• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Opgelost - msn virus

Status
Niet open voor verdere reacties.
tyche

tyche

Nieuw lid
Lid geworden
25 feb 2009
Berichten
21
Waarderingsscore
0
Hoi allen.

Ik ben ook besmet met het msn-virus. :wacko:
Ik heb geprobeerd msn te verwijderen maar als ik via config-scherm op software verwijderen klik gebeurt het niet.
beetje vervelend wel.

Ik heb een hijackthis log gemaakt.
en dat is:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:29, on 26-2-2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\CFusionMX7\runtime\bin\jrunsvc.exe
C:\CFusionMX7\db\slserver54\bin\swagent.exe
C:\CFusionMX7\runtime\bin\jrun.exe
C:\CFusionMX7\db\slserver54\bin\swstrtr.exe
C:\CFusionMX7\db\slserver54\bin\swsoc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\odClientService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Logi_MwX.Exe
E:\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\OdTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\frmwrk32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free History Eraser\HistoryEraser.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Ron\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\PND Speed Camera Sync\PndSync\PndSync.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ZyXEL Technology Corporation\ZyAIR G-220 Utility\ZDWlan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ron\Mijn documenten\hjt this\HijackThis.exe
C:\Documents and Settings\Ron\Mijn documenten\hjt this\realscan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {75E71CC4-F4B6-4A58-9B47-DEE58CB7FFB1} - C:\WINDOWS\system32\advpack(8.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [PhilipsRemote] C:\PROGRA~1\MUSICM~1\MUSICM~2\PHILIP~1.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [OdTray.exe] "C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\OdTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SPSTEALT] "C:\Program Files\Free History Eraser\HistoryEraser.exe" /stealt
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ron\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PND Speed Camera Synchronization.lnk = C:\Program Files\PND Speed Camera Sync\PndSync\PndSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZDWlan.lnk = ?
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ron\Menu Start\Programma's\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\temp\ntdll64.dll
O10 - Unknown file in Winsock LSP: c:\windows\temp\ntdll64.dll
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://housecall.trendmicro-europe.com/housecall/Xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\WINDOWS\system32\wmfhotfix.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ColdFusion MX 7 Application Server - Macromedia Inc. - C:\CFusionMX7\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX 7 ODBC Agent - Unknown owner - C:\CFusionMX7\db\slserver54\bin\swagent.exe
O23 - Service: ColdFusion MX 7 ODBC Server - Unknown owner - C:\CFusionMX7\db\slserver54\bin\swstrtr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Odyssey Client for ZyXEL (odClientService) - Funk Software, Inc. - C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\odClientService.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 16778 bytes


en ik heb een combofixlog en dat is:



ComboFix 09-02-26.01 - Ron 2009-02-26 20:49:40.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.1023.558 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Ron\Bureaublad\ComboFix.exe
AV: Bitdefender Antivirus *On-access scanning disabled* (Outdated)
AV: Norton Internet Security *On-access scanning enabled* (Outdated)
FW: Norton Internet Security *enabled*
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Ron\Application Data\urlredir.cfg
c:\documents and settings\Ron\Menu Start\Programma's\AntivirusXP
c:\program files\INSTALL.LOG
c:\program files\Internet Explorer\fxavx.ini
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\patch.exe
c:\windows\system32\303369.exe
c:\windows\system32\4Ha3Kyki.exe.a_a
c:\windows\system32\ahtn.htm
c:\windows\system32\drivers\seneka.sys
c:\windows\system32\drivers\senekabbekvdsv.sys
c:\windows\system32\frmwrk32.exe
c:\windows\system32\init32.exe
c:\windows\system32\ntdll64.exe
c:\windows\system32\remove.exe
c:\windows\system32\senekaamtkifod.dat
c:\windows\system32\senekabpxeuyfv.dll
c:\windows\system32\senekabrxnsgit.dat
c:\windows\system32\senekacfumlxyl.dll
c:\windows\system32\senekailrooqxw.dll
c:\windows\system32\senekasvgcpeqc.dll
c:\windows\system32\senekaxvmplvho.db
c:\windows\system32\tmp.reg
c:\windows\system32\uniq.tll
c:\windows\system32\warning.gif
c:\windows\system32\win32hlp.cnf
c:\windows\system32\winlogon2.exe

Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd
Hersteld exemplaar van - c:\qoobox\Quarantine\C\WINDOWS\system32\userinit.exe.vir

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SENEKA


(((((((((((((((((((( Bestanden Gemaakt van 2009-01-26 to 2009-02-26 ))))))))))))))))))))))))))))))
.

2009-02-25 21:00 . 2009-02-25 21:00 <DIR> d-------- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-02-25 21:00 . 2009-02-25 21:00 <DIR> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-02-25 21:00 . 2009-02-25 21:00 <DIR> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-02-19 22:59 . 2009-02-20 09:48 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-02-18 22:09 . 2009-02-18 22:09 45 --a------ c:\windows\SFEditorU.INI
2009-02-12 22:24 . 2009-02-12 22:25 <DIR> d----c--- C:\RVAXO
2009-02-12 21:54 . 2009-02-18 22:20 <DIR> dr-h----- c:\documents and settings\Ron\Onlangs geopend
2009-02-11 20:10 . 2009-02-11 20:10 1,025 --a--c--- C:\pap.exe
2009-02-09 20:46 . 2009-02-10 19:46 <DIR> d-------- c:\documents and settings\Ron\Application Data\Belastingdienst
2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll
2009-02-01 10:08 . 2009-02-01 10:08 70,656 --a------ c:\windows\system32\4Ha3Kyki.exe_
2009-01-29 20:17 . 2009-01-29 20:17 <DIR> d-------- c:\program files\SweetIM
2009-01-29 20:17 . 2009-01-29 20:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\SweetIM

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 19:59 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-25 20:06 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-25 20:04 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-25 19:53 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-24 19:34 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-02-19 22:06 --------- d-----w c:\documents and settings\Ron\Application Data\IMVU
2009-02-14 10:15 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-02-12 20:04 --------- d-----w c:\program files\Hitman Pro
2009-02-12 20:03 --------- d-----w c:\documents and settings\Ron\Application Data\IMVUClient
2009-02-10 20:43 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-29 13:30 --------- d-----w c:\documents and settings\Ron\Application Data\MSN6
2009-01-19 19:05 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-19 19:05 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-19 19:05 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-19 19:05 --------- d-----w c:\program files\Symantec
2009-01-17 20:21 --------- d-----w c:\program files\Windows Live
2009-01-09 04:18 --------- d-----w c:\program files\Microsoft
2009-01-09 04:17 --------- d-----w c:\program files\Windows Live SkyDrive
2009-01-09 04:12 --------- d-----w c:\program files\Common Files\Windows Live
2009-01-07 14:59 --------- d-----w c:\documents and settings\Ron\Application Data\RegTool
2008-09-20 18:49 5,632 --sha-w c:\program files\Thumbs.db
2008-05-25 18:58 625 ---ha-w c:\documents and settings\Ron\hpothb07.dat
2007-01-28 20:56 71,192 ----a-w c:\documents and settings\Ron\Application Data\GDIPFONTCACHEV1.DAT
2005-10-24 09:27 185 ---ha-w c:\documents and settings\All Users\Application Data\hpothb07.dat
2005-10-24 09:27 0 -c-ha-w c:\documents and settings\All Users\hpothb07.dat
2004-08-13 12:42 484 ----a-r c:\program files\setup.reg
2004-06-09 07:05 2,990 ----a-w c:\program files\license.txt
2004-04-28 08:38 3,667 ----a-w c:\program files\readme.txt
2004-04-28 08:38 130,560 ----a-w c:\program files\fmod.dll
2004-04-28 08:38 102,196 ----a-w c:\program files\bass.dll
2004-02-06 09:52 17,542 ----a-w c:\program files\zylom.ico
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 12:22 1172792 --a------ c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"SPSTEALT"="c:\program files\Free History Eraser\HistoryEraser.exe" [2006-08-24 327680]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-30 39408]
"Google Update"="c:\documents and settings\Ron\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-06 133104]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Jet Detection"="c:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 28672]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-20 28672]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-01-14 892928]
"QuickTime Task"="E:\qttask.exe" [2005-01-07 98304]
"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 135168]
"mm_server"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe" [2006-01-17 86016]
"PhilipsRemote"="c:\progra~1\MUSICM~1\MUSICM~2\PHILIP~1.EXE" [2006-01-17 745472]
"OdTray.exe"="c:\program files\ZyXEL\Odyssey Client for ZyXEL\OdTray.exe" [2004-03-15 626746]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-05 136600]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-15 37376]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-08-24 714608]
"mmtask"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2006-01-17 53248]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-08-26 185896]
"MsgCenterExe"="c:\program files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" [2008-08-26 69632]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-05 29744]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-13 111928]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 c:\windows\system32\CTHELPER.EXE]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 c:\windows\LOGI_MWX.EXE]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Logitech Desktop Messenger Agent.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2003-09-29 169472]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2003-09-29 169472]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2005-02-28 581632]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
PND Speed Camera Synchronization.lnk - c:\program files\PND Speed Camera Sync\PndSync\PndSync.exe [2007-09-16 421888]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2003-09-29 106560]
ZDWlan.lnk - c:\program files\ZyXEL Technology Corporation\ZyAIR G-220 Utility\ZDWlan.exe [2006-08-14 1097728]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= c:\windows\System32\ctmp3.acm
"VIDC.IV41"= ir41_32.dll
"MSACM.MI-SC4"= MI-SC4.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64.exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64[1].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64[2].exe]
"Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=

R0 pqheviib;pqheviib;c:\windows\system32\drivers\ivdcadfy.dat --> c:\windows\system32\drivers\ivdcadfy.dat [?]
R2 ColdFusion MX 7 Application Server;ColdFusion MX 7 Application Server;c:\cfusionmx7\runtime\bin\jrunsvc.exe [2006-10-15 61440]
R2 ColdFusion MX 7 ODBC Agent;ColdFusion MX 7 ODBC Agent;c:\cfusionmx7\db\slserver54\bin\swagent.exe "ColdFusion MX 7 ODBC Agent" --> c:\cfusionmx7\db\slserver54\bin\swagent.exe ColdFusion MX 7 ODBC Agent [?]
R2 ColdFusion MX 7 ODBC Server;ColdFusion MX 7 ODBC Server;c:\cfusionmx7\db\slserver54\bin\swstrtr.exe "ColdFusion MX 7 ODBC Server" --> c:\cfusionmx7\db\slserver54\bin\swstrtr.exe ColdFusion MX 7 ODBC Server [?]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2007-08-24 149352]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-04 99376]
R3 SaiNtSub;SaiNtSub;c:\windows\system32\drivers\saintsub.sys [2004-03-27 19200]
S3 3dfxvs;3dfxvs;c:\windows\system32\drivers\3dfxvsm.sys [2006-04-25 148352]
S3 adiusbae;USB ADSL LAN Adapter; [x]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-05-29 23888]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-26 29744]
S3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCcfltr.sys [2003-09-29 14095]
S3 ZD1211U(ZyXEL);ZyAIR G-220 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyXEL);c:\windows\system32\drivers\ZD1211U.sys [2006-08-14 237568]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - COMHOST

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command - H:\DPFMate.exe
.
Inhoud van de 'Gedeelde Taken' map

2004-01-08 c:\windows\Tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1064846831.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 23:52]

2009-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1844823847-682003330-1003.job
- c:\documents and settings\Ron\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-06 11:05]

2009-02-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-02-23 c:\windows\Tasks\Norton Internet Security - Volledige systeemscan uitvoeren - Ron.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-26 18:19]

2009-02-01 c:\windows\Tasks\RegTool Scan.job
- D:\RegTool.exe [2009-01-02 13:59]

2009-02-26 c:\windows\Tasks\XoftSpySE 2.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 16:43]

2009-01-27 c:\windows\Tasks\XoftSpySE.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 16:43]
.
- - - - ORPHANS VERWIJDERD - - - -

BHO-{75E71CC4-F4B6-4A58-9B47-DEE58CB7FFB1} - c:\windows\system32\advpack(8.dll
HKCU-Run-LDM - c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe


.
------- Bijkomende Scan -------
.
IE: &Google Search
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Backward &Links
IE: Cac&hed Snapshot of Page
IE: E&xporteren naar Microsoft Excel
IE: Si&milar Pages
IE: Translate into English
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Ron\Menu Start\Programma's\IMVU\Run IMVU.lnk
LSP: c:\windows\TEMP\ntdll64.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} - hxxps://www.p3.postbank.nl/sesam/CAX.cab
DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} - hxxps://gto.postbank.nl/GTO/PBGNX.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-26 20:58:40
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&2???9~??9~????????\???\???????????U?9~??9~\???\????????Oa??????C@?\???\??????s????\??????s\????&2?A??s?&2??C@?x???`|?w\?????@

scannen van verborgen bestanden ...


**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pqheviib]
"ImagePath"="system32\drivers\ivdcadfy.dat"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-842925246-1844823847-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\cfusionmx7\db\slserver54\bin\swagent.exe
c:\cfusionmx7\db\slserver54\bin\swstrtr.exe
c:\cfusionmx7\db\slserver54\bin\swsoc.exe
c:\cfusionmx7\runtime\bin\jrun.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\ewido\security suite\ewidoctrl.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\ZyXEL\Odyssey Client for ZyXEL\odClientService.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\MsPMSPSv.exe
c:\progra~1\WinZip\WZQKPICK.EXE
c:\program files\Logitech\SetPoint\KHALMNPR.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
.
**************************************************************************
.
Voltooingstijd: 2009-02-26 21:08:48 - machine werd herstart
ComboFix-quarantined-files.txt 2009-02-26 20:07:25
ComboFix2.txt 2008-02-27 20:20:09

Pre-Run: 11,420,459,008 bytes beschikbaar
Post-Run: 11,474,030,592 bytes beschikbaar

400 --- E O F --- 2009-02-25 19:51:39



ik hoop dat iemand mij kan helpen dit virus te verwijderen.
alvast bedankt voor de moeite,

groetjes,

Tyche
 
Re: msn virus

Hallo Tyche,
volgende keer het HJT-log door de echte kleurcodering halen!

Ondanks, dat jijzelf al bezig bent geweest, wil ik dat je graag het volgende gaat doen:

1) download, installeer en ga >MBAM< gebruiken.
Al tijdens de installatie wil MBAM< zijn database opwaarderen toestaan dus.
Ook bij herhaald gebruik: eerst de tab >Update< aandoen!

http://www.idealsoftware.nl/MBAM/

Start MBAM< en kies voor >Snelle Scan<

Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik dan op de knop >OK< , daarna op de knop >Bekijk Resultaten< om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klikken op: >Verwijder geselecteerde< .
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
De log wordt automatisch bewaard door MBAM< en dat kan je terugvinden door op de tab >Logs< te klikken in MBAM< .

Indien MBAM< moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven dan telkens op >OK< klikken!
Daarna zal MBAM< vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.


2) Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het eerste scanresultaat van MBAM posten;
tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop >Open the Misc Tools section<, dan op de knop >Open Uninstall Manager< en als laatse op de knop >Save<) .
 
Re: msn virus

Hallo Abraham54,

Bedankt dat je wil helpen om dit probleem op te lossen en sorry dat ik niet de juiste kleurcodering heb gebruikt, ik begrijp uit je mail dat dit erg vervelend is, maar in de berichten van *Kingpin* waarin verwezen wordt naar een bericht over die kleurcodering staat een link, en als ik die aanklik krijg ik een wit scherm, en weet ik dus niet hoe die kleurcodering hoort te zijn.
Ik hoop dat jij of iemand anders die uitleg op een andere manier kan vertellen zodat ik wel de juiste kleurcodering kan toepassen.

Ik heb ondertussen wel al MBAM gedownload en laten scannen.

Ik hoop snel een uitleg te krijgen over de kleurcodering zodat ik de blogs op de juiste manier kan plaatsen.

Groetjes,

Tyche
 
Re: msn virus

Hallo Tyche,
heb je op de link van D Drmmr's Hijack This kleurcodering geklikt of op de andere link?
 
Re: msn virus

Hallo Abraham54,

Ik heb die en ook een andere, bij de uitleg over hoe blogs te plaatsen, geklikt, maar ik krijg dan niets te zien.
 
Re: msn virus

Post dan maar zonder kleurcodering je nieuwe HJT-log, MBAM-log en de Uninstallijst.
 
Re: msn virus

Ok, thanks.

Hier volgen de lijsten:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:45:47, on 27-2-2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\CFusionMX7\runtime\bin\jrunsvc.exe
C:\CFusionMX7\db\slserver54\bin\swagent.exe
C:\CFusionMX7\db\slserver54\bin\swstrtr.exe
C:\CFusionMX7\runtime\bin\jrun.exe
C:\CFusionMX7\db\slserver54\bin\swsoc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\odClientService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Logi_MwX.Exe
E:\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\OdTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free History Eraser\HistoryEraser.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Ron\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\PND Speed Camera Sync\PndSync\PndSync.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ZyXEL Technology Corporation\ZyAIR G-220 Utility\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Ron\Mijn documenten\hjt this\realscan.exe
C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {75E71CC4-F4B6-4A58-9B47-DEE58CB7FFB1} - C:\WINDOWS\system32\advpack(8.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [PhilipsRemote] C:\PROGRA~1\MUSICM~1\MUSICM~2\PHILIP~1.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [OdTray.exe] "C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\OdTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SPSTEALT] "C:\Program Files\Free History Eraser\HistoryEraser.exe" /stealt
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ron\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PND Speed Camera Synchronization.lnk = C:\Program Files\PND Speed Camera Sync\PndSync\PndSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZDWlan.lnk = ?
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ron\Menu Start\Programma's\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://housecall.trendmicro-europe.com/housecall/Xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ColdFusion MX 7 Application Server - Macromedia Inc. - C:\CFusionMX7\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX 7 ODBC Agent - Unknown owner - C:\CFusionMX7\db\slserver54\bin\swagent.exe
O23 - Service: ColdFusion MX 7 ODBC Server - Unknown owner - C:\CFusionMX7\db\slserver54\bin\swstrtr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Odyssey Client for ZyXEL (odClientService) - Funk Software, Inc. - C:\Program Files\ZyXEL\Odyssey Client for ZyXEL\odClientService.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 16413 bytes


2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Aangifte inkomstenbelasting 2007
Aangifte inkomstenbelasting 2007 voor ondernemers
Aangifte inkomstenbelasting 2008
Ad-aware 6 Personal
Adobe Acrobat 5.0
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Photoshop 7.0
Ahead Nero Burning ROM
AppCore
AutoCAD LT 98
Beveiligingsupdate for Windows XP (KB923689)
Beveiligingsupdate for Windows XP (KB941569)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260)
Beveiligingsupdate voor Windows Media Player (KB911564)
Beveiligingsupdate voor Windows Media Player (KB952069)
Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)
Beveiligingsupdate voor Windows Media Player 9 (KB911565)
Beveiligingsupdate voor Windows Media Player 9 (KB917734)
Beveiligingsupdate voor Windows Media Player 9 (KB936782)
Beveiligingsupdate voor Windows XP (KB883939)
Beveiligingsupdate voor Windows XP (KB890046)
Beveiligingsupdate voor Windows XP (KB893756)
Beveiligingsupdate voor Windows XP (KB896358)
Beveiligingsupdate voor Windows XP (KB896422)
Beveiligingsupdate voor Windows XP (KB896423)
Beveiligingsupdate voor Windows XP (KB896424)
Beveiligingsupdate voor Windows XP (KB896428)
Beveiligingsupdate voor Windows XP (KB896688)
Beveiligingsupdate voor Windows XP (KB899587)
Beveiligingsupdate voor Windows XP (KB899588)
Beveiligingsupdate voor Windows XP (KB899589)
Beveiligingsupdate voor Windows XP (KB899591)
Beveiligingsupdate voor Windows XP (KB900725)
Beveiligingsupdate voor Windows XP (KB901017)
Beveiligingsupdate voor Windows XP (KB901214)
Beveiligingsupdate voor Windows XP (KB902400)
Beveiligingsupdate voor Windows XP (KB903235)
Beveiligingsupdate voor Windows XP (KB904706)
Beveiligingsupdate voor Windows XP (KB905414)
Beveiligingsupdate voor Windows XP (KB905749)
Beveiligingsupdate voor Windows XP (KB905915)
Beveiligingsupdate voor Windows XP (KB908519)
Beveiligingsupdate voor Windows XP (KB908531)
Beveiligingsupdate voor Windows XP (KB911280)
Beveiligingsupdate voor Windows XP (KB911562)
Beveiligingsupdate voor Windows XP (KB911567)
Beveiligingsupdate voor Windows XP (KB911927)
Beveiligingsupdate voor Windows XP (KB912812)
Beveiligingsupdate voor Windows XP (KB912919)
Beveiligingsupdate voor Windows XP (KB913446)
Beveiligingsupdate voor Windows XP (KB913580)
Beveiligingsupdate voor Windows XP (KB914388)
Beveiligingsupdate voor Windows XP (KB914389)
Beveiligingsupdate voor Windows XP (KB916281)
Beveiligingsupdate voor Windows XP (KB917159)
Beveiligingsupdate voor Windows XP (KB917344)
Beveiligingsupdate voor Windows XP (KB917422)
Beveiligingsupdate voor Windows XP (KB917953)
Beveiligingsupdate voor Windows XP (KB918118)
Beveiligingsupdate voor Windows XP (KB918439)
Beveiligingsupdate voor Windows XP (KB918899)
Beveiligingsupdate voor Windows XP (KB919007)
Beveiligingsupdate voor Windows XP (KB920213)
Beveiligingsupdate voor Windows XP (KB920214)
Beveiligingsupdate voor Windows XP (KB920670)
Beveiligingsupdate voor Windows XP (KB920683)
Beveiligingsupdate voor Windows XP (KB920685)
Beveiligingsupdate voor Windows XP (KB921398)
Beveiligingsupdate voor Windows XP (KB921503)
Beveiligingsupdate voor Windows XP (KB921883)
Beveiligingsupdate voor Windows XP (KB922616)
Beveiligingsupdate voor Windows XP (KB922760)
Beveiligingsupdate voor Windows XP (KB922819)
Beveiligingsupdate voor Windows XP (KB923191)
Beveiligingsupdate voor Windows XP (KB923414)
Beveiligingsupdate voor Windows XP (KB923694)
Beveiligingsupdate voor Windows XP (KB923980)
Beveiligingsupdate voor Windows XP (KB924191)
Beveiligingsupdate voor Windows XP (KB924270)
Beveiligingsupdate voor Windows XP (KB924496)
Beveiligingsupdate voor Windows XP (KB924667)
Beveiligingsupdate voor Windows XP (KB925454)
Beveiligingsupdate voor Windows XP (KB925486)
Beveiligingsupdate voor Windows XP (KB925902)
Beveiligingsupdate voor Windows XP (KB926255)
Beveiligingsupdate voor Windows XP (KB926436)
Beveiligingsupdate voor Windows XP (KB927779)
Beveiligingsupdate voor Windows XP (KB927802)
Beveiligingsupdate voor Windows XP (KB928090)
Beveiligingsupdate voor Windows XP (KB928255)
Beveiligingsupdate voor Windows XP (KB928843)
Beveiligingsupdate voor Windows XP (KB929123)
Beveiligingsupdate voor Windows XP (KB930178)
Beveiligingsupdate voor Windows XP (KB931261)
Beveiligingsupdate voor Windows XP (KB931768)
Beveiligingsupdate voor Windows XP (KB931784)
Beveiligingsupdate voor Windows XP (KB932168)
Beveiligingsupdate voor Windows XP (KB933566)
Beveiligingsupdate voor Windows XP (KB933729)
Beveiligingsupdate voor Windows XP (KB935839)
Beveiligingsupdate voor Windows XP (KB935840)
Beveiligingsupdate voor Windows XP (KB936021)
Beveiligingsupdate voor Windows XP (KB937143)
Beveiligingsupdate voor Windows XP (KB937894)
Beveiligingsupdate voor Windows XP (KB938127)
Beveiligingsupdate voor Windows XP (KB938464)
Beveiligingsupdate voor Windows XP (KB938829)
Beveiligingsupdate voor Windows XP (KB939653)
Beveiligingsupdate voor Windows XP (KB941202)
Beveiligingsupdate voor Windows XP (KB941568)
Beveiligingsupdate voor Windows XP (KB941644)
Beveiligingsupdate voor Windows XP (KB941693)
Beveiligingsupdate voor Windows XP (KB942615)
Beveiligingsupdate voor Windows XP (KB943055)
Beveiligingsupdate voor Windows XP (KB943460)
Beveiligingsupdate voor Windows XP (KB943485)
Beveiligingsupdate voor Windows XP (KB944338)
Beveiligingsupdate voor Windows XP (KB944533)
Beveiligingsupdate voor Windows XP (KB944653)
Beveiligingsupdate voor Windows XP (KB945553)
Beveiligingsupdate voor Windows XP (KB946026)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB947864)
Beveiligingsupdate voor Windows XP (KB948590)
Beveiligingsupdate voor Windows XP (KB948881)
Beveiligingsupdate voor Windows XP (KB950749)
Beveiligingsupdate voor Windows XP (KB950760)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951066)
Beveiligingsupdate voor Windows XP (KB951376)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951698)
Beveiligingsupdate voor Windows XP (KB951748)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB953839)
Beveiligingsupdate voor Windows XP (KB954211)
Beveiligingsupdate voor Windows XP (KB954600)
Beveiligingsupdate voor Windows XP (KB955069)
Beveiligingsupdate voor Windows XP (KB956391)
Beveiligingsupdate voor Windows XP (KB956802)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956841)
Beveiligingsupdate voor Windows XP (KB957095)
Beveiligingsupdate voor Windows XP (KB957097)
Beveiligingsupdate voor Windows XP (KB958644)
Beveiligingsupdate voor Windows XP (KB958687)
Beveiligingsupdate voor Windows XP (KB960715)
Camera RAW Plug-In for EPSON Creativity Suite
Carmageddon
ccCommon
CCleaner (remove only)
CD/Spectrum Pro
Choice Guard
Component Framework
Domus Typecursus
eMule
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
EPSON-printersoftware
ESDX6000_CX5900 Gebruik.handl.
ewido security suite
Extensie voor Windows Live Toolbar (Windows Live Toolbar)
Gold Rush Deluxe
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
HistoryKill
Hitman Pro
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB915865)
Hotfix voor Windows Internet Explorer 7 (KB947864)
Hotfix voor Windows XP (KB914440)
Hotfix voor Windows XP (KB952287)
HP Memories Disc
hp psc 2200 series
HP-software voor foto- en beeldbewerking 2.0 - HP psc 2200
HP-software voor foto- en beeldbewerking 2.0 - All-in-One
HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma
Hyves Kwekker 1.1b
iLike
Intel Application Accelerator
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
LimeWire 4.16.6
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Logitech Desktop Messenger
Logitech iTouch-software
Logitech MouseWare 9.75
Logitech SetPoint
Macromedia ColdFusion MX 7
Macromedia Dreamweaver 8
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Fireworks 8
Macromedia Fireworks MX 2004
Macromedia Flash MX 2004
Macromedia HomeSite 5
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Markeringviewer (Windows Live Toolbar)
MediaLife
Microsoft .NET Framework 2.0 Client Service Pack 2
Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (NLD)
Microsoft .NET Framework 3.0 Client Profile - Language Pack (NLD)
Microsoft .NET Framework 3.0 Client Service Pack 2
Microsoft .NET Framework 3.5 Client Profile - Language Pack (NLD)
Microsoft .NET Framework 3.5 Client Service Pack 1
Microsoft .NET Framework Client Profile
Microsoft ActiveSync
Microsoft Data Access Components KB870669
Microsoft Flight Simulator 98
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office InfoPath MUI (Dutch) 2007
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Office XP Professional met FrontPage
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Web Publishing Wizard 1.52
MSN Messenger 7.5
MSN Toolbar
MSVCRT
MSXML 6.0 SDK
Musicmatch Jukebox
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
Odyssey Client for ZyXEL
PowerDVD
PrintMaster
Privacy Eraser Pro
QuickTime
RealArcade
RealPlayer
RegTool
Saitek NT Controller Drivers
Samsung Multimedia Studio 1.0
Samsung Music Studio
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Segoe UI
Send To Extensions PowerToy
ShopFactory V7 Light
ShopFactory V7 Professional
Smart Menu's (Windows Live Toolbar)
Sound Blaster Live!
SPBBC 32bit
Speedcam Synchronisation 1.6.10.07.2006
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
Spyware Nuker 2004
SpywareBlaster v3.2
SweetIM for Messenger 2.6
SweetIM Toolbar for Internet Explorer 3.3
Taalpakket voor Microsoft .NET Framework Client Profile - NL
TipTop Deluxe
TopStyle Lite (Version 3.0)
Uniblue RegistryBooster 2009
Uniblue RegistryBooster 2009
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb959634)
Update voor Windows XP (KB894391)
Update voor Windows XP (KB896727)
Update voor Windows XP (KB898461)
Update voor Windows XP (KB900485)
Update voor Windows XP (KB904942)
Update voor Windows XP (KB910437)
Update voor Windows XP (KB916595)
Update voor Windows XP (KB920872)
Update voor Windows XP (KB922582)
Update voor Windows XP (KB927891)
Update voor Windows XP (KB929338)
Update voor Windows XP (KB930916)
Update voor Windows XP (KB931836)
Update voor Windows XP (KB932823-v3)
Update voor Windows XP (KB933360)
Update voor Windows XP (KB936357)
Update voor Windows XP (KB938828)
Update voor Windows XP (KB942763)
Update voor Windows XP (KB942840)
Update voor Windows XP (KB946627)
Update voor Windows XP (KB951072-v2)
Update voor Windows XP (KB955839)
Update voor Windows XP (KB967715)
Waterpark Wild Rides
Winamp
Winamp Toolbar for Internet Explorer
Windows Defender
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Favorites voor Windows Live Toolbar
Windows Live Mail
Windows Media Format Runtime
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinPlex build 0.9.0.9 Release-1
WinRAR
WinZip
XoftSpySE
xp-AntiSpy (remove only)
ZyAIR G-220 Utility

Malwarebytes' Anti-Malware 1.34
Database versie: 1810
Windows 5.1.2600 Service Pack 2

27-2-2009 20:30:14
mbam-log-2009-02-27 (20-30-14).txt

Scan type: Snelle Scan
Objecten gescand: 73502
Verstreken tijd: 8 minute(s), 59 second(s)

Geheugenprocessen genfecteerd: 0
Geheugenmodulen genfecteerd: 1
Registersleutels genfecteerd: 16
Registerwaarden genfecteerd: 6
Registerdata bestanden genfecteerd: 0
Mappen genfecteerd: 0
Bestanden genfecteerd: 4

Geheugenprocessen genfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen genfecteerd:
C:\WINDOWS\temp\ntdll64.dll (Trojan.FakeAlert) -> Delete on reboot.

Registersleutels genfecteerd:
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fc3c36d-7635-4d43-ba62-0d9d2f2cd06e} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{79f562e5-768c-4494-8e6c-824ada4a9c2c} (Adware.SuperiorAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6860a44b-5d3e-433d-a7b5-d517f810d0e7} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0d574c9f-71f9-4f3c-ba6d-cf9c0e1e3ee8} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AntivirusXP (Rogue.AntivirusXP) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registerwaarden genfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Delete on reboot.

Registerdata bestanden genfecteerd:
(Geen kwaadaardige items gevonden)

Mappen genfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden genfecteerd:
C:\WINDOWS\system32\4Ha3Kyki.exe_ (Trojan.Obvod) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\temp\ntdll64.dll (Trojan.FakeAlert) -> Delete on reboot.
 
Re: msn virus

Da's niet mis, wat MBAM verwijdert heeft!
Wat dacht jijzelf, toen het MBAM-log tevoorschijnkwam?

Ik heb zelden zo'n enorme verzameling oude Java-runtimes gezien! Dit gaat gepaard met een hoog veiligheidsrisico!
Hou je aan n genstalleerde Java-runtime en dan altijd de aktueelste!
Net zoals de Adobe Flashplayer - hetzelfde verhaal!

Download naar je bureaublad >Java SE Runtime Environment (JRE) 6 Update 12: https://cds.sun.com/is-bin/INTERSH...roductRef=jre-6u12-oth-JPR@CDS-CDS_Developer
Nu ga je eerst naar >Configuratiescherm >Software en dan verwijder je
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1.

Hierna de computer opnieuw starten!

Daarna kan je de nieuwe versie van Java installeren


Start HijackThis en kies voor Scan only, na een vinkje te hebben gezet voor de met de onderstaand corresponderende regels, klik je op de knop Fix checked:

R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {75E71CC4-F4B6-4A58-9B47-DEE58CB7FFB1} - C:\WINDOWS\system32\advpack(8.dll (file missing)
_________________________________________________________________

Jouw XP is een SP2 versie - Microsoft stopt dit jaar met de ondersteuning daarvan!
Verder is er geen antivirusprogramma aktief (zo te zien zijn er resten van Norton aanwezig) en gebruik je waarschijnlijk de firewall van XP.
Wat wil je hieraan gaan doen?
 
Re: msn virus

Eh, ik dacht niet veel van dat MBAM-logje, ik heb niet zo veel verstand er van en dus kijk ik niet echt naar die logjes, net zoals die van hjt, er staan erg veel dingen in, maar het zegt mij niets, net zoals die dingen die ik aan moest vinken om te fixen.
ik ga hierbij blind van vertrouwen die dingen doen die je zegt.

Nooit geweten dat Java een beveiligingsprobleem met zich meedraagt.
Volgens mij is Java een noodzakelijk programma om op internet de dingen goed te kunnen zien, en als ik een melding krijg dat het niet goed is download ik een update, vanaf nu ga ik daar dus beter op letten.

Is het mogelijk om mijn versie te opwaarderen tot een SP3 versie?

Ik heb inderdaad Norton erop staan, mijn abonnement moest verlengd worden en dan is hij weer up to date.
Als ik het goed heb zit hier ook een firewall in en ik dacht dat spybot ook een aantal dingen tegen hield.

ik heb geprobeerd om windows-messenger erop te zetten, die moest ik verwijderen omdat anders dit virus niet goed verwijderd kon worden, maar dat lukt niet omdat de oude versie niet verwijderd kan worden, hoe kan ik dit oplossen, want nu kan ik dus niets doen met msn.

Ben ik nu virus vrij? of moet ik nog meer dingen doen?
 
Re: msn virus

Of je nu virusvrij bent, dat is inderdaad en goede vraag, maar daar kan ik nog geen antwoord op geven.

Welk abonnement op Norton heb je verlengd/wil je verlengen?

Gebruik de REVO uninstaller om het onwillige MSNprogramma te denstalleren: http://www.revouninstaller.com/revosetup.exe

Als dat achter de rug is, gebruik dan NTRegopt om het Windows register op een niet aggressieve wijze op te schonen en te defragmenteren: http://www.derfisch.de/lars/ntregopt-setup.exe


Hierna een scan laten door SdFix.
Uitleg en download: http://www.nationaalcomputerforum.nl/showpost.php?p=315845&postcount=7
 
Re: msn virus

Hoi Abraham54,

Ik heb weer alles gedaan wat je vroeg.

Voorlopig ziet het er bij mij goed uit, msn is succesvol verwijderd, en windows-messenger succesvol genstalleerd, thanks.

Ik heb Norton Internet security erop staan, deze is toch wel goed, toch?

Ik heb sdfix laten draaien en de blog ziet er zo uit:

20:42 1-3-2009
SDFix: Version 1.240
Run by Ron on zo 01-03-2009 at 20:07

Microsoft Windows XP [versie 5.1.2600]
Running From: C:\Documents and Settings\Ron\Bureaublad\SDFix\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\WINDOWS\system32\e2.exe - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-01 20:15:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:Torrent"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

Remaining Files :


File Backups: - C:\DOCUME~1\Ron\BUREAU~1\SDFix\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\File Scanner Library (Spybot - Search & Destroy)\advcheck.dll"
Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)\Tools.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\SDHelper (Spybot - Search & Destroy)\SDHelper.dll"
Mon 26 Jan 2009 1,740,632 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 26 Jan 2009 2,144,088 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Thu 27 May 2004 1,876,130 A..H. --- "C:\Program Files\Spyware Nuker 2004\au020063.exe"
Sun 27 Jun 2004 1,942,720 A..H. --- "C:\Program Files\Spyware Nuker 2004\au020066.exe"
Thu 26 Aug 2004 2,048,410 A..H. --- "C:\Program Files\Spyware Nuker 2004\au020069.exe"
Thu 11 Mar 2004 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 11 Mar 2004 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv12.bak"
Sun 16 Sep 2007 71,168 ..SHR --- "C:\Program Files\PND Speed Camera Sync\PndSync\Setup.exe"
Wed 8 Aug 2007 400 A..H. --- "C:\Program Files\Common Files\Symantec Shared\COH\COH32LU.reg"
Wed 8 Aug 2007 403 A..H. --- "C:\Program Files\Common Files\Symantec Shared\COH\COHDLU.reg"
Mon 29 Sep 2003 1,206 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\ccReg.reg"
Mon 29 Sep 2003 1,206 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\ccReg_old.reg"
Mon 29 Sep 2003 12,368 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\CommonClient_old.reg"
Mon 29 Sep 2003 12,368 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\CommonClient.reg"
Mon 11 Oct 2004 2,040 A.SH. --- "C:\Documents and Settings\Ron\Application Data\Roxio\Dragon\DiscInfoCache\JLMS_____XJ-HD165H________CH11_210_DICV017_DRGV2000027.TMP"

Finished!

Ziet dit er goed uit?

Groeten

Tyche
 
Re: msn virus

Hallo Tyche,
ziet er goed uit, inderdaad en er is nog wat verwijderd door SDFix.
Ook fijn, dat Messenger gelukt is!

Spyware Nuker 2004 mag je ook verwijderen - verouderd!

Hou in ieder geval MBAM in je systeem om regelmatig te gebruiken!
 
Re: msn virus

Hoi Abraham54,

Bedankt voor alles,
Gelukkig doet alles het weer zoals voorheen.

Ik zal MBAM regelmatig gaan gebruiken en ook aanraden bij iedereen.

Groeten,

Ron
 
Re: msn virus

Hallo Ron, fijn dat ik je heb kunnen helpen en dat de PC weer normaal doet.
MBAM is inderdaad een goede tip voor iedereen met Windows in de PC!

Ik zal deze topic verplaatsen naar de sectie opgelost!
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan