Ga naar inhoud

soufyenne

Lid
  • Items

    9
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door soufyenne

  1. kdenk dat aant spel zelf ligt dat hij mss windows 7 niet goed ondersteund keb mij een resentere spel gekocht gta 4 en werkt nu perfect en resolutie is ook goed dus ligt vast aan de game zelf
  2. hallo ik heb onlangs een nieuwe laptop gekocht hier zijn de gegevens Naam van besturingssysteem Microsoft Windows 7 Home Premium 64bits Systeemfabrikant Dell Inc. Processor Intel® Core i7 CPU Q 740 @ 1.73GHz, 1730 MHz, 4 core('s), 8 logische Geïnstalleerd fysiek geheugen (RAM) 4,00 GB beeldscherm 15 inch Naam ATI Mobility Radeon HD 5650 RAM-geheugen 1,00 GB (1.073.741.824 bytes) mijn beeldscherm resolutie staan op 1366 x 768 x 60 Hz het probleem is als ik een spel installeer en afspeel dat mijn resolutie mr max op 1042x768 en ik weet niet hoe dit komt heb gekeken bij opties van het spel,de drivers zijn up to date en heb gekeken bij instellingen van de software die is bijgeleverd door ati voor de instellingen van het beeldscherm te veranderen maar helaas niets werkt terwijl deze games wel werkten op mijn vaste pc en daar kon ik ook andere resoluties selecteren waaronder 1366x768 maar pc was wel op xp . ook eens gekeken op internet of deze spelen niet kunnen gespeeld worden op windows 7 en er staat dat het normaal perfect zou werken dus ik weet echt niet meer wat ik nog kan doen weet iemand iets? of zelfde probleem gehad ?
  3. veel beter merci mag microsoft recovery nu weg? en zo ja hoe doe je dat en wr vr dient da ?
  4. ComboFix 11-01-08.04 - user 07-01-2011 14:56:20.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.493 [GMT 1:00] Gestart vanuit: d:\documents and settings\user\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: d:\documents and settings\user\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "d:\windows\system32\drivers\hitmanpro35.sys" "d:\windows\system32\tmp08DCA.FOT" "d:\windows\system32\tmp2D5F2.FOT" "d:\windows\system32\tmp705F2.FOT" "d:\windows\system32\tmpA7ECA.FOT" "d:\windows\system32\tmpFC3F2.FOT" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . d:\windows\system32\drivers\hitmanpro35.sys d:\windows\system32\ps2.bat d:\windows\system32\UNWISE.EXE . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_qlnlijy (((((((((((((((((((( Bestanden Gemaakt van 2010-12-07 to 2011-01-07 )))))))))))))))))))))))))))))) . 2011-01-06 16:25 . 2011-01-07 13:51 -------- d--h--r- d:\documents and settings\user\Onlangs geopend 2011-01-05 14:57 . 2010-11-10 04:33 6273872 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{B1D701EB-2903-4A90-8007-360AB0B2AA4D}\mpengine.dll 2011-01-04 14:49 . 2011-01-04 14:49 -------- d-----w- d:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-04 14:49 . 2011-01-06 17:23 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware 2011-01-03 16:20 . 2011-01-03 16:20 1409 ----a-w- d:\windows\system32\tmpA7ECA.FOT 2011-01-03 16:20 . 2011-01-03 16:20 1409 ----a-w- d:\windows\system32\tmp08DCA.FOT 2011-01-03 16:15 . 2000-01-05 14:19 86016 ----a-w- d:\windows\unvise32qt.exe 2011-01-03 14:30 . 2011-01-03 14:30 388096 ----a-r- d:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-03 14:30 . 2011-01-03 14:30 -------- d-----w- d:\program files\Trend Micro 2011-01-03 13:16 . 2011-01-03 13:26 -------- d-----w- d:\program files\TweakNow RegCleaner 2011-01-03 13:16 . 2011-01-03 13:26 -------- d-----w- d:\documents and settings\user\Application Data\TweakNow RegCleaner 2011-01-02 22:44 . 2011-01-02 22:44 -------- d--h--r- d:\documents and settings\Gast.COMPUTER\Onlangs geopend 2011-01-01 16:02 . 2011-01-01 16:02 -------- d-----w- d:\documents and settings\user\Application Data\dvdcss 2010-12-27 17:26 . 2010-12-27 17:26 -------- d-----w- d:\documents and settings\All Users\Application Data\Ashampoo 2010-12-23 22:54 . 2010-12-23 22:54 -------- d-----w- d:\program files\Microsoft Silverlight 2010-12-23 18:48 . 2010-12-23 18:48 -------- d-----w- D:\Programmabestanden 2010-12-17 22:43 . 2010-12-17 22:43 -------- d-----w- d:\documents and settings\user\Local Settings\Application Data\Microsoft_Corporation 2010-12-17 22:34 . 2010-12-17 22:34 -------- d-----w- d:\windows\system32\winrm 2010-12-17 22:07 . 2010-12-17 22:07 -------- d-----w- d:\documents and settings\user\Application Data\BSD 2010-12-17 22:07 . 2010-12-17 22:07 -------- d-----w- d:\documents and settings\All Users\Application Data\BSD 2010-12-17 22:07 . 2010-12-08 23:42 2226176 ----a-w- d:\windows\bsdsetup.dll 2010-12-13 22:10 . 2010-12-16 15:32 -------- d-----w- d:\program files\Windows Live Safety Center . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-24 18:36 . 2009-03-16 20:31 73728 ----a-w- d:\windows\ALCFDRTM.VER 2010-11-29 20:11 . 2010-02-19 20:32 189480 ----a-w- d:\windows\system32\PnkBstrB.xtr 2010-11-29 20:03 . 2009-03-11 13:35 137544 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys 2010-11-29 20:03 . 2009-03-11 13:34 189480 ----a-w- d:\windows\system32\PnkBstrB.exe 2010-11-29 19:37 . 2010-11-29 19:36 138056 ----a-w- d:\documents and settings\user\Application Data\PnkBstrK.sys 2010-11-29 19:36 . 2009-03-11 13:34 75064 ----a-w- d:\windows\system32\PnkBstrA.exe 2010-11-29 17:36 . 2010-11-29 19:35 3360624 ----a-w- d:\windows\system32\pbsvc.exe 2010-11-21 17:08 . 2010-11-21 17:08 1409 ----a-w- d:\windows\system32\tmpFC3F2.FOT 2010-11-21 17:08 . 2010-11-21 17:08 1409 ----a-w- d:\windows\system32\tmp705F2.FOT 2010-11-21 17:08 . 2010-11-21 17:08 1409 ----a-w- d:\windows\system32\tmp2D5F2.FOT 2010-11-18 18:15 . 2009-03-08 14:20 86016 ----a-w- d:\windows\system32\isign32.dll 2010-11-12 17:53 . 2010-10-11 16:47 472808 ----a-w- d:\windows\system32\deployJava1.dll 2010-11-12 15:34 . 2009-03-14 22:43 73728 ----a-w- d:\windows\system32\javacpl.cpl 2010-11-10 04:33 . 2010-11-14 16:28 6273872 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2010-11-06 00:23 . 2008-05-05 20:32 916480 ----a-w- d:\windows\system32\wininet.dll 2010-11-06 00:23 . 2008-05-05 20:32 43520 ----a-w- d:\windows\system32\licmgr10.dll 2010-11-06 00:23 . 2008-05-05 20:32 1469440 ------w- d:\windows\system32\inetcpl.cpl 2010-11-05 15:54 . 2009-03-10 21:07 499712 ----a-w- d:\windows\system32\msvcp71.dll 2010-11-05 15:54 . 2009-03-10 21:07 348160 ----a-w- d:\windows\system32\msvcr71.dll 2010-11-03 12:27 . 2008-05-05 20:32 385024 ----a-w- d:\windows\system32\html.iec 2010-11-02 15:17 . 2008-04-13 22:27 40960 ----a-w- d:\windows\system32\drivers\ndproxy.sys 2010-10-30 15:46 . 2010-10-29 20:59 536666 ----a-w- d:\documents and settings\All Users\Application Data\bdinstall.bin 2010-10-28 13:09 . 2008-04-14 20:30 290048 ----a-w- d:\windows\system32\atmfd.dll 2010-10-26 14:00 . 2008-04-14 20:05 1853440 ----a-w- d:\windows\system32\win32k.sys 2010-10-19 09:41 . 2009-10-02 16:01 222080 ------w- d:\windows\system32\MpSigStub.exe 2010-10-15 18:06 . 2010-05-06 16:30 165232 -c-ha-w- d:\documents and settings\user\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll . ------- Sigcheck ------- [-] 2008-05-05 . 497BEF5C5FAD126CA16437C1682F64EA . 1571840 . . [5.1.2600.5512] . . d:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot@2011-01-06_18.05.14 ))))))))))))))))))))))))))))))))))))))))) . + 2011-01-07 14:06 . 2011-01-07 14:06 16384 d:\windows\Temp\Perflib_Perfdata_6a8.dat + 2011-01-06 18:59 . 2010-11-12 17:53 157472 d:\windows\system32\javaws.exe + 2011-01-06 18:59 . 2010-11-12 17:53 145184 d:\windows\system32\javaw.exe - 2010-10-13 12:10 . 2010-09-15 02:50 145184 d:\windows\system32\javaw.exe + 2011-01-06 18:59 . 2010-11-12 17:53 145184 d:\windows\system32\java.exe - 2010-10-13 12:10 . 2010-09-15 02:50 145184 d:\windows\system32\java.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="d:\program files\Pando Networks\Media Booster\PMB.exe" [2010-10-26 2937528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-04-06 90112] "AlcWzrd"="ALCWZRD.EXE" [2005-04-06 2805248] "type32"="d:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032] "IntelliPoint"="d:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800] "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "avast5"="d:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912] "NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2007-08-28 8466432] "nwiz"="nwiz.exe" [2007-08-28 1626112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:1758a091a618\0d:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0d:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2006-11-03 18:20 866584 ----a-w- d:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "s7oiehsx"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "d:\\Program Files\\Messenger\\msmsgs.exe"= "d:\\Program Files\\Java\\jre6\\bin\\java.exe"= "d:\\WINDOWS\\system32\\dpvsetup.exe"= "d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "d:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "d:\\Program Files\\EPLAN\\Education\\1.9.10\\BIN\\W3u.exe"= "d:\\WINDOWS\\system32\\PnkBstrA.exe"= "d:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Program Files\\Steam\\Steam.exe"= "d:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "d:\\Program Files\\Steam\\steamapps\\soufyenne_elb\\counter-strike\\hl.exe"= "d:\\Program Files\\Steam\\steamapps\\soufyenne_elb\\condition zero\\hl.exe"= "d:\\Program Files\\Steam\\steamapps\\youssefel\\counter-strike\\hl.exe"= "d:\\Program Files\\Steam\\steamapps\\youssefel\\condition zero\\hl.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "59113:TCP"= 59113:TCP:Pando Media Booster "59113:UDP"= 59113:UDP:Pando Media Booster "23849:TCP"= 23849:TCP:@xpsp2res.dll,-22009 "50578:TCP"= 50578:TCP:@xpsp2res.dll,-22009 "57874:TCP"= 57874:TCP:Pando Media Booster "57874:UDP"= 57874:UDP:Pando Media Booster "5985:TCP"= 5985:TCP:Windows Remote Management "1053:TCP"= 1053:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [14-11-2010 0:04 165584] R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [14-11-2010 0:04 17744] R2 WinDefend;Windows Defender;d:\program files\Windows Defender\MsMpEng.exe [3-11-2006 19:19 13592] R3 ndisrd;WinpkFilter Service;d:\windows\system32\drivers\ndisrd.sys [18-7-2010 21:19 20480] S2 gupdate;Google Updateservice (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [12-5-2010 15:38 136176] S2 oiwqmhqq;Microsoft USB Universal Host Controller Miniport Monitor;d:\windows\System32\svchost.exe -k netsvcs [14-4-2008 21:33 14336] S3 AVFSFilter;AVFSFilter;d:\windows\system32\DRIVERS\avfsfilter.sys --> d:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 FsUsbExDisk;FsUsbExDisk;d:\windows\system32\FsUsbExDisk.Sys [24-4-2010 19:12 36608] S3 WinRM;Windows Remote Management (WS-Management);d:\windows\system32\svchost.exe -k WINRM [14-4-2008 21:33 14336] S4 s7oiehsx;SIMATIC IEPG Help Service;c:\program files\common files\Siemens\S7IEPG\s7oiehsx.exe [7-7-2004 12:17 200769] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper WINRM REG_MULTI_SZ WINRM HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs oiwqmhqq . Inhoud van de 'Gedeelde Taken' map 2011-01-07 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job - d:\program files\Google\Update\GoogleUpdate.exe [2010-05-12 14:38] 2011-01-07 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job - d:\program files\Google\Update\GoogleUpdate.exe [2010-05-12 14:38] 2011-01-07 d:\windows\Tasks\MP Scheduled Scan.job - d:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Google Sidewiki... - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxp://secure.gopetslive.com/dev/GoPetsWeb.cab . - - - - ORPHANS VERWIJDERD - - - - AddRemove-Hardlock Device Drivers - d:\windows\system32\UNWISE.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-07 15:06 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... d:\windows\TEMP\TMP0000000A1CA95DABE1F16595 524288 bytes Scan succesvol afgerond verborgen bestanden: 1 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-606747145-1580436667-1606980848-1004\Software\SecuROM\License information*] "datasecu"=hex:86,f2,6b,b0,5a,6e,be,3d,52,dd,c1,0f,d6,38,3c,a9,1c,74,20,04,8c, 3c,62,78,fe,3d,9a,61,1a,8c,36,7f,0e,56,b2,48,c8,48,f2,35,80,7f,54,00,0f,de,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(560) d:\windows\system32\nview.dll d:\windows\system32\NVWRSNL.DLL d:\progra~1\WINDOW~2\wmpband.dll d:\windows\system32\msi.dll d:\windows\system32\nvwddi.dll d:\windows\system32\webcheck.dll d:\windows\system32\WPDShServiceObj.dll d:\windows\system32\PortableDeviceTypes.dll d:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . d:\program files\Alwil Software\Avast5\AvastSvc.exe d:\program files\Java\jre6\bin\jqs.exe d:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe d:\windows\system32\nvsvc32.exe d:\windows\system32\PnkBstrA.exe d:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe d:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe d:\windows\SOUNDMAN.EXE d:\windows\ALCWZRD.EXE d:\windows\system32\rundll32.exe d:\windows\system32\wscntfy.exe . ************************************************************************** . Voltooingstijd: 2011-01-07 15:12:47 - machine werd herstart ComboFix-quarantined-files.txt 2011-01-07 14:12 ComboFix2.txt 2011-01-06 18:09 Pre-Run: 153.637.834.752 bytes beschikbaar Post-Run: 153.586.126.848 bytes beschikbaar - - End Of File - - 1371C0192E3FDA757123EC70A0BD51E7 hijacklog: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:16:06, on 7-1-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Windows Defender\MsMpEng.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Alwil Software\Avast5\AvastSvc.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\PnkBstrA.exe D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\SOUNDMAN.EXE D:\WINDOWS\ALCWZRD.EXE D:\Program Files\Microsoft IntelliType Pro\type32.exe D:\Program Files\Microsoft IntelliPoint\point32.exe D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\Alwil Software\Avast5\avastUI.exe D:\Program Files\Pando Networks\Media Booster\PMB.exe D:\WINDOWS\system32\rundll32.exe D:\WINDOWS\system32\wscntfy.exe D:\WINDOWS\explorer.exe D:\Program Files\Internet Explorer\iexplore.exe D:\Program Files\Internet Explorer\iexplore.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: AL2Spy Class - {DC200356-0864-4F66-8964-5D43A19300F5} - D:\WINDOWS\AUTOLO~1\AL2DLL.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [type32] "D:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "D:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - http://secure.gopetslive.com/dev/GoPetsWeb.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe -- End of file - 7888 bytes
  5. ComboFix 11-01-07.02 - user 06-01-2011 18:55:09.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.556 [GMT 1:00] Gestart vanuit: d:\documents and settings\user\Bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf d:\documents and settings\user\.COMMgr d:\documents and settings\user\Application Data\Desktopicon d:\documents and settings\user\Application Data\Desktopicon\config.ini . (((((((((((((((((((( Bestanden Gemaakt van 2010-12-06 to 2011-01-06 )))))))))))))))))))))))))))))) . 2011-01-06 16:25 . 2011-01-06 16:25 -------- d--h--r- d:\documents and settings\user\Onlangs geopend 2011-01-05 14:57 . 2010-11-10 04:33 6273872 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{B1D701EB-2903-4A90-8007-360AB0B2AA4D}\mpengine.dll 2011-01-04 14:49 . 2011-01-04 14:49 -------- d-----w- d:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-04 14:49 . 2011-01-06 17:23 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware 2011-01-03 16:20 . 2011-01-03 16:20 1409 ----a-w- d:\windows\system32\tmpA7ECA.FOT 2011-01-03 16:20 . 2011-01-03 16:20 1409 ----a-w- d:\windows\system32\tmp08DCA.FOT 2011-01-03 16:15 . 2000-01-05 14:19 86016 ----a-w- d:\windows\unvise32qt.exe 2011-01-03 14:30 . 2011-01-03 14:30 388096 ----a-r- d:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-03 14:30 . 2011-01-03 14:30 -------- d-----w- d:\program files\Trend Micro 2011-01-03 13:16 . 2011-01-03 13:26 -------- d-----w- d:\program files\TweakNow RegCleaner 2011-01-03 13:16 . 2011-01-03 13:26 -------- d-----w- d:\documents and settings\user\Application Data\TweakNow RegCleaner 2011-01-02 22:44 . 2011-01-02 22:44 -------- d--h--r- d:\documents and settings\Gast.COMPUTER\Onlangs geopend 2011-01-01 16:02 . 2011-01-01 16:02 -------- d-----w- d:\documents and settings\user\Application Data\dvdcss 2010-12-27 17:26 . 2010-12-27 17:26 -------- d-----w- d:\documents and settings\All Users\Application Data\Ashampoo 2010-12-23 22:54 . 2010-12-23 22:54 -------- d-----w- d:\program files\Microsoft Silverlight 2010-12-23 18:48 . 2010-12-23 18:48 -------- d-----w- D:\Programmabestanden 2010-12-17 22:43 . 2010-12-17 22:43 -------- d-----w- d:\documents and settings\user\Local Settings\Application Data\Microsoft_Corporation 2010-12-17 22:34 . 2010-12-17 22:34 -------- d-----w- d:\windows\system32\winrm 2010-12-17 22:07 . 2010-12-17 22:07 -------- d-----w- d:\documents and settings\user\Application Data\BSD 2010-12-17 22:07 . 2010-12-17 22:07 -------- d-----w- d:\documents and settings\All Users\Application Data\BSD 2010-12-17 22:07 . 2010-12-08 23:42 2226176 ----a-w- d:\windows\bsdsetup.dll 2010-12-13 22:10 . 2010-12-16 15:32 -------- d-----w- d:\program files\Windows Live Safety Center . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-01 18:15 . 2010-09-05 11:55 16968 ----a-w- d:\windows\system32\drivers\hitmanpro35.sys 2010-12-24 18:36 . 2009-03-16 20:31 73728 ----a-w- d:\windows\ALCFDRTM.VER 2010-11-29 20:11 . 2010-02-19 20:32 189480 ----a-w- d:\windows\system32\PnkBstrB.xtr 2010-11-29 20:03 . 2009-03-11 13:35 137544 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys 2010-11-29 20:03 . 2009-03-11 13:34 189480 ----a-w- d:\windows\system32\PnkBstrB.exe 2010-11-29 19:37 . 2010-11-29 19:36 138056 ----a-w- d:\documents and settings\user\Application Data\PnkBstrK.sys 2010-11-29 19:36 . 2009-03-11 13:34 75064 ----a-w- d:\windows\system32\PnkBstrA.exe 2010-11-29 17:36 . 2010-11-29 19:35 3360624 ----a-w- d:\windows\system32\pbsvc.exe 2010-11-21 17:08 . 2010-11-21 17:08 1409 ----a-w- d:\windows\system32\tmpFC3F2.FOT 2010-11-21 17:08 . 2010-11-21 17:08 1409 ----a-w- d:\windows\system32\tmp705F2.FOT 2010-11-21 17:08 . 2010-11-21 17:08 1409 ----a-w- d:\windows\system32\tmp2D5F2.FOT 2010-11-18 18:15 . 2009-03-08 14:20 86016 ----a-w- d:\windows\system32\isign32.dll 2010-11-10 04:33 . 2010-11-14 16:28 6273872 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2010-11-06 00:23 . 2008-05-05 20:32 916480 ----a-w- d:\windows\system32\wininet.dll 2010-11-06 00:23 . 2008-05-05 20:32 43520 ----a-w- d:\windows\system32\licmgr10.dll 2010-11-06 00:23 . 2008-05-05 20:32 1469440 ------w- d:\windows\system32\inetcpl.cpl 2010-11-05 15:54 . 2009-03-10 21:07 499712 ----a-w- d:\windows\system32\msvcp71.dll 2010-11-05 15:54 . 2009-03-10 21:07 348160 ----a-w- d:\windows\system32\msvcr71.dll 2010-11-03 12:27 . 2008-05-05 20:32 385024 ----a-w- d:\windows\system32\html.iec 2010-11-02 15:17 . 2008-04-13 22:27 40960 ----a-w- d:\windows\system32\drivers\ndproxy.sys 2010-10-30 15:46 . 2010-10-29 20:59 536666 ----a-w- d:\documents and settings\All Users\Application Data\bdinstall.bin 2010-10-28 13:09 . 2008-04-14 20:30 290048 ----a-w- d:\windows\system32\atmfd.dll 2010-10-26 14:00 . 2008-04-14 20:05 1853440 ----a-w- d:\windows\system32\win32k.sys 2010-10-19 09:41 . 2009-10-02 16:01 222080 ------w- d:\windows\system32\MpSigStub.exe 2010-10-15 18:06 . 2010-05-06 16:30 165232 -c-ha-w- d:\documents and settings\user\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll . ------- Sigcheck ------- [-] 2008-05-05 . 497BEF5C5FAD126CA16437C1682F64EA . 1571840 . . [5.1.2600.5512] . . d:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="d:\program files\Pando Networks\Media Booster\PMB.exe" [2010-10-26 2937528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-04-06 90112] "AlcWzrd"="ALCWZRD.EXE" [2005-04-06 2805248] "type32"="d:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032] "IntelliPoint"="d:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800] "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "avast5"="d:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912] "NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2007-08-28 8466432] "nwiz"="nwiz.exe" [2007-08-28 1626112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:1758a091a618\0d:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0d:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2006-11-03 18:20 866584 ----a-w- d:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "s7oiehsx"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "d:\\Program Files\\Messenger\\msmsgs.exe"= "d:\\Program Files\\Java\\jre6\\bin\\java.exe"= "d:\\WINDOWS\\system32\\dpvsetup.exe"= "d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "d:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "d:\\Program Files\\EPLAN\\Education\\1.9.10\\BIN\\W3u.exe"= "d:\\WINDOWS\\system32\\PnkBstrA.exe"= "d:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Program Files\\Steam\\Steam.exe"= "d:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "d:\\Program Files\\Steam\\steamapps\\soufyenne_elb\\counter-strike\\hl.exe"= "d:\\Program Files\\Steam\\steamapps\\soufyenne_elb\\condition zero\\hl.exe"= "d:\\Program Files\\Steam\\steamapps\\youssefel\\condition zero\\hl.exe"= "d:\\Program Files\\Steam\\steamapps\\youssefel\\counter-strike\\hl.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "59113:TCP"= 59113:TCP:Pando Media Booster "59113:UDP"= 59113:UDP:Pando Media Booster "23849:TCP"= 23849:TCP:@xpsp2res.dll,-22009 "50578:TCP"= 50578:TCP:@xpsp2res.dll,-22009 "57874:TCP"= 57874:TCP:Pando Media Booster "57874:UDP"= 57874:UDP:Pando Media Booster "5985:TCP"= 5985:TCP:Windows Remote Management "1053:TCP"= 1053:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [14-11-2010 0:04 165584] R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [14-11-2010 0:04 17744] R2 WinDefend;Windows Defender;d:\program files\Windows Defender\MsMpEng.exe [3-11-2006 19:19 13592] R3 ndisrd;WinpkFilter Service;d:\windows\system32\drivers\ndisrd.sys [18-7-2010 21:19 20480] S0 qlnlijy;qlnlijy; [x] S2 gupdate;Google Updateservice (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [12-5-2010 15:38 136176] S2 oiwqmhqq;Microsoft USB Universal Host Controller Miniport Monitor;d:\windows\System32\svchost.exe -k netsvcs [14-4-2008 21:33 14336] S3 AVFSFilter;AVFSFilter;d:\windows\system32\DRIVERS\avfsfilter.sys --> d:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 FsUsbExDisk;FsUsbExDisk;d:\windows\system32\FsUsbExDisk.Sys [24-4-2010 19:12 36608] S3 WinRM;Windows Remote Management (WS-Management);d:\windows\system32\svchost.exe -k WINRM [14-4-2008 21:33 14336] S4 s7oiehsx;SIMATIC IEPG Help Service;c:\program files\common files\Siemens\S7IEPG\s7oiehsx.exe [7-7-2004 12:17 200769] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper WINRM REG_MULTI_SZ WINRM HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs oiwqmhqq . Inhoud van de 'Gedeelde Taken' map 2011-01-06 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job - d:\program files\Google\Update\GoogleUpdate.exe [2010-05-12 14:38] 2011-01-06 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job - d:\program files\Google\Update\GoogleUpdate.exe [2010-05-12 14:38] 2011-01-06 d:\windows\Tasks\MP Scheduled Scan.job - d:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Google Sidewiki... - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxp://secure.gopetslive.com/dev/GoPetsWeb.cab . - - - - ORPHANS VERWIJDERD - - - - Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-NPSStartup - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-06 19:05 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-606747145-1580436667-1606980848-1004\Software\SecuROM\License information*] "datasecu"=hex:86,f2,6b,b0,5a,6e,be,3d,52,dd,c1,0f,d6,38,3c,a9,1c,74,20,04,8c, 3c,62,78,fe,3d,9a,61,1a,8c,36,7f,0e,56,b2,48,c8,48,f2,35,80,7f,54,00,0f,de,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Voltooingstijd: 2011-01-06 19:09:24 ComboFix-quarantined-files.txt 2011-01-06 18:09 Pre-Run: 153.689.346.048 bytes beschikbaar Post-Run: 153.739.325.440 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 13B9A62A6931201C204260E0B93071C7 mag ik combofix nu verwijderen ?
  6. mijn pc is al een stukje sneller.Maar eigelijk nog steeds een beetje te traag. het is wel beter als voor heen maar heeft niet echt zijn oude snelheid terug. ik denk dat diet zeker ook nie mogelijk is tot ik pc laat formateren? toch bedankt vr u tijd
  7. moet ik deze echt verwijderen ? is dit niet een belangerijk procces ? O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE dit is het nieuwe logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:04:59, on 4-1-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Windows Defender\MsMpEng.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Alwil Software\Avast5\AvastSvc.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\SOUNDMAN.EXE D:\WINDOWS\ALCWZRD.EXE D:\WINDOWS\ALCMTR.EXE D:\Program Files\Microsoft IntelliType Pro\type32.exe D:\Program Files\Microsoft IntelliPoint\point32.exe D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\Alwil Software\Avast5\avastUI.exe D:\Program Files\Windows Defender\MSASCui.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Pando Networks\Media Booster\PMB.exe D:\WINDOWS\system32\rundll32.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\cisvc.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\PnkBstrA.exe D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: AL2Spy Class - {DC200356-0864-4F66-8964-5D43A19300F5} - D:\WINDOWS\AUTOLO~1\AL2DLL.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [type32] "D:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "D:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - http://secure.gopetslive.com/dev/GoPetsWeb.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - D:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe -- End of file - 8489 bytes dit is het logje van malwarebyte Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 5470 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4-1-2011 15:58:45 mbam-log-2011-01-04 (15-58-45).txt Scantype: Snelle scan Objecten gescand: 154286 Verstreken tijd: 7 minuut/minuten, 29 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 4 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 3 Bestanden geïnfecteerd: 4 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: d:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: d:\documents and settings\user\application data\chkntfs.dat (Malware.Trace) -> Quarantined and deleted successfully. d:\program files\funwebproducts\Installr\1.bin\F3EZSETP.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\funwebproducts\Installr\1.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\funwebproducts\Installr\1.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
  8. dit is het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:32:30, on 3-1-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Windows Defender\MsMpEng.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Alwil Software\Avast5\AvastSvc.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\SOUNDMAN.EXE D:\WINDOWS\ALCWZRD.EXE D:\WINDOWS\ALCMTR.EXE D:\Program Files\Microsoft IntelliType Pro\type32.exe D:\Program Files\Microsoft IntelliPoint\point32.exe D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\Alwil Software\Avast5\avastUI.exe D:\Program Files\Windows Defender\MSASCui.exe D:\WINDOWS\system32\ctfmon.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\cisvc.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\PnkBstrA.exe D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\cidaemon.exe D:\Program Files\Windows Live\Messenger\msnmsgr.exe D:\Program Files\Windows Live\Contacts\wlcomm.exe D:\Program Files\Steam\steam.exe D:\WINDOWS\system32\msiexec.exe D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {3DE17B15-0AFF-4397-B581-28B674706F3B} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: eSnipBHO - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - (no file) O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: AL2Spy Class - {DC200356-0864-4F66-8964-5D43A19300F5} - D:\WINDOWS\AUTOLO~1\AL2DLL.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [type32] "D:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "D:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - http://secure.gopetslive.com/dev/GoPetsWeb.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - D:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe -- End of file - 9038 bytes alvast bedankt
  9. mijn pc is erg traag en loopt vaak ook vast en weet niet waarop heb met avast laten scannen die die vindt niets heb ook ccleaner gebruikt op register schoon te maken en onodige bestanden te verwijderen maar pc blijft traag ik heb van allerlij pc slow fighters programmas geprobeerd end anti spywhare programmas maar geen een bied resultaat. en heb ook een andere vraag maar is nie egt belangerijk maar wanneer ik mijn pc opstart start hij eerst in sand by modus (of zo iets) pas wanneer een knop op de toetsenbord ingedrukt houd start hij pas op en dit is zo pas wanneer ik mij een nieuwe draadloze muis en toetsenbord kocht en heb geinstalleert heeft dit hiermee iets te maken. ik heb er over gedacht gwn naar iemand te brengen die er iets van weet en te laten formateren maar een vriend heeft mij eerst dit aangeraden
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.