Ga naar inhoud

Laptop geraakt niet meer uit slaapstand

Edenian
 Delen

Aanbevolen berichten

Edenian Groentje

Edenian

Geplaatst:
Geplaatst:

Ik heb hier namelijk hetzelfde probleem. Tijdens de windows hervat dinges blokkeert hij in de helft. Dit is m'n log van de HijackThis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:33:17, on 12/06/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Application Updater\ApplicationUpdater.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Hi-Rez Studios\HiPatchService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\ZSSnp211.exe

C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\Domino.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\WiFiConnector\NintendoWFCReg.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TVersity\Media Server\MediaServer.exe

C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\BitDefender\BitDefender 2011\seccenter.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\HiJack\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Any Video To DVD Toolbar\tbhelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Any Video To DVD Toolbar\tbcore3.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O3 - Toolbar: Any Video To DVD Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Any Video To DVD Toolbar\tbcore3.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe

O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe

O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files\AVG\AVG9\avgemc.exe (file missing)

O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files\AVG\AVG9\avgwdsvc.exe (file missing)

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

--

End of file - 11516 bytes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop "Application Updater"

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete "Application Updater"

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop avg9emc

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete avg9emc

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop avg9wd

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete avg9wd

Druk op Enter.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Any Video To DVD Toolbar\tbhelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Any Video To DVD Toolbar\tbcore3.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll

O3 - Toolbar: Any Video To DVD Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Any Video To DVD Toolbar\tbcore3.dll

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Link naar reactie
Delen op andere sites
Edenian Groentje

Edenian

Geplaatst:
  • Auteur
Geplaatst:

Malwarebytes' Anti-Malware 1.51.0.1200

Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Databaseversie: 6842

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

12/06/2011 23:51:38

mbam-log-2011-06-12 (23-51-37).txt

Scantype: Snelle scan

Objecten gescand: 215408

Verstreken tijd: 20 minuut/minuten, 21 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 2

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

c:\WINDOWS\Tasks\sunmicro java update.job (Malware.Trace) -> Quarantined and deleted successfully.

c:\documents and settings\andreas verheyde\application data\data.dat (Stolen.Data) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:57:58, on 12/06/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Hi-Rez Studios\HiPatchService.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TVersity\Media Server\MediaServer.exe

C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\ZSSnp211.exe

C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\Domino.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\WiFiConnector\NintendoWFCReg.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\HiJack\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe

O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe

O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

--

End of file - 9756 bytes

Bedankt voor het snelle antwoord!

Link naar reactie
Delen op andere sites
Edenian Groentje

Edenian

Geplaatst:
  • Auteur
Geplaatst:

Hmm, jammer genoeg wel. Opstarten lukt wel als de pc volledig afstaat. Nu net zette ik hem in slaapstand om het te testen en kreeg ik nog meer problemen. Ik had minder tijd om op F8 te duwen voor m'n herstelgegevens te verwijderen. Toen het me wel gelukt was starte explorer niet meer op. Ik kreeg alleen mijn bureaublad achtergrond zonder iets. Dus heb ik hem via ctrl+alt+del helemaal afgezet. Toen starte hij wel volledig en juist op.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
Edenian Groentje

Edenian

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 11-06-12.04 - Andreas Verheyde 13/06/2011 12:45:28.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1022.497 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Andreas Verheyde\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Andreas Verheyde\WINDOWS

C:\Install.exe

c:\program files\Any Video To DVD Toolbar\tbHElper.dll

c:\windows\Downloaded Program Files\IDropPTB.dll

c:\windows\IsUn0413.exe

.

c:\windows\system32\kernel32.dll . . . is geïnfecteerd!!

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-05-13 to 2011-06-13 ))))))))))))))))))))))))))))))

.

.

2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Malwarebytes

2011-06-12 21:26 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-06-12 21:26 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-06-12 09:32 . 2011-06-12 09:32 388096 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-06-12 09:32 . 2011-06-12 09:32 -------- d-----w- c:\program files\HiJack

2011-06-11 22:52 . 2011-06-11 22:52 -------- d-----w- c:\program files\FastStone Capture

2011-06-09 21:46 . 2011-02-06 10:31 1241888 ----a-w- c:\windows\system32\libxml2.dll

2011-06-09 21:46 . 2010-11-03 15:52 324896 ----a-w- c:\windows\system32\libtidy.dll

2011-06-09 21:46 . 2009-11-03 14:51 406816 ----a-w- c:\windows\system32\SQLite3.dll

2011-06-08 14:51 . 2011-06-08 14:51 -------- d-----w- c:\program files\Common Files\Java

2011-06-04 14:40 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

2011-06-04 14:40 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-06-03 20:42 . 2011-06-03 20:42 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Real

2011-06-03 20:36 . 2011-06-04 07:25 -------- d-----w- c:\program files\Real

2011-05-28 19:41 . 2011-06-03 20:10 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\go

2011-05-28 19:41 . 2011-06-03 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Easybits GO

2011-05-26 20:37 . 2011-05-26 20:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 16:16 . 2011-06-03 15:33 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Mijn Battle for Middle-earth bestanden

2011-05-23 18:56 . 2011-05-23 18:57 -------- d-----w- c:\program files\Common Files\Adobe

2011-05-23 18:48 . 2011-05-31 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype Extras

2011-05-23 18:47 . 2011-05-23 18:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

2011-05-23 18:46 . 2011-05-23 18:46 -------- d-----w- c:\program files\Common Files\Skype

2011-05-23 16:22 . 2011-06-13 10:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\BitDefender

2011-05-22 18:52 . 2011-05-22 18:52 5638 ----a-w- c:\windows\system32\PerfStringBackup.TMP

2011-05-22 18:42 . 2011-05-22 18:42 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache

2011-05-22 18:40 . 2011-05-22 18:40 -------- d-----w- c:\windows\system32\wbem\Repository

2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\program files\HP

2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\windows\Downloaded Installations

2011-05-22 15:00 . 2011-05-22 15:00 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\PrivacIE

2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- c:\program files\ATI Technologies

2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- C:\AMD

2011-05-22 10:57 . 2011-05-22 10:57 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\PCHealth

2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\IETldCache

2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2011-05-22 10:36 . 2011-05-22 10:36 -------- d-----w- c:\windows\system32\winrm

2011-05-22 10:33 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll

2011-05-22 10:32 . 2011-05-22 10:33 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe

2011-05-22 10:32 . 2011-02-22 23:07 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2011-05-22 10:32 . 2011-02-22 23:07 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2011-05-22 10:32 . 2011-02-22 23:07 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2011-05-22 10:32 . 2011-02-22 23:07 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2011-05-22 10:32 . 2011-02-22 23:07 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-05-22 10:32 . 2011-02-22 23:07 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2011-05-22 10:32 . 2011-02-22 23:07 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll

2011-05-22 10:30 . 2011-05-22 10:32 -------- dc-h--w- c:\windows\ie8

2011-05-22 10:24 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll

2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Identities

2011-05-22 10:17 . 2011-05-22 17:52 -------- d-----w- c:\program files\Windows Desktop Search

2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\windows\system32\GroupPolicy

2011-05-22 10:16 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll

2011-05-22 10:16 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll

2011-05-22 10:16 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll

2011-05-21 09:03 . 2011-05-21 09:03 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan

2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\QuickScan

2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\bdch

2011-05-21 01:31 . 2011-06-13 10:24 -------- d-----w- c:\program files\Common Files\BitDefender

2011-05-21 00:58 . 2011-05-21 00:58 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\QuickScan

2011-05-21 00:56 . 2011-06-13 10:23 629699 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin

2011-05-15 14:55 . 2011-05-15 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\FNET

2011-05-15 12:26 . 2011-05-15 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-10 16:29 . 2011-05-10 16:29 132608 ----a-w- c:\windows\system32\drivers\ethyohxr.sys

2011-05-08 13:35 . 2010-07-01 16:18 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-05-08 13:35 . 2010-03-06 20:04 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-05-08 13:35 . 2010-03-06 20:00 234536 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-05-07 18:53 . 2011-05-07 18:53 29184 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe

2011-05-04 02:52 . 2010-05-19 15:36 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-04 00:25 . 2010-05-19 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-05-01 17:42 . 2009-08-18 09:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll

2011-05-01 17:42 . 2009-08-18 09:24 18328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-04-16 12:54 . 2010-01-29 18:03 139152 ----a-w- c:\documents and settings\Andreas Verheyde\Application Data\PnkBstrK.sys

2011-04-16 12:54 . 2010-03-06 18:53 794408 ----a-w- c:\windows\system32\pbsvc.exe

2011-04-16 12:54 . 2010-01-29 18:03 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll

2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll

2011-04-08 11:32 . 2011-04-08 11:32 41872 ----a-w- c:\windows\system32\xfcodec.dll

2011-04-08 05:14 . 2006-11-17 16:29 4111232 ----a-w- c:\windows\system32\nv4_disp.dll

2011-04-08 05:14 . 2006-11-17 16:29 2027008 ----a-w- c:\windows\system32\nvapi.dll

2011-04-08 05:14 . 2006-11-17 16:29 14856192 ----a-w- c:\windows\system32\nvoglnt.dll

2011-04-08 05:14 . 2006-11-17 16:29 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2011-04-07 20:16 . 2011-04-07 20:16 81920 ----a-w- c:\windows\system32\nvwddi.dll

2011-04-07 20:16 . 2011-04-07 20:16 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll

2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll

2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll

2011-04-07 20:16 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll

2011-04-07 20:16 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll

2011-04-07 20:16 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll

2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll

2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll

2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll

2011-04-07 20:16 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll

2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll

2011-04-07 20:16 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll

2011-04-07 20:16 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll

2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll

2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll

2011-04-07 20:16 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll

2011-04-07 20:16 . 2011-04-07 20:16 277608 ----a-w- c:\windows\system32\nvmccs.dll

2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll

2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll

2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll

2011-04-07 20:16 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll

2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll

2011-04-07 20:16 . 2011-04-07 20:16 13891176 ----a-w- c:\windows\system32\nvcpl.dll

2011-04-07 20:16 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll

2011-04-07 20:16 . 2011-04-07 20:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe

2011-04-07 20:16 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe

2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe

2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe

2011-04-14 16:57 . 2011-04-30 12:36 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176]

"ZSSnp211"="c:\windows\ZSSnp211.exe" [2007-04-06 57344]

"RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-12-05 61440]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-04-07 111208]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-08-22 172032]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Domino"="c:\windows\Domino.exe" [2006-08-18 49152]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]

Registratiesoftware starten.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2011-3-8 1179648]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=

"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=

"c:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\Program Files\\Xfire\\Xfire.exe"=

"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=

"c:\\Program Files\\StarCraft II\\Versions\\Base18092\\SC2.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Microsoft Games\\Project S\\Spartan.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\BitDefender\\BitDefender 2011\\vsserv.exe"=

"c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\game.dat"=

"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\patchget.dat"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"58823:TCP"= 58823:TCP:Pando Media Booster

"58823:UDP"= 58823:UDP:Pando Media Booster

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

.

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [30/09/2010 11:23 23680]

R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [30/09/2005 12:52 2808704]

S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?]

S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys --> c:\windows\system32\Drivers\avgldx86.sys [?]

S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys --> c:\windows\system32\Drivers\avgtdix.sys [?]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/03/2006 14:00 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176]

S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [28/08/2010 19:03 16512]

S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys --> c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/06/2011 23:26 39984]

S3 SampleScanner;Ultima2000 Scanner;c:\windows\system32\drivers\GT680X.SYS [12/02/2010 20:18 18120]

S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [5/10/2005 11:44 468768]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

Inhoud van de 'Gedeelde Taken' map

.

2011-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

.

2010-12-11 c:\windows\Tasks\expressburnShakeIcon.job

- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-12-08 14:49]

.

2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32]

.

2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32]

.

2011-02-01 c:\windows\Tasks\photopadSevenDays.job

- c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31]

.

2011-02-01 c:\windows\Tasks\photopadShakeIcon.job

- c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31]

.

2011-02-01 c:\windows\Tasks\pixillionSevenDays.job

- c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31]

.

2011-02-01 c:\windows\Tasks\pixillionShakeIcon.job

- c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.133 195.130.130.5

FF - ProfilePath - c:\documents and settings\Andreas Verheyde\Application Data\Mozilla\Firefox\Profiles\1h47k6ld.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=

.

.

------- Bestandsassociaties -------

.

.scr=DWGTrueViewScriptFile

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-BSPlayerp - c:\program files\Webteh\BSplayerPro\uninstall.exe

AddRemove-DoremiSoft AVI to MP3 Converter - c:\program files\DoremiSoft\DoremiSoft AVI to MP3 Converter\uninst.exe

AddRemove-Flachbettscanner - c:\windows\IsUn0413.exe

AddRemove-Free iPod Video Converter_is1 - c:\program files\Free iPod Video Converter\unins000.exe

AddRemove-Logitech Touch Mouse Server - c:\program files\Logitech Touch Mouse Server\uninst.exe

AddRemove-Macro Express 3 - c:\progra~1\MACROE~1\UNWISE.EXE

AddRemove-StarCraft II - c:\program files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-06-13 13:06

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Windows 5.1.2600 Disk: ST3300831AS rev.3.03 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

.

device: opened successfully

user: MBR read successfully

error: Read Een apparaat dat op het systeem is aangesloten, werkt niet.

kernel: MBR read successfully

detected disk devices:

detected hooks:

\Driver\atapi DriverStartIo -> 0x866E831B

user & kernel MBR OK

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(3876)

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\TVersity\Media Server\MediaServer.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\RUNDLL32.EXE

c:\program files\iPod\bin\iPodService.exe

.

**************************************************************************

.

Voltooingstijd: 2011-06-13 13:13:46 - machine werd herstart

ComboFix-quarantined-files.txt 2011-06-13 11:13

.

Pre-Run: 81.834.242.048 bytes beschikbaar

Post-Run: 87.650.136.064 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 06810ABA61233CE3C9B62825431B8E24

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ZSSnp211"=-

FCOPY::

c:\windows\ServicePackFiles\i386\kernell32.dll|c:\windows\system32\kernel32.dll

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
Edenian Groentje

Edenian

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 11-06-12.04 - Andreas Verheyde 13/06/2011 16:22:12.2.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1022.625 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Andreas Verheyde\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Andreas Verheyde\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-05-13 to 2011-06-13 ))))))))))))))))))))))))))))))

.

.

2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Malwarebytes

2011-06-12 21:26 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-06-12 21:26 . 2011-06-12 21:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-06-12 21:26 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-06-12 09:32 . 2011-06-12 09:32 388096 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-06-12 09:32 . 2011-06-12 09:32 -------- d-----w- c:\program files\HiJack

2011-06-11 22:52 . 2011-06-11 22:52 -------- d-----w- c:\program files\FastStone Capture

2011-06-09 21:46 . 2011-02-06 10:31 1241888 ----a-w- c:\windows\system32\libxml2.dll

2011-06-09 21:46 . 2010-11-03 15:52 324896 ----a-w- c:\windows\system32\libtidy.dll

2011-06-09 21:46 . 2009-11-03 14:51 406816 ----a-w- c:\windows\system32\SQLite3.dll

2011-06-08 14:51 . 2011-06-08 14:51 -------- d-----w- c:\program files\Common Files\Java

2011-06-04 14:40 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

2011-06-04 14:40 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-06-03 20:42 . 2011-06-03 20:42 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Real

2011-06-03 20:36 . 2011-06-04 07:25 -------- d-----w- c:\program files\Real

2011-05-28 19:41 . 2011-06-03 20:10 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\go

2011-05-28 19:41 . 2011-06-03 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Easybits GO

2011-05-26 20:37 . 2011-05-26 20:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 16:16 . 2011-06-03 15:33 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\Mijn Battle for Middle-earth bestanden

2011-05-23 18:56 . 2011-05-23 18:57 -------- d-----w- c:\program files\Common Files\Adobe

2011-05-23 18:48 . 2011-05-31 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype Extras

2011-05-23 18:47 . 2011-05-23 18:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

2011-05-23 18:46 . 2011-05-23 18:46 -------- d-----w- c:\program files\Common Files\Skype

2011-05-23 16:22 . 2011-06-13 10:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\BitDefender

2011-05-22 18:52 . 2011-05-22 18:52 5638 ----a-w- c:\windows\system32\PerfStringBackup.TMP

2011-05-22 18:42 . 2011-05-22 18:42 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache

2011-05-22 18:40 . 2011-05-22 18:40 -------- d-----w- c:\windows\system32\wbem\Repository

2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\program files\HP

2011-05-22 15:02 . 2011-05-22 15:02 -------- d-----w- c:\windows\Downloaded Installations

2011-05-22 15:00 . 2011-05-22 15:00 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\PrivacIE

2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- c:\program files\ATI Technologies

2011-05-22 14:57 . 2011-05-22 14:57 -------- d-----w- C:\AMD

2011-05-22 10:57 . 2011-05-22 10:57 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\PCHealth

2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\Andreas Verheyde\IETldCache

2011-05-22 10:46 . 2011-05-22 10:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2011-05-22 10:36 . 2011-05-22 10:36 -------- d-----w- c:\windows\system32\winrm

2011-05-22 10:33 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll

2011-05-22 10:32 . 2011-05-22 10:33 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe

2011-05-22 10:32 . 2011-02-22 23:07 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2011-05-22 10:32 . 2011-02-22 23:07 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2011-05-22 10:32 . 2011-02-22 23:07 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2011-05-22 10:32 . 2011-02-22 23:07 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2011-05-22 10:32 . 2011-02-22 23:07 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-05-22 10:32 . 2011-02-22 23:07 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2011-05-22 10:32 . 2011-02-22 23:07 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll

2011-05-22 10:30 . 2011-05-22 10:32 -------- dc-h--w- c:\windows\ie8

2011-05-22 10:24 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll

2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\documents and settings\Andreas Verheyde\Local Settings\Application Data\Identities

2011-05-22 10:17 . 2011-05-22 17:52 -------- d-----w- c:\program files\Windows Desktop Search

2011-05-22 10:17 . 2011-05-22 10:17 -------- d-----w- c:\windows\system32\GroupPolicy

2011-05-22 10:16 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll

2011-05-22 10:16 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll

2011-05-22 10:16 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll

2011-05-21 09:03 . 2011-05-21 09:03 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan

2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\QuickScan

2011-05-21 01:37 . 2011-05-21 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\bdch

2011-05-21 01:31 . 2011-06-13 10:24 -------- d-----w- c:\program files\Common Files\BitDefender

2011-05-21 00:58 . 2011-05-21 00:58 -------- d-----w- c:\documents and settings\Andreas Verheyde\Application Data\QuickScan

2011-05-21 00:56 . 2011-06-13 10:23 629699 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin

2011-05-15 14:55 . 2011-05-15 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\FNET

2011-05-15 12:26 . 2011-05-15 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-10 16:29 . 2011-05-10 16:29 132608 ----a-w- c:\windows\system32\drivers\ethyohxr.sys

2011-05-08 13:35 . 2010-07-01 16:18 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-05-08 13:35 . 2010-03-06 20:04 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-05-08 13:35 . 2010-03-06 20:00 234536 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-05-07 18:53 . 2011-05-07 18:53 29184 ----a-r- c:\documents and settings\Andreas Verheyde\Application Data\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe

2011-05-04 02:52 . 2010-05-19 15:36 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-04 00:25 . 2010-05-19 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-05-01 17:42 . 2009-08-18 09:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll

2011-05-01 17:42 . 2009-08-18 09:24 18328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-04-16 12:54 . 2010-01-29 18:03 139152 ----a-w- c:\documents and settings\Andreas Verheyde\Application Data\PnkBstrK.sys

2011-04-16 12:54 . 2010-03-06 18:53 794408 ----a-w- c:\windows\system32\pbsvc.exe

2011-04-16 12:54 . 2010-01-29 18:03 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll

2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll

2011-04-08 11:32 . 2011-04-08 11:32 41872 ----a-w- c:\windows\system32\xfcodec.dll

2011-04-08 05:14 . 2006-11-17 16:29 4111232 ----a-w- c:\windows\system32\nv4_disp.dll

2011-04-08 05:14 . 2006-11-17 16:29 2027008 ----a-w- c:\windows\system32\nvapi.dll

2011-04-08 05:14 . 2006-11-17 16:29 14856192 ----a-w- c:\windows\system32\nvoglnt.dll

2011-04-08 05:14 . 2006-11-17 16:29 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2011-04-07 20:16 . 2011-04-07 20:16 81920 ----a-w- c:\windows\system32\nvwddi.dll

2011-04-07 20:16 . 2011-04-07 20:16 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll

2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll

2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll

2011-04-07 20:16 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll

2011-04-07 20:16 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll

2011-04-07 20:16 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll

2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll

2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll

2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll

2011-04-07 20:16 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll

2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll

2011-04-07 20:16 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll

2011-04-07 20:16 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll

2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll

2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll

2011-04-07 20:16 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll

2011-04-07 20:16 . 2011-04-07 20:16 277608 ----a-w- c:\windows\system32\nvmccs.dll

2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll

2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll

2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll

2011-04-07 20:16 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll

2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll

2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll

2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll

2011-04-07 20:16 . 2011-04-07 20:16 13891176 ----a-w- c:\windows\system32\nvcpl.dll

2011-04-07 20:16 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll

2011-04-07 20:16 . 2011-04-07 20:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe

2011-04-07 20:16 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe

2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe

2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe

2011-04-14 16:57 . 2011-04-30 12:36 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176]

"RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-12-05 61440]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-04-07 111208]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-08-22 172032]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Domino"="c:\windows\Domino.exe" [2006-08-18 49152]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]

Registratiesoftware starten.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2011-3-8 1179648]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=

"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=

"c:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\Program Files\\Xfire\\Xfire.exe"=

"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=

"c:\\Program Files\\StarCraft II\\Versions\\Base18092\\SC2.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Microsoft Games\\Project S\\Spartan.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\BitDefender\\BitDefender 2011\\vsserv.exe"=

"c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\game.dat"=

"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\\Program Files\\EA GAMES\\The Battle for Middle-earth\\patchget.dat"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"58823:TCP"= 58823:TCP:Pando Media Booster

"58823:UDP"= 58823:UDP:Pando Media Booster

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

.

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [30/09/2010 11:23 23680]

R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [30/09/2005 12:52 2808704]

S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?]

S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys --> c:\windows\system32\Drivers\avgldx86.sys [?]

S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys --> c:\windows\system32\Drivers\avgtdix.sys [?]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/03/2006 14:00 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176]

S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [28/08/2010 19:03 16512]

S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys --> c:\docume~1\ANDREA~1\LOCALS~1\Temp\{1735A~1\atiicdxx.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26/12/2010 17:32 136176]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/06/2011 23:26 39984]

S3 SampleScanner;Ultima2000 Scanner;c:\windows\system32\drivers\GT680X.SYS [12/02/2010 20:18 18120]

S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [5/10/2005 11:44 468768]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

Inhoud van de 'Gedeelde Taken' map

.

2011-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

.

2010-12-11 c:\windows\Tasks\expressburnShakeIcon.job

- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-12-08 14:49]

.

2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32]

.

2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:32]

.

2011-02-01 c:\windows\Tasks\photopadSevenDays.job

- c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31]

.

2011-02-01 c:\windows\Tasks\photopadShakeIcon.job

- c:\program files\NCH Software\PhotoPad\photopad.exe [2011-02-01 19:31]

.

2011-02-01 c:\windows\Tasks\pixillionSevenDays.job

- c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31]

.

2011-02-01 c:\windows\Tasks\pixillionShakeIcon.job

- c:\program files\NCH Software\Pixillion\pixillion.exe [2011-02-01 19:31]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.133 195.130.130.5

FF - ProfilePath - c:\documents and settings\Andreas Verheyde\Application Data\Mozilla\Firefox\Profiles\1h47k6ld.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-06-13 16:34

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Windows 5.1.2600 Disk: ST3300831AS rev.3.03 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

.

device: opened successfully

user: MBR read successfully

error: Read Een apparaat dat op het systeem is aangesloten, werkt niet.

kernel: MBR read successfully

detected disk devices:

detected hooks:

\Driver\atapi DriverStartIo -> 0x8670431B

user & kernel MBR OK

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(2328)

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

.

Voltooingstijd: 2011-06-13 16:38:26

ComboFix-quarantined-files.txt 2011-06-13 14:38

ComboFix2.txt 2011-06-13 11:13

.

Pre-Run: 88.713.043.968 bytes beschikbaar

Post-Run: 88.749.330.432 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 70DA04E37C92D686616D59E76C737092

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.