Archief - Logje met een virut infectie

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

Xinu

Legacy Member
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:45, on 9/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\reader_s.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
c:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\Mustafa\reader_s.exe
c:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\services.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\services.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "c:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BDWizReg] "C:\Program Files\BitDefender\BitDefender 2009\bdwizreg.exe" /complete
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [reader_s] C:\Documents and Settings\Mustafa\reader_s.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Mustafa\reader_s.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236367984062
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - c:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - c:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - c:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Windows Search (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe (file missing)

--
End of file - 8515 bytes

ComboFix 09-03-06.02 - Mustafa 2009-03-08 16:48:31.1 - NTFSx86
Gestart vanuit: c:\documents and settings\Mustafa\Bureaublad\ComboFix.exe

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Mustafa\Local Settings\Temporary Internet Files\fbk.sts
c:\windows\system32\drivers\ntndis.sys
c:\windows\system32\fxe.sp
c:\windows\system32\pthreadGC2.dll
c:\windows\ynh.dx

.
(((((((((((((((((((( Bestanden Gemaakt van 2009-02-08 to 2009-03-08 ))))))))))))))))))))))))))))))
.

2009-03-08 15:46 . 2009-03-08 15:46 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-08 15:46 . 2009-03-08 15:46 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\Malwarebytes
2009-03-08 15:46 . 2009-03-08 15:46 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-08 15:46 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-08 15:46 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-08 14:15 . 2009-03-08 14:15 244 --ah----- C:\sqmnoopt00.sqm
2009-03-08 14:15 . 2009-03-08 14:15 232 --ah----- C:\sqmdata00.sqm
2009-03-08 14:15 . 2009-03-08 14:15 121 --a------ c:\windows\bdagent.INI
2009-03-08 14:04 . 2009-03-08 14:04 850 --a------ c:\windows\system32\ProductTweaks.xml
2009-03-08 14:04 . 2009-03-08 14:04 385 --a------ c:\windows\system32\user_gensett.xml
2009-03-08 14:01 . 2009-03-08 14:01 <DIR> d-------- c:\program files\BitDefender
2009-03-08 14:01 . 2009-03-08 14:01 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\BitDefender
2009-03-08 14:01 . 2009-03-08 14:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\BitDefender
2009-03-08 14:00 . 2009-03-08 16:57 81,984 --a------ c:\windows\system32\bdod.bin
2009-03-08 13:58 . 2009-03-08 14:01 <DIR> d-------- c:\program files\Common Files\BitDefender
2009-03-08 13:49 . 2009-03-08 13:50 <DIR> d-------- c:\program files\Common Files\Softwin
2009-03-08 13:45 . 2009-03-08 13:45 80 --a------ c:\windows\system32\24.tmp
2009-03-08 09:57 . 2009-03-08 09:57 80 --a------ c:\windows\system32\22.tmp
2009-03-08 00:23 . 2009-03-08 00:23 80 --a------ c:\windows\system32\21.tmp
2009-03-07 23:04 . 2009-03-07 23:04 130 --a------ c:\windows\adobe.bat
2009-03-07 23:04 . 2009-03-07 23:09 6 --a------ c:\windows\_id.dat
2009-03-07 23:03 . 2009-03-07 23:03 80 --a------ c:\windows\system32\20.tmp
2009-03-07 21:20 . 2009-03-07 21:20 0 --a------ c:\windows\system32\1E.tmp
2009-03-07 21:12 . 2009-03-07 21:12 80 --a------ c:\windows\system32\1C.tmp
2009-03-07 17:51 . 2009-03-07 17:51 80 --a------ c:\windows\system32\1B.tmp
2009-03-07 13:52 . 2009-03-07 13:52 <DIR> d-------- c:\program files\Common Files\ATI Technologies
2009-03-07 13:48 . 2009-03-07 13:54 <DIR> d-------- c:\program files\ATI Technologies
2009-03-07 13:48 . 2007-07-28 04:01 3,107,788 -ra------ c:\windows\system32\ativvaxx.dat
2009-03-07 13:48 . 2007-07-28 04:01 3,107,788 -ra------ c:\windows\system32\ativva5x.dat
2009-03-07 13:48 . 2007-07-28 04:01 972,072 -ra------ c:\windows\system32\ativva6x.dat
2009-03-07 13:48 . 2009-03-08 14:54 614,400 --a------ c:\windows\system32\ati2sgag.exe
2009-03-07 13:48 . 2007-07-28 04:31 344,064 -ra------ c:\windows\system32\ATIDEMGX.dll
2009-03-07 13:48 . 2007-07-28 04:24 307,200 -ra------ c:\windows\system32\atiiiexx.dll
2009-03-07 13:48 . 2007-06-12 18:30 151,367 -ra------ c:\windows\system32\atiicdxx.dat
2009-03-07 13:48 . 2007-04-12 02:33 7,069 -ra------ c:\windows\system32\atifglpf.xml
2009-03-07 13:47 . 2009-03-07 13:47 80 --a------ c:\windows\system32\1A.tmp
2009-03-07 13:31 . 2009-03-07 13:31 80 --a------ c:\windows\system32\19.tmp
2009-03-07 13:23 . 2007-05-03 18:52 11,557 -ra------ c:\windows\atiogl.xml
2009-03-07 13:22 . 2009-03-07 13:22 664 --a------ c:\windows\system32\d3d9caps.dat
2009-03-07 13:21 . 2009-03-07 13:21 80 --a------ c:\windows\system32\17.tmp
2009-03-07 13:16 . 2009-03-07 13:16 80 --a------ c:\windows\system32\16.tmp
2009-03-07 13:06 . 2009-03-07 13:06 80 --a------ c:\windows\system32\15.tmp
2009-03-07 12:59 . 2009-03-07 13:05 <DIR> d-------- c:\windows\SxsCaPendDel
2009-03-07 12:56 . 2009-03-07 12:56 80 --a------ c:\windows\system32\13.tmp
2009-03-07 12:44 . 2009-03-07 12:44 <DIR> d-------- c:\program files\NOS
2009-03-07 12:44 . 2009-03-07 12:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\NOS
2009-03-07 12:42 . 2009-03-07 12:42 80 --a------ c:\windows\system32\11.tmp
2009-03-07 12:29 . 2006-12-28 17:44 84,992 -ra------ c:\windows\system32\drivers\AtiHdAud.sys
2009-03-07 12:09 . 2009-03-07 11:59 580,096 --a------ c:\windows\system32\otof
2009-03-07 12:03 . 2009-03-07 11:59 580,096 --a------ c:\windows\system32\rzxpyqll
2009-03-07 11:59 . 2009-03-07 11:59 580,096 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-03-07 11:59 . 2009-03-07 13:42 10 --a------ c:\windows\WININIT.INI
2009-03-07 11:41 . 2009-03-07 11:41 <DIR> d-------- c:\program files\Common Files\Adobe
2009-03-07 11:23 . 2008-04-14 17:39 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys
2009-03-07 11:18 . 2009-03-07 11:58 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\nidle
2009-03-07 11:18 . 2009-03-07 11:18 182,656 --a--c--- c:\windows\system32\dllcache\ndis.sys
2009-03-07 11:18 . 2009-03-07 11:18 80 --a------ c:\windows\system32\14C.tmp
2009-03-07 11:18 . 2009-03-07 11:18 0 --a------ c:\windows\system32\14F.tmp
2009-03-07 08:38 . 2009-03-08 12:39 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\GetRightToGo
2009-03-07 00:49 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-07 00:49 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-07 00:10 . 2009-03-08 14:39 <DIR> d-------- c:\documents and settings\Dursun
2009-03-06 23:31 . 2009-03-06 23:31 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-03-06 22:02 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-03-06 22:00 . 2009-03-06 22:00 <DIR> d-------- c:\program files\Microsoft Works
2009-03-06 21:59 . 2009-03-06 21:59 <DIR> d-------- c:\program files\Microsoft.NET
2009-03-06 21:56 . 2009-03-06 21:56 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2009-03-06 21:55 . 2009-03-06 21:56 <DIR> d-------- c:\windows\SHELLNEW
2009-03-06 21:55 . 2009-03-07 12:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-06 21:54 . 2009-03-06 21:54 <DIR> dr-h----- C:\MSOCache
2009-03-06 21:48 . 2009-03-06 21:48 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\DAEMON Tools Pro
2009-03-06 21:48 . 2009-03-06 21:48 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\DAEMON Tools
2009-03-06 21:48 . 2009-03-06 21:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-03-06 21:44 . 2009-03-06 21:53 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\DAEMON Tools Lite
2009-03-06 21:16 . 2009-03-06 21:16 <DIR> d-------- c:\windows\Logs
2009-03-06 21:01 . 2009-03-06 21:01 8,908 --ah----- c:\windows\system32\mlfcache.dat
2009-03-06 21:00 . 2009-03-06 21:00 <DIR> d-------- c:\program files\Bonjour
2009-03-06 20:57 . 2009-03-06 20:57 <DIR> d-------- c:\program files\iTunes
2009-03-06 20:57 . 2009-03-06 20:57 <DIR> d-------- c:\program files\iPod
2009-03-06 20:57 . 2009-03-06 21:00 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\Apple Computer
2009-03-06 20:57 . 2009-03-06 20:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-06 20:57 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2009-03-06 20:57 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-06 20:55 . 2009-03-08 14:44 <DIR> d-------- c:\program files\QuickTime
2009-03-06 20:55 . 2009-03-06 20:55 <DIR> d-------- c:\program files\Apple Software Update
2009-03-06 20:55 . 2009-03-06 20:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-06 20:54 . 2009-03-06 20:54 <DIR> d-------- c:\program files\Common Files\Apple
2009-03-06 20:54 . 2009-03-06 20:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2009-03-06 20:50 . 2009-03-06 20:50 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-03-06 20:49 . 2009-03-06 20:49 <DIR> d-------- c:\documents and settings\Mustafa\Application Data\Windows Desktop Search
2009-03-06 20:48 . 2009-03-06 20:48 <DIR> d-------- c:\windows\system32\GroupPolicy
2009-03-06 20:48 . 2009-03-08 14:45 <DIR> d-------- c:\program files\Windows Desktop Search
2009-03-06 20:47 . 2008-03-07 18:02 192,000 -----c--- c:\windows\system32\dllcache\offfilt.dll
2009-03-06 20:47 . 2008-03-07 18:02 98,304 -----c--- c:\windows\system32\dllcache\nlhtml.dll
2009-03-06 20:47 . 2008-03-07 18:02 29,696 -----c--- c:\windows\system32\dllcache\mimefilt.dll
2009-03-06 20:46 . 2009-03-08 14:45 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-03-06 20:43 . 2009-03-06 20:43 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-06 20:43 . 2009-03-06 20:44 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-03-06 20:43 . 2009-03-06 20:45 <DIR> d-------- C:\89ca5952262d6ad9e5b6
2009-03-06 20:41 . 2009-03-06 20:43 <DIR> d-------- C:\d798060b76b04303a25991309c2bcd17
2009-03-06 20:40 . 2009-01-09 20:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat
2009-03-06 20:38 . 2009-03-07 18:28 <DIR> d-------- c:\documents and settings\Mustafa\Contacts
2009-03-06 20:36 . 2009-03-06 20:57 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-06 20:35 . 2009-03-06 20:36 <DIR> d-------- c:\program files\Windows Live
2009-03-06 20:24 . 2009-03-06 20:35 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2009-03-06 20:23 . 2009-03-06 20:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2009-03-06 20:21 . 2008-04-13 19:45 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2009-03-06 20:21 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-06 20:16 . 2009-03-07 12:58 <DIR> d-------- c:\program files\MSBuild
2009-03-06 20:16 . 2009-03-06 20:16 <DIR> d-------- C:\6d88cb3b4dd9170236040d7b0211
2009-03-06 20:16 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-06 20:16 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-06 20:16 . 2009-03-08 14:55 614,400 --a------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-06 20:16 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-06 20:16 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-06 20:16 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-06 20:16 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-06 20:10 . 2008-12-21 00:03 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-06 20:10 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-06 20:10 . 2007-03-08 06:11 1,032,192 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-06 20:10 . 2008-12-21 00:03 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-06 20:10 . 2008-12-21 00:03 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-06 20:10 . 2008-12-21 00:03 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-06 20:10 . 2008-12-21 00:03 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-06 20:10 . 2008-12-21 00:03 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 13:55 98,304 ----a-w c:\windows\system32\dllcache\wmpstub.exe
2009-03-08 13:54 99,840 ----a-w c:\windows\system32\dfrgfat.exe
2009-03-08 13:52 53,346 ----a-w c:\windows\slrundll.exe
2009-03-08 13:50 9,728,512 ----a-r c:\windows\RTLCPL.exe
2009-03-08 13:50 87,040 ----a-w c:\windows\notepad.exe
2009-03-08 13:50 785,920 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\helpctr.exe
2009-03-08 13:50 761,344 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2009-03-08 13:50 52,736 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\notiflag.exe
2009-03-08 13:50 35,840 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\hscupd.exe
2009-03-08 13:50 188,928 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\msconfig.exe
2009-03-08 13:50 170,496 ----a-w c:\windows\regedit.exe
2009-03-08 13:50 167,936 ----a-w c:\windows\PCHealth\UploadLB\Binaries\uploadm.exe
2009-03-08 13:50 117,248 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\HelpHost.exe
2009-03-08 13:50 1,212,416 ----a-r c:\windows\RtlUpd.exe
2009-03-08 13:50 1,212,416 ----a-r c:\windows\RtkUpd.exe
2009-03-08 13:49 2,175,488 ----a-r c:\windows\MicCal.exe
2009-03-08 13:48 335,872 ----a-w c:\windows\HideWin.exe
2009-03-08 13:48 27,648 ----a-w c:\windows\hh.exe
2009-03-08 13:48 2,827,776 ----a-r c:\windows\alcwzrd.exe
2009-03-08 13:34 90,112 ----a-w c:\windows\Alcmtr.exe
2009-03-08 13:34 50,688 ----a-w c:\windows\system32\rundll32.exe
2009-03-08 13:34 2,899,456 ----a-w c:\windows\SkyTel.exe
2009-03-08 13:30 416,768 ----a-w c:\windows\system32\cmd.exe
2009-03-08 13:27 176,128 ----a-w c:\windows\system32\wscript.exe
2009-03-08 13:27 117,760 ----a-w c:\windows\system32\logagent.exe
2009-03-08 13:26 32,256 ----a-w c:\windows\system32\ctfmon.exe
2009-03-08 13:26 167,424 ----a-w c:\windows\system32\imapi.exe
2009-03-08 13:24 531,968 ----a-w c:\windows\system32\logonui.exe
2009-03-08 13:23 1,054,208 ----a-w c:\windows\explorer.exe
2009-03-08 13:22 43,008 ----a-w c:\windows\system32\userinit.exe
2009-03-08 13:16 201,728 ----a-w c:\windows\system32\searchprotocolhost.exe
2009-03-07 12:49 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-07 10:59 580,096 ----a-w c:\windows\system32\user32.DLL
2009-03-07 10:18 182,656 ----a-w c:\windows\system32\drivers\ndis.sys
2009-02-24 23:26 2,255,360 ----a-w c:\windows\system32\x264vfw.dll
2009-02-09 18:56 67,584 ----a-w c:\windows\system32\ff_vfw.dll
2009-02-03 16:03 104,328 ----a-w c:\windows\system32\drivers\bdfndisf.sys
2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-12 10:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-12-12 10:11 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-16 16:52 61,440 ----a-w c:\program files\mozilla firefox\components\FFComm.dll
.
c:\windows\system32\user32.dll ... is geïnfecteerd !!
578,560 2004-08-03 23:03:24 c:\windows\$NtServicePackUninstall$\user32.dll
580,096 2008-04-14 17:02:44 c:\windows\ServicePackFiles\i386\user32.dll
580,096 2008-04-14 17:02:44 c:\windows\SoftwareDistribution\Download\4390075a50157b74d7a953e917743f62\user32.dll
580,096 2009-03-07 10:59:01 c:\windows\system32\user32.DLL
580,096 2009-03-07 10:59:01 c:\windows\system32\dllcache\user32.dll


------- Sigcheck -------

2004-08-04 00:03 578560 8e5d344fd717d35ee7ed1c8e0ad0cbe6 c:\windows\$NtServicePackUninstall$\user32.dll
2008-04-14 18:02 580096 4cf588d2f2363b73eb4af57967d46dff c:\windows\ServicePackFiles\i386\user32.dll
2008-04-14 18:02 580096 4cf588d2f2363b73eb4af57967d46dff c:\windows\SoftwareDistribution\Download\4390075a50157b74d7a953e917743f62\user32.dll
2009-03-07 11:59 580096 8a0f7c6bca4b61ed77aeca40143324cb c:\windows\system32\user32.DLL
2009-03-07 11:59 580096 8a0f7c6bca4b61ed77aeca40143324cb c:\windows\system32\dllcache\user32.dll

2004-08-03 22:14 182912 1df7f42665c94b825322fae71721130d c:\windows\$NtServicePackUninstall$\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\ServicePackFiles\i386\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\4390075a50157b74d7a953e917743f62\ndis.sys
2009-03-07 11:18 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\dllcache\ndis.sys
2009-03-07 11:18 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\drivers\ndis.sys

2009-03-08 14:23 1054208 8e67ec8af8c7284cb41d39f60655f903 c:\windows\explorer.exe
2009-03-08 14:47 1052672 52e72d88aace89a7142c120290978289 c:\windows\$NtServicePackUninstall$\explorer.exe
2009-03-08 14:50 1054720 8b1fdc7f8e8caa4bfe2748740488de38 c:\windows\ServicePackFiles\i386\explorer.exe
2009-03-08 14:52 1054208 fdeb1fa307c9a238abb9d34049b31af4 c:\windows\SoftwareDistribution\Download\4390075a50157b74d7a953e917743f62\explorer.exe

2009-03-08 14:47 32768 abee78fff8721105b950f3c9a274545c c:\windows\$NtServicePackUninstall$\ctfmon.exe
2009-03-08 14:50 32768 4c86a7bd5f8c2b3001f20161e993da02 c:\windows\ServicePackFiles\i386\ctfmon.exe
2009-03-08 14:52 32256 174c0f5ffc62684f665f7f6ce94e0045 c:\windows\SoftwareDistribution\Download\4390075a50157b74d7a953e917743f62\ctfmon.exe
2009-03-08 14:26 32256 64a8ba3f12eb87fe70c6171a2bb43462 c:\windows\system32\ctfmon.exe

2009-03-08 14:48 74752 db7d465f31ef12f9753ef92fd2217ae7 c:\windows\$NtServicePackUninstall$\spoolsv.exe
2009-03-08 14:51 74752 b800a64fe5ba2f9b8a76780981c6c1d6 c:\windows\ServicePackFiles\i386\spoolsv.exe
2009-03-08 14:53 74752 67dbbfb6ca4eb958572672a90393e0e6 c:\windows\SoftwareDistribution\Download\4390075a50157b74d7a953e917743f62\spoolsv.exe
2008-04-14 18:03 75264 3d12626c4e02a949ec0ea9231a1894d2 c:\windows\system32\spoolsv.exe

2009-03-08 14:48 41472 f1a468d4fed5a3030f06f54d7373b168 c:\windows\$NtServicePackUninstall$\userinit.exe
2009-03-08 14:51 43008 48684499cd1783344b0d4540719c6b3a c:\windows\ServicePackFiles\i386\userinit.exe
2009-03-08 14:53 43008 728035f6d2348b1e7cfe19f27de07ea6 c:\windows\SoftwareDistribution\Download\4390075a50157b74d7a953e917743f62\userinit.exe
2009-03-08 14:22 43008 848e4e0b50d254a564d8ea2372ec91d7 c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2009-03-08 32256]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-03-08 434176]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-03-08 90112]
"SkyTel"="SkyTel.EXE" [2009-03-08 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Games\\Steam\\steamapps\\[email protected]\\counter-strike\\hl.exe"=

Xinu

Legacy Member
R3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2009-03-08 139264]
R3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
R3 restore;restore; [x]
S0 ViBus;ViBus;c:\windows\System32\DRIVERS\ViBus.sys [2007-03-26 16896]
S0 ViPrt;VIA SATA IDE Device Driver;c:\windows\System32\DRIVERS\ViPrt.sys [2007-03-26 52224]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696]
S3 bdfm;bdfm;c:\windows\system32\drivers\bdfm.sys [2008-09-18 111112]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\bdfndisf.sys [2009-02-03 104328]

--- Andere Services/Drivers In Geheugen ---

*Deregistered* - AFD
*Deregistered* - Apple Mobile Device
*Deregistered* - Ati HotKey Poller
*Deregistered* - ATI Smart
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - bdfm
*Deregistered* - Bdfndisf
*Deregistered* - bdfsfltr
*Deregistered* - bdftdif
*Deregistered* - BDSelfPr
*Deregistered* - BDVEDISK
*Deregistered* - Beep
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - dmserver
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - Fastfat
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HidServ
*Deregistered* - HTTP
*Deregistered* - ImapiService
*Deregistered* - IpNat
*Deregistered* - iPod Service
*Deregistered* - IPSec
*Deregistered* - Kbdclass
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LIVESRV
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - Mouclass
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PCIIde
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - RemoteRegistry
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - ViaIde
*Deregistered* - VolSnap
*Deregistered* - VSSERV
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
Inhoud van de 'Gedeelde Taken' map

2009-03-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
HKCU-Run-reader_s - c:\documents and settings\Mustafa\reader_s.exe
HKLM-Run-reader_s - c:\windows\System32\reader_s.exe
HKLM-Run-StartCCC - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
HKLM-Run-BDAgent - c:\program files\BitDefender\BitDefender 2009\bdagent.exe
HKLM-Run-RTHDCPL - RTHDCPL.EXE
HKU-Default-Run-reader_s - c:\windows\system32\config\systemprofile\reader_s.exe
HKU-Default-Run-nidle - c:\documents and settings\Mustafa\Application Data\nidle\nidle.exe
HKLM-Explorer_Run-services - c:\windows\services.exe
HKCU-Explorer_Run-services - c:\windows\services.exe


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Mustafa\Application Data\Mozilla\Firefox\Profiles\sfupir88.default\
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-08 16:58:44
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwOpenFile

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(980)
c:\program files\Bonjour\mdnsNSP.dll
c:\windows\system32\Ati2evxx.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
c:\program files\BitDefender\BitDefender 2009\vsserv.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Temp\BN1.tmp
c:\program files\Windows Desktop Search\WindowsSearch.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\iTunes\iTunes.exe
.
**************************************************************************
.
Voltooingstijd: 2009-03-08 17:01:38 - machine werd herstart
ComboFix-quarantined-files.txt 2009-03-08 16:01:32

Pre-Run: 49.209.806.848 bytes beschikbaar
Post-Run: 49,466,085,376 bytes beschikbaar

439 --- E O F --- 2009-03-07 11:22:10

firefox start niet op zegt dat ik pc moet openieuw opstarten heb ik gedaan maar werkt niet.pc gaat erg traag en doet heel raar!

Juisterr

Legacy Member
Maar nee U heeft Virut en het zal geen zin hebben om ook maar iets te doen.

SystemLookup - Global Search

Added by the Virus.Win32.Virut.n TROJAN! Note: Located in \%WINDIR%\System32\

C:\WINDOWS\System32\reader_s.exe
C:\Documents and Settings\Mustafa\reader_s.exe



Red Uw documenten foto's ed en formateer uw schijf.

Installeer windows opnieuw.

Xinu

Legacy Member
K heb het pc ge formateert tnx voor het hulp topic mag weg.

Juisterr

Legacy Member
zeer verstandig, dit scheelt U vele uren doelloos rommelen en op het eind is het systeem zo van slag dat U alsnog moet formateren.

Ik sluit het.
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan