Antivirus Plus

jonie

15-01-2010 16:16

——————–\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon™ XP 2600+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Johanna & Gera ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.5.0.781 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:51 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
“C:\Lop SD” ( MAJ : 19-12-2008|23:40 )
Option : ( vr 15-01-2010|16:10 )
——————–\\ Beschrijving van mappen in APPLIC~1
C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
C:\DOCUME~1\ALLUSE~1\APPLIC~1\OviInstallerCache
C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Postbank
C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vivendi Universal Games
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Adobe
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Apple Computer
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Byte64coal
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Identities
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\InterTrust
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\LimeWire
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Macromedia
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Malwarebytes
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Microsoft
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Mozilla
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\MSN6
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\PC Suite
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\PC Tools
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Real
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Sun
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\U3
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\bytes
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar
——————–\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks
C:\WINDOWS\tasks\AEC307729184B762.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Herinnering voor registratie 3.job
C:\WINDOWS\tasks\Herinnering voor registratie 2.job
C:\WINDOWS\tasks\Herinnering voor registratie 1.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
( AEC307729184B762.job )=( c:\docume~1\johann~1.sn0\applic~1\byte64~1\downloadbitswma.exe )
——————–\\ Beschrijving van mappen in C:\Program Files
C:\Program Files\Adobe
C:\Program Files\aod
C:\Program Files\Apple Software Update
C:\Program Files\Belastingdienst
C:\Program Files\Bonjour
C:\Program Files\Byte64coal
C:\Program Files\Circl Developement
C:\Program Files\Common Files
C:\Program Files\ComPlus Applications
C:\Program Files\CyberLink
C:\Program Files\DIFX
C:\Program Files\Digitalway
C:\Program Files\directx
C:\Program Files\Disney Interactive
C:\Program Files\Google
C:\Program Files\Grisoft
C:\Program Files\InstallShield Installation Information
C:\Program Files\Internet Explorer
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\IVT Corporation
C:\Program Files\Java
C:\Program Files\Lexmark X5100 Series
C:\Program Files\LimeWire
C:\Program Files\LimeWire Plus
C:\Program Files\LimewirePlus
C:\Program Files\Macrogaming
C:\Program Files\Malwarebytes' Anti-Malware
C:\Program Files\Mattel Interactive
C:\Program Files\McAfee
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Office Outlook Connector
C:\Program Files\Microsoft Silverlight
C:\Program Files\Microsoft SQL Server Compact Edition
C:\Program Files\Microsoft Sync Framework
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\MSBuild
C:\Program Files\MSECache
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSXML 4.0
C:\Program Files\NetMeeting
C:\Program Files\Nokia
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\PC Connectivity Solution
C:\Program Files\PC Connectivity Solution(2)
C:\Program Files\Postbank
C:\Program Files\Q-TEC WEBCAM 100 USB
C:\Program Files\QuickTime
C:\Program Files\Raxco
C:\Program Files\Real
C:\Program Files\Reference Assemblies
C:\Program Files\Safari
C:\Program Files\Spyware Doctor
C:\Program Files\Spyware Stormer
C:\Program Files\support.com
C:\Program Files\Uninstall Information
C:\Program Files\Virtual CD v4 SDK
C:\Program Files\Windows Live
C:\Program Files\Windows Live SkyDrive
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WindowsUpdate
C:\Program Files\xerox
C:\Program Files\Zylom Games
C:\Program Files\bytes
C:\Program Files\bytes beschikbaar
——————–\\ Beschrijving van mappen in C:\Program Files\Common Files
C:\Program Files\Common Files\Adobe
C:\Program Files\Common Files\Apple
C:\Program Files\Common Files\Barbie(TM)
C:\Program Files\Common Files\Cisco Systems
C:\Program Files\Common Files\DESIGNER
C:\Program Files\Common Files\InstallShield
C:\Program Files\Common Files\Java
C:\Program Files\Common Files\Knowledge Adventure
C:\Program Files\Common Files\McAfee
C:\Program Files\Common Files\Microsoft Shared
C:\Program Files\Common Files\MSSoap
C:\Program Files\Common Files\Nokia(2)
C:\Program Files\Common Files\ODBC
C:\Program Files\Common Files\PC Tools
C:\Program Files\Common Files\PCSuite
C:\Program Files\Common Files\Real
C:\Program Files\Common Files\Services
C:\Program Files\Common Files\SpeechEngines
C:\Program Files\Common Files\System
C:\Program Files\Common Files\Vivendi Universal Games
C:\Program Files\Common Files\Windows Live
C:\Program Files\Common Files\xing shared
C:\Program Files\Common Files\bytes
C:\Program Files\Common Files\bytes beschikbaar
——————–\\ Process
( 51 Processes )
iexplore.exe ~
IEXPLORE.EXE ~
IEXPLORE.EXE ~
——————–\\ Zoeken met S_Lop
Geen Lop mappen gevonden !
——————–\\ Zoeken naar Lop Bestanden - Mappen
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\hold road.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\hold road.exe
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\downloadbitswma.exe
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\goiwpwco.exe
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\mzklrsux.exe
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\Rect2.exe
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\Software okay eggs dash.exe
C:\Program Files\byte64~1
C:\WINDOWS\Tasks\AEC307729184B762.job
——————–\\ Zoeken doorheen het Register
“each part”=“C:\\DOCUME~1\\JOHANN~1.SN0\\APPLIC~1\\BYTE64~1\\Rect2.exe”
“Stupid Data Dart Wave”=“C:\\Documents and Settings\\All Users\\Application Data\\flag ace stupid data\\hold road.exe”
——————–\\ Nazicht van het Hosts bestand
Hosts bestand IN ORDE
——————–\\ Zoeken naar verborgen bestanden met Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-15 16:13:24
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes …
scanning hidden files …
scan completed successfully
hidden processes: 0
hidden files: 0
——————–\\ Zoeken naar andere infecties
Geen andere infecties gevonden !
-> C:\DOCUME~1\JOHANN~1.SN0\Cookies
-> C:\DOCUME~1\JOHANN~1.SN0\LOCALS~1\TEMPOR~1\content.IE5
1 - “C:\Lop SD\LopR_1.txt” - vr 15-01-2010|16:14 - Option :
——————–\\ Scan voltooid om 16:14:34
jonie

15-01-2010 16:21

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 16:19:39, on 15-1-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O1 - Hosts: 89.149.206.69 www.google.no
O1 - Hosts: 89.149.206.69 www.google.nl
O1 - Hosts: 89.149.206.69 www.google.com
O1 - Hosts: 89.149.206.69 www.google.se
O1 - Hosts: 89.149.206.69 uk.search.yahoo.com
O1 - Hosts: 89.149.206.69 www.google.pt
O1 - Hosts: 89.149.206.69 www.google.es
O1 - Hosts: 89.149.206.69 www.google.ca
O1 - Hosts: 89.149.206.69 www.google.be
O1 - Hosts: 89.149.206.69 www.google.fi
O1 - Hosts: 89.149.206.69 www.google.com.br
O1 - Hosts: 89.149.206.69 www.google.co.uk
O1 - Hosts: 89.149.206.69 www.google.dk
O1 - Hosts: 89.149.206.69 www.google.co.jp
O1 - Hosts: 89.149.206.69 www.google.fr
O1 - Hosts: 89.149.206.69 www.google.co.za
O1 - Hosts: 89.149.206.69 www.google.de
O1 - Hosts: 89.149.206.69 www.google.ch
O1 - Hosts: 89.149.206.69 www.google.at
O1 - Hosts: 89.149.206.69 www.google.it
O1 - Hosts: 89.149.206.69 search.yahoo.com
O1 - Hosts: 89.149.206.69 www.google.ie
O1 - Hosts: 89.149.206.69 us.search.yahoo.com
O1 - Hosts: 89.149.206.69 www.google.gr
O1 - Hosts: 89.149.206.69 www.google.com.mx
O1 - Hosts: 89.149.206.69 www.google.com.au
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: Ati2mdxx.exe
O4 - HKLM\..\Run: C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: SOUNDMAN.EXE
O4 - HKLM\..\Run: “C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe”
O4 - HKLM\..\Run: “C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE” /STANDALONE
O4 - HKLM\..\Run: “C:\Program Files\McAfee\Common Framework\UdaterUI.exe” /StartedFromRunKey
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: C:\Documents and Settings\All Users\Application Data\flag ace stupid data\hold road.exe
O4 - HKLM\..\Run: “C:\Program Files\Spyware Doctor\pctsTray.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\BYTE64~1\Rect2.exe
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/7.20.0003/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203534604625
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
–
End of file - 12274 bytes
Argus

15-01-2010 16:22

Start LopSD nog een keer
* Kies Optie N en Enter
* Klik OK bij het informatie venter
* Kies Optie 2 (Herstel+Hosts), en Enter
* Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord
** Vista gebruikers:rechtsklik op LopSD en kies voor "Als Administrator uitvoeren”
Note:LopSD wordt door sommige virusscanners als virus gezien,deactiveer daarom je scanner
jonie

15-01-2010 16:25

Aangifte inkomstenbelasting 2007
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9 - Nederlands
Apple Mobile Device Support
Apple Software Update
Beveiligingsupdate for Windows Media Player 10 (KB911565)
Beveiligingsupdate for Windows Media Player 10 (KB917734)
Beveiligingsupdate for Windows Media Player 10 (KB936782)
Beveiligingsupdate for Windows XP (KB941569)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB972260)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB974455)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB976325)
Beveiligingsupdate voor Windows Media Player (KB952069)
Beveiligingsupdate voor Windows Media Player (KB954155)
Beveiligingsupdate voor Windows Media Player (KB968816)
Beveiligingsupdate voor Windows Media Player (KB973540)
Beveiligingsupdate voor Windows XP (KB923561)
Beveiligingsupdate voor Windows XP (KB938464)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB950760)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951066)
Beveiligingsupdate voor Windows XP (KB951376)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951698)
Beveiligingsupdate voor Windows XP (KB951748)
Beveiligingsupdate voor Windows XP (KB952004)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB953839)
Beveiligingsupdate voor Windows XP (KB954211)
Beveiligingsupdate voor Windows XP (KB954459)
Beveiligingsupdate voor Windows XP (KB954600)
Beveiligingsupdate voor Windows XP (KB955069)
Beveiligingsupdate voor Windows XP (KB956391)
Beveiligingsupdate voor Windows XP (KB956572)
Beveiligingsupdate voor Windows XP (KB956744)
Beveiligingsupdate voor Windows XP (KB956802)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956841)
Beveiligingsupdate voor Windows XP (KB956844)
Beveiligingsupdate voor Windows XP (KB957095)
Beveiligingsupdate voor Windows XP (KB957097)
Beveiligingsupdate voor Windows XP (KB958644)
Beveiligingsupdate voor Windows XP (KB958687)
Beveiligingsupdate voor Windows XP (KB958690)
Beveiligingsupdate voor Windows XP (KB958869)
Beveiligingsupdate voor Windows XP (KB959426)
Beveiligingsupdate voor Windows XP (KB960225)
Beveiligingsupdate voor Windows XP (KB960715)
Beveiligingsupdate voor Windows XP (KB960803)
Beveiligingsupdate voor Windows XP (KB960859)
Beveiligingsupdate voor Windows XP (KB961371)
Beveiligingsupdate voor Windows XP (KB961373)
Beveiligingsupdate voor Windows XP (KB961501)
Beveiligingsupdate voor Windows XP (KB968537)
Beveiligingsupdate voor Windows XP (KB969059)
Beveiligingsupdate voor Windows XP (KB969898)
Beveiligingsupdate voor Windows XP (KB969947)
Beveiligingsupdate voor Windows XP (KB970238)
Beveiligingsupdate voor Windows XP (KB970430)
Beveiligingsupdate voor Windows XP (KB971486)
Beveiligingsupdate voor Windows XP (KB971557)
Beveiligingsupdate voor Windows XP (KB971633)
Beveiligingsupdate voor Windows XP (KB971657)
Beveiligingsupdate voor Windows XP (KB971961)
Beveiligingsupdate voor Windows XP (KB972270)
Beveiligingsupdate voor Windows XP (KB973346)
Beveiligingsupdate voor Windows XP (KB973354)
Beveiligingsupdate voor Windows XP (KB973507)
Beveiligingsupdate voor Windows XP (KB973525)
Beveiligingsupdate voor Windows XP (KB973869)
Beveiligingsupdate voor Windows XP (KB973904)
Beveiligingsupdate voor Windows XP (KB974112)
Beveiligingsupdate voor Windows XP (KB974318)
Beveiligingsupdate voor Windows XP (KB974392)
Beveiligingsupdate voor Windows XP (KB974571)
Beveiligingsupdate voor Windows XP (KB975025)
Beveiligingsupdate voor Windows XP (KB975467)
BlueSoleil
Bonjour
Browser Defender 2.0.6.11
Compatibility Pack for the 2007 Office system
Disney Interactive Global Compatibility Update June 2003
Disney's Simba's Trots Gamebreak
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix voor Windows Internet Explorer 7 (KB947864)
Hotfix voor Windows XP (KB952287)
Hotfix voor Windows XP (KB961118)
Hotfix voor Windows XP (KB970653-v3)
Hotfix voor Windows XP (KB976098-v2)
iTunes
J2SE Runtime Environment 5.0 Update 1
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
KB898458: Beveiligingsupdate voor Step by Step Interactive Training
KB923723: Beveiligingsupdate voor Step by Step Interactive Training
Kinderopvangtoeslag 2008
Lexmark X5100 Series
LimeWire 5.3.6
LimeWire Plus 1.7
Malwarebytes' Anti-Malware
McAfee VirusScan Enterprise
Messenger Plus! Live & Sponsor (CiD)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Professional Editie 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works 7.0
MPIO Manager 2
MSVC80_x86
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Connectivity Solution
PerfectDisk 2008 Professional
Postbank Blue World
PowerDVD
Q-TEC WEBCAM 100 USB
QuickTime
Safari
Segoe UI
Sonic RecordNow DX
Spyware Doctor 7.0
SweetIM For Internet Explorer 3.0b
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update voor Windows Internet Explorer 7 (KB976749)
Update voor Windows XP (KB951072-v2)
Update voor Windows XP (KB951978)
Update voor Windows XP (KB955759)
Update voor Windows XP (KB955839)
Update voor Windows XP (KB961503)
Update voor Windows XP (KB967715)
Update voor Windows XP (KB968389)
Update voor Windows XP (KB971737)
Update voor Windows XP (KB973687)
Update voor Windows XP (KB973815)
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows XP Service Pack 3
Argus

15-01-2010 16:27

Hijack This
Sluit alle vensters en start Hijack This
Klik : Do a Systemscan only
Zet een vinkje in het hokje voor:
O1 - Hosts: 89.149.206.69 www.google.no
O1 - Hosts: 89.149.206.69 www.google.nl
O1 - Hosts: 89.149.206.69 www.google.com
O1 - Hosts: 89.149.206.69 www.google.se
O1 - Hosts: 89.149.206.69 uk.search.yahoo.com
O1 - Hosts: 89.149.206.69 www.google.pt
O1 - Hosts: 89.149.206.69 www.google.es
O1 - Hosts: 89.149.206.69 www.google.ca
O1 - Hosts: 89.149.206.69 www.google.be
O1 - Hosts: 89.149.206.69 www.google.fi
O1 - Hosts: 89.149.206.69 www.google.com.br
O1 - Hosts: 89.149.206.69 www.google.co.uk
O1 - Hosts: 89.149.206.69 www.google.dk
O1 - Hosts: 89.149.206.69 www.google.co.jp
O1 - Hosts: 89.149.206.69 www.google.fr
O1 - Hosts: 89.149.206.69 www.google.co.za
O1 - Hosts: 89.149.206.69 www.google.de
O1 - Hosts: 89.149.206.69 www.google.ch
O1 - Hosts: 89.149.206.69 www.google.at
O1 - Hosts: 89.149.206.69 www.google.it
O1 - Hosts: 89.149.206.69 search.yahoo.com
O1 - Hosts: 89.149.206.69 www.google.ie
O1 - Hosts: 89.149.206.69 us.search.yahoo.com
O1 - Hosts: 89.149.206.69 www.google.gr
O1 - Hosts: 89.149.206.69 www.google.com.mx
O1 - Hosts: 89.149.206.69 www.google.com.au
O4 - HKLM\..\Run: C:\Documents and Settings\All Users\Application Data\flag ace stupid data\hold road.exe
O4 - HKCU\..\Run: C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\BYTE64~1\Rect2.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) -
Klik op ‘Fix checked’ om de items te verwijderen.
Internet Explorer moet gesloten zijn als je Fix Checked klikt
HostsXpert
Download HostsXpert 4
- Unzip het programma
- Dubbelklik het om het te runnen
- Klik op 'Restore Original Hosts'
- Klik op ‘OK’
- Sluit het programma af.
jonie

15-01-2010 16:33

——————–\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon™ XP 2600+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Johanna & Gera ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.5.0.781 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:51 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
“C:\Lop SD” ( MAJ : 19-12-2008|23:40 )
Option : ( vr 15-01-2010|16:27 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ HERSTEL
Verwijderd ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\hold road.dat
Verwijderd ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\hold road.exe
Verwijderd ! - C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\downloadbitswma.exe
Verwijderd ! - C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\goiwpwco.exe
Verwijderd ! - C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\mzklrsux.exe
Verwijderd ! - C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\Rect2.exe
Verwijderd ! - C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1\Software okay eggs dash.exe
Verwijderd ! - C:\WINDOWS\Tasks\AEC307729184B762.job
Verwijderd ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
Verwijderd ! - C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\byte64~1
Verwijderd ! - C:\Program Files\byte64~1
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
——————–\\ Beschrijving van mappen in APPLIC~1
C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
C:\DOCUME~1\ALLUSE~1\APPLIC~1\OviInstallerCache
C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Postbank
C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vivendi Universal Games
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Adobe
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Apple Computer
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Identities
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\InterTrust
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\LimeWire
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Macromedia
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Malwarebytes
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Microsoft
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Mozilla
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\MSN6
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\PC Suite
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\PC Tools
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Real
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\Sun
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\U3
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\bytes
C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar
C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar
——————–\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Herinnering voor registratie 3.job
C:\WINDOWS\tasks\Herinnering voor registratie 2.job
C:\WINDOWS\tasks\Herinnering voor registratie 1.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
——————–\\ Beschrijving van mappen in C:\Program Files
C:\Program Files\Adobe
C:\Program Files\aod
C:\Program Files\Apple Software Update
C:\Program Files\Belastingdienst
C:\Program Files\Bonjour
C:\Program Files\Circl Developement
C:\Program Files\Common Files
C:\Program Files\ComPlus Applications
C:\Program Files\CyberLink
C:\Program Files\DIFX
C:\Program Files\Digitalway
C:\Program Files\directx
C:\Program Files\Disney Interactive
C:\Program Files\Google
C:\Program Files\Grisoft
C:\Program Files\InstallShield Installation Information
C:\Program Files\Internet Explorer
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\IVT Corporation
C:\Program Files\Java
C:\Program Files\Lexmark X5100 Series
C:\Program Files\LimeWire
C:\Program Files\LimeWire Plus
C:\Program Files\LimewirePlus
C:\Program Files\Macrogaming
C:\Program Files\Malwarebytes' Anti-Malware
C:\Program Files\Mattel Interactive
C:\Program Files\McAfee
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Office Outlook Connector
C:\Program Files\Microsoft Silverlight
C:\Program Files\Microsoft SQL Server Compact Edition
C:\Program Files\Microsoft Sync Framework
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\MSBuild
C:\Program Files\MSECache
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSXML 4.0
C:\Program Files\NetMeeting
C:\Program Files\Nokia
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\PC Connectivity Solution
C:\Program Files\PC Connectivity Solution(2)
C:\Program Files\Postbank
C:\Program Files\Q-TEC WEBCAM 100 USB
C:\Program Files\QuickTime
C:\Program Files\Raxco
C:\Program Files\Real
C:\Program Files\Reference Assemblies
C:\Program Files\Safari
C:\Program Files\Spyware Doctor
C:\Program Files\Spyware Stormer
C:\Program Files\support.com
C:\Program Files\TrendMicro
C:\Program Files\Uninstall Information
C:\Program Files\Virtual CD v4 SDK
C:\Program Files\Windows Live
C:\Program Files\Windows Live SkyDrive
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WindowsUpdate
C:\Program Files\xerox
C:\Program Files\Zylom Games
C:\Program Files\bytes
C:\Program Files\bytes beschikbaar
——————–\\ Beschrijving van mappen in C:\Program Files\Common Files
C:\Program Files\Common Files\Adobe
C:\Program Files\Common Files\Apple
C:\Program Files\Common Files\Barbie(TM)
C:\Program Files\Common Files\Cisco Systems
C:\Program Files\Common Files\DESIGNER
C:\Program Files\Common Files\InstallShield
C:\Program Files\Common Files\Java
C:\Program Files\Common Files\Knowledge Adventure
C:\Program Files\Common Files\McAfee
C:\Program Files\Common Files\Microsoft Shared
C:\Program Files\Common Files\MSSoap
C:\Program Files\Common Files\Nokia(2)
C:\Program Files\Common Files\ODBC
C:\Program Files\Common Files\PC Tools
C:\Program Files\Common Files\PCSuite
C:\Program Files\Common Files\Real
C:\Program Files\Common Files\Services
C:\Program Files\Common Files\SpeechEngines
C:\Program Files\Common Files\System
C:\Program Files\Common Files\Vivendi Universal Games
C:\Program Files\Common Files\Windows Live
C:\Program Files\Common Files\xing shared
C:\Program Files\Common Files\bytes
C:\Program Files\Common Files\bytes beschikbaar
——————–\\ Process
( 50 Processes )
… OK !
——————–\\ Zoeken met S_Lop
Geen Lop mappen gevonden !
——————–\\ Zoeken naar Lop Bestanden - Mappen
Geen Lop mappen gevonden !
——————–\\ Zoeken doorheen het Register
….. OK !
——————–\\ Nazicht van het Hosts bestand
Hosts bestand IN ORDE
——————–\\ Zoeken naar verborgen bestanden met Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-15 16:29:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes …
scanning hidden files …
scan completed successfully
hidden processes: 0
hidden files: 0
——————–\\ Zoeken naar andere infecties
Geen andere infecties gevonden !
-> C:\DOCUME~1\JOHANN~1.SN0\Cookies
-> C:\DOCUME~1\JOHANN~1.SN0\LOCALS~1\TEMPOR~1\content.IE5
1 - “C:\Lop SD\LopR_1.txt” - vr 15-01-2010|16:14 - Option :
2 - “C:\Lop SD\LopR_2.txt” - vr 15-01-2010|16:30 - Option :
——————–\\ Scan voltooid om 16:30:55
Argus

15-01-2010 16:34

Java
Download Java Runtime Environment (JRE) 6u17 naar je Bureaublad
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-6u17-windows-iftw-rv.exe op je Bureaublad om de nieuwste versie van Java te installeren.
Verwijder via Software Messenger Plus! Live & Sponsor (CiD)
Installeer deze weer maar dan zonder Sponsor
Argus

15-01-2010 16:36

Verwijder van C:\Lop SD
Argus

15-01-2010 16:43

LopSD en Gmer kun je weer verwijderen
Heb je eens wat geld over koop dan Malwarebytes Anti-Malware
Het is een éénmalige uigave met levenslang, GRATIS Updates
En je bent beschermd tegen deze Pop-Ups van malafide scanners
Ik wens je een prettig weekend en happy surfing again
jonie

15-01-2010 17:41

O4 - HKLM\..\Run: C:\Documents and Settings\All Users\Application Data\flag ace stupid data\hold road.exe
O4 - HKCU\..\Run: C:\DOCUME~1\JOHANN~1.SN0\APPLIC~1\BYTE64~1\Rect2.exe
Deze twee stonden niet bij de lijst.

Antivirus Plus

jonie

jonie

Argus

jonie

Argus

jonie

Argus

Argus

Argus

jonie