trage pc! Ondanks het feit dat ik Slow-PC fighter en Registry-booster heb

Cinta · 6 februari 2011

ComboFix 11-02-05.01 - Abdel 05-02-2011 23:54:11.2.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.383.159 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Abdel\Mijn documenten\ComboFix.exe

AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-05 to 2011-02-05 ))))))))))))))))))))))))))))))

.

2011-02-05 10:26 . 2011-02-05 10:26 -------- d-----w- c:\windows\LastGood

2011-02-03 06:21 . 2011-02-03 06:21 -------- d-----w- c:\documents and settings\Abdel\Application Data\Malwarebytes

2011-02-03 06:20 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-03 06:20 . 2011-02-03 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-02-03 06:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-02-03 06:19 . 2011-02-03 06:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-02-01 10:49 . 2011-02-01 10:49 -------- d-----w- c:\program files\Trend Micro

2011-01-31 07:56 . 2011-02-02 07:32 -------- d--h--r- c:\documents and settings\Abdel\Onlangs geopend

2011-01-30 07:06 . 2011-01-30 07:06 -------- d-----w- c:\documents and settings\Abdel\Application Data\TwonkyMedia

2011-01-30 07:03 . 2011-01-30 07:03 -------- d-----w- c:\program files\PacketVideo

2011-01-30 07:01 . 2011-02-05 09:21 -------- d-----w- c:\documents and settings\All Users\Application Data\twonkymedia

2011-01-30 05:46 . 2011-01-30 05:46 -------- d-----w- c:\windows\system32\GroupPolicy

2011-01-27 00:15 . 2011-01-27 00:15 -------- d-----w- c:\documents and settings\LocalService\Application Data\Fighters

2011-01-27 00:12 . 2011-01-27 00:13 -------- d-----w- c:\documents and settings\Abdel\Application Data\Fighters

2011-01-26 22:25 . 2011-01-26 22:25 -------- d-----w- c:\documents and settings\Abdel\Application Data\Panda Security

2011-01-23 05:03 . 2011-01-23 05:03 -------- d-----w- c:\program files\FilmFanaticEI

2011-01-19 06:02 . 2011-01-19 06:07 -------- d-----w- c:\documents and settings\Abdel\Application Data\TP

2011-01-18 07:04 . 2011-01-18 07:04 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee

2011-01-16 03:05 . 2011-01-27 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters

2011-01-16 03:04 . 2011-01-27 00:14 -------- d-----w- c:\program files\Fighters

2011-01-15 18:16 . 2011-01-15 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2011-01-15 09:24 . 2011-01-15 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security

2011-01-15 09:23 . 2011-01-15 09:23 -------- d-----w- c:\program files\Panda Security

2011-01-14 19:54 . 2011-01-14 19:54 84718440 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcC.tmp

2011-01-12 08:44 . 2011-01-12 08:44 -------- d-----w- c:\documents and settings\Abdel\Application Data\Uniblue

2011-01-12 08:43 . 2011-01-12 08:43 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}

2011-01-12 08:42 . 2011-01-12 08:42 -------- d-----w- c:\program files\Uniblue

2011-01-12 08:37 . 2011-01-12 08:37 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\PackageAware

2011-01-12 07:30 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys

2011-01-12 07:13 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe

2011-01-12 06:18 . 2011-01-12 10:11 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\ConduitEngine

2011-01-12 06:16 . 2011-01-12 06:16 0 ----a-w- c:\windows\system32\ConduitEngine.tmp

2011-01-12 06:16 . 2011-01-12 06:17 -------- d-----w- c:\program files\ConduitEngine

2011-01-12 02:41 . 2008-04-14 18:02 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll

2011-01-12 02:41 . 2008-04-14 18:02 21504 ----a-w- c:\windows\system32\hidserv.dll

2011-01-12 02:40 . 2001-09-06 18:04 12288 -c--a-w- c:\windows\system32\dllcache\mouhid.sys

2011-01-12 02:40 . 2001-09-06 18:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys

2011-01-12 02:40 . 2008-04-14 17:39 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys

2011-01-12 02:40 . 2008-04-14 17:39 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys

2011-01-12 02:40 . 2008-04-13 19:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys

2011-01-12 02:40 . 2008-04-13 19:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-01-27 00:45 . 2007-12-15 19:26 90112 ----a-w- c:\windows\DUMP97bb.tmp

2010-11-18 18:15 . 2007-12-15 18:59 86016 ----a-w- c:\windows\system32\isign32.dll

2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\system32\dpl100.dll

2010-11-09 14:52 . 2004-08-03 13:03 249856 ----a-w- c:\windows\system32\odbc32.dll

2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]

"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe" [2011-01-12 12948272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]

"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2010-04-28 647528]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344]

"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]

"Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2010-06-20 255344]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-13 202256]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]

"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]

"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2010-05-14 406848]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^Adobe Media Player.lnk]

path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\Adobe Media Player.lnk

backup=c:\windows\pss\Adobe Media Player.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Abdel^Menu Start^Programma's^Opstarten^OpenOffice.org 3.0 .lnk]

path=c:\documents and settings\Abdel\Menu Start\Programma's\Opstarten\OpenOffice.org 3.0 .lnk

backup=c:\windows\pss\OpenOffice.org 3.0 .lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk

backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2005-07-14 13:09 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]

2008-02-12 06:40 958464 ----a-w- c:\program files\Labtec\Desktop\V5.1\MOffice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2009-04-02 14:11 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

2008-08-14 16:15 2407184 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]

2010-06-01 08:17 5252408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]

2009-02-26 15:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OFFICEKB]

2008-02-12 06:40 387584 ----a-w- c:\program files\Labtec\Desktop\V5.1\KBDAP32A.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]

2009-02-03 13:15 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]

2009-05-20 13:11 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2010-03-13 15:01 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=

"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Documents and Settings\\Abdel\\Application Data\\HiYo\\Data\\hiyo_install.exe"=

R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [17-6-2010 12:41 129992]

R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [16-12-2010 18:19 140608]

R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [27-5-2010 17:39 141384]

R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [21-7-2010 21:02 97096]

R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [30-4-2010 12:46 111624]

R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [21-7-2010 21:02 112456]

S2 gupdate1c9bcd1df11ba3c;Google Updateservice (gupdate1c9bcd1df11ba3c);c:\program files\Google\Update\GoogleUpdate.exe [14-4-2009 8:23 133104]

S3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [18-1-2011 14:28 121480]

S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [9-1-2010 16:16 38976]

S3 PSSDKLBF;PSSDKLBF;c:\windows\system32\drivers\pssdklbf.sys [9-1-2010 16:16 53312]

.

Inhoud van de 'Gedeelde Taken' map

2010-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2011-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22]

2011-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-14 07:22]

2011-02-05 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]

2011-02-05 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1844237615-1085031214-725345543-1004.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-02-05 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1844237615-1085031214-725345543-1004.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-02-05 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 08:44]

2011-02-05 c:\windows\Tasks\SLOW-PCfighter-Abdel-Startup.job

- c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-11-17 13:32]

2011-02-05 c:\windows\Tasks\User_Feed_Synchronization-{8E8BFBBB-0D6A-4110-A535-34224D2826E0}.job

- c:\windows\system32\msfeedssync.exe [2007-12-15 02:31]

.

------- Bijkomende Scan -------

.

mStart Page = hxxp://www.yahoo.com

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr10/*Yahoo! SearchBar Home Page

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr10/*Yahoo!

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-02-06 00:38

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*–€|ÿÿÿÿ;•€|é•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\T*w*o*n*k*y*B*e*a*m*"!\Internet Explorer]

"Path"="c:\\Program Files\\PacketVideo\\TwonkyBeam\\Internet Explorer"

"Language"="1043"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(844)

c:\windows\System32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(4700)

c:\program files\Windows Media Player\wmpband.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Voltooingstijd: 2011-02-06 00:51:26

ComboFix-quarantined-files.txt 2011-02-05 23:51

ComboFix2.txt 2011-02-05 09:57

Pre-Run: 49.328.189.440 bytes beschikbaar

Post-Run: 49.332.727.808 bytes beschikbaar

- - End Of File - - 5F1C3A05F8D85D6DD802BC6BE98CF6DF

dit zijn de scanresultaten kape, ik heb nog steeds dezelfde vermelding dat de webpagina fouten zitten en dus niet naar behoren gaat werken. Als leek zijnde durf ik haast niet mijn computer meer aan te zetten, bang dat het crasht !!!!

---------- Post toegevoegd om 01:18 ---------- Vorige post was om 01:04 ----------

Server Error in '/genuine' Application.

Runtime Error

Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".

<configuration> <system.web> <customErrors mode="Off"/> </system.web></configuration>

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.

<configuration> <system.web> <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/> </system.web></configuration>

dit heb ik ook maar bij gedaan, ik heb een vermoeden dat jij hier meer kan uithalen. Ik hoop dat mijn pc probleem snel opgelost kan worden, wanhopige Cinta

kape · 6 februari 2011

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\ConduitEngine.tmp

c:\program files\Common Files\Windows Live\.cache\wlcC.tmp

c:\windows\DUMP97bb.tmp

Folder::

c:\documents and settings\All Users\Application Data\McAfee

c:\documents and settings\LocalService\Application Data\McAfee

c:\documents and settings\Abdel\Local Settings\Application Data\ConduitEngine

c:\program files\ConduitEngine

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Cinta · 6 februari 2011

Hoi Kape,

hier zijn de laatste ComboFix resultaten :ComboFix 11-02-05.01 - Abdel 06-02-2011 8:43.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.383.148 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Abdel\Mijn documenten\ComboFix.exe

AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\ServicePackFiles\i386\userinit.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-06 to 2011-02-06 ))))))))))))))))))))))))))))))

.

2011-02-06 05:55 . 2011-02-06 05:55 -------- d-----w- c:\windows\Performance

2011-02-06 05:52 . 2011-02-06 05:52 -------- d-----w- c:\documents and settings\Abdel\Local Settings\Application Data\Microsoft Corporation

2011-02-06 05:39 . 2011-02-06 05:39 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor

2011-02-06 00:24 . 2011-02-06 07:30 -------- d--h--r- c:\documents and settings\Abdel\Onlangs geopend