geoffke001

heb zeker geen virus. scan is juist afgelopen en geen virusse

hallo, sinds gisteren duurt het blauw scherm van welkom lang. toen ik xp instaleerde ging dat na 2 sec weg en verscheen direct het bureaublad. na een maand of 3 heb ik besloten om een w8woord erop te plaatsen. maar gisteren heb ik het w8woord verwijdert en ineens duurt het heel wat langer (15sec)

maar mijn tv kaart is ook analoog, dus kan ik de vrt toch nemen?

de distributie ligt 20 meter van mijn pc. kan ik dan met een kabel die twee producten met een kabel verbinden tot de pc?? en kan ik met alletwee de producten ook analoge tv kijken? omdat ik zou starten met analoog tv kijken en later dan pas die kabel te leggen. eerst wat proberen

dus de derde is al uitgesloten. dus ik kan met de eerste 2 analoog kijken en ook met een kabel te leggen van de tv naar de pc? dus welk 1 van de 2 is de beste oplossing? kan je anders de werking uitleggen van de eerste 2? hoe het in mekaar zit en hoe het te instaleren valt. ik zou namelijk nog niet direct een kabel leggen. eerst wat analoog kijken. maarik dacht dat de eerste link, je distributie en je pc verbind. zonder dat je een kabel moet leggen. dank u op voorhand

hallo, ik zou graag tv op mijn pc willen. ik weet dat ik met een tv kaart moet werken en een kabel leggen maar ik heb andere oplossingen gevonden denk ik. maar weet niet goed hoe ze werken. hier zijn de links. Pinnacle Systems - Product samenvatting - PCTV Analog USB compustar - the star in hard - and software Pinnacle Systems - Product samenvatting - PCTV DVB-T Stick Solo of Pctv Dvb-t Stick Solo Ml 8230-10022-81 ik hoop dat je mij het kan expliceren

hallo, ik zou een foto willen vergroten zonder dat de kwaliteit afneemt. hoe doe ik dat best?

die SDfix mag je dat af en toe gebruiken om de trojans te verwijderen?

de error lijkt weg te zijn. combofix logje ComboFix 08-03-26.3 - Geoffrey 2008-03-28 10:27:03.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.1635 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Geoffrey\Bureaublad\ComboFix.exe Command switches used :: C:\Documents and Settings\Geoffrey\Bureaublad\CFScript.txt * Nieuw herstelpunt werd aangemaakt * Resident AV is active WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((( Bestanden Gemaakt van 2008-02-28 to 2008-03-28 )))))))))))))))))))))))))))))) . 2008-03-28 10:17 . 2008-03-28 10:17 <DIR> d-------- C:\WINDOWS\ERUNT 2008-03-27 21:04 . 2008-03-27 21:03 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2008-03-27 21:04 . 2008-03-27 21:03 298,104 --a------ C:\WINDOWS\system32\imon.dll 2008-03-27 21:04 . 2008-03-27 21:03 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2008-03-27 20:57 . 2008-03-28 08:43 <DIR> d-------- C:\Program Files\ESET 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr-h----- C:\Documents and Settings\LocalService\Onlangs geopend 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr------- C:\Documents and Settings\LocalService\Mijn documenten 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr------- C:\Documents and Settings\LocalService\Favorieten 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> d-------- C:\Documents and Settings\LocalService\Bureaublad 2008-03-27 13:50 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm 2008-03-27 13:50 . 2006-06-20 10:56 225,280 --a------ C:\WINDOWS\system32\rewire.dll 2008-03-27 13:48 . 2008-03-27 13:48 <DIR> d-------- C:\Program Files\Steinberg 2008-03-27 13:48 . 2008-03-27 13:50 <DIR> d-------- C:\Program Files\Image-Line 2008-03-27 13:48 . 2003-06-20 13:28 1,777,664 --a------ C:\WINDOWS\system32\gdiplus.dll 2008-03-27 13:44 . 2008-03-27 18:38 116 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-27 13:24 . 2008-03-27 17:59 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\Ahead 2008-03-27 13:07 . 2008-03-27 13:07 <DIR> d-------- C:\Program Files\Nero 2008-03-27 13:07 . 2008-03-27 13:12 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-03-27 12:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-03-27 12:58 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-03-27 09:47 . 2008-03-27 13:13 <DIR> d-------- C:\Program Files\Spyware Doctor 2008-03-27 09:47 . 2008-03-27 09:47 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\PC Tools 2008-03-27 09:47 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-03-27 09:47 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-03-27 09:47 . 2007-12-10 14:53 41,864 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-03-27 09:47 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-03-27 09:29 . 2008-03-27 09:46 <DIR> d-------- C:\Documents and Settings\Geoffrey\Contacts 2008-03-26 19:16 . 2008-03-26 19:19 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-03-26 19:15 . 2008-03-26 19:20 <DIR> d-------- C:\Program Files\Windows Live 2008-03-26 19:15 . 2008-03-26 19:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-03-26 19:12 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-03-26 19:02 . 2008-03-26 19:02 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire 2008-03-26 18:59 . 2008-03-26 18:59 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-03-26 18:51 . 2008-03-26 18:51 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-03-26 18:51 . 2008-03-28 09:03 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-03-26 18:51 . 2008-03-26 20:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-03-26 18:51 . 2008-03-28 09:03 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-03-26 18:51 . 2008-03-26 18:51 22,328 --a------ C:\Documents and Settings\Geoffrey\Application Data\PnkBstrK.sys 2008-03-26 18:51 . 2008-03-26 18:51 319 --a------ C:\WINDOWS\game.ini 2008-03-26 18:47 . 2008-03-26 18:47 <DIR> d-------- C:\Program Files\Activision 2008-03-26 18:32 . 2008-03-26 18:32 <DIR> d-------- C:\Program Files\Trend Micro 2008-03-26 18:20 . 2008-03-26 18:20 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire 2008-03-26 18:20 . 2008-03-28 08:34 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-26 18:15 . 2008-03-26 18:17 <DIR> d-------- C:\Program Files\Xfire 2008-03-26 18:15 . 2008-03-26 18:17 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\Xfire 2008-03-26 18:01 . 2004-08-04 01:54 57,856 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2008-03-26 18:01 . 2001-08-17 22:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2008-03-14 00:05 . 2008-03-14 00:05 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-26 17:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-26 16:37 --------- d-----w C:\Documents and Settings\Geoffrey\Application Data\ESET 2008-03-26 16:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-03-26 16:31 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-03-26 16:31 --------- d-----w C:\Program Files\Realtek 2008-03-26 16:30 --------- d-----w C:\Documents and Settings\Geoffrey\Application Data\InstallShield 2008-03-26 16:29 --------- d-----w C:\Program Files\DIFX 2008-03-26 16:27 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-03-26 16:13 --------- d-----w C:\Program Files\microsoft frontpage 2008-03-05 15:03 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll 2008-03-05 15:03 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll 2008-03-05 15:00 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll 2008-03-05 14:56 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll 2008-03-05 14:56 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll 2008-02-05 22:07 462,864 ----a-w C:\WINDOWS\system32\d3dx10_37.dll . ((((((((((((((((((((((((((((( snapshot@2008-03-28_ 8.35.52,09 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-28 02:48:45 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-03-28 09:18:10 1,495,040 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-03-28 09:18:10 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-03-28 02:48:45 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-03-28 09:17:58 1,495,040 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-03-28 09:17:58 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat - 2004-08-11 00:45:04 229,376 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll + 2007-10-20 05:01:32 227,328 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll + 2006-12-15 02:58:28 208,896 ----a-r C:\WINDOWS\system32\sw20.old.exe + 2006-12-15 02:58:48 69,632 ----a-r C:\WINDOWS\system32\sw24.old.exe - 2004-08-11 00:45:04 229,376 ----a-w C:\WINDOWS\system32\wmasf.dll + 2007-10-20 05:01:32 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 13:32 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 11:54 16116224 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568] "nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe] "SW20"="C:\WINDOWS\system32\sw20.exe" [ ] "SW24"="C:\WINDOWS\system32\sw24.exe" [ ] "WinSys2"="C:\WINDOWS\system32\winsys2.exe" [2006-12-15 03:59 217088] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920] "NWEReboot"="" [] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-03-27 21:03 949376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtutqrq] vtutqrq.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= "C:\\Documents and Settings\\Geoffrey\\Bureaublad\\cod 4\\Cod4bot.exe"= S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-28 10:27:38 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe -> C:\Program Files\Eset\pr_imon.dll . Voltooingstijd: 2008-03-28 10:27:59 ComboFix-quarantined-files.txt 2008-03-28 09:27:50 ComboFix2.txt 2008-03-28 07:36:04 ComboFix3.txt 2008-03-27 19:04:45 Pre-Run: 130,277,122,048 bytes beschikbaar Post-Run: 130,266,501,120 bytes beschikbaar . 2008-03-28 09:07:11 --- E O F --- SDfix logje SDFix: Version 1.163 Run by Geoffrey on vr 28-03-2008 at 10:20 Microsoft Windows XP [versie 5.1.2600] Running From: C:\DOCUME~1\Geoffrey\BUREAU~1\SW\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-28 10:23:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\D\n\21] "DisplayName"="\xb973\x778e" "DeviceDesc"="\xb973\x778e" "ProviderName"="\x27fc\21\xee18\x7c90\x286c\21\b" "MFG"="\xc1bf\b\xe12b\x1803\x524" "ReinstallString"=".10.1000.7" "DeviceInstanceIds"=str(7):"d:\chipset\rs690\sbdrv\smbus\smbusati.inf" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 1 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare " "C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire" "C:\\Documents and Settings\\Geoffrey\\Bureaublad\\cod 4\\Cod4bot.exe"="C:\\Documents and Settings\\Geoffrey\\Bureaublad\\cod 4\\Cod4bot.exe:*:Enabled:Microsot Windows Explorer" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" Remaining Files : File Backups: - C:\DOCUME~1\Geoffrey\BUREAU~1\SW\SDFix\backups\backups.zip Files with Hidden Attributes : Wed 26 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b8d5769ed022fab7a177db7759e6a27b\BITF.tmp" Finished!

ComboFix 08-03-26.3 - Geoffrey 2008-03-28 8:34:51.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.1624 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Geoffrey\Bureaublad\ComboFix.exe Command switches used :: C:\Documents and Settings\Geoffrey\Bureaublad\CFScript.txt * Nieuw herstelpunt werd aangemaakt * Resident AV is active WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! FILE :: C:\sqmdata00.sqm C:\sqmdata01.sqm C:\sqmdata02.sqm C:\sqmnoopt00.sqm C:\sqmnoopt01.sqm C:\sqmnoopt02.sqm C:\WINDOWS\17PHolmes572.exe C:\WINDOWS\system32\opppoqhj.ini C:\WINDOWS\TinyBHO.dll . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\sqmdata00.sqm C:\sqmdata01.sqm C:\sqmdata02.sqm C:\sqmnoopt00.sqm C:\sqmnoopt01.sqm C:\sqmnoopt02.sqm C:\WINDOWS\17PHolmes572.exe C:\WINDOWS\system32\opppoqhj.ini C:\WINDOWS\TinyBHO.dll . (((((((((((((((((((( Bestanden Gemaakt van 2008-02-28 to 2008-03-28 )))))))))))))))))))))))))))))) . 2008-03-27 21:04 . 2008-03-27 21:03 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2008-03-27 21:04 . 2008-03-27 21:03 298,104 --a------ C:\WINDOWS\system32\imon.dll 2008-03-27 21:04 . 2008-03-27 21:03 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2008-03-27 20:57 . 2008-03-27 21:31 <DIR> d-------- C:\Program Files\ESET 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr-h----- C:\Documents and Settings\LocalService\Onlangs geopend 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr------- C:\Documents and Settings\LocalService\Mijn documenten 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr------- C:\Documents and Settings\LocalService\Favorieten 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> d-------- C:\Documents and Settings\LocalService\Bureaublad 2008-03-27 13:50 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm 2008-03-27 13:50 . 2006-06-20 10:56 225,280 --a------ C:\WINDOWS\system32\rewire.dll 2008-03-27 13:48 . 2008-03-27 13:48 <DIR> d-------- C:\Program Files\Steinberg 2008-03-27 13:48 . 2008-03-27 13:50 <DIR> d-------- C:\Program Files\Image-Line 2008-03-27 13:48 . 2003-06-20 13:28 1,777,664 --a------ C:\WINDOWS\system32\gdiplus.dll 2008-03-27 13:44 . 2008-03-27 18:38 116 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-27 13:24 . 2008-03-27 17:59 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\Ahead 2008-03-27 13:07 . 2008-03-27 13:07 <DIR> d-------- C:\Program Files\Nero 2008-03-27 13:07 . 2008-03-27 13:12 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-03-27 12:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-03-27 12:58 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-03-27 09:47 . 2008-03-27 13:13 <DIR> d-------- C:\Program Files\Spyware Doctor 2008-03-27 09:47 . 2008-03-27 09:47 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\PC Tools 2008-03-27 09:47 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-03-27 09:47 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-03-27 09:47 . 2007-12-10 14:53 41,864 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-03-27 09:47 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-03-27 09:29 . 2008-03-27 09:46 <DIR> d-------- C:\Documents and Settings\Geoffrey\Contacts 2008-03-26 19:16 . 2008-03-26 19:19 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-03-26 19:15 . 2008-03-26 19:20 <DIR> d-------- C:\Program Files\Windows Live 2008-03-26 19:15 . 2008-03-26 19:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-03-26 19:12 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-03-26 19:02 . 2008-03-26 19:02 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire 2008-03-26 18:59 . 2008-03-26 18:59 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-03-26 18:51 . 2008-03-26 18:51 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-03-26 18:51 . 2008-03-27 21:37 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-03-26 18:51 . 2008-03-26 20:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-03-26 18:51 . 2008-03-27 21:38 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-03-26 18:51 . 2008-03-26 18:51 22,328 --a------ C:\Documents and Settings\Geoffrey\Application Data\PnkBstrK.sys 2008-03-26 18:51 . 2008-03-26 18:51 319 --a------ C:\WINDOWS\game.ini 2008-03-26 18:47 . 2008-03-26 18:47 <DIR> d-------- C:\Program Files\Activision 2008-03-26 18:32 . 2008-03-26 18:32 <DIR> d-------- C:\Program Files\Trend Micro 2008-03-26 18:20 . 2008-03-26 18:20 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire 2008-03-26 18:20 . 2008-03-28 08:34 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-26 18:15 . 2008-03-26 18:17 <DIR> d-------- C:\Program Files\Xfire 2008-03-26 18:15 . 2008-03-26 18:17 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\Xfire 2008-03-26 18:01 . 2004-08-04 01:54 57,856 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2008-03-26 18:01 . 2001-08-17 22:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2008-03-14 00:05 . 2008-03-14 00:05 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-26 17:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-26 16:37 --------- d-----w C:\Documents and Settings\Geoffrey\Application Data\ESET 2008-03-26 16:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-03-26 16:31 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-03-26 16:31 --------- d-----w C:\Program Files\Realtek 2008-03-26 16:30 --------- d-----w C:\Documents and Settings\Geoffrey\Application Data\InstallShield 2008-03-26 16:29 --------- d-----w C:\Program Files\DIFX 2008-03-26 16:27 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-03-26 16:13 --------- d-----w C:\Program Files\microsoft frontpage 2008-03-05 15:03 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll 2008-03-05 15:03 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll 2008-03-05 15:00 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll 2008-03-05 14:56 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll 2008-03-05 14:56 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll 2008-02-05 22:07 462,864 ----a-w C:\WINDOWS\system32\d3dx10_37.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 13:32 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 11:54 16116224 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568] "nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe] "SW20"="C:\WINDOWS\system32\sw20.exe" [2006-12-15 03:58 208896] "SW24"="C:\WINDOWS\system32\sw24.exe" [2006-12-15 03:58 69632] "WinSys2"="C:\WINDOWS\system32\winsys2.exe" [2006-12-15 03:59 217088] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920] "NWEReboot"="" [] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-03-27 21:03 949376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtutqrq] vtutqrq.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-28 08:35:44 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe -> C:\Program Files\Eset\pr_imon.dll . Voltooingstijd: 2008-03-28 8:36:03 ComboFix-quarantined-files.txt 2008-03-28 07:35:55 ComboFix2.txt 2008-03-27 19:04:45 Pre-Run: 130,347,724,800 bytes beschikbaar Post-Run: 130,335,363,072 bytes beschikbaar . 2008-03-27 12:42:34 --- E O F --- mijn spyware doctor gaf wel een trojan aan bij het uitvoeren van combofix een ook een virus.

hier is mijn log ComboFix 08-03-26.3 - Geoffrey 2008-03-27 20:00:50.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.1614 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Geoffrey\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt * Resident AV is active WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BM33a488e7.xml C:\WINDOWS\pskt.ini C:\WINDOWS\system32\qtvwa.ini2 C:\WINDOWS\system32\xntjnbii.dll . (((((((((((((((((((( Bestanden Gemaakt van 2008-02-27 to 2008-03-27 )))))))))))))))))))))))))))))) . 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr-h----- C:\Documents and Settings\LocalService\Onlangs geopend 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr------- C:\Documents and Settings\LocalService\Mijn documenten 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> dr------- C:\Documents and Settings\LocalService\Favorieten 2008-03-27 17:45 . 2008-03-27 17:45 <DIR> d-------- C:\Documents and Settings\LocalService\Bureaublad 2008-03-27 14:31 . 2008-03-27 14:31 1,583,561 ---hs---- C:\WINDOWS\system32\opppoqhj.ini 2008-03-27 13:50 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm 2008-03-27 13:50 . 2006-06-20 10:56 225,280 --a------ C:\WINDOWS\system32\rewire.dll 2008-03-27 13:48 . 2008-03-27 13:48 <DIR> d-------- C:\Program Files\Steinberg 2008-03-27 13:48 . 2008-03-27 13:50 <DIR> d-------- C:\Program Files\Image-Line 2008-03-27 13:48 . 2003-06-20 13:28 1,777,664 --a------ C:\WINDOWS\system32\gdiplus.dll 2008-03-27 13:44 . 2008-03-27 18:38 116 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-27 13:24 . 2008-03-27 17:59 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\Ahead 2008-03-27 13:07 . 2008-03-27 13:07 <DIR> d-------- C:\Program Files\Nero 2008-03-27 13:07 . 2008-03-27 13:12 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-03-27 12:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-03-27 12:58 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-03-27 09:47 . 2008-03-27 13:13 <DIR> d-------- C:\Program Files\Spyware Doctor 2008-03-27 09:47 . 2008-03-27 09:47 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\PC Tools 2008-03-27 09:47 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-03-27 09:47 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-03-27 09:47 . 2007-12-10 14:53 41,864 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-03-27 09:47 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-03-27 09:29 . 2008-03-27 09:46 <DIR> d-------- C:\Documents and Settings\Geoffrey\Contacts 2008-03-26 21:43 . 2008-03-26 21:43 268 --ah----- C:\sqmdata02.sqm 2008-03-26 21:43 . 2008-03-26 21:43 244 --ah----- C:\sqmnoopt02.sqm 2008-03-26 20:47 . 2008-03-26 20:47 268 --ah----- C:\sqmdata01.sqm 2008-03-26 20:47 . 2008-03-26 20:47 244 --ah----- C:\sqmnoopt01.sqm 2008-03-26 19:30 . 2008-03-26 19:30 268 --ah----- C:\sqmdata00.sqm 2008-03-26 19:30 . 2008-03-26 19:30 244 --ah----- C:\sqmnoopt00.sqm 2008-03-26 19:16 . 2008-03-26 19:19 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-03-26 19:15 . 2008-03-26 19:20 <DIR> d-------- C:\Program Files\Windows Live 2008-03-26 19:15 . 2008-03-26 19:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-03-26 19:12 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2008-03-26 19:02 . 2008-03-26 19:02 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire 2008-03-26 18:59 . 2008-03-26 18:59 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-03-26 18:51 . 2008-03-26 18:51 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-03-26 18:51 . 2008-03-27 17:42 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-03-26 18:51 . 2008-03-26 20:51 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-03-26 18:51 . 2008-03-27 17:42 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-03-26 18:51 . 2008-03-26 18:51 22,328 --a------ C:\Documents and Settings\Geoffrey\Application Data\PnkBstrK.sys 2008-03-26 18:51 . 2008-03-26 18:51 319 --a------ C:\WINDOWS\game.ini 2008-03-26 18:47 . 2008-03-26 18:47 <DIR> d-------- C:\Program Files\Activision 2008-03-26 18:32 . 2008-03-26 18:32 <DIR> d-------- C:\Program Files\Trend Micro 2008-03-26 18:25 . 2008-03-26 18:25 32,764 --a------ C:\WINDOWS\17PHolmes572.exe 2008-03-26 18:20 . 2008-03-26 18:20 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire 2008-03-26 18:20 . 2008-03-27 20:02 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-26 18:15 . 2008-03-26 18:17 <DIR> d-------- C:\Program Files\Xfire 2008-03-26 18:15 . 2008-03-26 18:17 <DIR> d-------- C:\Documents and Settings\Geoffrey\Application Data\Xfire 2008-03-26 18:01 . 2004-08-04 01:54 57,856 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2008-03-26 18:01 . 2001-08-17 22:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2008-03-14 00:05 . 2008-03-14 00:05 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll 2008-03-13 20:20 . 2008-03-13 20:20 204,800 --a------ C:\WINDOWS\TinyBHO.dll 2008-03-01 04:56 . 2008-03-01 04:56 71,176 --a------ C:\WINDOWS\system32\drivers\epfw.sys 2008-03-01 04:56 . 2008-03-01 04:56 54,280 --a------ C:\WINDOWS\system32\drivers\epfwtdi.sys 2008-03-01 04:56 . 2008-03-01 04:56 30,728 --a------ C:\WINDOWS\system32\drivers\epfwndis.sys 2008-03-01 04:53 . 2008-03-01 04:53 29,704 --a------ C:\WINDOWS\system32\drivers\easdrv.sys 2008-03-01 04:52 . 2008-03-01 04:52 39,944 --a------ C:\WINDOWS\system32\drivers\eamon.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-26 17:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-26 16:37 --------- d-----w C:\Documents and Settings\Geoffrey\Application Data\ESET 2008-03-26 16:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-03-26 16:36 --------- d-----w C:\Program Files\ESET 2008-03-26 16:31 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-03-26 16:31 --------- d-----w C:\Program Files\Realtek 2008-03-26 16:30 --------- d-----w C:\Documents and Settings\Geoffrey\Application Data\InstallShield 2008-03-26 16:29 --------- d-----w C:\Program Files\DIFX 2008-03-26 16:27 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-03-26 16:13 --------- d-----w C:\Program Files\microsoft frontpage 2008-03-05 15:03 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll 2008-03-05 15:03 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll 2008-03-05 15:00 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll 2008-03-05 14:56 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll 2008-03-05 14:56 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll 2008-02-05 22:07 462,864 ----a-w C:\WINDOWS\system32\d3dx10_37.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 13:32 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 11:54 16116224 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-01 04:54 1443072] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568] "nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe] "SW20"="C:\WINDOWS\system32\sw20.exe" [2006-12-15 03:58 208896] "SW24"="C:\WINDOWS\system32\sw24.exe" [2006-12-15 03:58 69632] "WinSys2"="C:\WINDOWS\system32\winsys2.exe" [2006-12-15 03:59 217088] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920] "NWEReboot"="" [] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtutqrq] vtutqrq.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-27 20:03:54 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\wdfmgr.exe . ************************************************************************** . Voltooingstijd: 2008-03-27 20:04:45 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-27 19:04:42 Pre-Run: 130,414,055,424 bytes beschikbaar Post-Run: 130,367,037,440 bytes beschikbaar . 2008-03-27 12:42:34 --- E O F ---

ok ik had het bestand niet helemaal gedownload. ik zal het nu uitvoeren

als ik op combofix druk dan komt er iets op "some installation files are corrupt"

bij het opstarten krijg ik iedere keer de melding van een error van sw24.exe hier is mijn logje Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:53:06, on 27-3-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\winsys2.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Spyware Doctor\pctsTray.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [bM33a488e7] Rundll32.exe "C:\WINDOWS\system32\xntjnbii.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206556990062 O20 - Winlogon Notify: vtutqrq - vtutqrq.dll (file missing) O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 5266 bytes

ja nu je het zegt is mijn eset pak idd goed genoeg voor heel mijn pc te beveiligen. dus mag ik die adwatch uninstallen? nou ja, ik denk dat ik die gewoon laat staan voor dubbele beveiliging. maar die norton scan, dat is alleen maar een scan. die was ook bij dat google pack. die heeft geen real time protection. die scant en verwijdert alleen als ik het zeg.

die firewall van windows zelf, is dat dan niet goed genoeg. momenteel heb ik staan - eset smart security 3.0.645.0 (scan ik regelmatig mee) - ad-aware pro (met ad-watch) - norton antivirus scan (dat doe ik maar 1 keer per week) - gratis versie van spyware doctor (bij het google pack)

ik heb ondertussen mijn pc geformateerd, nu loopt alles terug lekker. toch bedankt voor de hulp. maar heb je nog goeje progjes om mijn pc beter te beveiligen, zodat ik dat niet meer krijg van google. dank u

hier mijn hijackthis logje Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:07:24, on 22-3-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\winsys2.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\AVG\AVG8\avgupd.exe C:\Program Files\AVG\AVG8\avgui.exe C:\Program Files\AVG\AVG8\avgscanx.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: SBBho Class - {c9803b12-f0a0-11dc-95ff-0800200c9a66} - C:\WINDOWS\TinyBHO.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe -- End of file - 6860 bytes

neen daar is het niet. raar

ik zit met een probleem over google. als ik iets zoek op google dan komt er links van het scherm altijd sites te staan over andere dingen. http://aycu32.webshots.com/image/47271/2006165923311365081_rs.jpg

hallo, ik kom juist van bij min tante en heb daar ondervonden dat de usb adapter geen router meer vond. dus heb ik alles opnieuw geinstalleer maar nog altijd geen resultaat. ik kan wel verbinding maken met internet als ik de laptop en de router met een kabel verbind.

als ik dat hokje uitvink en herstart weer opnieuw dat kan hij niet aanmelden door een accountbeperking

bij het opstarten van mijn pc moet ik iedere keer op mijn account klikken. maar ik gebruik geen wachtwoord dus wil ik hem helemaal automatisch opstarten. maar ik vind het niet om dat weg te doen. kan iemand mij helpen?

hallo ik zit met een groot probleem. ik heb namelijk cod 4 gedownload en heb het al eens geinstalleerd met deamon tools maar vandaag heb ik mijn pc eens geformateerd en ik wilde cod 4 opnieuw instaleren maar hij doet het niet meer. de bestanden die ik moet instaleren zijn pro-cod4.B00, pro-cod4.B01, pro-cod4.B02, pro-cod4.B6I en pro-cod4.B6T. ik hoop dat u mij kan helpen. het is me trouwens al gelukt om het te spelen en te instaleren dus. ik vind het raar. dank u op voorbaat

Bij het opstarten duurt het nogal lang voor dat hij het bureaublad tevoorschijn toont. hij blijft meer dan 15 sec op het scherm "Welkom" staan. bijlage = Mijn HJT logje hijackthis.log