Ga naar inhoud

Bij opstart dosvenster met rare tekentjes

Gast woops

Door Gast woops
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

  • Reacties 24
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Gast woops

Gast woops

Geplaatst:
Geplaatst:

Ik plaats de log hieronder. Ik heb ondertussen nog wat online scans gedaan en nog een paar dingen op de pc gezet om te beveiligen.

ComboFix 08-03-14.4 - Yo 2008-03-16 0:22:15.4 - NTFSx86

Gestart vanuit: C:\Documents and Settings\Yo\Bureaublad\ComboFix.exe

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-02-15 to 2008-03-15 ))))))))))))))))))))))))))))))

.

2008-03-15 22:31 . 2008-03-15 22:37 <DIR> d-------- C:\Program Files\SpywareBlaster

2008-03-15 22:31 . 2008-03-15 22:49 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2008-03-15 22:17 . 2008-03-15 22:17 <DIR> d-------- C:\Program Files\BillP Studios

2008-03-15 22:17 . 2008-03-15 22:17 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\WinPatrol

2008-03-15 18:45 . 2008-03-15 18:45 <DIR> d-------- C:\fsaua.data

2008-03-15 18:05 . 2008-03-15 18:05 <DIR> d-------- C:\WINDOWS\LastGood

2008-03-15 14:48 . 2008-03-15 23:57 <DIR> dr-h----- C:\Documents and Settings\Yo\Onlangs geopend

2008-03-15 14:43 . 2008-03-15 14:50 1,526 --a------ C:\WINDOWS\system32\tmp.reg

2008-03-14 13:51 . 2008-03-14 13:51 <DIR> d-------- C:\Deckard

2008-03-14 10:12 . 2008-03-14 10:12 <DIR> d-------- C:\Documents and Settings\Yo\DoctorWeb

2008-03-13 14:35 . 2008-03-13 14:36 <DIR> d-------- C:\Program Files\EsetOnlineScanner

2008-03-13 11:44 . 2008-03-13 12:48 <DIR> d-------- C:\WINDOWS\BDOSCAN8

2008-03-13 11:41 . 2008-03-13 11:41 <DIR> d-------- C:\Program Files\Trend Micro

2008-03-12 17:29 . 2008-03-12 18:04 <DIR> d----c--- C:\WINDOWS\ie8

2008-03-12 10:48 . 2008-03-12 18:04 <DIR> d-------- C:\Program Files\My Lockbox

2008-03-08 22:32 . 2008-03-08 22:32 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS

2008-03-04 12:44 . 2008-03-04 12:44 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard

2008-03-04 12:38 . 2008-03-04 12:47 112,871 --a------ C:\WINDOWS\hpoins07.dat

2008-03-04 12:38 . 2005-05-24 07:50 21,124 --------- C:\WINDOWS\hpomdl07.dat

2008-02-29 08:33 . 2008-02-29 08:33 <DIR> d-------- C:\Program Files\Common Files\PCSuite

2008-02-29 08:11 . 2008-03-06 18:39 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\Nokia

2008-02-29 08:10 . 2008-02-29 08:33 <DIR> d-------- C:\Program Files\Common Files\Nokia

2008-02-29 08:09 . 2008-02-29 08:09 <DIR> d-------- C:\Program Files\PC Connectivity Solution

2008-02-29 08:09 . 2008-02-29 08:33 <DIR> d-------- C:\Program Files\Nokia

2008-02-29 08:09 . 2008-02-29 08:13 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\PC Suite

2008-02-29 08:09 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys

2008-02-29 08:09 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll

2008-02-29 08:09 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys

2008-02-29 08:09 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys

2008-02-29 08:09 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys

2008-02-29 08:07 . 2008-02-29 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations

2008-02-26 18:44 . 2008-02-26 18:44 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\PrevxCSI

2008-02-24 22:14 . 2008-02-24 22:21 <DIR> d-------- C:\Program Files\Crawler(2)

2008-02-21 22:33 . 2008-02-21 22:33 2,542 --a------ C:\WINDOWS\unins000.dat

2008-02-20 22:33 . 2008-02-20 22:33 13,366 --------- C:\WINDOWS\system32\IE8Eula.rtf

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-15 07:23 --------- d-----w C:\Documents and Settings\Yo\Application Data\AVG7

2008-03-15 07:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7

2008-03-08 22:35 --------- d-----w C:\Documents and Settings\Yo\Application Data\Azureus

2008-03-04 11:45 --------- d-----w C:\Program Files\Hewlett-Packard

2008-02-29 07:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite

2008-02-29 07:11 --------- d-----w C:\Program Files\DIFX

2008-02-27 12:05 --------- d-----w C:\Program Files\Windows Live

2008-02-24 21:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy

2008-02-24 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-02-24 16:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-02-14 15:19 --------- d-----w C:\Program Files\Windows Live Safety Center

2008-02-14 14:54 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-02-14 14:54 --------- d-----w C:\Program Files\IBoot

2008-02-14 10:05 --------- d-----w C:\Program Files\Mio Technology

2008-02-14 06:33 --------- d-----w C:\Program Files\eMule

2008-02-14 06:09 --------- d-----w C:\Documents and Settings\Yo\Application Data\Uniblue

2008-02-11 08:39 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll

2008-02-11 08:39 237,568 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll

2008-02-10 16:04 --------- d-----w C:\Documents and Settings\Yo\Application Data\PlayFirst

2008-02-08 12:53 110,592 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll

2008-02-05 07:48 77,824 ----a-w C:\WINDOWS\system32\OnlineScannerUninstaller.exe

2008-02-04 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus

2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR

2008-02-01 10:13 --------- d-----w C:\Program Files\Serials 2000 7.1 Plus

2008-01-31 10:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7

2008-01-29 06:55 --------- d-----w C:\Program Files\Common Files\Logitech

2008-01-29 06:51 --------- d-----w C:\Program Files\Common Files\logishrd

2008-01-29 06:49 --------- d-----w C:\Program Files\Logitech

2008-01-29 06:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd

2008-01-29 06:43 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs

2008-01-24 17:05 --------- d-----w C:\Program Files\InfraRecorder

2008-01-24 17:04 --------- d-----w C:\Documents and Settings\Yo\Application Data\InfraRecorder

2008-01-24 17:03 --------- d-----w C:\Documents and Settings\Yo\Application Data\DVD Flick

2008-01-24 17:01 --------- d-----w C:\Documents and Settings\Yo\Application Data\VSRevoGroup

2008-01-24 16:36 --------- d-----w C:\Program Files\Xvid

2008-01-24 16:36 --------- d-----w C:\Program Files\Windows Media Connect 2

2008-01-24 16:36 --------- d-----w C:\Program Files\SimBoePro

2008-01-24 16:36 --------- d-----w C:\Program Files\Glary Utilities

2008-01-24 16:36 --------- d-----w C:\Program Files\DivX

2008-01-24 16:36 --------- d-----w C:\Program Files\BearShare

2008-01-24 15:55 --------- d-----w C:\Program Files\VS Revo Group

2008-01-24 15:53 --------- d-----w C:\Program Files\Nero(2)

2008-01-24 11:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft

2008-01-24 11:04 --------- d-----w C:\Program Files\Lavasoft

2008-01-23 06:41 --------- d-----w C:\Program Files\SpeedFan

2008-01-22 17:49 --------- d-----w C:\Program Files\HP

2008-01-22 11:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero

2008-01-22 11:21 --------- d-----w C:\Program Files\Nero

2008-01-22 11:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero(2)

2008-01-20 10:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir

2008-01-20 10:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir

2008-01-16 16:43 --------- d-----w C:\Program Files\Mah Jong Quest

2008-01-16 16:43 --------- d-----w C:\Program Files\iDailyDiary

2008-01-16 16:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\espionServerData

2008-01-16 13:38 --------- d-----w C:\Documents and Settings\Yo\Application Data\Nero

2008-01-16 13:21 --------- d-----w C:\Documents and Settings\Yo\Application Data\AVSMedia

2008-01-16 13:18 --------- d-----w C:\Program Files\AVSMedia

2008-01-16 12:57 --------- d-----w C:\Program Files\Common Files\Ahead

2008-01-15 13:12 --------- d-----w C:\Documents and Settings\Yo\Application Data\GlarySoft

2008-01-15 10:36 --------- d-----w C:\Program Files\PCPitstop

2008-01-15 10:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\PCPitstop

2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe

2007-10-07 07:07 10 ----a-w C:\Program Files\.autoreg

2006-10-13 22:20 786,432 -c-ha-w C:\Documents and Settings\Administrator\NTUSER.dat.DAT

2005-05-11 21:36 12,288 -c--a-w C:\WINDOWS\Fonts\RandFont.dll

2004-10-13 16:24 1,694,208 -csha-w C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe

2005-01-16 16:19 4,608 -csha-r C:\WINDOWS\system\DRIVER\cygcrypt-0.dll

2005-01-16 16:19 1,140,617 -csha-r C:\WINDOWS\system\DRIVER\cygwin1.dll

2005-01-28 10:30 1,478 -csha-r C:\WINDOWS\system\DRIVER\servicelogon.dll

2006-04-17 07:20 1,877 -csha-r C:\WINDOWS\system\DRIVER\servicesmgr.dll

2005-01-28 10:30 1,477 -csh--r C:\WINDOWS\system\DRIVER\svchostlogon.dll

2006-04-17 07:20 1,575 -csha-r C:\WINDOWS\system\DRIVER\winlogon.dll

.

------- Sigcheck -------

2007-06-13 14:24 1427456 c17e18eb83c0e02fcf75c0593e1e32bb C:\WINDOWS\explorer.exe

2007-06-13 14:12 1036800 1d6245afbd3faabc16a885116be1874d C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

2001-09-07 13:00 1004544 5cb9a44a47fd7260348cddfb36a7dd14 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

2004-08-04 09:03 1035776 a1d7304a87fc3093150f5e3cc7b0f338 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

2007-06-13 14:24 1427456 c17e18eb83c0e02fcf75c0593e1e32bb C:\WINDOWS\ServicePackFiles\i386\explorer.exe

2007-06-13 14:24 1427456 c17e18eb83c0e02fcf75c0593e1e32bb C:\WINDOWS\system32\dllcache\explorer.exe

.

((((((((((((((((((((((((((((( snapshot@2008-03-15_15.47.32.21 )))))))))))))))))))))))))))))))))))))))))

.

- 2007-03-06 01:58:27 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe

+ 2008-02-27 14:59:28 290,816 ----a-w C:\WINDOWS\Downloaded Program Files\auc_lib.dll

+ 2008-02-27 14:59:28 495,616 ----a-w C:\WINDOWS\Downloaded Program Files\daas_s.dll

+ 2008-02-27 15:00:12 262,144 ----a-w C:\WINDOWS\Downloaded Program Files\fscax.dll

+ 2008-02-27 14:59:16 588,392 ----a-w C:\WINDOWS\Downloaded Program Files\gatelauncher.exe

+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE

- 2007-08-13 17:39:10 13,312 ----a-w C:\WINDOWS\system32\ieudinit.exe

+ 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe

- 2008-03-15 13:59:40 66,076 ----a-w C:\WINDOWS\system32\perfc009.dat

+ 2008-03-15 16:29:01 66,076 ----a-w C:\WINDOWS\system32\perfc009.dat

- 2008-03-15 13:59:40 85,852 ----a-w C:\WINDOWS\system32\perfc013.dat

+ 2008-03-15 16:29:01 85,852 ----a-w C:\WINDOWS\system32\perfc013.dat

- 2008-03-15 13:59:40 409,912 ----a-w C:\WINDOWS\system32\perfh009.dat

+ 2008-03-15 16:29:01 409,912 ----a-w C:\WINDOWS\system32\perfh009.dat

- 2008-03-15 13:59:40 475,620 ----a-w C:\WINDOWS\system32\perfh013.dat

+ 2008-03-15 16:29:01 475,620 ----a-w C:\WINDOWS\system32\perfh013.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360]

"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-06-19 22:36 190024]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-12-17 23:29 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-29 18:53 579072]

"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 06:38 316728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-29 18:53 219136]

"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^eFax DllCmd 4.0.lnk]

backup=C:\WINDOWS\pss\eFax DllCmd 4.0.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^eFax Tray Menu 4.0.lnk]

backup=C:\WINDOWS\pss\eFax Tray Menu 4.0.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]

backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^MioSync.lnk]

backup=C:\WINDOWS\pss\MioSync.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Yo^Menu Start^Programma's^Opstarten^Microsoft Office OneNote 2003 Quick Launch.lnk]

backup=C:\WINDOWS\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Yo^Menu Start^Programma's^Opstarten^SkyPhone2000.lnk]

backup=C:\WINDOWS\pss\SkyPhone2000.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearFlix]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

--a------ 2006-07-29 03:48 9887744 C:\Program Files\BearShare\BearShare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

--a------ 2007-06-27 18:03 152872 C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

--a------ 2004-08-04 09:03 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bouncer RunStartup]

C:\Program Files\Bouncer\liveupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExtraFilmHemmaAgent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPLv3]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

--a------ 2005-05-11 23:12 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iDailyDiary]

--a------ 2005-05-20 11:09 1198592 C:\PROGRA~1\IDAILY~1\iDD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 2200 Series]

-----c--- 2004-02-13 14:07 57344 C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]

--a--c--- 2004-11-01 18:22 262144 C:\WINDOWS\system32\ElkCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mercora]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]

--a--c--- 2006-06-19 22:36 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2007-03-01 14:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

--a------ 2007-12-10 10:12 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarAgent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarTimer]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]

-ra--c--- 2005-06-20 11:53 1056768 C:\Program Files\VIA\RAID\raid_tool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SfKg6wIPu]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sonic RecordNow!]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundService]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-09-25 00:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\telenet_toolkit]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UFD Monitor9382]

--a--c--- 2003-04-24 13:10 45056 C:\Program Files\USB FlashDisk\UFD Utility 2003\ufdlmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UFD Utility9382]

--a--c--- 2003-10-02 09:34 417792 C:\Program Files\USB FlashDisk\UFD Utility 2003\UFDTool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

-ra--c--- 2005-03-07 20:33 53248 C:\WINDOWS\system32\VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]

-ra--c--- 2005-03-11 10:33 147456 C:\WINDOWS\system32\VTTrayp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinButler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

--------- 2006-11-02 21:53 204288 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zango]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Pml Driver HPZ12"=2 (0x2)

"NTSVCMGR"=2 (0x2)

"NTLOAD"=2 (0x2)

"LexBceS"=2 (0x2)

"WMPNetworkSvc"=3 (0x3)

"usnjsvc"=3 (0x3)

"ServiceLayer"=3 (0x3)

"ose"=3 (0x3)

"MDM"=2 (0x2)

"wscsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\WINDOWS\\system32\\mmc.exe"=

"C:\\WINDOWS\\system32\\dxdiag.exe"=

"C:\\WINDOWS\\system32\\dpnsvr.exe"=

"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=

"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupXu.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\WINDOWS\\system32\\rundll32.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\BearShare\\BearShare.exe"=

"C:\\WINDOWS\\system32\\rtcshare.exe"=

"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"C:\\Program Files\\NetMeeting\\conf.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=

"C:\\Documents and Settings\\Yo\\Mijn documenten\\Azureus\\Azureus.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 13:55]

R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 14:29]

R1 sdpiosys;sdpiosys;C:\WINDOWS\system32\drivers\sdpiosys.sys [2004-11-30 11:10]

R2 NMSAccessU;NMSAccessU;F:\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]

S3 A5AGU;D-Link USB Wireless Network Adapter Service;C:\WINDOWS\system32\DRIVERS\A5AGU.sys [2006-09-21 10:19]

S3 cmudau;C-Media USB Sound Interface;C:\WINDOWS\system32\drivers\cmudau.sys []

S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-09-01 13:11]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

CtServ REG_MULTI_SZ CtServ

*Newly Created Service* - F-SECURE_STANDALONE_MINIFILTER

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-16 00:24:36

Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2008-03-16 0:25:54

ComboFix-quarantined-files.txt 2008-03-15 23:25:51

ComboFix2.txt 2008-03-15 20:54:02

ComboFix3.txt 2008-03-15 16:37:34

ComboFix4.txt 2008-03-15 14:47:50

ComboFix5.txt 2008-03-15 13:11:29

.

2008-03-12 17:14:50 --- E O F ---

Link naar reactie
Delen op andere sites
Gast woops

Gast woops

Geplaatst:
Geplaatst:

Ik heb juist nog eens een re-start gedaan en het dosvenster is er nog steeds. het heeft nu in de balk van het venster een reeks rare tekentjes staan met .dll erachter! Dat verandert elke keer als ik opstart.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\WINDOWS\Fonts\RandFont.dll

C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe

C:\WINDOWS\system\DRIVER\cygcrypt-0.dll

C:\WINDOWS\system\DRIVER\servicelogon.dll

C:\WINDOWS\system\DRIVER\servicesmgr.dll

C:\WINDOWS\system\DRIVER\svchostlogon.dll

Registry::

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 –k

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende antwoord samen met een nieuw logje van HijackThis.

En dan lezen we wel of dit iets gewijzigd heeft.

P.S. : die Bearshare zou ik – als ik jou was – zo snel als kan van de PC zwieren. Dat is een bekende bron voor het aantrekken van malware. Maar dat is uiteraard een persoonlijke keuze.

Link naar reactie
Delen op andere sites
Gast woops

Gast woops

Geplaatst:
Geplaatst:

Die bearshare is met licentie, dus geen free edition en zonder spyware. Ik download nooit zip of rar bestanden want die zijn wel gevaarlijk. Ik gebruik hem al eens om een liedje te downloaden maar echt niet veel.

Ik heb gedaan wat je hierboven gezegd hebt en ik post hieronder dan het scanresultaat

ComboFix 08-03-14.4 - Yo 2008-03-16 7:52:10.5 - NTFSx86

Gestart vanuit: C:\Documents and Settings\Yo\Bureaublad\ComboFix.exe

Command switches used :: C:\Documents and Settings\Yo\Bureaublad\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-02-16 to 2008-03-16 ))))))))))))))))))))))))))))))

.

2008-03-15 22:31 . 2008-03-15 22:37 <DIR> d-------- C:\Program Files\SpywareBlaster

2008-03-15 22:31 . 2008-03-15 22:49 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2008-03-15 22:17 . 2008-03-15 22:17 <DIR> d-------- C:\Program Files\BillP Studios

2008-03-15 22:17 . 2008-03-15 22:17 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\WinPatrol

2008-03-15 18:45 . 2008-03-15 18:45 <DIR> d-------- C:\fsaua.data

2008-03-15 14:48 . 2008-03-16 07:44 <DIR> dr-h----- C:\Documents and Settings\Yo\Onlangs geopend

2008-03-15 14:43 . 2008-03-15 14:50 1,526 --a------ C:\WINDOWS\system32\tmp.reg

2008-03-14 13:51 . 2008-03-14 13:51 <DIR> d-------- C:\Deckard

2008-03-14 10:12 . 2008-03-14 10:12 <DIR> d-------- C:\Documents and Settings\Yo\DoctorWeb

2008-03-13 14:35 . 2008-03-13 14:36 <DIR> d-------- C:\Program Files\EsetOnlineScanner

2008-03-13 11:44 . 2008-03-13 12:48 <DIR> d-------- C:\WINDOWS\BDOSCAN8

2008-03-13 11:41 . 2008-03-13 11:41 <DIR> d-------- C:\Program Files\Trend Micro

2008-03-12 17:29 . 2008-03-12 18:04 <DIR> d----c--- C:\WINDOWS\ie8

2008-03-12 10:48 . 2008-03-12 18:04 <DIR> d-------- C:\Program Files\My Lockbox

2008-03-08 22:32 . 2008-03-08 22:32 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS

2008-03-04 12:44 . 2008-03-04 12:44 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard

2008-03-04 12:38 . 2008-03-04 12:47 112,871 --a------ C:\WINDOWS\hpoins07.dat

2008-03-04 12:38 . 2005-05-24 07:50 21,124 --------- C:\WINDOWS\hpomdl07.dat

2008-02-29 08:33 . 2008-02-29 08:33 <DIR> d-------- C:\Program Files\Common Files\PCSuite

2008-02-29 08:11 . 2008-03-06 18:39 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\Nokia

2008-02-29 08:10 . 2008-02-29 08:33 <DIR> d-------- C:\Program Files\Common Files\Nokia

2008-02-29 08:09 . 2008-02-29 08:09 <DIR> d-------- C:\Program Files\PC Connectivity Solution

2008-02-29 08:09 . 2008-02-29 08:33 <DIR> d-------- C:\Program Files\Nokia

2008-02-29 08:09 . 2008-02-29 08:13 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\PC Suite

2008-02-29 08:09 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys

2008-02-29 08:09 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll

2008-02-29 08:09 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys

2008-02-29 08:09 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys

2008-02-29 08:09 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys

2008-02-29 08:07 . 2008-02-29 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations

2008-02-26 18:44 . 2008-02-26 18:44 <DIR> d-------- C:\Documents and Settings\Yo\Application Data\PrevxCSI

2008-02-24 22:14 . 2008-02-24 22:21 <DIR> d-------- C:\Program Files\Crawler(2)

2008-02-21 22:33 . 2008-02-21 22:33 2,542 --a------ C:\WINDOWS\unins000.dat

2008-02-20 22:33 . 2008-02-20 22:33 13,366 --------- C:\WINDOWS\system32\IE8Eula.rtf

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-15 07:23 --------- d-----w C:\Documents and Settings\Yo\Application Data\AVG7

2008-03-15 07:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7

2008-03-08 22:35 --------- d-----w C:\Documents and Settings\Yo\Application Data\Azureus

2008-03-04 11:45 --------- d-----w C:\Program Files\Hewlett-Packard

2008-02-29 07:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite

2008-02-29 07:11 --------- d-----w C:\Program Files\DIFX

2008-02-27 12:05 --------- d-----w C:\Program Files\Windows Live

2008-02-24 21:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy

2008-02-24 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-02-24 16:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-02-14 15:19 --------- d-----w C:\Program Files\Windows Live Safety Center

2008-02-14 14:54 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-02-14 14:54 --------- d-----w C:\Program Files\IBoot

2008-02-14 10:05 --------- d-----w C:\Program Files\Mio Technology

2008-02-14 06:33 --------- d-----w C:\Program Files\eMule

2008-02-14 06:09 --------- d-----w C:\Documents and Settings\Yo\Application Data\Uniblue

2008-02-11 08:39 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll

2008-02-11 08:39 237,568 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll

2008-02-10 16:04 --------- d-----w C:\Documents and Settings\Yo\Application Data\PlayFirst

2008-02-08 12:53 110,592 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll

2008-02-05 07:48 77,824 ----a-w C:\WINDOWS\system32\OnlineScannerUninstaller.exe

2008-02-04 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus

2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR

2008-02-01 10:13 --------- d-----w C:\Program Files\Serials 2000 7.1 Plus

2008-01-31 10:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7

2008-01-29 06:55 --------- d-----w C:\Program Files\Common Files\Logitech

2008-01-29 06:51 --------- d-----w C:\Program Files\Common Files\logishrd

2008-01-29 06:49 --------- d-----w C:\Program Files\Logitech

2008-01-29 06:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd

2008-01-29 06:43 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs

2008-01-24 17:05 --------- d-----w C:\Program Files\InfraRecorder

2008-01-24 17:04 --------- d-----w C:\Documents and Settings\Yo\Application Data\InfraRecorder

2008-01-24 17:03 --------- d-----w C:\Documents and Settings\Yo\Application Data\DVD Flick

2008-01-24 17:01 --------- d-----w C:\Documents and Settings\Yo\Application Data\VSRevoGroup

2008-01-24 16:36 --------- d-----w C:\Program Files\Xvid

2008-01-24 16:36 --------- d-----w C:\Program Files\Windows Media Connect 2

2008-01-24 16:36 --------- d-----w C:\Program Files\SimBoePro

2008-01-24 16:36 --------- d-----w C:\Program Files\Glary Utilities

2008-01-24 16:36 --------- d-----w C:\Program Files\DivX

2008-01-24 16:36 --------- d-----w C:\Program Files\BearShare

2008-01-24 15:55 --------- d-----w C:\Program Files\VS Revo Group

2008-01-24 15:53 --------- d-----w C:\Program Files\Nero(2)

2008-01-24 11:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft

2008-01-24 11:04 --------- d-----w C:\Program Files\Lavasoft

2008-01-23 06:41 --------- d-----w C:\Program Files\SpeedFan

2008-01-22 17:49 --------- d-----w C:\Program Files\HP

2008-01-22 11:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero

2008-01-22 11:21 --------- d-----w C:\Program Files\Nero

2008-01-22 11:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero(2)

2008-01-20 10:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir

2008-01-20 10:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir

2008-01-16 16:43 --------- d-----w C:\Program Files\Mah Jong Quest

2008-01-16 16:43 --------- d-----w C:\Program Files\iDailyDiary

2008-01-16 16:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\espionServerData

2008-01-16 13:38 --------- d-----w C:\Documents and Settings\Yo\Application Data\Nero

2008-01-16 13:21 --------- d-----w C:\Documents and Settings\Yo\Application Data\AVSMedia

2008-01-16 13:18 --------- d-----w C:\Program Files\AVSMedia

2008-01-16 12:57 --------- d-----w C:\Program Files\Common Files\Ahead

2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe

2007-10-07 07:07 10 ----a-w C:\Program Files\.autoreg

2006-10-13 22:20 786,432 -c-ha-w C:\Documents and Settings\Administrator\NTUSER.dat.DAT

2005-05-11 21:36 12,288 -c--a-w C:\WINDOWS\Fonts\RandFont.dll

2004-10-13 16:24 1,694,208 -csha-w C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe

2005-01-16 16:19 4,608 -csha-r C:\WINDOWS\system\DRIVER\cygcrypt-0.dll

2005-01-16 16:19 1,140,617 -csha-r C:\WINDOWS\system\DRIVER\cygwin1.dll

2005-01-28 10:30 1,478 -csha-r C:\WINDOWS\system\DRIVER\servicelogon.dll

2006-04-17 07:20 1,877 -csha-r C:\WINDOWS\system\DRIVER\servicesmgr.dll

2005-01-28 10:30 1,477 -csh--r C:\WINDOWS\system\DRIVER\svchostlogon.dll

2006-04-17 07:20 1,575 -csha-r C:\WINDOWS\system\DRIVER\winlogon.dll

.

------- Sigcheck -------

2007-06-13 14:24 1427456 c17e18eb83c0e02fcf75c0593e1e32bb C:\WINDOWS\explorer.exe

2007-06-13 14:12 1036800 1d6245afbd3faabc16a885116be1874d C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

2001-09-07 13:00 1004544 5cb9a44a47fd7260348cddfb36a7dd14 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

2004-08-04 09:03 1035776 a1d7304a87fc3093150f5e3cc7b0f338 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

2007-06-13 14:24 1427456 c17e18eb83c0e02fcf75c0593e1e32bb C:\WINDOWS\ServicePackFiles\i386\explorer.exe

2007-06-13 14:24 1427456 c17e18eb83c0e02fcf75c0593e1e32bb C:\WINDOWS\system32\dllcache\explorer.exe

.

((((((((((((((((((((((((((((( snapshot@2008-03-15_15.47.32.21 )))))))))))))))))))))))))))))))))))))))))

.

- 2007-03-06 01:58:27 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe

+ 2008-02-27 14:59:28 290,816 ----a-w C:\WINDOWS\Downloaded Program Files\auc_lib.dll

+ 2008-02-27 14:59:28 495,616 ----a-w C:\WINDOWS\Downloaded Program Files\daas_s.dll

+ 2008-02-27 15:00:12 262,144 ----a-w C:\WINDOWS\Downloaded Program Files\fscax.dll

+ 2008-02-27 14:59:16 588,392 ----a-w C:\WINDOWS\Downloaded Program Files\gatelauncher.exe

+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE

- 2007-08-13 17:39:10 13,312 ----a-w C:\WINDOWS\system32\ieudinit.exe

+ 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe

- 2008-03-15 13:59:40 66,076 ----a-w C:\WINDOWS\system32\perfc009.dat

+ 2008-03-16 06:36:35 66,076 ----a-w C:\WINDOWS\system32\perfc009.dat

- 2008-03-15 13:59:40 85,852 ----a-w C:\WINDOWS\system32\perfc013.dat

+ 2008-03-16 06:36:35 85,852 ----a-w C:\WINDOWS\system32\perfc013.dat

- 2008-03-15 13:59:40 409,912 ----a-w C:\WINDOWS\system32\perfh009.dat

+ 2008-03-16 06:36:35 409,912 ----a-w C:\WINDOWS\system32\perfh009.dat

- 2008-03-15 13:59:40 475,620 ----a-w C:\WINDOWS\system32\perfh013.dat

+ 2008-03-16 06:36:35 475,620 ----a-w C:\WINDOWS\system32\perfh013.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360]

"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-06-19 22:36 190024]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-12-17 23:29 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-29 18:53 579072]

"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 06:38 316728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-29 18:53 219136]

"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^eFax DllCmd 4.0.lnk]

backup=C:\WINDOWS\pss\eFax DllCmd 4.0.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^eFax Tray Menu 4.0.lnk]

backup=C:\WINDOWS\pss\eFax Tray Menu 4.0.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]

backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^MioSync.lnk]

backup=C:\WINDOWS\pss\MioSync.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Yo^Menu Start^Programma's^Opstarten^Microsoft Office OneNote 2003 Quick Launch.lnk]

backup=C:\WINDOWS\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Yo^Menu Start^Programma's^Opstarten^SkyPhone2000.lnk]

backup=C:\WINDOWS\pss\SkyPhone2000.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearFlix]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

--a------ 2006-07-29 03:48 9887744 C:\Program Files\BearShare\BearShare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

--a------ 2007-06-27 18:03 152872 C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

--a------ 2004-08-04 09:03 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bouncer RunStartup]

C:\Program Files\Bouncer\liveupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExtraFilmHemmaAgent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPLv3]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

--a------ 2005-05-11 23:12 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iDailyDiary]

--a------ 2005-05-20 11:09 1198592 C:\PROGRA~1\IDAILY~1\iDD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 2200 Series]

-----c--- 2004-02-13 14:07 57344 C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]

--a--c--- 2004-11-01 18:22 262144 C:\WINDOWS\system32\ElkCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mercora]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]

--a--c--- 2006-06-19 22:36 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2007-03-01 14:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

--a------ 2007-12-10 10:12 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarAgent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarTimer]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]

-ra--c--- 2005-06-20 11:53 1056768 C:\Program Files\VIA\RAID\raid_tool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SfKg6wIPu]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sonic RecordNow!]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundService]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-09-25 00:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\telenet_toolkit]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UFD Monitor9382]

--a--c--- 2003-04-24 13:10 45056 C:\Program Files\USB FlashDisk\UFD Utility 2003\ufdlmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UFD Utility9382]

--a--c--- 2003-10-02 09:34 417792 C:\Program Files\USB FlashDisk\UFD Utility 2003\UFDTool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

-ra--c--- 2005-03-07 20:33 53248 C:\WINDOWS\system32\VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]

-ra--c--- 2005-03-11 10:33 147456 C:\WINDOWS\system32\VTTrayp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinButler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

--------- 2006-11-02 21:53 204288 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zango]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Pml Driver HPZ12"=2 (0x2)

"NTSVCMGR"=2 (0x2)

"NTLOAD"=2 (0x2)

"LexBceS"=2 (0x2)

"WMPNetworkSvc"=3 (0x3)

"usnjsvc"=3 (0x3)

"ServiceLayer"=3 (0x3)

"ose"=3 (0x3)

"MDM"=2 (0x2)

"wscsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\WINDOWS\\system32\\mmc.exe"=

"C:\\WINDOWS\\system32\\dxdiag.exe"=

"C:\\WINDOWS\\system32\\dpnsvr.exe"=

"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=

"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupXu.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\WINDOWS\\system32\\rundll32.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\BearShare\\BearShare.exe"=

"C:\\WINDOWS\\system32\\rtcshare.exe"=

"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"C:\\Program Files\\NetMeeting\\conf.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=

"C:\\Documents and Settings\\Yo\\Mijn documenten\\Azureus\\Azureus.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 13:55]

R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 14:29]

R1 sdpiosys;sdpiosys;C:\WINDOWS\system32\drivers\sdpiosys.sys [2004-11-30 11:10]

R2 NMSAccessU;NMSAccessU;F:\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]

S3 A5AGU;D-Link USB Wireless Network Adapter Service;C:\WINDOWS\system32\DRIVERS\A5AGU.sys [2006-09-21 10:19]

S3 cmudau;C-Media USB Sound Interface;C:\WINDOWS\system32\drivers\cmudau.sys []

S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-09-01 13:11]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

CtServ REG_MULTI_SZ CtServ

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-16 07:55:03

Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2008-03-16 7:56:31

ComboFix-quarantined-files.txt 2008-03-16 06:56:27

ComboFix2.txt 2008-03-15 23:25:55

ComboFix3.txt 2008-03-15 20:54:02

ComboFix4.txt 2008-03-15 16:37:34

ComboFix5.txt 2008-03-15 14:47:50

.

2008-03-12 17:14:50 --- E O F ---

Link naar reactie
Delen op andere sites
Gast woops

Gast woops

Geplaatst:
Geplaatst:

Ik heb ook een smitfraud gedaan en nu blijkt het venster niet meer te komen. Ik heb smitfraud uitgevoerd in veilige modus en eerst ge-update. Dan heb ik optie 2 gekozen en laten scannen. Hieronder plak ik het resultaat.

SmitFraudFix v2.305

Scan done at 8:47:53,29, zo 16/03/2008

Run from C:\Documents and Settings\Yo\Mijn documenten\programma's\Tools\SmitfraudFix

OS: Microsoft Windows XP [versie 5.1.2600] - Windows_NT

The filesystem type is NTFS

Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{FA365F7F-C4DA-4970-861E-09DDBF21486C}: DhcpNameServer=192.168.123.254

HKLM\SYSTEM\CS1\Services\Tcpip\..\{FA365F7F-C4DA-4970-861E-09DDBF21486C}: DhcpNameServer=192.168.123.254

HKLM\SYSTEM\CS3\Services\Tcpip\..\{FA365F7F-C4DA-4970-861E-09DDBF21486C}: DhcpNameServer=192.168.123.254

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.123.254

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.123.254

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.123.254

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

Link naar reactie
Delen op andere sites
Gast woops

Gast woops

Geplaatst:
Geplaatst:

Als je die hele boterham hierboven hebt nagekeken en als ik geen verdere stappen moet ondernemen dan mag je dit onderwerp als opgelost zien en afsluiten. Ik zou je nog wel een bedankje willen geven voor al de moeite en tijd die je in mijn probleem gestoken hebt.

BEDANKT EN JE VERDIENT HIERBIJ EEN DIKKE BOS BLOEMEN (ik kon geen gepaste smiley vinden dus heb ik het maar in hoofdletters gezet)

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dit ziet er perfect uit. Nu is het enkel nog nodig om wat gebruikte programma's te verwijderen, een deftige cleaning te doen en je oude (besmette) herstelpunten te verwijderen (zodat je deze niet opnieuw kan gebruiken en daarmee de PC opnieuw zou besmetten). En ook je Java is nog aan een update toe.

Verwijder Combofix: Start -> Uitvoeren en typ: combofix /u

Combofix wordt verwijderd en een nieuw systeemherstelpunt wordt aangemaakt.

Download CCleaner.

Installeer het en start het op. Klik in de linkse kolom op “Opties”. Selecteer het tabblad ‘Geavanceerd’ en haal het vinkje weg voor “Verwijder alleen tijdelijke bestanden in de Windows systeemmap die ouder zijn dan 48 uur” en sluit hierna het programma.

Start CCleaner op en klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Opschonen'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scannen voor fouten’. Als er fouten gevonden worden klik je op ”alle fouten herstellen” en ”OK”. Sluit hierna CCleaner terug af..

Het is aangewezen om alle bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen.

- Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.

- Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".

- Zet een vinkje voor "Systeemherstel uitschakelen".

- Klik "Toepassen".

- Windows vraagt of je dat zeker weet.

- Klik "Ja".

- Klik "OK".

- Start de pc opnieuw op.

- Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.

- Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"

- Klik "Ja".

- Verwijder het vinkje voor "Systeemherstel uitschakelen".

- Klik "Toepassen".

- Klik "OK".

- Start de pc opnieuw op

- Er is nu een nieuw herstelpunt aangemaakt.

Je Java software is verouderd. Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem. Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren.

Download Java Runtime Environment (JRE) 6u5.

  • Scroll omlaag naar : "Java Runtime Environment (JRE) 6u5".
  • Klik op de "Download" knop aan de rechterkant.
  • In het uitklapmenu rechts naast Platform, selecteer “Windows”.
  • Vink aan: "I agree to the Java SE Runtime Environment 6 License Agreement", en klik op “Continue”.
  • De pagina zal herladen.
  • Klik op de jre-6u5-windows-i586-p.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
  • Sluit alle programma's die eventueel open zijn, zeker je webbrowser.
  • Ga dan naar Start -> Configuratiescherm -> Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
  • Klik dan op “Verwijderen” of op de “Wijzig/Verwijder” knop.
  • Herhaal dit tot alle oudere versies verdwenen zijn.
  • Na het verwijderen van alle oudere versies, herstart je pc.
  • Dubbelklik vervolgens op jre-6u5-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.

Als je dit alles hebt uitgevoerd, mogen de boeken dicht. En bedankt voor de "bloemen" :laugh: :laugh: :laugh:

Link naar reactie
Delen op andere sites
Gast yoke

Gast yoke

Geplaatst:
Geplaatst:

hallo, ik log nu in onder een andere nick want het is woops hier. Ik weet niet waardoor het komt maar ik kan op geen enkele manier meer aanmelden.

Mijn probleem is nog steeds niet opgelost.

In het rare dosvenstertje stond er nu een regel nl:

c:\windows\system32\mfc42loc.dll

Ik heb mijn windows opgestart en dit opgezocht via start-zoeken

Het bestand is dus ook gevonden in de windows map C:\WINDOWS\system32 het is een toepassingsuitbreiding van datum 2001-09-07 bij de kenmerken staat een A

Ik heb dan weer eens een re-start gedaan en dan krijg ik het venster weer met rare tekentjes maar de link was nu weg, er staat telkens iets anders in.

Het venster verschijnt als volgt

windowsscherm komt op en dan lopen de blokjes onder het windows logo, scherm wordt even zwart en dan floep dat onnozele venster. Als ik op ok druk start het welkomscherm op en windows start dan verder op.

vooraleer ik nu die java installeer zou ik graag weten wat ik moet doen.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Je mag die nieuwe Java zeker eerst installeren.

En het venster zou (eventueel) kunnen komen van een foutje in je Windows, veroorzaakt door die besmetting. Je kan eens proberen om dit met sfc /scannow te testen. Via Start -> Uitvoeren -> typ sfc /scannow Let op de spatie voor de slash. Het kan dat je tijdens de procedure gevraagd wordt naar je Windows-CD.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.