Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Ik heb problemen met java. Ik kan niet meer update! Kan het niet verwijderen, zodat ik het opnieuw kan installeren.

Heb het idee dat deze beschadigd is. Ook heb ik systeemhestel uitgevoerd maar dit mocht niet baten.

Wil deze versie verwijderen om opnieuw te installeren!

Maar krijg het niet voor elkaar, kan iemand me helpen a.u.b.

Voeg een logje bij:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 8:56:39, on 21-8-2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16876)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\TUProgSt.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Program Files\IncrediMail\bin\IMApp.exe

C:\Program Files\IncrediMail\bin\ImNotfy.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\RunOnce: [uninstall Adobe Download Manager] "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1noarp

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.hotwheels.com/games/brakeless/nobrakes.dcr"

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro3.cce.hp.com/ChatEntry/downloads/sysinfo.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223755509234

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223755586421

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextnl.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--

End of file - 7142 bytes

Geplaatst:

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O4 - HKLM\..\RunOnce: [uninstall Adobe Download Manager] "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1noarp

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -http://www.hotwheels.com/games/brakeless/nobrakes.dcr

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

Klik op 'Fix checked' om de items te verwijderen.

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

  • Dubbelklik op Combofix.exe om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
    Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op Ja om het scannen op malware te starten.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord, samen met een nieuw log van HiJackThis.

Geplaatst:

Heb gedaan wat je me hebt gevraagd.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:26:04, on 21-8-2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16876)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\TUProgSt.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Program Files\IncrediMail\bin\IMApp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\IncrediMail\bin\ImNotfy.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro3.cce.hp.com/ChatEntry/downloads/sysinfo.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223755509234

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223755586421

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextnl.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--

End of file - 6574 bytes

ComboFix 09-08-20.05 - Eigenaar 21-08-2009 12:01.3.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.503.224 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe

AV: avast! antivirus 4.8.1351 [VPS 090820-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\QUAD Utilities

c:\windows\UA000011.DLL

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-07-21 to 2009-08-21 ))))))))))))))))))))))))))))))

.

2009-08-19 19:53 . 2009-08-19 19:53 604488 ----a-w- c:\windows\system32\TUProgSt.exe

2009-08-19 19:53 . 2009-07-15 09:48 29000 ----a-w- c:\windows\system32\uxtuneup.dll

2009-08-19 19:53 . 2009-08-19 19:53 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe

2009-08-19 19:49 . 2009-08-20 10:53 -------- d--h--r- c:\documents and settings\Eigenaar\Onlangs geopend

2009-08-19 12:38 . 2009-08-19 12:38 -------- d-----w- c:\program files\Windows Live Safety Center

2009-08-19 10:58 . 2009-08-19 10:58 -------- d-----w- c:\windows\system32\wbem\Repository

2009-08-19 10:57 . 2009-08-19 13:12 -------- d-----w- c:\program files\DivX

2009-08-19 10:54 . 2009-08-19 10:54 -------- d-----w- c:\program files\Java Web Start

2009-08-19 10:48 . 2009-08-19 10:54 -------- d-----w- c:\documents and settings\Eigenaar\.SunDownloadManager

2009-08-17 12:26 . 2009-08-17 12:26 -------- d-----w- c:\documents and settings\Eigenaar\.javaws

2009-08-16 10:43 . 2009-08-17 12:27 -------- d-----w- c:\program files\LimeWire

2009-08-15 10:23 . 2009-08-15 10:23 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\DivX

2009-08-13 09:48 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

2009-08-05 09:01 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll

2009-07-31 06:24 . 2009-07-31 06:24 -------- d-----w- C:\Sounds

2009-07-31 04:22 . 2008-11-11 11:42 24832 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys

2009-07-31 04:22 . 2008-11-11 11:41 19968 ----a-w- c:\windows\system32\drivers\lgusbdiag.sys

2009-07-31 04:22 . 2008-11-11 11:41 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys

2009-07-31 04:22 . 2009-07-31 04:22 -------- d-----w- c:\program files\LG Electronics

2009-07-31 04:20 . 2007-11-08 14:26 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll

2009-07-31 04:20 . 2009-08-17 12:24 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\LG Electronics

2009-07-31 04:20 . 2009-08-17 12:29 -------- d-----w- c:\program files\LG PC Suite II

2009-07-28 18:56 . 2009-07-28 18:56 -------- d-----w- c:\program files\Photo Viewer

2009-07-27 13:41 . 2009-07-27 13:41 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\OpenOffice.org

2009-07-27 13:36 . 2009-07-27 13:36 -------- d-----w- c:\program files\OpenOffice.org 3

2009-07-26 08:23 . 2009-07-26 08:23 -------- d-----w- C:\MSOCache

2009-07-25 19:37 . 2009-07-28 18:39 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Reg Tool

2009-07-25 14:08 . 2009-07-28 18:50 -------- d-----w- c:\program files\Recovery for PowerPoint(2)

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-21 06:35 . 2008-08-31 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

2009-08-19 19:54 . 2009-05-03 14:28 -------- d-----w- c:\program files\TuneUp Utilities 2009

2009-08-19 19:52 . 2009-01-06 09:22 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}

2009-08-19 13:31 . 2008-02-29 19:05 -------- d-----w- c:\program files\Eusing Free Registry Cleaner

2009-08-19 10:57 . 2009-05-06 18:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-19 10:56 . 2004-07-27 15:26 -------- d-----w- c:\program files\IncrediMail

2009-08-19 10:55 . 2008-10-12 09:12 -------- d-----w- c:\program files\NOS

2009-08-19 10:42 . 2003-08-01 20:13 -------- d-----w- c:\program files\Java

2009-08-18 15:55 . 2004-12-12 09:07 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Image Zone Express

2009-08-17 17:13 . 2009-05-28 16:40 3942047 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-08-17 16:10 . 2009-05-06 17:39 1279456 ----a-w- c:\windows\system32\aswBoot.exe

2009-08-17 16:06 . 2009-05-06 17:39 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys

2009-08-17 16:06 . 2009-05-06 17:39 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2009-08-17 16:05 . 2009-05-06 17:39 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-08-17 16:05 . 2009-05-06 17:39 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-08-17 16:04 . 2009-05-06 17:40 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-08-17 16:04 . 2009-05-06 17:40 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-08-17 16:03 . 2009-05-06 17:39 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2009-08-17 16:02 . 2009-05-06 17:39 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-08-17 12:29 . 2009-04-24 18:31 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\CameraWindowDC

2009-08-17 12:24 . 2006-10-30 12:08 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Zylom

2009-08-17 12:24 . 2009-04-06 21:18 -------- d-----w- c:\program files\Zylom Games

2009-08-17 12:24 . 2009-02-23 12:34 -------- d-----w- c:\program files\Belastingdienst

2009-08-17 12:20 . 2003-08-01 19:57 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-08-14 14:06 . 2009-04-24 18:32 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\ZoomBrowser EX

2009-08-05 09:18 . 2009-02-02 18:07 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Belastingdienst

2009-08-05 09:01 . 2002-12-12 12:14 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-08-03 11:36 . 2009-05-06 18:19 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-03 11:36 . 2009-05-06 18:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-07-31 07:33 . 2008-10-25 16:13 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-28 18:56 . 2009-07-02 11:36 -------- d-----w- c:\program files\Microsoft Windows Vista Upgrade Advisor

2009-07-28 18:49 . 2006-12-20 16:58 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\OfficeUpdate12

2009-07-25 19:47 . 2009-04-26 06:53 -------- d-----w- c:\program files\Free Window Registry Repair

2009-07-25 19:18 . 2003-08-01 19:55 73824 -c--a-w- c:\documents and settings\Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-07-25 18:51 . 2004-07-31 10:08 5058 -c--a-w- c:\windows\Help\hhcolreg.dat

2009-07-25 18:44 . 2003-08-01 17:04 -------- d-----w- c:\program files\microsoft frontpage

2009-07-25 10:21 . 2008-02-12 12:15 -------- d-----w- c:\program files\MSECACHE

2009-07-25 09:24 . 2007-02-14 07:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-07-17 19:04 . 2003-08-27 23:42 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-17 19:04 . 2003-08-27 23:42 58880 ----a-w- c:\windows\system32\atl(3)(4).dll

2009-07-13 21:43 . 2003-08-01 18:50 286208 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-02 11:49 . 2009-07-02 11:49 -------- d-----w- c:\program files\AH

2009-06-29 16:01 . 2006-06-23 11:29 827392 ----a-w- c:\windows\system32\wininet.dll

2009-06-29 16:01 . 2008-10-11 20:36 78336 ------w- c:\windows\system32\ieencode.dll

2009-06-29 16:01 . 2003-08-27 23:43 17408 ----a-w- c:\windows\system32\corpol.dll

2009-06-25 08:27 . 2005-06-15 17:52 301568 ----a-w- c:\windows\system32\kerberos.dll

2009-06-25 08:27 . 2003-08-27 23:49 54272 ----a-w- c:\windows\system32\wdigest.dll

2009-06-25 08:27 . 2003-08-27 23:47 56832 ----a-w- c:\windows\system32\secur32.dll

2009-06-25 08:27 . 2003-08-27 23:47 147456 ----a-w- c:\windows\system32\schannel.dll

2009-06-25 08:27 . 2003-08-27 23:46 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-06-25 08:27 . 2003-08-27 23:46 735232 ----a-w- c:\windows\system32\lsasrv.dll

2009-06-24 11:18 . 2003-08-02 01:50 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2009-06-16 14:40 . 2003-08-27 23:49 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-16 14:40 . 2003-08-27 23:44 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-15 10:45 . 2003-08-02 01:50 79872 ----a-w- c:\windows\system32\telnet.exe

2009-06-10 14:16 . 2003-08-27 23:42 85504 ----a-w- c:\windows\system32\avifil32.dll

2009-06-10 07:22 . 2003-08-27 23:46 2066432 ----a-w- c:\windows\system32\mstscax.dll

2009-06-10 06:16 . 2003-08-27 23:50 132096 ----a-w- c:\windows\system32\wkssvc.dll

2009-06-10 06:16 . 2003-08-27 23:50 132096 ----a-w- c:\windows\system32\wkssvc(2)(2).dll

2009-06-03 19:11 . 2002-12-12 12:14 1295360 ------w- c:\windows\system32\quartz.dll

2007-07-22 07:42 . 2007-07-22 07:42 32 -csha-w- c:\windows\{3D1EBD19-DBE8-4EFA-9959-C72430ACE4DF}.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]

c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\

AutoTBar.exe [2003-6-21 53248]

mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136]

c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\

AutoTBar.exe [2003-6-21 53248]

mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hp psc 1000 series.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hpoddt01.exe.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"Reminder"="c:\windows\Creator\Remind_XP.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImSc.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImLc.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6-5-2009 19:39 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6-5-2009 19:39 20560]

R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [19-8-2009 21:53 604488]

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 19:19 13592]

S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [18-9-2008 12:09 111112]

S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [28-8-2003 1:47 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bdx REG_MULTI_SZ scan

getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Inhoud van de 'Gedeelde Taken' map

2009-08-21 c:\windows\Tasks\1-klik Onderhoud.job

- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 10:04]

2009-08-21 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8159687822.job

- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

2009-08-21 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8223796896.job

- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

2009-08-21 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-08-20 c:\windows\Tasks\Schedule Task Weekly.job

- c:\program files\Registry Easy\RE.exe [2008-08-21 13:49]

2009-08-21 c:\windows\Tasks\User_Feed_Synchronization-{6DB5F3E4-9353-491F-97A5-DB05F7DEE07A}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 16:36]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://mystart.incredimail.com/

mStart Page = hxxp://mystart.incredimail.com/dutch/

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-08-21 12:13

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\EN]

@DACL=(02 0000)

"OnLineServicesDirName"="Online Services"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\FR]

@DACL=(02 0000)

"OnLineServicesDirName"="Services en ligne"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\MX]

@DACL=(02 0000)

"OnLineServicesDirName"="Servicios en línea"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NL]

@DACL=(02 0000)

"OnLineServicesDirName"="Online Services"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NW]

@DACL=(02 0000)

"OnLineServicesDirName"="Online tjenster"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SP]

@DACL=(02 0000)

"OnLineServicesDirName"="Servicios en línea"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SW]

@DACL=(02 0000)

"OnLineServicesDirName"="Online tjänster"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\UK]

@DACL=(02 0000)

"OnLineServicesDirName"="Online services"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\US]

@DACL=(02 0000)

"OnLineServicesDirName"="Online Services"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

Voltooingstijd: 2009-08-21 12:18

ComboFix-quarantined-files.txt 2009-08-21 10:18

ComboFix2.txt 2009-07-30 07:36

Pre-Run: 39.434.932.224 bytes beschikbaar

Post-Run: 39.524.818.944 bytes beschikbaar

245 --- E O F --- 2009-08-19 11:03

Geplaatst:

Verwijder volgende vetgedrukte bestanden met Windows Verkenner :

c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\

AutoTBar.exe

c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\

AutoTBar.exe

En probeer dan eens of updaten nu al lukt ?

Geplaatst:

Het is nog steeds niet gelukt. De volgende vermeldingen bij update:

A new version of Java is ready to be installed.

Via Java Setup: lib\deploy.jar: Old file not found. However a file of same name was found. No update done since file contents do not match.

Java update fails to applay changes to your system..

Geplaatst:

Haal deze map dan eens weg met Windows Verkenner : c:\program files\Java ... en dan CCleaner laten runnen.En dan maar weer opnieuw proberen.

Trouwens : welke update staat nu in je software ?

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.