deejay117

Ik krijg regelmatig een venster dat internet explorer niet meer werk in de invoegtoepassingen vind ik niets terug. Wat kan ik nog meer doen ?

met firefox lukt het

Internet Explorer

via google

Heb even een eigen onderwerp voor je geopend. Posten in het topic van een andere forumgebruiker leidt alleen maar tot misverstanden ik heb hetzelfde aan de hand op deze website tony www.mp3skull.com

Ok zal dit in orde brengen. Alvast bedankt voor de hulp.

Nog een klein vraagje hoe verwijder ik combofix ? Als ik Combofix /u op deze desktop in typ en ok klik dan opent Combofix zich en begint te scannen in plaats dat het zich verwijderd.

Ik krijg net je bericht aan ik heb mijn desktop binnen gedaan in de pc shop. Ik werk nu met mijn oude pc maar deze is mij zo traag geworden. Ik plaats hier ook nog even hijackthis log voor eens te controleren wat je ervan denkt als dat niet te veel gevraagd is. Alvast bedankt voor de hulp. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:06:45, on 23/11/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Norman\Npm\Bin\Elogsvc.exe C:\Program Files\Norman\Ngs\Bin\Nnf.exe C:\Program Files\Norman\Ngs\Bin\Nprosec.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norman\Npm\Bin\Zanda.exe C:\Program Files\Norman\npm\bin\nvoy.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Fighters\SPAMfighter\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\Program Files\Norman\Npm\Bin\ZLH.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Fighters\SPAMfighter\sfagent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\Norman\Npm\Bin\scheduler.exe C:\Program Files\Norman\Npm\Bin\Njeeves.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Norman\Nse\Bin\NSESVC.EXE C:\Program Files\Norman\Nvc\Bin\nvcoas.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Norman\Nvc\Bin\Nip.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Norman\Nvc\Bin\cclaw.exe C:\Program Files\internet explorer\iexplore.exe C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Personal ID] C:\COOLSP~1\PERSON~1\PID.EXE O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Common Toolkit Service - SPAMfighter - C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Norman ASA - C:\Program Files\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing) O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 8068 bytes

Krijg een venster waar op staat Bericht van webpagina. Update has failed The program could not be started. Please close the window of Kaspersky Online Scanner 7.0 and start the program again from the web site of Kaspersky Lab. Succesful updating of Kaspersky Online Scanner 7.0 and scanning of your computer requires uninterrupted Internet connection. Please make sure that the INternet connection is established. ERROR: License has expired

c:\windows\system32\chg.exe is nergens te vinden. Ik start met de rest.

Er opent ook een pagina waarna er een venster verschijnt met deze text. Warning Your computer is at risk of malware attacks. We recommend you to Check your system immediately. Press OK to start the proces now... Ik heb op ctrl alt geklikt en programma Security Analysis beeindigd.

Ik ben hier terecht gekomen door google zoekfunctie en hoop hier geholpen te worden. Natuurlijk zal ik jullie ook een bijdrage storten jullie doen als ik geholpen ben voor wat hoort wat vind ik. Groetjes

Logbestand combofix: ComboFix 10-11-21.02 - Alain 22/11/2010 11:36:22.5.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3063.2218 [GMT 1:00] Gestart vanuit: c:\documents and settings\Alain\Bureaublad\ComboFix.exe AV: Norman Security Suite *On-access scanning disabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1} . (((((((((((((((((((( Bestanden Gemaakt van 2010-10-22 to 2010-11-22 )))))))))))))))))))))))))))))) . 2010-11-22 09:23 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-22 09:23 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-22 08:23 . 2010-11-22 09:19 118784 ----a-w- c:\windows\system32\chg.exe 2010-11-22 00:17 . 2010-11-22 00:17 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2010-11-21 21:02 . 2010-11-21 21:02 388096 ----a-r- c:\documents and settings\Alain\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-11-21 20:49 . 2010-11-21 20:49 -------- d-----w- c:\documents and settings\Alain\Application Data\Malwarebytes 2010-11-21 20:49 . 2010-11-22 09:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-20 20:18 . 2007-04-12 13:19 129024 ----a-w- c:\windows\system32\AVERM.dll 2010-11-20 20:18 . 2010-11-20 20:39 -------- d-----w- c:\program files\Ultra RM Converter 2010-11-20 19:54 . 2010-11-20 19:54 -------- d-----w- C:\Temp 2010-11-20 17:52 . 2010-11-20 17:52 8192 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll 2010-11-20 17:52 . 2010-11-20 17:52 -------- d-----w- c:\program files\Common Files\xing shared 2010-11-20 17:52 . 2010-11-20 17:52 144960 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll 2010-11-20 17:51 . 2010-11-20 17:52 94208 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll 2010-11-20 17:51 . 2010-11-20 17:51 -------- d-----w- c:\program files\Real 2010-11-20 17:48 . 2010-11-20 17:47 569397 ----a-w- c:\program files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll 2010-11-20 15:37 . 2010-11-20 15:37 -------- d-----w- C:\RmConverterOutput 2010-11-20 14:03 . 2010-11-20 20:56 -------- d-----w- C:\OutputFolder 2010-11-20 13:29 . 2010-11-20 14:22 -------- d-----w- c:\program files\RM Converter 2010-11-20 13:12 . 2010-11-20 13:12 -------- d-----w- c:\documents and settings\Alain\Local Settings\Application Data\Real 2010-11-19 13:20 . 2010-11-22 10:26 -------- d--h--r- c:\documents and settings\Alain\Onlangs geopend 2010-11-19 08:09 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{EE1BB543-DE3A-4554-A3E6-8C8C8EB63BD8}\mpengine.dll 2010-11-18 17:42 . 2010-11-18 17:42 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS 2010-11-08 12:11 . 2010-11-08 12:11 -------- d-----w- C:\OEMSettings 2010-11-08 11:36 . 2010-11-08 11:36 -------- d-----w- c:\windows\system32\wbem\Repository 2010-11-08 10:41 . 2010-11-08 10:41 -------- d--h--w- c:\documents and settings\All Users\Application Data\{69F69AB0-8485-4B45-A118-148977C1651A} 2010-11-06 20:03 . 2010-11-06 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2010-11-06 20:03 . 2010-11-08 10:41 -------- dc----w- c:\documents and settings\All Users\Application Data\{1BBDB15E-BE9E-4EEA-8849-CB176F3F62A4} 2010-11-01 16:34 . 2010-11-01 16:34 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth 2010-11-01 13:22 . 2010-11-01 13:56 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2010-11-01 13:22 . 2010-11-01 13:22 -------- d-----w- c:\program files\DVDVideoSoft 2010-10-23 17:36 . 2010-10-23 17:36 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys 2010-10-23 17:36 . 2010-10-23 17:36 -------- d-----w- c:\program files\NETGEAR 2010-10-23 17:32 . 2010-10-23 17:32 -------- d-----w- C:\C_DILLA 2010-10-23 17:32 . 2010-10-23 17:32 8864 ----a-w- c:\windows\system32\drivers\CDAC15BA.SYS . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-20 17:51 . 2003-03-18 21:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-11-20 17:51 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-10-19 09:41 . 2010-01-21 04:04 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-07 23:21 . 2010-09-21 10:54 6146896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2010-09-21 07:29 . 2010-09-21 07:29 73216 ----a-w- c:\windows\system32\drivers\pxrts.sys 2010-09-18 10:23 . 2006-03-02 02:00 974848 ----a-w- c:\windows\system32\mfc42u.dll 2010-09-18 06:53 . 2006-03-02 02:00 974848 --sh--w- c:\windows\system32\mfc42.dll 2010-09-18 06:53 . 2006-03-02 02:00 954368 ----a-w- c:\windows\system32\mfc40.dll 2010-09-18 06:53 . 2006-03-02 02:00 953856 ----a-w- c:\windows\system32\mfc40u.dll 2010-09-15 10:10 . 2010-10-01 21:17 1700352 ----a-w- c:\windows\system32\GdiPlus.dll 2010-09-15 10:10 . 2010-10-01 21:17 24576 ----a-w- c:\windows\system32\msxml3a.dll 2010-09-10 05:52 . 2006-03-02 02:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-10 05:52 . 2006-03-02 02:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-10 05:52 . 2006-03-02 02:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-09-01 11:52 . 2006-03-02 02:00 285824 ----a-w- c:\windows\system32\atmfd.dll 2010-09-01 07:57 . 2006-03-02 02:00 1852928 ----a-w- c:\windows\system32\win32k.sys 2010-08-27 08:03 . 2006-03-02 02:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2010-08-27 05:55 . 2006-03-02 02:00 99840 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll 2010-08-26 13:39 . 2006-03-02 02:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys 2006-03-02 02:00 94784 --sh--w- c:\windows\twain.dll 2008-04-14 20:32 50688 --sh--w- c:\windows\twain_32.dll 2008-04-14 20:32 57344 --sh--w- c:\windows\system32\msvcirt.dll 2008-04-14 20:32 413696 --sha-w- c:\windows\system32\msvcp60.dll 2008-04-14 20:32 551936 --sh--w- c:\windows\system32\oleaut32.dll 2008-04-14 20:33 12288 --sh--w- c:\windows\system32\regsvr32.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Personal ID"="c:\coolsp~1\PERSON~1\PID.EXE" [2009-03-04 1134008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-21 98304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-21 86016] "Persistence"="c:\windows\system32\igfxpers.exe" [2006-07-21 81920] "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAShCut.exe" [2005-01-07 61952] "RTHDCPL"="RTHDCPL.EXE" [2006-07-04 16250880] "PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-08-07 331288] "SDMSSplash"="c:\program files\HP_SDMS\SDMSSplash\launcher.exe" [2006-03-10 86016] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856] "Norman ZANDA"="c:\norman\Npm\Bin\ZLH.EXE" [2010-01-29 189824] "AME_CSA"="amecsa.cpl" [2002-10-30 757760] "sfagent"="c:\program files\Fighters\SPAMfighter\sfagent.exe" [2010-04-20 386696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-11-20 198160] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] c:\documents and settings\Alain\Menu Start\Programma's\Opstarten\ SpywareGuard.lnk - c:\program files\SpywareGuard\sgmain.exe [2003-8-29 360448] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-4-17 2326528] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2008-10-14 19:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-18 06:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 20:33 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2006-05-12 12:50 1138688 -c--a-w- c:\windows\SMINST\Recguard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Scheduler] 2006-07-10 10:53 872448 ----a-w- c:\windows\SMINST\Scheduler.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server "3333:TCP"= 3333:TCP:Windows Media Format SDK (rmtoavimpeg.exe) R1 NGS;Norman General Security Driver;c:\norman\Ngs\Bin\ngs.sys [12/06/2010 14:11 26744] R1 NPROSEC;Norman Security driver;c:\norman\Ngs\Bin\nprosec.sys [12/06/2010 14:11 72392] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [9/10/2007 12:13 38144] R2 NNFSVC;Norman Network Filtering service;c:\norman\Ngs\Bin\nnf.exe [12/06/2010 14:11 219904] R2 NPROSECSVC;Norman Security service;c:\norman\Ngs\Bin\nprosec.exe [12/06/2010 14:11 103016] R2 nregsec;Norman Registry Security driver;c:\norman\Ngs\Bin\nregsec.sys [12/06/2010 14:11 40384] R2 NVOY;Norman Resource Provider;c:\norman\npm\bin\nvoy.exe [12/06/2010 14:07 98776] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [18/03/2008 0:35 540184] R2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [21/09/2010 8:29 73216] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3/11/2006 18:19 13592] R3 nsesvc;Norman Scanner Engine Service;c:\norman\Nse\Bin\Nsesvc.exe [22/06/2010 13:24 282624] R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [12/06/2010 12:36 21832] R3 nvcoas;Norman Virus Control on-access component;c:\norman\NVC\Bin\Nvcoas.exe [14/09/2010 13:20 210248] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [28/12/2007 14:02 287232] R3 Scheduler;Norman Scheduler Service;c:\norman\npm\bin\scheduler.exe [12/06/2010 14:07 133272] R3 wsvad_driver;WS Audio Device;c:\windows\system32\drivers\VirtualAudio.sys [21/01/2010 13:18 16896] S2 Common Toolkit Service;Common Toolkit Service;c:\program files\Common Files\Common Toolkit Suite\FighterSuiteService.exe [20/04/2010 11:37 684680] S2 Ndiskio;Ndiskio;\??\c:\docume~1\Alain\LOCALS~1\Temp\0000072d.nmc\nse\bin\ndiskio.sys --> c:\docume~1\Alain\LOCALS~1\Temp\0000072d.nmc\nse\bin\ndiskio.sys [?] S3 AmeAtmPc;AmeAtmPc;c:\windows\system32\drivers\ameatmpc.sys [21/03/2008 22:21 118391] S3 AtmElan;ATM geëmuleerde LAN;c:\windows\system32\drivers\atmlane.sys [2/03/2006 3:00 55808] S3 AtmLane;ATM LAN-emulatie;c:\windows\system32\drivers\atmlane.sys [2/03/2006 3:00 55808] S3 nvcfsr;nvcfsr;c:\norman\NVC\Bin\Nvcfsr.sys [12/06/2010 12:33 9032] S3 nvcoafl51;nvcoafl51;c:\norman\NVC\Bin\Nvcoafl51.sys [12/06/2010 12:33 32584] S3 nvcoaft51;nvcoaft51;c:\norman\NVC\Bin\Nvcoaft51.sys [12/06/2010 12:33 132168] S3 nvcoarc51;nvcoarc51;c:\norman\NVC\Bin\Nvcoarc51.sys [12/06/2010 12:33 25544] S3 NVCScheduler;Norman Virus Control Scheduler;c:\norman\Nvc\BIN\NVCSCHED.EXE --> c:\norman\Nvc\BIN\NVCSCHED.EXE [?] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mchInjDrv . Inhoud van de 'Gedeelde Taken' map 2010-11-22 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Free YouTube to Mp3 Converter - c:\documents and settings\Alain\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm FF - ProfilePath - c:\documents and settings\Alain\Application Data\Mozilla\Firefox\Profiles\61ysi1se.default\ FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-11-22 11:40 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run Personal ID = c:\coolsp~1\PERSON~1\PID.EXE? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|é•9~*] "3140711900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2672) c:\norman\nvc\bin\Niphk.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-11-22 11:42:59 ComboFix-quarantined-files.txt 2010-11-22 10:42 ComboFix2.txt 2010-11-21 18:40 Pre-Run: 35.053.060.096 bytes beschikbaar Post-Run: 35.059.085.312 bytes beschikbaar - - End Of File - - 811DAB636E6F8D010628D7BF0CB40FD2

Als ik via google iets opzoek en ik klik dan op de pagina dan verschijnt er zo een andere pagina zoals hier boven. Soms krijg ik een ook pop up venster voor een scan uit te voeren maar en dat mijn pc besmet is maar dat laat ik niet toe. Zie afbeelding.

Ja ik heb het nog steeds.