Ga naar inhoud

joyouri

Lid
  • Items

    20
  • Registratiedatum

  • Laatst bezocht

Over joyouri

  • Verjaardag 02-02-1990

PC Specificaties

  • Besturingssysteem
    windows 7
  • Monitor
    IBM
  • Processor
    intel quad core
  • Geheugen
    4 gig ddr3
  • Grafische Kaart
    nvidia geforce 220gt
  • Harde Schijf
    600 gig intel
  • Behuizing
    hp

joyouri's prestaties

  1. @kape nee alles is weer in orde ik zal nu dit topic als opgelost doen Bedankt voor de moeite. Grtz Youri
  2. Bedankt voor de reacties. Hier mijn logje: ComboFix 12-06-25.05 - youri 26-06-2012 12:02:23.1.4 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.3327.1963 [GMT 2:00] Gestart vanuit: c:\users\youri\Downloads\ComboFix.exe AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661} SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\windows c:\programdata\windows\dumd.dat c:\programdata\Windows\wsse.dll c:\programdata\Windows\xdor.dat c:\users\youri\AppData\Local\assembly\tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-26 to 2012-06-26 )))))))))))))))))))))))))))))) . . 2012-06-26 10:10 . 2012-06-26 10:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-26 10:10 . 2012-06-26 10:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-26 10:09 . 2012-06-26 10:09 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E515B695-843A-4285-B045-8F1F6A219744}\offreg.dll 2012-06-25 17:51 . 2012-06-25 17:51 388096 ----a-r- c:\users\youri\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-25 17:51 . 2012-06-25 17:51 -------- d-----w- c:\program files\Trend Micro 2012-06-25 17:07 . 2012-06-25 17:07 -------- d-----w- c:\users\youri\AppData\Roaming\Malwarebytes 2012-06-25 17:06 . 2012-06-25 17:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-25 17:06 . 2012-06-25 17:06 -------- d-----w- c:\programdata\Malwarebytes 2012-06-25 17:06 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-23 01:46 . 2012-06-23 01:46 -------- d-----w- c:\program files\Futuremark 2012-06-23 01:24 . 2012-06-23 01:24 -------- d-----w- c:\users\youri\AppData\Roaming\Ubisoft 2012-06-23 01:24 . 2012-06-23 01:24 -------- d-----w- c:\programdata\Ubisoft 2012-06-22 16:09 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E515B695-843A-4285-B045-8F1F6A219744}\mpengine.dll 2012-06-21 18:05 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 18:05 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 18:05 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 18:05 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 18:05 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-21 18:05 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 18:05 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 18:05 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 18:05 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 16:29 . 2012-06-25 17:07 -------- d-----w- c:\users\youri\AppData\Roaming\Xfire 2012-06-20 16:29 . 2012-06-20 16:33 -------- d-----w- c:\programdata\Xfire 2012-06-20 15:02 . 2012-06-20 15:02 -------- d-----w- C:\Riot Games 2012-06-20 15:00 . 2012-06-20 15:00 -------- d-----w- c:\users\youri\AppData\Local\Macromedia 2012-06-20 13:29 . 2012-06-20 13:30 -------- d-----w- c:\users\youri\AppData\Roaming\.minecraft 2012-06-18 10:19 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-18 10:19 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll 2012-06-18 10:19 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys 2012-06-18 10:19 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-18 10:19 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-18 10:19 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-18 10:19 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-06-18 10:19 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-18 10:19 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-06-18 10:19 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-16 00:17 . 2012-06-16 00:17 42432 ----a-w- c:\windows\system32\xfcodec.dll 2012-06-05 14:44 . 2012-04-18 17:08 27968 ----a-w- c:\windows\system32\nvhdap32.dll 2012-06-05 14:44 . 2012-04-18 17:08 148800 ----a-w- c:\windows\system32\drivers\nvhda32v.sys 2012-06-05 14:44 . 2012-05-15 10:26 883008 ----a-w- c:\windows\system32\nvgenco32.dll 2012-06-05 14:44 . 2012-05-15 10:26 19607872 ----a-w- c:\windows\system32\nvoglv32.dll 2012-06-05 14:44 . 2012-05-15 10:26 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-06-05 14:44 . 2012-05-15 10:26 5982528 ----a-w- c:\windows\system32\nvcuda.dll 2012-06-05 14:44 . 2012-05-15 10:26 2524992 ----a-w- c:\windows\system32\nvcuvid.dll 2012-06-05 14:44 . 2012-05-15 10:26 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-06-05 14:44 . 2012-05-15 10:26 17551680 ----a-w- c:\windows\system32\nvcompiler.dll 2012-06-05 14:44 . 2012-05-15 10:26 1000768 ----a-w- c:\windows\system32\nvdispco32.dll 2012-06-04 20:16 . 2012-06-04 20:16 -------- d-----w- c:\users\youri\AppData\Roaming\TeamViewer 2012-05-31 13:48 . 2012-05-21 14:21 49128 ----a-w- c:\windows\system32\drivers\nvcv32mf.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-25 13:47 . 2012-04-11 17:32 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-25 13:47 . 2011-10-14 17:30 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-22 16:47 . 2011-10-30 23:14 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-06-22 16:47 . 2011-10-30 23:39 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-06-22 16:47 . 2011-10-30 23:13 268952 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-06-09 13:43 . 2011-10-30 23:13 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0 2012-05-15 10:26 . 2011-10-14 12:22 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-05-15 10:26 . 2011-10-14 12:22 2368832 ----a-w- c:\windows\system32\nvapi.dll 2012-05-15 10:26 . 2010-08-08 21:33 61248 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:26 . 2010-08-08 21:33 15322432 ----a-w- c:\windows\system32\nvd3dum.dll 2012-05-15 09:28 . 2012-05-20 20:39 2561344 ----a-w- c:\windows\system32\nvsvcr.dll 2012-05-15 09:28 . 2012-05-20 20:39 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-05-15 09:28 . 2010-08-08 21:07 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-05-15 09:28 . 2010-08-08 21:07 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-05-15 09:28 . 2010-08-08 21:07 3931456 ----a-w- c:\windows\system32\nvcpl.dll 2012-05-15 09:27 . 2010-08-08 21:07 2759488 ----a-w- c:\windows\system32\nvsvc.dll 2012-05-15 00:21 . 2012-05-15 00:21 423744 ----a-w- c:\windows\system32\nvStreaming.exe 2012-04-18 17:08 . 2012-05-20 20:38 876864 ----a-w- c:\windows\system32\nvhdagenco3220103.dll 2012-04-13 23:31 . 2012-04-13 23:31 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-03-31 04:39 . 2012-05-10 16:30 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-31 04:39 . 2012-05-10 16:30 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-30 10:23 . 2012-05-10 16:30 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-06-14 22:19 . 2012-06-25 19:56 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\steam.exe" [2011-10-14 1242448] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2012-02-14 348560] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\youri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CurseClientStartup.ccip [2012-1-8 0] Xfire.lnk - c:\program files\Xfire\Xfire.exe [2012-6-16 3553216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-14 136176] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 250056] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-04-26 135584] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-14 136176] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120] R3 netr73;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr73.sys [2011-10-05 564800] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-14 1343400] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-13 242240] S1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2011-07-12 26744] S1 NPROSEC;Norman Security driver;c:\program files\Norman\Ngs\Bin\nprosec.sys [2011-11-11 91136] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 Ndiskio;Ndiskio;c:\program files\Norman\Nse\Bin\NDISKIO.SYS [2010-12-09 22880] S2 NHS;Norman Hash Server;c:\program files\Norman\Nvc\bin\nhs.exe [2012-05-10 793520] S2 NNFSVC;Norman Network Filtering service;c:\program files\Norman\Ngs\Bin\Nnf.exe [2011-11-14 231216] S2 NPROSECSVC;Norman Security service;c:\program files\Norman\Ngs\Bin\Nprosec.exe [2011-09-30 90144] S2 nregsec;Norman Registry Security driver;c:\program files\Norman\Ngs\Bin\nregsec.sys [2011-11-11 61496] S2 NVOY;Norman Resource Provider;c:\program files\Norman\npm\bin\nvoy.exe [2011-10-19 100936] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272] S3 nsesvc;Norman Scanner Engine Service;c:\program files\Norman\Nse\Bin\NSESVC.EXE [2011-03-08 288072] S3 NvcMFlt;NvcMFlt;c:\windows\system32\DRIVERS\nvcv32mf.sys [2012-05-21 49128] S3 nvcoas;Norman Virus Control on-access component;c:\program files\Norman\Nvc\Bin\nvcoas.exe [2012-05-03 286760] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-04-18 148800] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776] S3 Scheduler;Norman Scheduler Service;c:\program files\Norman\Npm\Bin\scheduler.exe [2011-04-11 99312] . . Inhoud van de 'Gedeelde Taken' map . 2012-06-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 13:47] . 2012-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-14 20:12] . 2012-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-14 20:12] . . ------- Bijkomende Scan ------- . IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\users\youri\AppData\Roaming\Mozilla\Firefox\Profiles\fg7q8meq.default\ . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1885139299-1516118041-1528374305-1000\Software\SecuROM\License information*] "datasecu"=hex:a2,5b,14,4e,87,8f,7e,ee,60,93,d2,f4,f6,54,01,ad,d9,bf,f0,e9,56, 36,05,3a,40,8f,a1,d8,3d,a7,21,23,e2,23,94,28,1b,47,91,7f,57,06,56,55,10,27,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-06-26 12:17:47 ComboFix-quarantined-files.txt 2012-06-26 10:17 ComboFix2.txt 2011-05-27 15:35 . Pre-Run: 626.609.414.144 bytes beschikbaar Post-Run: 626.616.836.096 bytes beschikbaar . - - End Of File - - 638B42360A3112B4D40B6044C4682B37
  3. Nou ook mijn ie blijft soms hangen :S maar met firefox (gebruik ik toch altijd) als ik dan hier bijvoorbeeld f5 druk om te kijken of er al een reactie is op mijn bericht dan zegt die: firefox reageert niet en dan moet ik een paar seconden wachten voordat die weer reageert. en dat altijd als ik de pagina vernieuw terwijl dit eerst niet zo was.
  4. Beste mensen van pc-helpforum.be Ik denk dat mijn pc niet helemaal veilig meer is. als ik naar firefox ga sluit die in een keer af of zegt hij dat het programma firefox niet meer werkt. ook mijn andere browsers reageren raar :S ook heb ik verschillende waarschuwingen van mijn antivirus (norman) gekregen dit zijn ze: Bestandsnaam: Diagnose: Exception.dll Vundo.gen214.gen config.bin.vid conf.O Deze bestanden staan nu in de quarantaine btw. ik heb hier mijn hijackthis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:59:51, on 25-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Norman\Nvc\Bin\cclaw.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Norman\Npm\Bin\nbrowser.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1885139299-1516118041-1528374305-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1885139299-1516118041-1528374305-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: CurseClientStartup.ccip O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\elogsvc.exe O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 9049 bytes Ik hoop dat jullie mij kunnen helpen Grtz youri p.s ik heb ook meteen maar een scan full system scan gedaan met mbam hier is dat logje alvast: Malwarebytes Anti-Malware 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.06.25.08 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 youri :: YOURI-PC [administrator] 25-6-2012 19:07:24 mbam-log-2012-06-25 (19-07-24).txt Scantype: Volledige scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 316324 Verstreken tijd: 1 uur/uren, 15 minuut/minuten, 46 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) [TABLE=class: _c listgrid quarantine] [TR=class: row0 row1 even] [TD=class: col2][/TD] [TD=class: col3][/TD] [TD=class: hidden][/TD] [TD=class: hidden][/TD] [TD=class: hidden][/TD] [TD=class: col7][/TD] [/TR] [TR=class: row1 row2 odd] [TD=class: col0][/TD] [TD=class: col2][/TD] [TD=class: col3][/TD] [/TR] [/TABLE]
  5. Oke ik heb alles gedaan, moet ik daarna het systeem herstel wel weer inschakelen? Grtz Youri En bedankt!
  6. Sorry voor de late reactie. Hier het logje . ESETSmartInstaller@High as CAB hook log: OnlineScannerUninstaller.exe - copy file error :Toegang geweigerd. OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6522 # api_version=3.0.2 # EOSSerial=fc7de1db6baf944c8db3b11cac0894c6 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-06-01 07:28:00 # local_time=2011-06-01 09:28:00 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 558333 558333 0 0 # compatibility_mode=5378 16777213 100 97 834 142233827 0 0 # compatibility_mode=5893 16776573 100 94 2686 58582026 0 0 # compatibility_mode=8192 67108863 100 0 108 108 0 0 # scanned=149846 # found=13 # cleaned=13 # scan_time=5646 C:\Qoobox\Quarantine\[4]-Submit_2011-05-27_16.05.04.zip a variant of Win32/Kryptik.OCB trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\GEROINSSVSE\GEROINSSVSE.exe.vir a variant of Win32/Kryptik.OEY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\temp\0.3063615552060275.exe a variant of Win32/Kryptik.OIY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\temp\jar_cache595617008168890716.tmp a variant of Win32/Injector.GPZ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\ziqogi.exe Win32/Spy.Zbot.YW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\home\AppData\Roaming\Vaybm\kuyxi.exe Win32/Spy.Zbot.YW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\home\DoctorWeb\Quarantine\eolmu.exe a variant of Win32/Kryptik.OCB trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\home\DoctorWeb\Quarantine\nolmm.exe a variant of Win32/Kryptik.OCB trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\home\DoctorWeb\Quarantine\nservm.exe a variant of Win32/Kryptik.OCB trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\home\DoctorWeb\Quarantine\pregeo.exe a variant of Win32/Kryptik.OCB trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\home\DoctorWeb\Quarantine\yteryx.exe a variant of Win32/Kryptik.OCB trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6IY1HCJ\worldorders1one_com[1].htm HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C D:\HOMEPC\Backup Set 2011-01-09 195744\Backup Files 2011-01-09 195744\Backup files 3.zip Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C Grtz Youri
  7. ik heb geen last meer van ask.com in ieder geval. En mbam doet het ook weer, maar hoe kan ik zeker weten dat hij weer virusvrij is? Grtz youri
  8. Hij gaf bij de snelle scan geen fouten, maar wel 7 infecties geloof ik. Maar toen ik hem opnieuw deed gaf die geen infecties meer bij de snelle scan. Maar hij stond al 3 uur aan (de volledige scan en hij ging niet meer verder) Grtz youri
  9. Oke dat zal ik doen, Ik heb op dit moment niet meer die redirect van ask.com, maar ik vind het nog steeds vreemd dat de scan niet verder gaat :s elke keer als er nu updates komen dan zal ik hem wel laten updaten Grtz Youri
  10. Ik heb het programma een snelle scan laten doen en daarna de opties verandert als jij ze neergezet hebt, maar hij scant nu al 3 uur de volledige scan en hij gaat niet meer verder? terwijl die maar een heel klein stukje ver is :S ik heb hem al opnieuw opgestart (ook de pc) maar hij stopt de heletijd bij dezelfde file en als ik kijk dan is het een png (foto file) maar de snelle scan doet het wel. En ineenkeer heb ik weer windows updates dus ik heb weer sp1. Grtz youri
  11. Aah ik dacht dat mijn pc virusvrij was, maar nee als ik op google iets intypte en ik clickte op een site dan kwamen er ineenkeer 10 sites in me adresbalk (wel gewoon in 1 adresbalk) En daarna kwam ik op ask.com. Terwijl die site helemaal niet naar ask.com zou moeten gaan :s Nu heb ik op youtube gezocht op ask.com redirect remove. en toen moest ik kijken naar hosts en daar dan alles onder 27.0.0.0 localhost weghalen. maar bij mij stond er niks. Toen moest ik tdsskiller.exe downloaden en uitvoeren dat heb ik gedaan. En nu heb ik al een tijdje geen redirect meer van ask.com Dus daar ben ik nu vanaf denk ik. En toen wou ik antimalware bytes laten scannen dus ik druk dubbel op MBAM, maar hij start niet op:( Hij komt ook niet in processen te staan en als ik als admin uitvoeren doe doet die ook niks. Dus ik deinstalleer MBAM en zoek op google naar antimalware bytes download. En toen sloot ineenkeer mijn webbroser (opera, maar ik heb het ook geprobeerd met google chrome) af en nu elke keer als ik malware bytes intyp op google dan sluit ineenkeer mijn webbrowser af :S Terwijl ik wel op deze site kan en hotmail enz. kan iemand mij helpen a.u.b want volgens mij heb ik tog nog wat kwaadaardigs in me pc Grtz youri Bedankt alvast
  12. Als ik op naar updates zoeken druk dan krijg ik deze fout: http://imageshack.us/photo/my-images/42/naamloosux.png/ Ik kan dus helemaal niet naar updates zoeken :S
  13. Ik denk dat het is opgelost ik heb geen bluescreen meer gekregen de laatste tijd. En ook geen foutmelding meer over windows security center. Mocht er nog iets zijn dan houd ik je nog wel op de hoogte En nog iets met sp1? Dank je wel he! Grtz Youri
  14. ComboFix 11-05-26.04 - home 27-05-2011 17:23:58.3.4 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1049.18.3327.2210 [GMT 2:00] Gestart vanuit: c:\users\home\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\home\Desktop\CFScript.txt AV: Norman Security Suite *Enabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661} SP: Norman Security Suite *Enabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Aanwezig AV is actief . . FILE :: "c:\windows\system32\dolmd.exe" "c:\windows\system32\jwinj.exe" "c:\windows\system32\jwinz.exe" "c:\windows\system32\oregeo.exe" "c:\windows\system32\yteryy.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\temp\catchme.dll . ---- Voorgaande Run ------- . c:\programdata\cI28601GpAnC28601\cI28601GpAnC28601 c:\temp\catchme.dll c:\windows\system32\dolmd.exe c:\windows\system32\jwinj.exe c:\windows\system32\jwinz.exe c:\windows\system32\oregeo.exe c:\windows\system32\yteryy.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_jwinz . . (((((((((((((((((((( Bestanden Gemaakt van 2011-04-27 to 2011-05-27 )))))))))))))))))))))))))))))) . . 2011-05-27 15:31 . 2011-05-27 15:31 -------- d-----w- c:\users\home\AppData\Local\temp 2011-05-27 15:31 . 2011-05-27 15:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-27 14:13 . 2011-05-27 14:13 62976 ----a-w- c:\windows\system32\kcodk.exe 2011-05-27 10:13 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D7B4057-F440-4114-BE90-25170C0600C2}\mpengine.dll 2011-05-26 06:48 . 2011-05-26 06:48 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-05-26 06:48 . 2011-05-26 06:48 -------- d-----w- c:\program files\Trend Micro 2011-05-24 19:33 . 2011-05-24 19:33 102912 --sha-r- c:\windows\system32\DWrite5.dll 2011-05-22 19:48 . 2011-05-22 19:48 -------- d-----w- c:\program files\Common Files\Java 2011-05-22 19:46 . 2011-05-22 19:46 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-16 11:40 . 2011-05-26 06:54 -------- d-----w- c:\programdata\Skype Extras 2011-05-16 11:40 . 2011-05-16 11:40 -------- d-----w- c:\program files\Common Files\Skype 2011-05-12 17:50 . 2011-05-12 17:50 -------- d-----w- c:\users\home\AppData\Roaming\Malwarebytes 2011-05-12 17:50 . 2011-05-12 17:50 -------- d-----w- c:\programdata\Malwarebytes 2011-05-12 17:50 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-12 17:50 . 2011-05-12 17:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-05-12 17:50 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-11 19:38 . 2011-05-11 19:38 -------- d-sh--w- c:\windows\system32\%APPDATA% 2011-04-27 20:54 . 2011-04-27 21:02 235 ----a-w- c:\windows\system32\nxEuUninstall.bat 2011-04-27 20:39 . 2011-04-27 20:39 -------- d-----w- c:\program files\NEXON 2011-04-27 17:08 . 2011-05-16 13:20 -------- d-----w- C:\Nexon 2011-04-27 15:44 . 2011-02-18 05:33 31232 ----a-w- c:\windows\system32\prevhost.exe 2011-04-27 15:44 . 2011-03-11 05:44 146304 ----a-w- c:\windows\system32\drivers\storport.sys 2011-04-27 15:44 . 2011-03-11 05:44 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys 2011-04-27 15:44 . 2011-03-11 05:44 1210240 ----a-w- c:\windows\system32\drivers\ntfs.sys 2011-04-27 15:44 . 2011-03-11 05:44 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys 2011-04-27 15:44 . 2011-03-11 05:43 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys 2011-04-27 15:44 . 2011-03-11 05:43 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys 2011-04-27 15:44 . 2011-03-11 05:43 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys 2011-04-27 15:44 . 2011-03-11 05:39 1686016 ----a-w- c:\windows\system32\esent.dll 2011-04-27 15:44 . 2011-03-11 05:37 74240 ----a-w- c:\windows\system32\fsutil.exe 2011-04-27 15:43 . 2011-03-12 11:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll 2011-04-27 15:43 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\explorer.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-24 17:14 . 2010-12-31 07:07 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-04-08 11:28 . 2011-04-08 11:28 41872 ----a-w- c:\windows\system32\xfcodec.dll 2011-04-07 17:47 . 2011-04-12 14:22 4350944 ----a-w- c:\windows\system32\GameMon.des 2011-03-28 19:45 . 2011-02-08 13:47 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-03-28 19:45 . 2011-02-08 13:47 22328 ----a-w- c:\users\home\AppData\Roaming\PnkBstrK.sys 2011-03-28 19:45 . 2011-02-08 13:46 107832 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-03-28 19:45 . 2011-02-08 13:46 107832 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-03-28 19:45 . 2011-03-28 19:45 2250024 ----a-w- c:\windows\system32\pbsvc.exe 2011-03-13 18:11 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-11 05:40 . 2011-04-14 04:56 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-03-11 05:40 . 2011-04-14 04:56 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-03-08 05:38 . 2011-04-14 04:56 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-03 05:29 . 2011-04-14 04:57 132608 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-03-03 05:27 . 2011-04-14 04:57 28672 ----a-w- c:\windows\system32\dnscacheugc.exe 2011-03-03 03:31 . 2011-04-14 04:56 2331136 ----a-w- c:\windows\system32\win32k.sys 2010-12-31 15:43 . 2010-12-31 15:42 120832 ----a-w- c:\program files\WolfET.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-01-10 3046808] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "Steam"="c:\program files\Steam\Steam.exe" [2011-03-07 1242448] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-18 15146376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288] "Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2011-03-22 189824] "VX6000"="c:\windows\vVX6000.exe" [2010-05-20 764784] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] . c:\users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Xfire.lnk - c:\program files\Xfire\Xfire.exe [2011-4-8 3510160] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-13 717296] R2 kcodk;Windows Autenthification Service;c:\windows\system32\kcodk.exe [2011-05-27 62976] R2 khmvobcc;Microsoft USB Open Host Controller Miniport Monitor;c:\windows\System32\svchost.exe [2009-07-14 20992] R3 CFcatchme;CFcatchme;c:\temp\CFcatchme.sys [x] R3 netr73;??????? USB-???????? ???????????? ????? ??? ?? Vista USB Wireless 802.11 b/g;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792] R3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\DRIVERS\VX6000Xp.sys [2010-05-20 2074480] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-30 218688] S1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2010-01-04 26744] S1 NPROSEC;Norman Security driver;c:\program files\Norman\Ngs\Bin\nprosec.sys [2010-11-10 74144] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 Ndiskio;Ndiskio;c:\program files\Norman\Nse\Bin\NDISKIO.SYS [2009-10-09 22880] S2 NNFSVC;Norman Network Filtering service;c:\program files\Norman\Ngs\Bin\Nnf.exe [2010-11-10 223000] S2 NPROSECSVC;Norman Security service;c:\program files\Norman\Ngs\Bin\Nprosec.exe [2010-11-10 90656] S2 nregsec;Norman Registry Security driver;c:\program files\Norman\Ngs\Bin\nregsec.sys [2010-11-10 40384] S2 NVOY;Norman Resource Provider;c:\program files\Norman\npm\bin\nvoy.exe [2010-11-08 100336] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256] S3 nsesvc;Norman Scanner Engine Service;c:\program files\Norman\Nse\Bin\NSESVC.EXE [2010-12-17 288072] S3 NvcMFlt;NvcMFlt;c:\windows\system32\DRIVERS\nvcv32mf.sys [2010-11-11 24688] S3 nvcoas;Norman Virus Control on-access component;c:\program files\Norman\Nvc\Bin\nvcoas.exe [2010-11-08 198168] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-09-07 123496] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776] S3 Scheduler;Norman Scheduler Service;c:\program files\Norman\Npm\Bin\scheduler.exe [2010-11-08 99312] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mchInjDrv . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs khmvobcc . Inhoud van de 'Gedeelde Taken' map . 2011-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516504458-2386010419-3943784325-1000Core.job - c:\users\home\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-31 07:35] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516504458-2386010419-3943784325-1000UA.job - c:\users\home\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-31 07:35] . . ------- Bijkomende Scan ------- . uStart Page = my.daemon-search.com uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c1,41,78,57,b9,f1,81,4b,ac,12,87,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c1,41,78,57,b9,f1,81,4b,ac,12,87,\ . [HKEY_USERS\S-1-5-21-3516504458-2386010419-3943784325-1000\Software\SecuROM\License information*] "datasecu"=hex:e1,41,76,2b,96,78,1c,52,05,af,3c,af,bc,6f,a1,6b,39,bd,15,14,ac, 16,53,46,4e,3f,14,e4,0b,fa,49,c0,c3,0a,72,d7,c3,62,ac,8c,7f,77,28,9d,7d,e3,\ "rkeysecu"=hex:a5,a6,85,b2,7b,26,47,ec,91,d2,b0,a8,b8,8e,24,8b . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-05-27 17:34:20 ComboFix-quarantined-files.txt 2011-05-27 15:34 ComboFix2.txt 2011-05-27 09:54 . Pre-Run: 692.753.321.984 bytes beschikbaar Post-Run: 692.695.613.440 bytes beschikbaar . - - End Of File - - A1B78E26C4956EC531D4C46331019535 Upload was successvol
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.