Ga naar inhoud

trage computer


sers

Aanbevolen berichten

ok ga ik doen. ben zo terug

---------- Post toegevoegd om 11:02 ---------- Vorige post was om 10:59 ----------

Ik heb hem net weer uit en aan gezet en nu gaat alles weer in een flits.

het parapluutje gaat binnen een paar seconden open. (eigelijk maar 1 sec.)

Ik meen me te herinneren dat ik window defender uninstalled heb. Ik heb gezoch naar een file "window defender"maar het was er niet meer.

Link naar reactie
Delen op andere sites

  • Reacties 38
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Mocht alles nog traag zijn, zou ik Avira verwijderen en Avast eens proberen. Maar doe het pas als laatste stap, nadat je alle stappen van Kape hebt doorlopen !

avast! Antivirus Benelux.. - Avast! Free Antivirus 5.0

en zorg steeds dat je slechts één anti-virus installeert. (dus Avira dan eerst via Configuratiescherm verwijderen)

Ik heb hem net weer uit en aan gezet en nu gaat alles weer in een flits.

Dit kan omdat bij elke start nagegaan wordt of er updates moeten geinstalleerd worden en die worden dan 'klaargezet' door Windows Update.
Ik meen me te herinneren dat ik window defender uninstalled heb. Ik heb gezoch naar een file "window defender"maar het was er niet meer.
Zie dan eens in de verkenner bij C:\Program Files\Windows Defender. Als er inhoud in staat in die map (.exe bestand), dan is het nog aanwezig. aangepast door Kurtt
Link naar reactie
Delen op andere sites

here you go

ComboFix 10-08-07.01 - Eigenaar 08/08/2010 11:19:00.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.286 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\drivers\fad.sys

F:\Autorun.inf

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))

.

2010-08-08 08:19 . 2010-08-08 08:19 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend

2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Malwarebytes

2010-08-07 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-08-07 18:12 . 2010-08-07 18:12 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-08-07 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-08-07 13:17 . 2010-08-07 13:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira

2010-08-07 12:06 . 2010-08-07 12:06 -------- d-----r- c:\documents and settings\LocalService\Favorieten

2010-08-07 09:59 . 2010-08-07 09:59 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Avira

2010-08-07 09:53 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys

2010-08-07 09:53 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-08-07 09:53 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2010-08-07 09:53 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2010-08-07 09:53 . 2010-08-07 09:53 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira

2010-08-07 09:53 . 2010-08-07 09:53 -------- d-----w- c:\program files\Avira

2010-08-07 09:12 . 2010-08-07 09:12 -------- d-----w- c:\program files\Trend Micro

2010-08-06 09:17 . 2010-08-06 09:17 -------- d-----w- c:\program files\Uniblue

2010-08-06 08:51 . 2010-08-06 08:51 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Agics

2010-08-04 14:03 . 2010-08-04 14:03 -------- d-----w- c:\windows\system32\wbem\Repository

2010-08-03 14:16 . 2010-08-03 14:16 -------- d-----w- c:\program files\Panda Security

2010-08-03 09:27 . 2010-08-04 14:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-07-29 22:31 . 2010-07-29 22:31 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\IsolatedStorage

2010-07-13 21:09 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-07 09:12 . 2010-08-07 09:12 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-08-06 09:28 . 2008-08-18 08:22 -------- d-----w- c:\program files\CCleaner

2010-08-06 09:17 . 2009-08-14 21:28 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Uniblue

2010-08-05 13:31 . 2010-08-05 13:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcp71.dll

2010-08-05 13:31 . 2010-08-05 13:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\jmc.dll

2010-08-05 13:31 . 2010-08-05 13:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcr71.dll

2010-08-05 13:31 . 2010-08-05 13:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-sse.dll

2010-08-05 13:31 . 2010-08-05 13:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-d3d.dll

2010-08-04 14:02 . 2009-06-27 20:28 -------- d-----w- c:\program files\Free Offers from Freeze.com

2010-07-29 09:32 . 2009-08-28 22:22 -------- d-----w- c:\program files\Defraggler

2010-07-16 22:30 . 2010-07-16 22:30 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_hellboy.0200f4406079039e4f9f4fd4269c6144.dll

2010-07-16 22:30 . 2010-07-16 22:30 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_hellboy.2389dbbb7a92af30b5bb4e62701f18a5.dll

2010-07-16 22:28 . 2010-07-16 22:28 626688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jan_2010.114da6697b16a4308920de3f00df9d11.dll

2010-07-16 22:27 . 2010-07-16 22:27 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jan_2010.6ce545b01335b0127c2a55cc392a24e6.dll

2010-07-16 22:15 . 2010-07-16 22:15 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jan_2010.d3c0a2c195757b5887793e496479436f.dll

2010-07-16 22:15 . 2010-07-16 22:15 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_jan_2010.734d2ae11536c3d1a34ecdb91aaab798.dll

2010-07-16 11:38 . 2010-07-16 11:38 1298432 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_fairdrivebonus.c758372be753af44acdea3ddd4c0b015.dll

2010-07-16 11:37 . 2010-07-16 11:37 1306624 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_greenbonus.6150c13bb168b4b80750f08a02e28a9e.dll

2010-07-16 11:27 . 2010-07-16 11:27 1011712 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_july_2010.934131b7e2f15e0deb06b4e317c6c108.dll

2010-07-16 11:27 . 2010-07-16 11:27 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_july_2010.9c1607d40a53de9ef91918fa73cf99d0.dll

2010-07-16 11:27 . 2010-07-16 11:27 696320 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_july_2010.23b0661a6bd3570a6d2da1750a0085ca.dll

2010-07-16 11:27 . 2010-07-16 11:27 1286144 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\dragonladybonus.2ddbbf43b6d3b001ca5ad84e9dc4e54d.dll

2010-07-16 11:27 . 2010-07-16 11:27 2052096 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_july_2010.9f48110b234a40c3be22491a86bde221.dll

2010-07-16 11:27 . 2010-07-16 11:27 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_july_2010.3e886f3e2ac4872e018f5e377cc83ee6.dll

2010-07-16 11:06 . 2010-07-16 11:06 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010.efc83f7d6106f6f7311664ff1b2b2a32.dll

2010-07-16 11:06 . 2010-07-16 11:06 897024 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglecollectbonus.596cdc646662e46fb224ad69f0d29c52.dll

2010-07-16 11:02 . 2010-07-16 11:02 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010_ts2.010d658f2ae9013a31869ea2a90f670a.dll

2010-07-16 11:02 . 2010-07-16 11:02 1253376 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglebonus.1a195cb4fbfbdacf89c6d27c99a6de3d.dll

2010-07-16 11:01 . 2010-07-16 11:01 1273856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\progressivepickxofybonus_gao_may_2010_ts2.3570ad65954894854a4b31a8a356f0d8.dll

2010-07-16 11:00 . 2010-07-16 11:00 1654784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010.e60a82cb58fa330160e763dfeb0216d7.dll

2010-07-16 10:55 . 2010-07-16 10:55 962560 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickuntilbonus_gao_may_2010.51a9dc144ac371f77832e6c933f17727.dll

2010-07-16 10:54 . 2010-07-16 10:54 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010_ts2.0452ecc824ce8f16f726aeca77ff7172.dll

2010-07-16 10:52 . 2010-07-16 10:52 647168 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jun_2010.d455e3e6fd646b2b4ff2d1415e18a526.dll

2010-07-16 10:44 . 2010-07-16 10:44 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010.2405f0d3d8c04e05ae817cdad30d69ce.dll

2010-07-16 10:44 . 2010-07-16 10:44 2023424 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010_ts2.f8d4d9cfbfb83922a1dd69fdf7c205ec.dll

2010-07-16 10:33 . 2010-07-16 10:33 1691648 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_jun_2010.e94e166b3e5fdfc627184eb59be56c08.dll

2010-07-16 10:33 . 2010-07-16 10:33 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jun_2010.a30d1768b69cfafa9177550a249e5143.dll

2010-07-16 10:33 . 2010-07-16 10:33 905216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\soccerbonus.e748cc00ac46bd91666eb47f10b5b6e5.dll

2010-07-16 10:29 . 2010-07-16 10:29 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jun_2010.671a4e67b9b7512fd028318bbf42d763.dll

2010-07-16 10:20 . 2010-07-16 10:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_may_2010.327983cc45ba0730f50c5a42b7bffc26.dll

2010-07-16 10:20 . 2010-07-16 10:20 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_hellboy.ee1c177b2b367dc15184591e57db5798.dll

2010-07-15 21:23 . 2010-07-15 21:23 1650688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_mar_2010.011b7c042032e11252156706d78b5e83.dll

2010-07-15 21:22 . 2010-07-15 21:22 708608 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_mar_2010.00e558dbf98f160d236f0e738de93c37.dll

2010-07-15 21:20 . 2010-07-15 21:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_mar_2010.e5e91d49a18e4440b5a76ddd6446140c.dll

2010-07-15 21:19 . 2010-07-15 21:19 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_mar_2010.05a7fd71980574f91eb4c1420f71b1f7.dll

2010-07-11 11:13 . 2008-02-11 14:36 -------- dc----w- c:\documents and settings\All Users\Application Data\MGS

2010-07-11 11:09 . 2010-07-11 11:09 225552 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\videopokersuite1.e45a40be28c5bc5514b9e806f30cdc6f.dll

2010-07-11 11:09 . 2010-07-11 11:09 536576 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldplugin.a5e08942278dbb53df46a8a9523a445b.dll

2010-07-11 11:09 . 2010-07-11 11:09 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll

2010-07-11 11:08 . 2010-07-11 11:08 602112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.f7a40649bbd758b8f99cf67e1769d71c.dll

2010-07-11 11:08 . 2010-07-11 11:08 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll

2010-07-11 11:01 . 2010-07-11 11:01 372736 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_threereelslottour.56771e0804a357b382c833fa1cc8338b.dll

2010-07-11 11:00 . 2010-07-11 11:00 212992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_type_3reelnormal1_2.a6fd3910e9b23c299d2e5b44aaea7530.dll

2010-07-11 10:59 . 2010-07-11 10:59 307300 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjackplugin.0b33c40e992b0cec60ff557d251457d2.dll

2010-07-11 10:59 . 2010-07-11 10:59 335976 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvtabletournamentlobby.fc620794b1b18938b640573c722b3922.dll

2010-07-11 10:58 . 2010-07-11 10:58 311398 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjacktourxxx.96f2985eb296e0eeb1592aacd45d6e4c.dll

2010-07-11 10:43 . 2010-07-11 10:43 188416 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptleaderboard.4146c172bd98dcfce86f1098fd229eb4.dll

2010-07-11 10:42 . 2010-07-11 10:42 94208 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.461d2601d0d39d2e2d5cd4a02a2b3087.dll

2010-07-11 10:42 . 2010-07-11 10:42 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunetransition.cdb6c11f100d3a3cb0c0550c21b277e4.dll

2010-07-11 10:41 . 2010-07-11 10:41 1568768 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune.b328b57943682e2d7fd4847916ff9b2b.dll

2010-07-11 10:41 . 2010-07-11 10:41 913680 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.1f8183fa66e67576038aca6f8bbaa5aa.dll

2010-07-11 10:40 . 2010-07-11 10:40 1232896 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_gspider.770d41ad6c8d6246716f0968e4501795.dll

2010-07-11 10:39 . 2010-07-11 10:39 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_septgao_09.7dc488ed3eadaa7b6b5d08dbca4c71cf.dll

2010-07-11 10:39 . 2010-07-11 10:39 1236992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_spiderbonus.c6f7df06987955caf77bb513ebf7e5b5.dll

2010-07-11 10:36 . 2010-07-11 10:36 1609728 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_tggg.1a1d0cf38dbf32cac78a651320f71d98.dll

2010-07-11 10:36 . 2010-07-11 10:36 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunexxx.88b69b79191872d92329d1cfa9817586.dll

2010-07-11 10:36 . 2010-07-11 10:36 376832 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.c25cbc913a8fbff25d5ff4436d66df8a.dll

2010-07-11 10:35 . 2010-07-11 10:35 1478656 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.1d6c52060a19ffc8e8529c6648d8f610.dll

2010-07-11 10:35 . 2010-07-11 10:35 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp2.46a4643f83fb4fee5edbd7b72ebf781d.dll

2010-07-11 10:35 . 2010-07-11 10:35 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_crankbonus.79fd1aae910e128f743d90232d089b3b.dll

2010-07-11 10:34 . 2010-07-11 10:34 1638400 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.246c971e5683180dd3d0e381fb6d8651.dll

2010-07-11 10:34 . 2010-07-11 10:34 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1.a5649140bdbd3a1f7c08b381be6f0a22.dll

2010-07-11 10:33 . 2010-07-11 10:33 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_octgao_09.27dbd220adee9f16140622d34764fadb.dll

2010-07-11 10:33 . 2010-07-11 10:33 1626112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_flightzone.120e06d45a565cdc8a97a294773b7eb8.dll

2010-07-11 10:31 . 2010-07-11 10:31 246032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\powerpokersuite1_nl.4b954e6e9e7bfe3947a12889040c706e.dll

2010-07-11 10:28 . 2010-07-11 10:28 65536 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\void.df7f7ef643b2f9803f9738f1b85d08e7.dll

2010-07-11 10:27 . 2010-07-11 10:27 471040 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.165da379d8a0adee611c449ba3662532.dll

2010-07-10 17:04 . 2009-09-04 21:07 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT

2010-07-10 17:03 . 2009-09-04 20:47 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT

2010-06-28 20:15 . 2009-12-20 13:15 -------- d-----w- c:\program files\EUcasino

2010-06-24 21:10 . 2010-06-24 21:08 -------- d-----w- c:\program files\RadioBar

2010-06-24 21:08 . 2010-06-24 21:08 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\RadioBar

2010-06-23 14:31 . 2004-08-04 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat

2010-06-23 14:31 . 2004-08-04 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat

2010-06-14 14:31 . 2008-01-18 14:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-01 17:37 . 2010-05-12 08:14 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-24 08:31 . 2010-05-24 08:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcp71.dll

2010-05-24 08:31 . 2010-05-24 08:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\jmc.dll

2010-05-24 08:31 . 2010-05-24 08:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcr71.dll

2010-05-24 08:31 . 2010-05-24 08:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-sse.dll

2010-05-24 08:31 . 2010-05-24 08:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-d3d.dll

2010-05-12 12:22 . 2010-05-12 12:22 393216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll

2010-05-12 12:22 . 2010-05-12 12:22 352256 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll

2010-05-12 12:13 . 2010-05-12 12:13 1171456 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll

2010-05-12 12:11 . 2010-05-12 12:11 1204224 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll

2010-05-12 12:03 . 2010-05-12 12:03 1142784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll

2010-05-12 12:01 . 2010-05-12 12:01 1290240 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll

2010-05-12 12:01 . 2010-05-12 12:01 827392 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll

2010-05-12 12:01 . 2010-05-12 12:01 1196032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll

2010-05-12 11:39 . 2010-05-12 11:39 499984 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Sitecom Wireless Network USB Adapter Turbo G WL-172\Installer\WLANUTL.EXE [2010-3-31 913408]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk]

backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]

backup=c:\windows\pss\Secunia PSI.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2003-04-06 22:07 114688 -c--a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2008-03-13 08:34 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2003-04-06 22:19 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]

2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]

2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]

2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2007-03-04 16:06 673280 ----a-w- c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/7/2010 11:53 AM 135336]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.nu.nl/

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab

.

- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)

MSConfigStartUp-Uninstall Adobe Download Manager - c:\program files\NOS\bin\getPlus_Helper.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-08 11:24

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

Voltooingstijd: 2010-08-08 11:30:15

ComboFix-quarantined-files.txt 2010-08-08 09:30

Pre-Run: 53,178,081,280 bytes beschikbaar

Post-Run: 53,191,585,792 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 9542BCEF6593D200F3278695E83BF462

Ik neem aan dat ik de programma's zoals combofix en Hjackfix gewoon kan laten staan?

mvg

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\program files\Panda Security

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Verwijder HijackThis via Software.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download hier CCleaner en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Prestaties en Onderhoud -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

En dan zouden we er heeeeeeeeelemaal moeten zijn :D

Link naar reactie
Delen op andere sites

ben niet helemaal zeker hoe dat te doen.

U zegt: Sleep CFScript.txt in ComboFix.exe

Moet ik CFScript.txt naar het incoontje op mijn desktop copieen?

---------- Post toegevoegd om 12:01 ---------- Vorige post was om 12:01 ----------

en zoniet waar kan ComboFix.exe vinden?

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.