Ga naar inhoud

Cemmo

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    35

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Cemmo

  1. Cemmo
    Helaas, maar als ik een spel open loopt m'n pc nog steeds goed vast. De Ingame latency liep op tot 13000 of hoger. Tot nu toe bij alle andere maak ik geen problemen mee.
  2. Cemmo
    Net nog hapering gehad tijdens het afspelen van muziek. Ik start nu een aantal programmas om te zien hoe het gaat.
  3. Cemmo
    ComboFix 11-11-13.02 - Cem 13-11-2011 20:22:49.2.2 - x86 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.31.1033.18.3071.2258 [GMT 1:00] Gestart vanuit: c:\users\Cem\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Cem\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Application Updater c:\program files\Application Updater\ApplicationUpdater.exe c:\program files\Application Updater\config.ini c:\program files\Common Files\Spigot c:\program files\Common Files\Spigot\Search Settings\baidu_ff.xml c:\program files\Common Files\Spigot\Search Settings\baidu_ie.xml c:\program files\Common Files\Spigot\Search Settings\config.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1031.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1033.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1034.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1036.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1040.ini c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml c:\program files\Common Files\Spigot\Search Settings\yandex_ff.xml c:\program files\Common Files\Spigot\Search Settings\yandex_ie.xml . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MPKSLC42FDFF1 -------\Legacy_MPKSLD00C0A56 -------\Service_Application Updater -------\Service_MpKslc42fdff1 -------\Service_MpKsld00c0a56 . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-13 to 2011-11-13 )))))))))))))))))))))))))))))) . . 2011-11-13 19:30 . 2011-11-13 19:32 -------- d-----w- c:\users\Cem\AppData\Local\temp 2011-11-13 19:30 . 2011-11-13 19:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-11-13 19:30 . 2011-11-13 19:30 -------- d-----w- c:\users\UpdatusUser.Cem-PC\AppData\Local\temp 2011-11-13 19:30 . 2011-11-13 19:30 -------- d-----w- c:\users\Guest\AppData\Local\temp 2011-11-13 19:30 . 2011-11-13 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-13 14:26 . 2011-10-18 00:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC8ADE44-F583-40E2-BB13-42F477925D21}\mpengine.dll 2011-11-13 14:12 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys 2011-11-13 14:12 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-11-13 14:12 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax 2011-11-13 14:12 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-11-13 14:12 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll 2011-11-13 14:12 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-13 14:12 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-04 22:54 . 2011-11-04 22:54 -------- d-----w- c:\program files\YouTube Downloader Toolbar 2011-10-26 08:37 . 2011-10-26 08:37 -------- d-----w- c:\windows\Sun . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-12 08:49 . 2011-08-25 18:25 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-03 03:06 . 2011-09-10 08:56 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-09-06 20:45 . 2011-04-15 16:09 41184 ----a-w- c:\windows\avastSS.scr 2011-09-06 20:45 . 2011-04-15 16:09 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-09-06 20:38 . 2011-04-15 16:09 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-09-06 20:37 . 2011-04-15 16:09 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-09-06 20:36 . 2011-04-15 16:09 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-09-06 20:36 . 2011-04-15 16:09 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-09-06 20:36 . 2011-04-15 16:09 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-09-06 20:36 . 2011-04-15 16:09 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-08-31 16:00 . 2011-08-26 19:41 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-26 17:30 . 2011-08-26 17:30 388096 ----a-r- c:\users\Cem\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-08-25 21:39 . 2011-08-25 21:39 1112288 ----a-w- c:\windows\system32\WdfCoinstaller01007.dll 2011-08-25 21:39 . 2011-08-25 21:39 108606 ----a-w- c:\windows\system32\Vxdif.dll 2011-08-25 21:35 . 2011-08-25 21:35 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll 2011-08-25 21:35 . 2011-08-25 21:35 313960 ----a-w- c:\windows\system32\RtsUStor.dll 2011-08-25 21:35 . 2011-08-25 21:35 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2011-08-25 21:33 . 2011-08-25 21:33 94208 ----a-w- c:\windows\system32\RTNUninst32.dll 2011-08-25 21:33 . 2011-08-25 21:33 80416 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-08-25 21:33 . 2011-08-25 21:33 267880 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2011-08-25 21:24 . 2011-08-25 21:24 914024 ----a-w- c:\windows\system32\nvdispco32.dll 2011-08-25 21:24 . 2011-08-25 21:24 875112 ----a-w- c:\windows\system32\nvgenco32.dll 2011-08-24 16:26 . 2011-08-24 16:27 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2010-01-26 21:11 . 2011-04-02 15:08 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] "DriverScanner"="c:\program files\Uniblue\DriverScanner\launcher.exe" [2011-05-16 338296] "SpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\launcher.exe" [2011-05-23 67960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Manager.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk backup=c:\windows\pss\Desktop Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate] 2010-10-27 13:07 648536 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe] 2011-02-18 09:47 79192 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2011-08-24 16:52 1242448 ----a-w- c:\program files\Steam\steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UniblueRegistryBooster] 2011-08-18 09:48 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-07 1343400] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-06-01 436792] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616] S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496] S3 netr28;Sweex Wireless PCI Card Driver for Windows 7;c:\windows\system32\DRIVERS\netr28.sys [2009-06-19 604672] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-08-25 197224] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-08-25 267880] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-13 c:\windows\Tasks\DriverScanner.job - c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-08-25 09:22] . 2011-11-13 c:\windows\Tasks\Final Media Player Update Checker.job - c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-03-07 15:50] . 2011-11-13 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-08-25 09:48] . 2011-11-13 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-08-25 15:27] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.facebook.com/ TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3728110326-622333421-3053859923-1000\Software\SecuROM\License information*] @Allowed: (Read) (RestrictedCode) "datasecu"=hex:01,7e,98,6b,f5,84,c3,b5,c8,a7,10,ac,b5,46,01,d5,ad,0e,df,9a,45, ef,a9,43,e0,b1,0e,1f,2e,ae,a7,e0,82,b7,65,53,dd,36,9b,79,5f,7f,01,cc,e5,82,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\taskhost.exe c:\windows\system32\PnkBstrA.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conhost.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Voltooingstijd: 2011-11-13 20:39:58 - machine werd herstart ComboFix-quarantined-files.txt 2011-11-13 19:39 ComboFix2.txt 2011-11-13 15:49 . Pre-Run: 89.112.174.592 bytes free Post-Run: 89.226.002.432 bytes free . - - End Of File - - 67C975CFF711E787A456B7E6467306D2 ---------- Post toegevoegd om 20:41 ---------- Vorige post was om 20:41 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:41:47, on 13-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe C:\Windows\Explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welkom bij Facebook - Meld je aan, registreer je of ontdek meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 O4 - HKCU\..\Run: [speedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 O4 - HKUS\S-1-5-21-3728110326-622333421-3053859923-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3728110326-622333421-3053859923-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 5652 bytes
  4. Cemmo
    Zo sorry voor de late reactie maar het ging nog tot vandaag. Vandaag werkte mijn internet browser niet meer en mijn internet verbinding viel voor een lange tijd weg om onbekende reden. Ik heb alle punten zorgvuldig gevolgd en hier is het logbestand. ComboFix 11-11-13.01 - Cem 13-11-2011 16:41:50.1.2 - x86 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.31.1033.18.3071.2226 [GMT 1:00] Gestart vanuit: c:\users\Cem\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\programdata\Amazon.ico c:\programdata\Bc c:\programdata\Bc\0 c:\programdata\MercadoLivre.ico c:\programdata\Poker.ico c:\programdata\QuickStores.ico . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-13 to 2011-11-13 )))))))))))))))))))))))))))))) . . 2011-11-13 15:47 . 2011-11-13 15:48 -------- d-----w- c:\users\Cem\AppData\Local\temp 2011-11-13 15:47 . 2011-11-13 15:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-11-13 15:47 . 2011-11-13 15:47 -------- d-----w- c:\users\UpdatusUser.Cem-PC\AppData\Local\temp 2011-11-13 15:47 . 2011-11-13 15:47 -------- d-----w- c:\users\Guest\AppData\Local\temp 2011-11-13 15:47 . 2011-11-13 15:47 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-13 15:18 . 2011-11-13 15:18 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC8ADE44-F583-40E2-BB13-42F477925D21}\offreg.dll 2011-11-13 14:26 . 2011-10-18 00:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC8ADE44-F583-40E2-BB13-42F477925D21}\mpengine.dll 2011-11-13 14:12 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys 2011-11-13 14:12 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-11-13 14:12 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax 2011-11-13 14:12 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-11-13 14:12 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll 2011-11-13 14:12 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-13 14:12 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-04 22:54 . 2011-11-04 22:54 -------- d-----w- c:\program files\Application Updater 2011-11-04 22:54 . 2011-11-04 22:54 -------- d-----w- c:\program files\YouTube Downloader Toolbar 2011-11-04 22:54 . 2011-11-04 22:54 -------- d-----w- c:\program files\Common Files\Spigot 2011-10-26 08:37 . 2011-10-26 08:37 -------- d-----w- c:\windows\Sun . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-12 08:49 . 2011-08-25 18:25 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-03 03:06 . 2011-09-10 08:56 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-09-06 20:45 . 2011-04-15 16:09 41184 ----a-w- c:\windows\avastSS.scr 2011-09-06 20:45 . 2011-04-15 16:09 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-09-06 20:38 . 2011-04-15 16:09 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-09-06 20:37 . 2011-04-15 16:09 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-09-06 20:36 . 2011-04-15 16:09 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-09-06 20:36 . 2011-04-15 16:09 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-09-06 20:36 . 2011-04-15 16:09 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-09-06 20:36 . 2011-04-15 16:09 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-08-31 16:00 . 2011-08-26 19:41 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-26 17:30 . 2011-08-26 17:30 388096 ----a-r- c:\users\Cem\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-08-25 21:39 . 2011-08-25 21:39 1112288 ----a-w- c:\windows\system32\WdfCoinstaller01007.dll 2011-08-25 21:39 . 2011-08-25 21:39 108606 ----a-w- c:\windows\system32\Vxdif.dll 2011-08-25 21:35 . 2011-08-25 21:35 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll 2011-08-25 21:35 . 2011-08-25 21:35 313960 ----a-w- c:\windows\system32\RtsUStor.dll 2011-08-25 21:35 . 2011-08-25 21:35 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2011-08-25 21:33 . 2011-08-25 21:33 94208 ----a-w- c:\windows\system32\RTNUninst32.dll 2011-08-25 21:33 . 2011-08-25 21:33 80416 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-08-25 21:33 . 2011-08-25 21:33 267880 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2011-08-25 21:24 . 2011-08-25 21:24 914024 ----a-w- c:\windows\system32\nvdispco32.dll 2011-08-25 21:24 . 2011-08-25 21:24 875112 ----a-w- c:\windows\system32\nvgenco32.dll 2011-08-24 16:26 . 2011-08-24 16:27 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2010-01-26 21:11 . 2011-04-02 15:08 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] "DriverScanner"="c:\program files\Uniblue\DriverScanner\launcher.exe" [2011-05-16 338296] "SpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\launcher.exe" [2011-05-23 67960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-09-27 894304] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Manager.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk backup=c:\windows\pss\Desktop Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate] 2010-10-27 13:07 648536 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe] 2011-02-18 09:47 79192 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2011-08-24 16:52 1242448 ----a-w- c:\program files\Steam\steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UniblueRegistryBooster] 2011-08-18 09:48 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe . R1 MpKslc42fdff1;MpKslc42fdff1; [x] R1 MpKsld00c0a56;MpKsld00c0a56; [x] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2011-09-27 745880] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-07 1343400] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-06-01 436792] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496] S3 netr28;Sweex Wireless PCI Card Driver for Windows 7;c:\windows\system32\DRIVERS\netr28.sys [2009-06-19 604672] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-08-25 197224] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-08-25 267880] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-13 c:\windows\Tasks\DriverScanner.job - c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-08-25 09:22] . 2011-11-13 c:\windows\Tasks\Final Media Player Update Checker.job - c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-03-07 15:50] . 2011-11-13 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-08-25 09:48] . 2011-11-13 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-08-25 15:27] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.facebook.com/ TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3728110326-622333421-3053859923-1000\Software\SecuROM\License information*] @Allowed: (Read) (RestrictedCode) "datasecu"=hex:01,7e,98,6b,f5,84,c3,b5,c8,a7,10,ac,b5,46,01,d5,ad,0e,df,9a,45, ef,a9,43,e0,b1,0e,1f,2e,ae,a7,e0,82,b7,65,53,dd,36,9b,79,5f,7f,01,cc,e5,82,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-11-13 16:49:33 ComboFix-quarantined-files.txt 2011-11-13 15:49 . Pre-Run: 89.596.657.664 bytes free Post-Run: 89.690.447.872 bytes free . - - End Of File - - F8BB99348B5ADFBDADD05DF7639EB2A8
  5. Cemmo
    Momenteel ervaar ik gelukkig geen problemen. Dit was de laatste keer ook tot ongeveer een maand later het weer begon. Ik vraag me af hoe ik zoiets kan voorkomen als iemand het weet?
  6. Cemmo
    Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8077 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 3-11-2011 18:46:05 mbam-log-2011-11-03 (18-46-05).txt Scan type: Quick scan Objects scanned: 218022 Time elapsed: 4 minute(s), 27 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ---------- Post toegevoegd om 18:49 ---------- Vorige post was om 18:48 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:47:34, on 3-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hyves R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 O4 - HKCU\..\Run: [speedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3728110326-622333421-3053859923-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3728110326-622333421-3053859923-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Ant Toolbar updater service (AntUpdaterService) - Ant.com - C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 7127 bytes ---------- Post toegevoegd om 18:57 ---------- Vorige post was om 18:49 ---------- Ik heb alles zorgvuldig stap voor stap gevolgd. Mogelijke probleme die ik tegenkwam: Na het opnieuw scannen gaf deze geen " " " = 301 moved permanently aan. Dus heb ik alle R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = aangevinkt behalve de preserve. Deze 2 komen iedere keer weer terug bij de scan na het aanvinken en fix checked: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  7. Cemmo
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:57:36, on 2-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = 301 Moved Permanently R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hyves R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 301 Moved Permanently R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 301 Moved Permanently R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Ant.com browser helper (video detector) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\download.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll O3 - Toolbar: Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\anttoolbar.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 O4 - HKCU\..\Run: [speedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\download.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{04D963FE-9E60-42F4-AC15-DE8FE412F6CC}: NameServer = 4.2.2.3,4.2.2.4 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Ant Toolbar updater service (AntUpdaterService) - Ant.com - C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 7652 bytes
  8. Cemmo
    Ik heb hier weer hetzelfde probleem als 3 maanden geleden opgelost bleek te zijn. Toen werd ik geholpen en bleek het opgelost te zijn tot een tijd geleden hetzelfde probleem weer is begonnen zich te laten zien.Nu is het zo erg geworden dat ik weer vraag om hulp.Ik vraag me af of iemand kan uitvinden of ik werkelijk een virus heb, wat ik denk dat het is.M'n pc hapert zodra ik bezig ben op het internet. Bij het starten van een online spel of bij het openen van het internet browser. Ook heb ik het gevoel dat het probleem zich voor wil doen zodra er gechat word bijvoorbeeld door MSN.Ik probeer zoveel mogelijk processen af te sluiten welke ik denk niet noodzakelijk zijn. Toch valt het me op dat sommige processen soms dubbel vertonen waardoor ik denk dat het een virus zou kunnen zijn. Dit gebeurt bij dllhost, crss, search processen en Iexplorer. Voor zover ik het weet.Ik ben benieuwd of er iemand is die me kan helpen.
  9. Cemmo
    Ik heb alle punten zorgvuldig gevolgd en hier is het resultaat. MBAM heeft 1 infectie gevonden en na het verwijderen werd er niet gevraagd om te herstarten dus heb ik het zelf nog eff gedaan. Het probleem lijkt opgelost te zijn dus ik heb hetzelfde spel waarbij het probleem het meest voordeed en het lijkt opgelost te zijn nu. mbam-log-2011-08-26 (21-57-28)(na herstart).txt mbam-log-2011-08-26 (21-49-19)(eerste scan).txt hijackthis.log
  10. Cemmo
    Ik heb dit probleem al erg lang en weet uiteindelijk niet meer waar ik moet zoeken dus ik post dit, misschien dat iemand me kan helpen. Bij het starten van hetzelfde spel wilt m'n pc flink gaan haperen. Voor de zekerheid speel ik muziek af zodat ik weet dat het begint te haperen. Maanden geleden had ik een svchost probleem door 100%pcu en heb uiteindelijk windows 7 opnieuw moeten installeren. Dat probleem was toen opgelost en kon ik zonder problemen alles doen. Deze keer heb ik geen 100%pcu tijdens het haperen. Ook verlies ik heel vaak mijn internet verbinding als dit probleem zich voordoet. hijackthis.log
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.