspersky Online Scanner version: 5.0.98.0
              Kaspersky Anti-Virus database last update: 26/05/2008
              Kaspersky Anti-Virus database records: 800955
              -------------------------------------------------------------------------------

              Scan Settings:
              Scan using the following antivirus database: extended
              Scan Archives: true
              Scan Mail Bases: true

              Scan Target - My Computer:
              C:\
              D:\
              E:\
              F:\
              G:\
              H:\
              I:\
              J:\

              Scan Statistics:
              Total number of scanned objects: 48286
              Number of viruses found: 0
              Number of infected objects: 0
              Number of suspicious objects: 0
              Duration of the scan process: 01:39:18

              Infected Object Name / Virus Name / Last Action
              C:\Documents and Settings\All Users\Application Data\McAfee\EasyNet\MHNData Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{2E0F98CA-FBDD-44CA-9A17-A3602C319E7D}.log Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{48676D25-13EB-4326-90A7-D06F57D8F341}.log Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MSK\MSKWMDB.dat Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MSK\RBLDB.dat Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\MSK\settingsdb.dat Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR4.tmp Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.94.Crwl Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.94.gthr Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.ci Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wsb Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy25.gthr Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1.tmp Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp Object is locked skipped
              C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_79c.dat Object is locked skipped
              C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
              C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
              C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
              C:\Documents and Settings\LocalService\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
              C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
              C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
              C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
              C:\Documents and Settings\Luke W\Cookies\index.dat Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Application Data\Last.fm\Client\Last.fm.log Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Application Data\Last.fm\Client\WmpPlugin.log Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Application Data\Last.fm\collection.db Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNSD.XML Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Geschiedenis\History.IE5\MSHist012008052620080527\index.dat Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Temp\etilqs_6D2t3FXg6cg3dcX-journal Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Temp\etilqs_llNNLAbbhyPEUgo Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Temp\sqlite_Mk9MGgWBpbHfSmI Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Temp\sqlite_Rp5X4btfXIRxyLP Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
              C:\Documents and Settings\Luke W\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
              C:\Documents and Settings\Luke W\NTUSER.DAT Object is locked skipped
              C:\Documents and Settings\Luke W\ntuser.dat.LOG Object is locked skipped
              C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
              C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
              C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
              C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
              C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
              C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
              C:\WINDOWS\SchedLgU.Txt Object is locked skipped
              C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
              C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
              C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
              C:\WINDOWS\system32\config\default Object is locked skipped
              C:\WINDOWS\system32\config\default.LOG Object is locked skipped
              C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
              C:\WINDOWS\system32\config\SAM Object is locked skipped
              C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
              C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
              C:\WINDOWS\system32\config\SECURITY Object is locked skipped
              C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
              C:\WINDOWS\system32\config\software Object is locked skipped
              C:\WINDOWS\system32\config\software.LOG Object is locked skipped
              C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
              C:\WINDOWS\system32\config\system Object is locked skipped
              C:\WINDOWS\system32\config\system.LOG Object is locked skipped
              C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
              C:\WINDOWS\system32\h323log.txt Object is locked skipped
              C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
              C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
              C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
              C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
              C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
              C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
              C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
              C:\WINDOWS\Temp\mcafee_DMColdNrKZxTfyX Object is locked skipped
              C:\WINDOWS\Temp\mcmsc_1veYOZXp12mA869 Object is locked skipped
              C:\WINDOWS\Temp\mcmsc_7JDBZWqrNxprBzT Object is locked skipped
              C:\WINDOWS\Temp\mcmsc_NVUwU3nqopa5rKS Object is locked skipped
              C:\WINDOWS\Temp\mcmsc_rKpwGllAnYAlywO Object is locked skipped
              C:\WINDOWS\Temp\sqlite_jTs1iTBINJR80S1 Object is locked skipped
              C:\WINDOWS\Temp\sqlite_TjjuAlr6RnjfuZ0 Object is locked skipped
              D:\Gedeelde documenten\Muziek\Metallica Discography @ 320Kbps\(1986) Master of Puppets\05 - Disposable Heroes.mp3 Object is locked skipped
              D:\Gedeelde documenten\Muziek\Metallica Discography @ 320Kbps\(1988) ...And Justice for All\07 - The Frayed Ends Of Sanity.mp3 Object is locked skipped
              D:\Gedeelde documenten\Muziek\Metallica Discography @ 320Kbps\(1998) Garage, Inc\CD1\10 - Tuesday's Gone.mp3 Object is locked skipped
              D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

              Scan process completed.

              Comment


              • #8
                Dat logje ziet er ook goed uit.
                Als jij verder geen problemen meer hebt met deze computer, dan denk ik dat we kunnen afsluiten.

                Comment


                • #9
                  Nee ik heb nergens meer last van,

                  nogmaals bedankt

                  groeten, Luke.

                  Comment


                  • #10
                    Graa gedaan Luke.
                    Ik heb nog wat tips voor je: Meer info over hoe je een nieuwe infectie kan voorkomen vind je hier en hier.

                    De status van deze thread staat op opgelost.
                    Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk. Dit om het forum netjes en overzichtelijk te houden.
                    Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.

                    Happy surfing again.

                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X