Ga naar inhoud

Cinta

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    12

  • Registratiedatum

  • Laatst bezocht

Cinta's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. Cinta
    Oke Kape , doe ik , bedankt weer !!!
  2. Cinta
    Beste Kape, Ten eerste wil ik je bedanken voor je expertise en eindeloos geduld die je de laatste tijd voor mij neemt. Ik moet eerlijkheidshalve zeggen dat ik wat snelheid/ traagheid niet veel meer ben opgeschoten. Ten eerste : nog steeds links beneden in de hoek de melding "fout in de pagina " Ten tweede : Telkens als ik wat opent, krijg ik nog steeds een aparte scherm te zien met de vermelding " de webpagina bevat fouten en werkt dus niet naar behoren " Ten derde : het verspringt spontaan om de zoveel tijd , zonder aanleiding, ik bedoel zonder iets aan te klikken, bijvoorbeeld ben je effe aan het chatten, dan verspringt die naar een blad in Windows Explorerer, of ben je op een Internetsite, verspringt het spontaan naar chatprogramma MSN en natuurlijk andersom. jajaja, pfffff ten vierde : als ik bijvoorbeeld een tijdje achter de Pc zit, bijvoorbeeld een uurtje, krijg ik allemaal paarse, rode, blauwe strepen op mijn beeldscherm, maar als ik dan weer opstart dan krijg ik wel weer goed beeld, maar dat is zo irritant, vooral als je met iemand gaat chatten en je Pc daarvoor opnieuw moet opstarten, tja dan krijg die andere persoon een verkeerd indruk van mij, heeeee wat onbeschoft, je eindigt zomaar onze chatsessie, bijvoorbeeld ! En dan moet ik maar uitleggen dat mijn Pc te warm is en het maar eerst laat afkoelen of zo! ---------- Post toegevoegd om 08:21 ---------- Vorige post was om 08:14 ---------- Hoi Kape, niet echt opgeschoten wat snelheid betreft ! het opstarten al duurt minstens 20 minuten, en telkens als ik wat opend, dan zie ik die zandloper(pijltje) met die seconden en dan krijg ik weer boven Windows Explorer reageert niet, weer een tijd wachten krijg ik iets van rapport verzenden, tja dan verzend ik die rapport maar. Ook met taakbeheer geprobeerd om het proces te herstellen waar ik mee bezig bent, dus weer activeren, dan zit hij een tijdje vast dan moet ik maar op beeindigen aanklikken, maar dan gaat alles weg wat je op Internet hebt geopend.!
  3. Cinta
    Hallo Kape, hier zijn de resultaten van dat log :ComboFix 11-02-06.02 - Abdel 08-02-2011 0:41.6.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.383.154 [GMT 1:00] Gestart vanuit: c:\documents and settings\Abdel\Mijn documenten\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Abdel\Bureaublad\CFScript.txt AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393} FILE :: "c:\program files\Common Files\Windows Live\.cache\wlcC.tmp" "c:\windows\DUMP97bb.tmp" "c:\windows\system32\ConduitEngine.tmp" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\McAfee c:\documents and settings\All Users\Application Data\McAfee\MCLOGS\Common\McCHSvc\McCHSvc000.log c:\documents and settings\All Users\Application Data\McAfee\MCLOGS\McUICnt\McUICnt\McUICnt000.log c:\documents and settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\McCHSvc\McCHSvc000.log c:\documents and settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\McUICnt\McUICnt000.log c:\documents and settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\SSScheduler\SSScheduler000.log c:\documents and settings\All Users\Application Data\McAfee\MCLOGS\SecurityScanner\McUICnt\McUICnt000.log c:\documents and settings\LocalService\Application Data\McAfee c:\documents and settings\LocalService\Application Data\McAfee\sacore\sacore.db c:\documents and settings\LocalService\Application Data\McAfee\sacore\sacore_cache.db c:\program files\ConduitEngine c:\program files\ConduitEngine\appContextMenu.xml c:\program files\ConduitEngine\ConduitEngine.dll c:\program files\ConduitEngine\ConduitEngineHelper.exe c:\program files\ConduitEngine\engineContextMenu.xml c:\program files\ConduitEngine\EngineSettings.json c:\program files\ConduitEngine\toolbar.cfg c:\windows\TEMP\logishrd\LVPrcInj01.dll . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-08 to 2011-02-08 )))))))))))))))))))))))))))))) . 2011-02-06 05:55 . 2011-02-06 05:55 -------- d-----w- c:\windows\Performance 2011-02-06 05:52 . 2011-02-06 05:52 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\Microsoft Corporation 2011-02-06 05:39 . 2011-02-06 05:39 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor 2011-02-06 00:24 . 2011-02-07 23:29 -------- d--h--r- c:\documents and settings\Abdel\Onlangs geopend 2011-02-03 06:21 . 2011-02-03 06:21 -------- d-----w- c:\documents and settings\Abdel\Application Data\Malwarebytes 2011-02-03 06:20 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-03 06:20 . 2011-02-03 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-02-03 06:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-03 06:19 . 2011-02-03 06:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-01 10:49 . 2011-02-01 10:49 -------- d-----w- c:\program files\Trend Micro 2011-01-30 07:06 . 2011-01-30 07:06 -------- d-----w- c:\documents and settings\Abdel\Application Data\TwonkyMedia 2011-01-30 07:03 . 2011-01-30 07:03 -------- d-----w- c:\program files\PacketVideo 2011-01-30 07:01 . 2011-02-08 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\twonkymedia 2011-01-30 05:46 . 2011-01-30 05:46 -------- d-----w- c:\windows\system32\GroupPolicy 2011-01-27 00:15 . 2011-01-27 00:15 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters 2011-01-27 00:12 . 2011-01-27 00:13 -------- d-----w- c:\documents and settings\Abdel\Application Data\Fighters 2011-01-26 22:25 . 2011-01-26 22:25 -------- d-----w- c:\documents and settings\Abdel\Application Data\Panda Security 2011-01-23 05:03 . 2011-01-23 05:03 -------- d-----w- c:\program files\FilmFanaticEI 2011-01-19 06:02 . 2011-01-19 06:07 -------- d-----w- c:\documents and settings\Abdel\Application Data\TP 2011-01-16 03:05 . 2011-01-27 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2011-01-16 03:04 . 2011-01-27 00:14 -------- d-----w- c:\program files\Fighters 2011-01-15 09:24 . 2011-01-15 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security 2011-01-15 09:23 . 2011-01-15 09:23 -------- d-----w- c:\program files\Panda Security 2011-01-14 19:54 . 2011-01-14 19:54 84718440 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcC.tmp 2011-01-12 08:44 . 2011-01-12 08:44 -------- d-----w- c:\documents and settings\Abdel\Application Data\Uniblue 2011-01-12 08:43 . 2011-01-12 08:43 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4} 2011-01-12 08:42 . 2011-01-12 08:42 -------- d-----w- c:\program files\Uniblue 2011-01-12 08:37 . 2011-01-12 08:37 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\PackageAware 2011-01-12 07:30 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-12 07:13 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-12 06:18 . 2011-01-12 10:11 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\ConduitEngine 2011-01-12 06:16 . 2011-01-12 06:16 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-01-12 02:41 . 2008-04-14 18:02 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2011-01-12 02:41 . 2008-04-14 18:02 21504 ----a-w- c:\windows\system32\hidserv.dll 2011-01-12 02:40 . 2001-09-06 18:04 12288 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2011-01-12 02:40 . 2001-09-06 18:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys 2011-01-12 02:40 . 2008-04-14 17:39 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2011-01-12 02:40 . 2008-04-14 17:39 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2011-01-12 02:40 . 2008-04-13 19:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2011-01-12 02:40 . 2008-04-13 19:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-27 00:45 . 2007-12-15 19:26 90112 ----a-w- c:\windows\DUMP97bb.tmp 2010-12-16 17:39 . 2010-12-16 17:39 365888 ----a-w- c:\windows\system32\PSUNCpl.cpl 2010-12-16 17:12 . 2010-12-16 17:12 113096 ----a-w- c:\windows\system32\drivers\PSINProt.sys 2010-12-16 17:12 . 2010-12-16 17:12 111944 ----a-w- c:\windows\system32\drivers\PSINProc.sys 2010-12-16 17:12 . 2010-12-16 17:12 130376 ----a-w- c:\windows\system32\drivers\PSINKNC.sys 2010-12-16 17:12 . 2010-12-16 17:12 97352 ----a-w- c:\windows\system32\drivers\PSINFile.sys 2010-12-16 17:12 . 2010-12-16 17:12 141768 ----a-w- c:\windows\system32\drivers\PSINAflt.sys 2010-11-18 18:15 . 2007-12-15 18:59 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\system32\dpl100.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon] @="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}" [HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}] 2010-12-16 17:18 320832 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon] @="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}" [HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}] 2010-12-16 17:18 320832 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408] "VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe" [2011-01-12 12948272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2010-04-28 647528] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2010-06-20 255344] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-13 202256] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608] "DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2010-12-16 423232] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk * [HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk] path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\Adobe Media Player.lnk backup=c:\windows\pss\Adobe Media Player.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^OpenOffice.org 3.0 .lnk] path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\OpenOffice.org 3.0 .lnk backup=c:\windows\pss\OpenOffice.org 3.0 .lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2005-07-14 13:09 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE] 2008-02-12 06:40 958464 ----a-w- c:\program files\Labtec\Desktop\V5.1\MOffice.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-04-02 14:11 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2008-08-14 16:15 2407184 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2010-06-01 08:17 5252408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart] 2009-02-26 15:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OFFICEKB] 2008-02-12 06:40 387584 ----a-w- c:\program files\Labtec\Desktop\V5.1\KBDAP32A.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection] 2009-02-03 13:15 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] 2009-05-20 13:11 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2010-03-13 15:01 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\FrostWire\\FrostWire.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Documents and Settings\\Abdel\\Application Data\\HiYo\\Data\\hiyo_install.exe"= R2 gupdate1c9bcd1df11ba3c;Google Updateservice (gupdate1c9bcd1df11ba3c);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 133104] R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-01-18 121480] R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-01-09 38976] R3 PSSDKLBF;PSSDKLBF;c:\windows\system32\Drivers\pssdklbf.sys [2010-01-09 53312] S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2010-12-16 130376] S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-12-16 140608] S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2010-12-16 141768] S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2010-12-16 97352] S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2010-12-16 111944] S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2010-12-16 113096] S2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [2011-01-18 1143944] S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2008-10-20 102400] . Inhoud van de 'Gedeelde Taken' map 2010-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2011-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22] 2011-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22] 2011-02-08 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] 2011-02-08 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1844237615-1085031214-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2011-02-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1844237615-1085031214-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2011-02-08 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 08:44] 2011-02-08 c:\windows\Tasks\SLOW-PCfighter-Abdel-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-11-17 13:32] 2011-02-07 c:\windows\Tasks\User_Feed_Synchronization-{8E8BFBBB-0D6A-4110-A535-34224D2826E0}.job - c:\windows\system32\msfeedssync.exe [2007-12-15 02:31] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr10/*Yahoo! SearchBar Home Page uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr10/*Yahoo! IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-08 01:17 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*–€|ÿÿÿÿ;•€|é•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" [HKEY_LOCAL_MACHINE\software\T*w*o*n*k*y*B*e*a*m*"!\Internet Explorer] "Path"="c:\\Program Files\\PacketVideo\\TwonkyBeam\\Internet Explorer" "Language"="1043" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(848) c:\windows\System32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(6480) c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL c:\program files\Panda Security\Panda Cloud Antivirus\PSNCGP.dll c:\program files\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCP80.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\webcheck.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\virusfighter\Bin\Zanda.exe c:\program files\Raxco\PerfectDisk\PDAgent.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMediaServer.exe c:\windows\System32\Ati2evxx.exe c:\windows\system32\WgaTray.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Voltooingstijd: 2011-02-08 02:23:21 - machine werd herstart ComboFix-quarantined-files.txt 2011-02-08 01:21 ComboFix2.txt 2011-02-07 10:37 ComboFix3.txt 2011-02-06 08:50 ComboFix4.txt 2011-02-05 23:51 ComboFix5.txt 2011-02-07 23:36 Pre-Run: 49.114.148.864 bytes beschikbaar Post-Run: 49.152.622.592 bytes beschikbaar - - End Of File - - 235ABA394A7C56AFA17312568E6080B5 CFScript.txt
  4. Cinta
    Hallo Kape , ik heb die Icoontjes van Combofix.txt en CFScript.txt, goed je zei over naar toe slepen(?), bedoel je dat ik met mijn muis eerst over het Icoontje van CFScript.txt moet klikken en dan mijn muis blijvend aanklikken totdat ik bij die Icoontje van ComboFix ben, ik heb met plakken en kopieren geprobeerd maar er gebeurt niets. Als ik naar Combofix.txt gaat dan zie ik die blauwe scherm en dan zie ik een klein blokje, dus ik probeerde ook die gegevens van CFScript maar over te typen, dat kan ook niet en dan gaat dat scannen van ComboFix gewoon zijn gangetje , maar dan heb ik nog steeds die gegevens van CFSript.txt niet in die Combofix! Volgens mij als je die handelingen al een keer heb verricht lijkt dit zo simpel, maar nogmaals ik ben maar een PC groentje, echt een leek! IK doe iets verkeerds, dat voel ik gewoon aan mijn botten, kun jij mij instrueren wat ik wel moet doen? oke nogmaals hartelijk dank!!! Cinta
  5. Cinta
    Hoi Kape, hier zijn de laatste ComboFix resultaten :ComboFix 11-02-05.01 - Abdel 06-02-2011 8:43.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.383.148 [GMT 1:00] Gestart vanuit: c:\documents and settings\Abdel\Mijn documenten\ComboFix.exe AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\TEMP\logishrd\LVPrcInj01.dll Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\windows\ServicePackFiles\i386\userinit.exe . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-06 to 2011-02-06 )))))))))))))))))))))))))))))) . 2011-02-06 05:55 . 2011-02-06 05:55 -------- d-----w- c:\windows\Performance 2011-02-06 05:52 . 2011-02-06 05:52 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\Microsoft Corporation 2011-02-06 05:39 . 2011-02-06 05:39 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor 2011-02-06 00:24 . 2011-02-06 07:30 -------- d--h--r- c:\documents and settings\Abdel\Onlangs geopend 2011-02-03 06:21 . 2011-02-03 06:21 -------- d-----w- c:\documents and settings\Abdel\Application Data\Malwarebytes 2011-02-03 06:20 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-03 06:20 . 2011-02-03 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-02-03 06:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-03 06:19 . 2011-02-03 06:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-01 10:49 . 2011-02-01 10:49 -------- d-----w- c:\program files\Trend Micro 2011-01-30 07:06 . 2011-01-30 07:06 -------- d-----w- c:\documents and settings\Abdel\Application Data\TwonkyMedia 2011-01-30 07:03 . 2011-01-30 07:03 -------- d-----w- c:\program files\PacketVideo 2011-01-30 07:01 . 2011-02-06 08:16 -------- d-----w- c:\documents and settings\All Users\Application Data\twonkymedia 2011-01-30 05:46 . 2011-01-30 05:46 -------- d-----w- c:\windows\system32\GroupPolicy 2011-01-27 00:15 . 2011-01-27 00:15 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters 2011-01-27 00:12 . 2011-01-27 00:13 -------- d-----w- c:\documents and settings\Abdel\Application Data\Fighters 2011-01-26 22:25 . 2011-01-26 22:25 -------- d-----w- c:\documents and settings\Abdel\Application Data\Panda Security 2011-01-23 05:03 . 2011-01-23 05:03 -------- d-----w- c:\program files\FilmFanaticEI 2011-01-19 06:02 . 2011-01-19 06:07 -------- d-----w- c:\documents and settings\Abdel\Application Data\TP 2011-01-18 07:04 . 2011-01-18 07:04 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee 2011-01-16 03:05 . 2011-01-27 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2011-01-16 03:04 . 2011-01-27 00:14 -------- d-----w- c:\program files\Fighters 2011-01-15 18:16 . 2011-01-15 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2011-01-15 09:24 . 2011-01-15 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security 2011-01-15 09:23 . 2011-01-15 09:23 -------- d-----w- c:\program files\Panda Security 2011-01-14 19:54 . 2011-01-14 19:54 84718440 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcC.tmp 2011-01-12 08:44 . 2011-01-12 08:44 -------- d-----w- c:\documents and settings\Abdel\Application Data\Uniblue 2011-01-12 08:43 . 2011-01-12 08:43 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4} 2011-01-12 08:42 . 2011-01-12 08:42 -------- d-----w- c:\program files\Uniblue 2011-01-12 08:37 . 2011-01-12 08:37 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\PackageAware 2011-01-12 07:30 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-12 07:13 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-12 06:18 . 2011-01-12 10:11 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\ConduitEngine 2011-01-12 06:16 . 2011-01-12 06:16 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-01-12 06:16 . 2011-01-12 06:17 -------- d-----w- c:\program files\ConduitEngine 2011-01-12 02:41 . 2008-04-14 18:02 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2011-01-12 02:41 . 2008-04-14 18:02 21504 ----a-w- c:\windows\system32\hidserv.dll 2011-01-12 02:40 . 2001-09-06 18:04 12288 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2011-01-12 02:40 . 2001-09-06 18:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys 2011-01-12 02:40 . 2008-04-14 17:39 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2011-01-12 02:40 . 2008-04-14 17:39 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2011-01-12 02:40 . 2008-04-13 19:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2011-01-12 02:40 . 2008-04-13 19:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-27 00:45 . 2007-12-15 19:26 90112 ----a-w- c:\windows\DUMP97bb.tmp 2010-11-18 18:15 . 2007-12-15 18:59 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-11-09 14:52 . 2004-08-03 13:03 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408] "VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe" [2011-01-12 12948272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2010-04-28 647528] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2010-06-20 255344] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-13 202256] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608] "DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2010-05-14 406848] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk * [HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk] path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\Adobe Media Player.lnk backup=c:\windows\pss\Adobe Media Player.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^OpenOffice.org 3.0 .lnk] path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\OpenOffice.org 3.0 .lnk backup=c:\windows\pss\OpenOffice.org 3.0 .lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2005-07-14 13:09 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE] 2008-02-12 06:40 958464 ----a-w- c:\program files\Labtec\Desktop\V5.1\MOffice.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-04-02 14:11 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2008-08-14 16:15 2407184 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2010-06-01 08:17 5252408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart] 2009-02-26 15:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OFFICEKB] 2008-02-12 06:40 387584 ----a-w- c:\program files\Labtec\Desktop\V5.1\KBDAP32A.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection] 2009-02-03 13:15 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] 2009-05-20 13:11 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2010-03-13 15:01 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\FrostWire\\FrostWire.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Documents and Settings\\Abdel\\Application Data\\HiYo\\Data\\hiyo_install.exe"= R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [17-6-2010 12:41 129992] R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [16-12-2010 18:19 140608] R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [27-5-2010 17:39 141384] R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [21-7-2010 21:02 97096] R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [30-4-2010 12:46 111624] R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [21-7-2010 21:02 112456] R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [18-1-2011 14:29 1143944] R2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?] S2 gupdate1c9bcd1df11ba3c;Google Updateservice (gupdate1c9bcd1df11ba3c);c:\program files\Google\Update\GoogleUpdate.exe [14-4-2009 8:23 133104] S3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [18-1-2011 14:28 121480] S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [9-1-2010 16:16 38976] S3 PSSDKLBF;PSSDKLBF;c:\windows\system32\drivers\pssdklbf.sys [9-1-2010 16:16 53312] . Inhoud van de 'Gedeelde Taken' map 2010-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2011-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22] 2011-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22] 2011-02-06 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] 2011-02-06 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1844237615-1085031214-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2011-02-05 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1844237615-1085031214-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2011-02-06 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 08:44] 2011-02-06 c:\windows\Tasks\SLOW-PCfighter-Abdel-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-11-17 13:32] 2011-02-06 c:\windows\Tasks\User_Feed_Synchronization-{8E8BFBBB-0D6A-4110-A535-34224D2826E0}.job - c:\windows\system32\msfeedssync.exe [2007-12-15 02:31] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr10/*Yahoo! SearchBar Home Page uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr10/*Yahoo! IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-06 09:24 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*–€|ÿÿÿÿ;•€|é•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" [HKEY_LOCAL_MACHINE\software\T*w*o*n*k*y*B*e*a*m*"!\Internet Explorer] "Path"="c:\\Program Files\\PacketVideo\\TwonkyBeam\\Internet Explorer" "Language"="1043" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(848) c:\windows\System32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(6832) c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\webcheck.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\virusfighter\Bin\Zanda.exe c:\program files\Raxco\PerfectDisk\PDAgent.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMediaServer.exe c:\windows\System32\Ati2evxx.exe c:\windows\system32\WgaTray.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Voltooingstijd: 2011-02-06 09:50:33 - machine werd herstart ComboFix-quarantined-files.txt 2011-02-06 08:50 ComboFix2.txt 2011-02-05 23:51 ComboFix3.txt 2011-02-05 09:57 Pre-Run: 49.305.464.832 bytes beschikbaar Post-Run: 49.388.646.400 bytes beschikbaar - - End Of File - - 2F44D722F458D71021832EB34B1AEE33 Oef, echt acracadabra voor mij, ik ga mijn vingers niet aan branden, maar helaas Kape , ik krijg nog steeds dezelfde vermelding dat de webpagina fouten inzitten en dus niet naar behoren werkt en steeds dat JSON niet gedefinieerd melding !!!
  6. Cinta
    ComboFix 11-02-05.01 - Abdel 05-02-2011 23:54:11.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.383.159 [GMT 1:00] Gestart vanuit: c:\documents and settings\Abdel\Mijn documenten\ComboFix.exe AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-05 to 2011-02-05 )))))))))))))))))))))))))))))) . 2011-02-05 10:26 . 2011-02-05 10:26 -------- d-----w- c:\windows\LastGood 2011-02-03 06:21 . 2011-02-03 06:21 -------- d-----w- c:\documents and settings\Abdel\Application Data\Malwarebytes 2011-02-03 06:20 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-03 06:20 . 2011-02-03 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-02-03 06:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-03 06:19 . 2011-02-03 06:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-01 10:49 . 2011-02-01 10:49 -------- d-----w- c:\program files\Trend Micro 2011-01-31 07:56 . 2011-02-02 07:32 -------- d--h--r- c:\documents and settings\Abdel\Onlangs geopend 2011-01-30 07:06 . 2011-01-30 07:06 -------- d-----w- c:\documents and settings\Abdel\Application Data\TwonkyMedia 2011-01-30 07:03 . 2011-01-30 07:03 -------- d-----w- c:\program files\PacketVideo 2011-01-30 07:01 . 2011-02-05 09:21 -------- d-----w- c:\documents and settings\All Users\Application Data\twonkymedia 2011-01-30 05:46 . 2011-01-30 05:46 -------- d-----w- c:\windows\system32\GroupPolicy 2011-01-27 00:15 . 2011-01-27 00:15 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters 2011-01-27 00:12 . 2011-01-27 00:13 -------- d-----w- c:\documents and settings\Abdel\Application Data\Fighters 2011-01-26 22:25 . 2011-01-26 22:25 -------- d-----w- c:\documents and settings\Abdel\Application Data\Panda Security 2011-01-23 05:03 . 2011-01-23 05:03 -------- d-----w- c:\program files\FilmFanaticEI 2011-01-19 06:02 . 2011-01-19 06:07 -------- d-----w- c:\documents and settings\Abdel\Application Data\TP 2011-01-18 07:04 . 2011-01-18 07:04 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee 2011-01-16 03:05 . 2011-01-27 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2011-01-16 03:04 . 2011-01-27 00:14 -------- d-----w- c:\program files\Fighters 2011-01-15 18:16 . 2011-01-15 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2011-01-15 09:24 . 2011-01-15 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security 2011-01-15 09:23 . 2011-01-15 09:23 -------- d-----w- c:\program files\Panda Security 2011-01-14 19:54 . 2011-01-14 19:54 84718440 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcC.tmp 2011-01-12 08:44 . 2011-01-12 08:44 -------- d-----w- c:\documents and settings\Abdel\Application Data\Uniblue 2011-01-12 08:43 . 2011-01-12 08:43 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4} 2011-01-12 08:42 . 2011-01-12 08:42 -------- d-----w- c:\program files\Uniblue 2011-01-12 08:37 . 2011-01-12 08:37 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\PackageAware 2011-01-12 07:30 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-12 07:13 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-12 06:18 . 2011-01-12 10:11 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\ConduitEngine 2011-01-12 06:16 . 2011-01-12 06:16 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-01-12 06:16 . 2011-01-12 06:17 -------- d-----w- c:\program files\ConduitEngine 2011-01-12 02:41 . 2008-04-14 18:02 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2011-01-12 02:41 . 2008-04-14 18:02 21504 ----a-w- c:\windows\system32\hidserv.dll 2011-01-12 02:40 . 2001-09-06 18:04 12288 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2011-01-12 02:40 . 2001-09-06 18:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys 2011-01-12 02:40 . 2008-04-14 17:39 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2011-01-12 02:40 . 2008-04-14 17:39 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2011-01-12 02:40 . 2008-04-13 19:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2011-01-12 02:40 . 2008-04-13 19:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-27 00:45 . 2007-12-15 19:26 90112 ----a-w- c:\windows\DUMP97bb.tmp 2010-11-18 18:15 . 2007-12-15 18:59 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-11-09 14:52 . 2004-08-03 13:03 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408] "VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe" [2011-01-12 12948272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2010-04-28 647528] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2010-06-20 255344] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-13 202256] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608] "DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360] "PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2010-05-14 406848] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk * [HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk] path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\Adobe Media Player.lnk backup=c:\windows\pss\Adobe Media Player.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^OpenOffice.org 3.0 .lnk] path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\OpenOffice.org 3.0 .lnk backup=c:\windows\pss\OpenOffice.org 3.0 .lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2005-07-14 13:09 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE] 2008-02-12 06:40 958464 ----a-w- c:\program files\Labtec\Desktop\V5.1\MOffice.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-04-02 14:11 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2008-08-14 16:15 2407184 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2010-06-01 08:17 5252408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart] 2009-02-26 15:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OFFICEKB] 2008-02-12 06:40 387584 ----a-w- c:\program files\Labtec\Desktop\V5.1\KBDAP32A.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection] 2009-02-03 13:15 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] 2009-05-20 13:11 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2010-03-13 15:01 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\FrostWire\\FrostWire.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Documents and Settings\\Abdel\\Application Data\\HiYo\\Data\\hiyo_install.exe"= R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [17-6-2010 12:41 129992] R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [16-12-2010 18:19 140608] R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [27-5-2010 17:39 141384] R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [21-7-2010 21:02 97096] R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [30-4-2010 12:46 111624] R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [21-7-2010 21:02 112456] S2 gupdate1c9bcd1df11ba3c;Google Updateservice (gupdate1c9bcd1df11ba3c);c:\program files\Google\Update\GoogleUpdate.exe [14-4-2009 8:23 133104] S3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [18-1-2011 14:28 121480] S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [9-1-2010 16:16 38976] S3 PSSDKLBF;PSSDKLBF;c:\windows\system32\drivers\pssdklbf.sys [9-1-2010 16:16 53312] . Inhoud van de 'Gedeelde Taken' map 2010-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2011-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22] 2011-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22] 2011-02-05 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] 2011-02-05 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1844237615-1085031214-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2011-02-05 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1844237615-1085031214-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2011-02-05 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 08:44] 2011-02-05 c:\windows\Tasks\SLOW-PCfighter-Abdel-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-11-17 13:32] 2011-02-05 c:\windows\Tasks\User_Feed_Synchronization-{8E8BFBBB-0D6A-4110-A535-34224D2826E0}.job - c:\windows\system32\msfeedssync.exe [2007-12-15 02:31] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr10/*Yahoo! SearchBar Home Page uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr10/*Yahoo! IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-06 00:38 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*–€|ÿÿÿÿ;•€|é•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" [HKEY_LOCAL_MACHINE\software\T*w*o*n*k*y*B*e*a*m*"!\Internet Explorer] "Path"="c:\\Program Files\\PacketVideo\\TwonkyBeam\\Internet Explorer" "Language"="1043" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(844) c:\windows\System32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(4700) c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\webcheck.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2011-02-06 00:51:26 ComboFix-quarantined-files.txt 2011-02-05 23:51 ComboFix2.txt 2011-02-05 09:57 Pre-Run: 49.328.189.440 bytes beschikbaar Post-Run: 49.332.727.808 bytes beschikbaar - - End Of File - - 5F1C3A05F8D85D6DD802BC6BE98CF6DF dit zijn de scanresultaten kape, ik heb nog steeds dezelfde vermelding dat de webpagina fouten zitten en dus niet naar behoren gaat werken. Als leek zijnde durf ik haast niet mijn computer meer aan te zetten, bang dat het crasht !!!! ---------- Post toegevoegd om 01:18 ---------- Vorige post was om 01:04 ---------- Server Error in '/genuine' Application. Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off". <!-- Web.Config Configuration File --><configuration> <system.web> <customErrors mode="Off"/> </system.web></configuration> Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL. <!-- Web.Config Configuration File --><configuration> <system.web> <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/> </system.web></configuration> dit heb ik ook maar bij gedaan, ik heb een vermoeden dat jij hier meer kan uithalen. Ik hoop dat mijn pc probleem snel opgelost kan worden, wanhopige Cinta
  7. Cinta
    Hallo Kape, Vreemd genoeg kan ik ComboFix niet downloaden op mijn Pc, in ieder geval maar half, ik bedoel halverwege het installeren, stopt het programma !
  8. Cinta
    Hallo kape, Ik heb jouw instructies gevolgd, maar mijn PC is nog steeds traag , nu krijg ik constant de melding dat er fout in de pagina is, elke keer als ik een blad open, verschijnt er een schermpje met de vermelding : de webpagina bevindt zich mogelijk fouten en werkt niet naar behoren, klik ik deze weg, dan verschijnt er de muis(pijl) met de aantal seconden weer, dus weer wachten voordat de pagina opent.
  9. Cinta
    oke kape, ik zal mijn best doen en ik laat je dit effe weten wat het resultaat is geworden!!!
  10. Cinta
    Hallo Kape, hier zijn de scanresultaten :Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:54:22, on 2-2-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\VIRUSfighter\Bin\Zanda.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\FighterSuiteService.exe C:\Program Files\HiYo\bin\HiYo.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserverconfig.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMediaServer.exe C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll R3 - URLSearchHook: muziekopjepc.nl Toolbar - {c5423ac5-07d3-438a-a1d2-5a15fe52e72b} - C:\Program Files\muziekopjepc.nl\tbmuz2.dll R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) R3 - URLSearchHook: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMes1.dll O2 - BHO: (no name) - SOFTWARE - (no file) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: (no name) - {88ABBCDC-CFFF-4AC3-ABDD-A8828BB9FBF5} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: muziekopjepc.nl Toolbar - {c5423ac5-07d3-438a-a1d2-5a15fe52e72b} - C:\Program Files\muziekopjepc.nl\tbmuz2.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMes1.dll O2 - BHO: TwonkyBeam - {D6E0063B-7B09-45C9-A51D-1FB51840EBE0} - C:\Program Files\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: (no name) - {FD2114A6-01DF-48E2-8153-682EE00FDEAF} - (no file) O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll O3 - Toolbar: muziekopjepc.nl Toolbar - {c5423ac5-07d3-438a-a1d2-5a15fe52e72b} - C:\Program Files\muziekopjepc.nl\tbmuz2.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMes1.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB5; SIMBAR={DF5E7E59-5178-46E2-8E8D-2475C0E8E8DE}; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 1.1.4322; .NET CLR 3.0.04506.648; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSN OptimizedIE8;NLNL)" -"http://sunnieday.net/client.php?wide=false" O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O4 - Global Startup: TwonkyMedia Tray Control.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Add to Playlist - res://C:\Program Files\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: TwonkyBeam to - res://C:\Program Files\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/231 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: TwonkyBeam for Internet Explorer - {339E0A0F-ACAE-408f-AAD7-4E9158FFDE7C} - C:\Program Files\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: pmnnlmkk - pmnnlmkk.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Common Toolkit Tools - SPAMfighter ApS - C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe O23 - Service: Google Updateservice (gupdate1c9bcd1df11ba3c) (gupdate1c9bcd1df11ba3c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Norman NJeeves - Unknown owner - C:\VIRUSfighter\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\VIRUSfighter\Bin\Zanda.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 18272 bytes Ik hoop dat je met deze scanresultaten van mijn Pc mijn probleem kan verhelpen, in ieder geval hartelijk bedankt voor je te nemen tijd en moeite, Cinta ( PC- leek )
  11. Cinta
    Hoi Kape, Ieder geval bedankt voor je tip, dat ga ik zeker uitproberen. Dan zie je mijn reactie hier wel tegemoet, doei !!!
  12. Cinta
    Hallo, Mijn Pc is zeer traag, ondanks het feit dat ik Slow Pc-fighter en Registry-booster heb geinstalleerd is de snelheid van mijn Pc nog meer achteruitgegaan. Bij Slow-Pc fighter krijg ik wel constant de melding dat mijn Pc gezond is. Tja verre van dit natuurlijk. Elke keer wanneer ik de computer opstart, duurt het zeker 15 minuten voordat ik iets kan aanklikken. Elke blad/ site die ik aanklik verschijnt linksonder "gereed, maar fout in de pagina " Ook daarna de melding van JSON is niet gedefinieerd. En elke keer wanneer ik ook maar iets aanklikt verschijnt naast de pijl/ muis de seconden. Kan ik dit nog verhelpen of kan ik mijn computer beter weggooien en een andere aanschaffen?
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.