Ga naar inhoud

Dollydotteke

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    278

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Dollydotteke

  1. Dollydotteke
    ik heb dus dat kladblokbestandje de naam gegeven die je hebt gezegt maar als ik die er in wil slepen , zie je dat kleine balkje van combofix en dan staat dat bestandje terug op het startpagina en zie je dat combofix terug een herstelpunt maakt maar als hij dan wilt scannen loopt de hele pc vast ..... wat moet ik dan doen?
  2. Dollydotteke
    ik ga er direct mee beginnen , oei wat ik hier lees maakt me wel een beetje bang ... ik hoop niet dat hij op z'n einde loopt :-( ik krijg nu wel telkens de melding als ik internet open : internet explorer is momenteel niet de standaardbrwser . wilt u dit programma als u standaardbrowser instellen ?
  3. Dollydotteke
    Bij deze het logje : ComboFix 10-03-05.01 - tom 05/03/2010 22:51:40.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2047.1482 [GMT 1:00] Gestart vanuit: c:\documents and settings\tom\Bureaublad\ComboFix.exe AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((( Bestanden Gemaakt van 2010-02-05 to 2010-03-05 )))))))))))))))))))))))))))))) . 2010-03-05 21:28 . 2010-03-05 21:28 -------- d-----w- c:\documents and settings\tom\Application Data\Malwarebytes 2010-03-05 21:28 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-05 21:28 . 2010-03-05 21:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-03-05 21:28 . 2010-03-05 21:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-05 21:28 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-05 18:05 . 2008-04-13 18:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2010-03-05 17:08 . 2010-03-05 17:08 -------- d-----w- c:\program files\Trend Micro 2010-03-05 16:28 . 2010-03-05 16:28 -------- d-----w- c:\windows\system32\wbem\Repository 2010-03-03 23:20 . 2010-03-05 16:28 -------- d-----w- c:\program files\QuickTime 2010-03-03 23:19 . 2010-03-03 23:19 -------- d-----w- c:\program files\Common Files\Apple 2010-03-03 23:19 . 2010-03-05 16:28 -------- d-----w- c:\program files\Apple Software Update 2010-03-03 23:19 . 2010-03-03 23:19 -------- d-----w- c:\documents and settings\tom\Local Settings\Application Data\Apple Computer 2010-03-02 11:25 . 2010-03-02 11:25 -------- d-----w- C:\found.003 2010-03-01 00:59 . 2010-03-05 17:01 -------- d-----w- C:\FarmHelper 2010-02-27 10:47 . 2010-02-27 10:47 1955472 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2010-02-22 14:39 . 2010-03-03 01:16 190160 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-02-22 10:16 . 2010-02-22 10:16 -------- d-----w- C:\found.002 2010-02-21 14:55 . 2001-09-06 20:27 5632 ----a-w- c:\windows\system32\ptpusb.dll 2010-02-21 14:55 . 2008-04-14 17:02 159232 ----a-w- c:\windows\system32\ptpusd.dll 2010-02-21 14:55 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2010-02-21 14:55 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2010-02-21 13:46 . 1997-01-30 09:00 398416 ----a-w- c:\windows\Vbrun300.dll 2010-02-21 13:46 . 1993-04-28 00:00 72192 ----a-w- c:\windows\Gswdll.dll 2010-02-21 13:46 . 1998-01-23 11:20 305152 ----a-w- c:\windows\IsUn0413.exe 2010-02-21 13:46 . 2010-02-21 13:46 -------- d-----w- c:\documents and settings\tom\WINDOWS 2010-02-21 10:45 . 2010-02-21 10:45 -------- d-----w- C:\found.001 2010-02-12 11:10 . 2010-02-12 11:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-02-12 11:10 . 2010-02-12 11:14 -------- d-----w- c:\program files\Spybot - Search & Destroy . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-05 21:59 . 2010-01-21 10:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2010-03-03 01:17 . 2010-01-21 17:59 139456 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-02-28 11:53 . 2010-01-21 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-02-14 08:11 . 2010-02-14 08:08 -------- d-----w- c:\program files\MyDSC2 2010-02-14 08:08 . 2010-01-21 10:10 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-14 08:08 . 2010-02-14 08:08 -------- d-----w- c:\documents and settings\tom\Application Data\InstallShield 2010-02-08 19:12 . 2010-01-21 16:36 17576 ----a-w- c:\documents and settings\tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-31 18:58 . 2010-01-31 18:58 -------- d-----w- c:\program files\MSECache 2010-01-21 20:12 . 2010-01-21 20:12 1956072 ----a-w- c:\documents and settings\tom\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2010-01-21 17:59 . 2010-01-21 17:59 138056 ----a-w- c:\documents and settings\tom\Application Data\PnkBstrK.sys 2010-01-21 17:59 . 2010-01-21 17:59 138056 ----a-w- c:\documents and settings\tom\Application Data\PnkBstrK.sys 2010-01-21 17:59 . 2010-01-21 17:59 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-01-21 17:59 . 2010-01-21 17:59 2395944 ----a-w- c:\windows\system32\pbsvc_heroes.exe 2010-01-21 17:52 . 2010-01-21 17:52 -------- d-----w- c:\program files\EA Games 2010-01-21 17:02 . 2010-01-21 16:31 -------- d-----w- c:\program files\Windows Desktop Search 2010-01-21 17:01 . 2006-03-02 12:00 534260 ----a-w- c:\windows\system32\perfh013.dat 2010-01-21 17:01 . 2006-03-02 12:00 100408 ----a-w- c:\windows\system32\perfc013.dat 2010-01-21 16:58 . 2010-01-21 16:58 126 ----a-w- c:\documents and settings\tom\Local Settings\Application Data\fusioncache.dat 2010-01-21 16:49 . 2010-01-21 16:44 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-21 16:48 . 2010-01-21 16:48 -------- d-----w- c:\documents and settings\tom\Application Data\Windows Search 2010-01-21 16:44 . 2010-01-21 16:41 -------- d-----w- c:\program files\Windows Live 2010-01-21 16:44 . 2010-01-21 16:44 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-01-21 16:43 . 2010-01-21 16:43 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-01-21 16:42 . 2010-01-21 16:42 -------- d-----w- c:\program files\Microsoft 2010-01-21 16:42 . 2010-01-21 16:42 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-01-21 16:36 . 2010-01-21 16:36 -------- d-----w- c:\program files\Common Files\Windows Live 2010-01-21 16:33 . 2010-01-21 16:33 -------- d-----w- c:\program files\MSBuild 2010-01-21 16:33 . 2010-01-21 16:33 -------- d-----w- c:\program files\Reference Assemblies 2010-01-21 16:31 . 2010-01-21 16:31 -------- d-----w- c:\documents and settings\tom\Application Data\Windows Desktop Search 2010-01-21 16:29 . 2010-01-21 16:29 -------- d-----w- c:\program files\Windows Media Connect 2 2010-01-21 10:45 . 2010-01-21 10:02 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-01-21 10:21 . 2010-01-21 10:21 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2010-01-21 10:21 . 2010-01-21 10:21 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2010-01-21 10:21 . 2010-01-21 10:21 -------- d-----w- c:\program files\Kaspersky Lab 2010-01-21 10:20 . 2010-01-21 10:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2010-01-21 10:10 . 2010-01-21 10:10 -------- d-----w- c:\program files\Realtek 2010-01-21 10:09 . 2010-01-21 10:09 -------- d-----w- c:\program files\DIFX 2010-01-21 10:09 . 2010-01-21 10:09 -------- d-----w- c:\program files\Common Files\InstallShield 2010-01-21 10:03 . 2010-01-21 10:03 -------- d-----w- c:\program files\microsoft frontpage 2010-01-21 10:00 . 2010-01-21 10:00 21748 ----a-w- c:\windows\system32\emptyregdb.dat 2009-12-31 16:50 . 2006-03-02 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:10 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-17 07:42 . 2010-01-21 09:59 345600 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:10 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-09 10:11 . 2006-03-02 12:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-09 10:11 . 2004-08-04 00:58 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe . ------- Sigcheck ------- [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [7] 2006-03-02 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll c:\windows\System32\termsrv.dll ... is niet aanwezig !! . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736] "nwiz"="nwiz.exe" [2009-03-27 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14/10/2009 20:18 36880] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/01/2010 17:44 54752] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 13:42 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2/10/2009 18:39 19472] S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 22:48 704864] . Inhoud van de 'Gedeelde Taken' map 2010-03-05 c:\windows\Tasks\User_Feed_Synchronization-{DAEDF8C6-1D61-4A1D-AC10-833695BBCBE6}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.com/ IE: Toevoegen aan Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-03-05 22:59 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3804) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\RTHDCPL.EXE c:\windows\system32\RUNDLL32.EXE . ************************************************************************** . Voltooingstijd: 2010-03-05 23:01:47 - machine werd herstart ComboFix-quarantined-files.txt 2010-03-05 22:01 Pre-Run: 69.016.862.720 bytes beschikbaar Post-Run: 69.174.972.416 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - 9175BB4AC6EF178AF511B4E9AD36CCA7
  4. Dollydotteke
    ik hoop dat ik het juist heb gedaan : Malwarebytes' Anti-Malware 1.44 Database versie: 3827 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 5/03/2010 22:42:26 mbam-log-2010-03-05 (22-42-26).txt Scan type: Snelle Scan Objecten gescand: 127514 Verstreken tijd: 9 minute(s), 18 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden)
  5. Dollydotteke
    alvast al bedankt ;-)
  6. Dollydotteke
    ik zal het direct doen ---------- Post toegevoegd om 19:33 ---------- Vorige post was om 19:31 ---------- even opnieuw opstarten ... ---------- Post toegevoegd om 19:37 ---------- Vorige post was om 19:33 ---------- ik heb heropgestart maar er is niets veranderd :-(
  7. Dollydotteke
    hartelijk bedankt
  8. Dollydotteke
    ik heb hem op twee dagen terug gezet ....maar dit heeft het niet verholpen , ook via start en uitvoeren wilt hij het niet openen... ik heb ook even al hijack this een logje laten maken maar hier snap ik verder niets van Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:08:59, on 5/03/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: URL Adviseur - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264069438078 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264069503625 O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 6696 bytes ---------- Post toegevoegd om 18:14 ---------- Vorige post was om 18:11 ---------- via update's van windows is explorer 8 erop gekomen ...
  9. Dollydotteke
    ik weet niet goed wat er gebeurd is maar als ik bij internet boven op extra klik en dan op interneoptie's wilt hij deze niet openen , je ziet wel op een fraktie van een sec een flits maar verder gebeurd er niets , ook via configuratiescherm wilt hij deze niet openen... wie kan me hierbij helpen ?
  10. Dollydotteke
    zal ik doen
  11. Dollydotteke
    dank u wel
  12. Dollydotteke
    wie weet eigenlijk iets in mijn buurt waar wij onze pc's zouden kunnen late maken tegen een aannemelijke prijs?
  13. Dollydotteke
    nee , de hardware word gewoon niet herkend en hoe kan ik zien welke bios dat is?
  14. Dollydotteke
    ik denk het niet , ik ken van den bios heel weinig het is gewoon heel plots gegaan
  15. Dollydotteke
    gisteren was ik op mijn computer bezig zonder enig probleem , dus wou ik gisteren het spel spelen dat ik alle dagen speel en liep mijn hele pc vast ik kon helemaal niets meer doen dus duw ik op dat kleine knopje om herop te starten maar mijn pc wou niet meer opstarten zonder de cd van xp . zelf heb ik toens in de bios geprobeerd om dit terug te veranderen maar dan nog wou die het niet doen. op den duur werd ik het zo beu en dacht ja dan gaat alles er maar af en herinstalleer ik xp want repareren wou die ook al niet doen. nu gaf xp aan dat die niet kan insteleren omdat ie geen vaste schijf vind.... betekend dit nu dat mijn harde schijf ofzo kapot is?? of weet iemand wat ik kan doen? alvast al bedankt voor de hulp die ik hier ga krijgen
  16. Dollydotteke
    jij bent in ieder geval al hartelijk bedankt voor de hulp ik heb eigenlijk geen flauw idee wat er allemaal gebeurd is maar ben blij dat het is opgelost , van zodra het nog eens gebeurd hoor je me hier wel zou je alleen nog even vlug kunnen uitleggen wat er nu eigenlijk verkeerd was aan de pc? of wat er gebeurd is? mvg
  17. Dollydotteke
    ik heb de computer zo nog eens laten heropstarten zonder de veilige modus , en deze keer is hij goed opgestart , het is alleen zo dat als hij aan het laden je precies de pagina van veilige modus er tussen ziet komen maar nu heb ik er eens goed opgelet omdat het zo snel gaat en blijkbaar staan er 2 keuzes , de bovenste kon ik niet lezen maar de onderste die dus aangeduid staat is microsoft xp home edition is dit normaal dat je deze pagina een tweetal seconden ertussen ziet staan? het is nu wel zo het komt er maar even op en dan verdwijnt en start ie deze keer gewoon op
  18. Dollydotteke
    we hebben problemen gehad tijdens het opstarten , weer dat vast lopen voorlopig nu hij aanstaat blijft ie zonder problemen aanstaan
  19. Dollydotteke
    ik heb het gedaan en dat heeft nagekeken maar als het klaar was is het weggegaan zonder iets ....
  20. Dollydotteke
    die kameraad van ons heeft naar zijn zeggen onze windows cd nagezien en die zal volgens hem ook al niet in orde zijn aangezien wij dat kasticketje ook niet meer hebben kunnen we met die cd ook al niet terug ik weet nu niet hoe we dat zelfs eens kunnen nachecken ik wil het wel eens proberen maar aangezien wat men ons vertelde weet ik niet of het zal gaan
  21. Dollydotteke
    no problems were found , heb gescand met bitdefender.... aan wat zou het dan kunnen liggen?
  22. Dollydotteke
    uiteindelijk is heel de computer weer vastgelopen... nu ben ik ten einde raad ---------- Post added at 17:45 ---------- Previous post was at 17:37 ---------- na heropstarten na vast te lopen krijgen we weer het blauw scherm dat die de schijf nakijkt, en staat bij dat die veel zwevende bestanden heeft hersteld , allee is ie nu aan het doen en tijdens de opstart krijg je een tweetal seconden het scherm waarin je kan kiezen of je veilige modus wilt maar gaat er dan gewoon over en start normaal op , en nu kwam de melding dat ie het register heeft hersteld, ik dicteer : het systeem heeft een van de bestanden met registergegevens van het systeem moeten herstellen door middel van een logboek of een vervangende kopie. het herstellen is gelukt
  23. Dollydotteke
    voorlopig heeft hij tijdens het heropstarten nog niet dat blauw scherm weergegeven en is ook niet meer blijven vasthangen je bent in ieder geval al bednakt voor je hulp daar ik niets van die logjes snap , zou je me even kunnen uitleggen wat er eigenlijk gebeurd is ---------- Post added at 16:54 ---------- Previous post was at 16:53 ---------- ik ga ook nog eens even proberen om de pc te laten scannen , even kijken of ie nu wel scant ---------- Post added at 17:06 ---------- Previous post was at 16:54 ---------- nu blijft hij bij de scan hangen op 24 procent en loopt niet meer verder
  24. Dollydotteke
    ik heb het gedaan en dit is het logje ComboFix 09-06-24.05 - Doelly 25/06/2009 18:25.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2047.1592 [GMT 2:00] Gestart vanuit: c:\documents and settings\Doelly\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Doelly\Bureaublad\CFScript.txt..txt AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: ActiveArmor Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FILE :: "c:\windows\system32\drivers\klick.dat" "c:\windows\system32\drivers\klin.dat" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\klick.dat c:\windows\system32\drivers\klin.dat . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))) . 2009-06-25 12:07 . 2009-06-25 12:07 -------- dc----w- c:\windows\system32\dllcache\cache 2009-06-24 16:33 . 2009-06-24 16:33 -------- d-----w- c:\documents and settings\Doelly\Application Data\Malwarebytes 2009-06-24 16:32 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-24 16:32 . 2009-06-24 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-06-24 16:32 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-24 16:32 . 2009-06-24 16:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-24 13:44 . 2009-06-24 13:44 -------- d-----w- c:\program files\Trend Micro 2009-06-20 14:04 . 2009-06-20 14:04 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\PunkBuster 2009-06-20 13:52 . 2009-06-22 21:33 -------- d-----w- c:\documents and settings\Doelly\Contacts 2009-06-20 13:51 . 2009-06-20 13:51 -------- dc----w- c:\windows\system32\DRVSTORE 2009-06-20 13:50 . 2009-06-20 13:51 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller 2009-06-20 13:50 . 2009-06-20 13:52 -------- d-----w- c:\program files\Windows Live 2009-06-20 13:50 . 2009-06-20 13:50 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller 2009-06-20 13:47 . 2009-06-20 13:47 -------- d-----w- c:\program files\MessengerPlus! 3 2009-06-20 13:44 . 2009-06-20 13:44 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-06-19 21:11 . 2009-06-19 21:11 -------- d-----w- c:\program files\Common Files\SWF Studio 2009-06-19 20:57 . 2009-06-19 20:57 -------- d--h--r- c:\documents and settings\Doelly\Application Data\SecuROM 2009-06-19 20:57 . 2009-06-19 20:57 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-06-19 20:56 . 2009-06-19 20:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts 2009-06-19 20:55 . 2009-06-19 20:55 -------- d-----w- c:\program files\Electronic Arts 2009-06-19 20:55 . 2009-06-19 20:55 -------- d-----w- C:\ProgramData 2009-06-19 20:55 . 2009-06-19 20:55 1522 ----a-w- c:\windows\system32\ealregsnapshot1.reg 2009-06-19 20:54 . 2009-06-19 20:54 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\Downloaded Installations 2009-06-19 20:32 . 2009-06-23 16:22 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-06-19 20:32 . 2009-06-19 20:32 139152 ----a-w- c:\documents and settings\Doelly\Application Data\PnkBstrK.sys 2009-06-19 20:31 . 2009-06-23 16:21 189640 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-06-19 20:31 . 2009-06-19 20:31 794408 ----a-w- c:\windows\system32\pbsvc.exe 2009-06-19 20:31 . 2009-06-19 20:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-06-19 20:23 . 2009-06-19 20:45 -------- d-----w- c:\program files\EA Games 2009-06-19 19:55 . 2009-06-19 19:57 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-06-19 19:55 . 2009-06-19 19:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-19 19:51 . 2009-06-19 19:51 -------- d-----w- c:\program files\OpenOffice.org 3 2009-06-19 19:30 . 2008-04-14 17:02 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2009-06-19 19:27 . 2009-06-19 19:27 -------- d-----w- c:\program files\MSECache 2009-06-19 19:19 . 2009-06-19 19:19 129 ----a-w- c:\documents and settings\Doelly\Local Settings\Application Data\fusioncache.dat 2009-06-19 19:19 . 2009-06-19 19:19 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\ApplicationHistory 2009-06-19 19:14 . 2009-06-19 19:14 -------- d-sh--w- c:\documents and settings\Doelly\IECompatCache 2009-06-19 19:14 . 2009-06-19 19:14 -------- d-sh--w- c:\documents and settings\Doelly\PrivacIE 2009-06-19 19:09 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll 2009-06-19 19:08 . 2009-06-19 19:08 -------- d-sh--w- c:\documents and settings\Doelly\IETldCache 2009-06-19 19:08 . 2009-06-19 19:08 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-06-19 19:05 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2009-06-19 19:02 . 2009-06-19 19:05 -------- d-----w- c:\windows\system32\XPSViewer 2009-06-19 19:02 . 2009-06-19 19:02 -------- d-----w- c:\program files\MSBuild 2009-06-19 19:02 . 2009-06-19 19:02 -------- d-----w- c:\program files\Reference Assemblies 2009-06-19 19:01 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-19 19:01 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-19 19:01 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-06-19 19:01 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-06-19 19:01 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-06-19 19:01 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-06-19 19:01 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-19 19:01 . 2009-06-19 19:02 -------- d-----w- C:\095356244b46ae2c6858 2009-06-19 19:00 . 2009-04-30 21:18 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-06-19 19:00 . 2009-04-30 21:17 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll 2009-06-19 19:00 . 2009-04-30 21:17 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll 2009-06-19 19:00 . 2009-04-30 21:17 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-06-19 19:00 . 2009-06-19 19:00 -------- d-----w- c:\windows\ie8updates 2009-06-19 19:00 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-06-19 18:59 . 2009-06-19 19:00 -------- dc-h--w- c:\windows\ie8 2009-06-19 18:58 . 2009-06-20 13:37 -------- d-----w- c:\documents and settings\Doelly\Tracing 2009-06-19 18:53 . 2009-06-19 18:53 -------- d-----w- c:\program files\Common Files\Windows Live 2009-06-19 18:53 . 2009-06-20 13:01 21752 ----a-w- c:\documents and settings\Doelly\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-19 18:53 . 2009-06-19 18:53 -------- d-----w- c:\program files\Microsoft Silverlight 2009-06-19 18:52 . 2009-06-19 18:52 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\Identities 2009-06-19 18:52 . 2009-06-19 18:52 -------- d-----w- c:\documents and settings\Doelly\Application Data\Windows Desktop Search 2009-06-19 18:51 . 2009-06-19 19:20 -------- d-----w- c:\program files\Windows Desktop Search 2009-06-19 18:51 . 2009-06-19 18:51 -------- d-----w- c:\windows\system32\GroupPolicy 2009-06-19 18:51 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2009-06-19 18:51 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2009-06-19 18:51 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2009-06-19 18:51 . 2009-06-19 18:51 -------- d-----w- c:\program files\Windows Media Connect 2 2009-06-19 18:50 . 2009-06-19 18:50 -------- d-----w- c:\windows\system32\drivers\UMDF 2009-06-19 18:49 . 2009-06-19 18:49 -------- d-----w- c:\windows\system32\URTTemp 2009-06-19 18:44 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-06-19 18:44 . 2008-09-04 17:17 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll 2009-06-19 18:44 . 2008-10-15 16:37 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll 2009-06-19 18:44 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2009-06-19 18:44 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll 2009-06-19 18:43 . 2008-06-14 17:36 272640 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-06-19 18:43 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2009-06-19 18:33 . 2009-06-19 18:33 -------- d-----w- c:\program files\NVIDIA Corporation 2009-06-19 18:32 . 2006-03-23 17:53 442368 ----a-w- c:\windows\system32\CapabilityTable.exe 2009-06-19 18:32 . 2006-04-14 12:00 208896 ------w- c:\windows\system32\nvuide.exe 2009-06-19 18:32 . 2006-03-23 17:51 208896 ----a-w- c:\windows\system32\nvunrm.exe 2009-06-19 18:32 . 2006-03-22 12:23 109568 ----a-w- c:\windows\system32\drivers\nvtcp.sys 2009-06-19 18:32 . 2006-03-23 18:51 208896 ----a-w- c:\windows\system32\nvusmb.exe 2009-06-19 18:29 . 2009-06-19 18:29 -------- d-----w- c:\windows\system32\Lang 2009-06-19 18:26 . 2008-08-25 08:17 528384 ----a-w- c:\windows\RtlExUpd.dll 2009-06-19 18:26 . 2009-06-19 18:33 -------- d-----w- c:\program files\Common Files\InstallShield 2009-06-19 17:56 . 2009-06-19 19:08 -------- d-----w- c:\windows\system32\nl-nl 2009-06-19 17:56 . 2009-06-19 17:56 -------- d-----w- c:\windows\system32\nl 2009-06-19 17:56 . 2009-06-19 17:56 -------- d-----w- c:\windows\l2schemas 2009-06-19 17:56 . 2009-06-19 17:56 -------- d-----w- c:\windows\system32\bits 2009-06-19 17:55 . 2009-06-19 17:57 -------- d-----w- c:\windows\ServicePackFiles 2009-06-19 17:50 . 2009-06-19 17:50 -------- d-----w- c:\windows\EHome 2009-06-19 17:30 . 2009-05-12 13:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2009-06-19 17:28 . 2008-10-16 12:09 43544 ----a-w- c:\windows\system32\wups2.dll 2009-06-19 17:28 . 2009-06-19 17:28 -------- d-sh--w- c:\documents and settings\Doelly\UserData 2009-06-19 17:04 . 2009-06-19 17:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-06-19 17:03 . 2009-06-10 16:33 457248 ----a-w- c:\windows\system32\nvudisp.exe 2009-06-19 17:03 . 2009-06-04 14:39 457248 ----a-w- c:\windows\system32\NVUNINST.EXE 2009-06-19 16:38 . 2009-06-25 16:24 -------- d--h--r- c:\documents and settings\Doelly\Onlangs geopend 2009-06-19 16:32 . 2009-06-19 16:32 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-06-19 16:32 . 2009-06-19 16:32 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-06-19 16:32 . 2009-06-19 16:32 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-06-19 16:28 . 2009-06-25 16:27 270368 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-06-19 16:28 . 2009-06-25 16:27 1014304 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-06-19 16:28 . 2009-06-25 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-06-19 16:28 . 2009-06-19 16:28 -------- d-----w- c:\program files\Kaspersky Lab 2009-06-19 16:19 . 2005-11-10 10:54 402944 ----a-r- c:\windows\system32\drivers\BLKWGU.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-25 16:27 . 2009-06-19 16:28 9004 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-06-25 16:27 . 2009-06-19 16:28 2004 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-06-19 20:55 . 2009-06-19 18:27 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-19 19:18 . 2006-03-02 12:00 533928 ----a-w- c:\windows\system32\perfh013.dat 2009-06-19 19:18 . 2006-03-02 12:00 100060 ----a-w- c:\windows\system32\perfc013.dat 2009-06-19 18:27 . 2009-06-19 18:27 -------- d-----w- c:\program files\Realtek 2009-06-19 17:58 . 2009-06-18 20:45 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-06-19 16:32 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-06-18 20:46 . 2009-06-18 20:46 -------- d-----w- c:\program files\microsoft frontpage 2009-06-18 20:44 . 2009-06-18 20:44 21748 ----a-w- c:\windows\system32\emptyregdb.dat 2009-06-10 16:33 . 2009-06-10 16:33 9998336 ----a-w- c:\windows\system32\nvoglnt.dll 2009-06-10 16:33 . 2009-06-10 16:33 815104 ----a-w- c:\windows\system32\nvapi.dll 2009-06-10 16:33 . 2009-06-10 16:33 8087712 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2009-06-10 16:33 . 2009-06-10 16:33 671744 ----a-w- c:\windows\system32\nvcuvid.dll 2009-06-10 16:33 . 2009-06-10 16:33 5908608 ----a-w- c:\windows\system32\nv4_disp.dll 2009-06-10 16:33 . 2009-06-10 16:33 1720320 ----a-w- c:\windows\system32\nvcuda.dll 2009-06-10 16:33 . 2009-06-10 16:33 1580550 ----a-w- c:\windows\system32\nvdata.bin 2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcodins.dll 2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcod.dll 2009-06-10 16:33 . 2009-06-10 16:33 1310720 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-06-10 06:28 . 2009-06-10 06:28 3510272 ----a-w- c:\windows\system32\nvgames.dll 2009-06-10 06:28 . 2009-06-10 06:28 5890048 ----a-w- c:\windows\system32\nvdispsr.dll 2009-06-10 06:28 . 2009-06-10 06:28 4022272 ----a-w- c:\windows\system32\nvdisps.dll 2009-06-10 06:28 . 2009-06-10 06:28 86016 ----a-w- c:\windows\system32\nvmctray.dll 2009-06-10 06:28 . 2009-06-10 06:28 168004 ----a-w- c:\windows\system32\nvsvc32.exe 2009-06-10 06:28 . 2009-06-10 06:28 143360 ----a-w- c:\windows\system32\nvcolor.exe 2009-06-10 06:28 . 2009-06-10 06:28 13758464 ----a-w- c:\windows\system32\nvcpl.dll 2009-06-10 06:28 . 2009-06-10 06:28 229376 ----a-w- c:\windows\system32\nvmccs.dll 2009-05-24 22:24 . 2008-05-26 20:18 350208 ------w- c:\windows\system32\mssph.dll 2009-05-13 05:06 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-07 15:34 . 2006-03-02 12:00 347136 ----a-w- c:\windows\system32\localspl.dll 2009-04-29 04:46 . 2009-04-29 04:46 81920 ------w- c:\windows\system32\ieencode.dll 2009-04-19 19:51 . 2006-03-02 12:00 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 14:55 . 2006-03-02 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll . ((((((((((((((((((((((((((((( SnapShot@2009-06-25_12.06.23 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-25 12:07 . 2008-10-16 12:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe + 2009-06-25 12:07 . 2008-04-14 17:02 82432 c:\windows\system32\dllcache\cache\ws2_32.dll + 2009-06-25 12:07 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\cache\userinit.exe + 2009-06-25 12:07 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\cache\svchost.exe + 2009-06-25 12:07 . 2008-04-14 17:03 57856 c:\windows\system32\dllcache\cache\spoolsv.exe + 2009-06-25 12:07 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\cache\powrprof.dll + 2009-06-25 12:07 . 2008-04-14 17:03 13312 c:\windows\system32\dllcache\cache\lsass.exe + 2009-06-25 12:07 . 2008-04-14 16:39 25088 c:\windows\system32\dllcache\cache\kbdclass.sys + 2009-06-25 12:07 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys + 2009-06-25 12:07 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\cache\ctfmon.exe + 2009-06-25 12:07 . 2008-04-14 17:03 510464 c:\windows\system32\dllcache\cache\winlogon.exe + 2009-06-25 12:07 . 2009-05-13 05:06 915456 c:\windows\system32\dllcache\cache\wininet.dll + 2009-06-25 12:07 . 2008-04-14 17:02 580096 c:\windows\system32\dllcache\cache\user32.dll + 2009-06-25 12:07 . 2008-04-14 17:02 297472 c:\windows\system32\dllcache\cache\termsrv.dll + 2009-06-25 12:07 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys + 2009-06-25 12:07 . 2009-02-09 11:27 111104 c:\windows\system32\dllcache\cache\services.exe + 2009-06-25 12:07 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys + 2009-06-25 12:07 . 2008-04-14 17:02 110080 c:\windows\system32\dllcache\cache\imm32.dll + 2009-06-25 12:07 . 2008-04-14 17:02 1571840 c:\windows\system32\dllcache\cache\sfcfiles.dll + 2009-06-25 12:07 . 2009-02-09 11:27 2149888 c:\windows\system32\dllcache\cache\ntoskrnl.exe + 2009-06-25 12:07 . 2009-02-09 11:27 2028544 c:\windows\system32\dllcache\cache\ntkrnlpa.exe + 2009-06-25 12:07 . 2009-03-21 14:09 1030656 c:\windows\system32\dllcache\cache\kernel32.dll + 2009-06-25 12:07 . 2008-04-14 17:02 1037312 c:\windows\system32\dllcache\cache\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-06-20 190024] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-06-20 190024] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-06-10 1657376] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-17 17508864] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19/06/2009 20:27 1684736] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-06-25 c:\windows\Tasks\User_Feed_Synchronization-{A4D713B6-4D8F-405A-82FF-7C842D93D9B0}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.goegel.be/ LSP: %SYSTEMROOT%\system32\nvappfilter.dll DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.17.0.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-25 18:28 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-602162358-1897051121-839522115-1004\Software\SecuROM\License information*] "datasecu"=hex:31,c7,6b,36,1f,b4,b8,de,5d,14,86,18,dd,3d,33,6f,37,35,00,99,a3, fe,ac,40,a9,ef,12,86,88,57,1c,3d,56,8a,d1,2e,24,e0,77,f7,4a,7d,4d,c8,08,e8,\ "rkeysecu"=hex:53,6d,de,45,0f,21,4c,93,9c,5a,46,ff,88,3d,e1,97 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'lsass.exe'(1148) c:\windows\system32\nvappfilter.dll - - - - - - - > 'explorer.exe'(720) c:\program files\MessengerPlus! 3\MsgPlusLoader.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\rundll32.exe c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\windows\system32\searchindexer.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Voltooingstijd: 2009-06-25 18:30 - machine werd herstart ComboFix-quarantined-files.txt 2009-06-25 16:30 ComboFix2.txt 2009-06-25 12:07 Pre-Run: 63.199.432.704 bytes beschikbaar Post-Run: 63.219.224.576 bytes beschikbaar 289 --- E O F --- 2009-06-24 22:30
  25. Dollydotteke
    hierbij de combofix log ComboFix 09-06-24.05 - Doelly 25/06/2009 14:02.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2047.1591 [GMT 2:00] Gestart vanuit: c:\documents and settings\Doelly\Bureaublad\ComboFix.exe AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: ActiveArmor Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))) . 2009-06-24 16:33 . 2009-06-24 16:33 -------- d-----w- c:\documents and settings\Doelly\Application Data\Malwarebytes 2009-06-24 16:32 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-24 16:32 . 2009-06-24 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-06-24 16:32 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-24 16:32 . 2009-06-24 16:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-24 13:44 . 2009-06-24 13:44 -------- d-----w- c:\program files\Trend Micro 2009-06-20 14:04 . 2009-06-20 14:04 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\PunkBuster 2009-06-20 13:52 . 2009-06-22 21:33 -------- d-----w- c:\documents and settings\Doelly\Contacts 2009-06-20 13:51 . 2009-06-20 13:51 -------- dc----w- c:\windows\system32\DRVSTORE 2009-06-20 13:50 . 2009-06-20 13:51 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller 2009-06-20 13:50 . 2009-06-20 13:52 -------- d-----w- c:\program files\Windows Live 2009-06-20 13:50 . 2009-06-20 13:50 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller 2009-06-20 13:47 . 2009-06-20 13:47 -------- d-----w- c:\program files\MessengerPlus! 3 2009-06-20 13:44 . 2009-06-20 13:44 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-06-19 21:11 . 2009-06-19 21:11 -------- d-----w- c:\program files\Common Files\SWF Studio 2009-06-19 20:57 . 2009-06-19 20:57 -------- d--h--r- c:\documents and settings\Doelly\Application Data\SecuROM 2009-06-19 20:57 . 2009-06-19 20:57 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-06-19 20:56 . 2009-06-19 20:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts 2009-06-19 20:55 . 2009-06-19 20:55 -------- d-----w- c:\program files\Electronic Arts 2009-06-19 20:55 . 2009-06-19 20:55 -------- d-----w- C:\ProgramData 2009-06-19 20:55 . 2009-06-19 20:55 1522 ----a-w- c:\windows\system32\ealregsnapshot1.reg 2009-06-19 20:54 . 2009-06-19 20:54 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\Downloaded Installations 2009-06-19 20:32 . 2009-06-23 16:22 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-06-19 20:32 . 2009-06-19 20:32 139152 ----a-w- c:\documents and settings\Doelly\Application Data\PnkBstrK.sys 2009-06-19 20:31 . 2009-06-23 16:21 189640 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-06-19 20:31 . 2009-06-19 20:31 794408 ----a-w- c:\windows\system32\pbsvc.exe 2009-06-19 20:31 . 2009-06-19 20:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-06-19 20:23 . 2009-06-19 20:45 -------- d-----w- c:\program files\EA Games 2009-06-19 19:55 . 2009-06-19 19:57 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-06-19 19:55 . 2009-06-19 19:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-19 19:51 . 2009-06-19 19:51 -------- d-----w- c:\program files\OpenOffice.org 3 2009-06-19 19:30 . 2008-04-14 17:02 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2009-06-19 19:27 . 2009-06-19 19:27 -------- d-----w- c:\program files\MSECache 2009-06-19 19:19 . 2009-06-19 19:19 129 ----a-w- c:\documents and settings\Doelly\Local Settings\Application Data\fusioncache.dat 2009-06-19 19:19 . 2009-06-19 19:19 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\ApplicationHistory 2009-06-19 19:14 . 2009-06-19 19:14 -------- d-sh--w- c:\documents and settings\Doelly\IECompatCache 2009-06-19 19:14 . 2009-06-19 19:14 -------- d-sh--w- c:\documents and settings\Doelly\PrivacIE 2009-06-19 19:09 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll 2009-06-19 19:08 . 2009-06-19 19:08 -------- d-sh--w- c:\documents and settings\Doelly\IETldCache 2009-06-19 19:08 . 2009-06-19 19:08 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-06-19 19:05 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2009-06-19 19:02 . 2009-06-19 19:05 -------- d-----w- c:\windows\system32\XPSViewer 2009-06-19 19:02 . 2009-06-19 19:02 -------- d-----w- c:\program files\MSBuild 2009-06-19 19:02 . 2009-06-19 19:02 -------- d-----w- c:\program files\Reference Assemblies 2009-06-19 19:01 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-19 19:01 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-19 19:01 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-06-19 19:01 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-06-19 19:01 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-06-19 19:01 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-06-19 19:01 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-19 19:01 . 2009-06-19 19:02 -------- d-----w- C:\095356244b46ae2c6858 2009-06-19 19:00 . 2009-04-30 21:18 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-06-19 19:00 . 2009-04-30 21:17 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll 2009-06-19 19:00 . 2009-04-30 21:17 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll 2009-06-19 19:00 . 2009-04-30 21:17 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-06-19 19:00 . 2009-06-19 19:00 -------- d-----w- c:\windows\ie8updates 2009-06-19 19:00 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-06-19 18:59 . 2009-06-19 19:00 -------- dc-h--w- c:\windows\ie8 2009-06-19 18:58 . 2009-06-20 13:37 -------- d-----w- c:\documents and settings\Doelly\Tracing 2009-06-19 18:53 . 2009-06-19 18:53 -------- d-----w- c:\program files\Common Files\Windows Live 2009-06-19 18:53 . 2009-06-20 13:01 21752 ----a-w- c:\documents and settings\Doelly\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-19 18:53 . 2009-06-19 18:53 -------- d-----w- c:\program files\Microsoft Silverlight 2009-06-19 18:52 . 2009-06-19 18:52 -------- d-----w- c:\documents and settings\Doelly\Local Settings\Application Data\Identities 2009-06-19 18:52 . 2009-06-19 18:52 -------- d-----w- c:\documents and settings\Doelly\Application Data\Windows Desktop Search 2009-06-19 18:51 . 2009-06-19 19:20 -------- d-----w- c:\program files\Windows Desktop Search 2009-06-19 18:51 . 2009-06-19 18:51 -------- d-----w- c:\windows\system32\GroupPolicy 2009-06-19 18:51 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2009-06-19 18:51 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2009-06-19 18:51 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2009-06-19 18:51 . 2009-06-19 18:51 -------- d-----w- c:\program files\Windows Media Connect 2 2009-06-19 18:50 . 2009-06-19 18:50 -------- d-----w- c:\windows\system32\drivers\UMDF 2009-06-19 18:49 . 2009-06-19 18:49 -------- d-----w- c:\windows\system32\URTTemp 2009-06-19 18:44 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-06-19 18:44 . 2008-09-04 17:17 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll 2009-06-19 18:44 . 2008-10-15 16:37 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll 2009-06-19 18:44 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2009-06-19 18:44 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll 2009-06-19 18:43 . 2008-06-14 17:36 272640 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-06-19 18:43 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2009-06-19 18:33 . 2009-06-19 18:33 -------- d-----w- c:\program files\NVIDIA Corporation 2009-06-19 18:32 . 2006-03-23 17:53 442368 ----a-w- c:\windows\system32\CapabilityTable.exe 2009-06-19 18:32 . 2006-04-14 12:00 208896 ------w- c:\windows\system32\nvuide.exe 2009-06-19 18:32 . 2006-03-23 17:51 208896 ----a-w- c:\windows\system32\nvunrm.exe 2009-06-19 18:32 . 2006-03-22 12:23 109568 ----a-w- c:\windows\system32\drivers\nvtcp.sys 2009-06-19 18:32 . 2006-03-23 18:51 208896 ----a-w- c:\windows\system32\nvusmb.exe 2009-06-19 18:29 . 2009-06-19 18:29 -------- d-----w- c:\windows\system32\Lang 2009-06-19 18:26 . 2008-08-25 08:17 528384 ----a-w- c:\windows\RtlExUpd.dll 2009-06-19 18:26 . 2009-06-19 18:33 -------- d-----w- c:\program files\Common Files\InstallShield 2009-06-19 17:56 . 2009-06-19 19:08 -------- d-----w- c:\windows\system32\nl-nl 2009-06-19 17:56 . 2009-06-19 17:56 -------- d-----w- c:\windows\system32\nl 2009-06-19 17:56 . 2009-06-19 17:56 -------- d-----w- c:\windows\l2schemas 2009-06-19 17:56 . 2009-06-19 17:56 -------- d-----w- c:\windows\system32\bits 2009-06-19 17:55 . 2009-06-19 17:57 -------- d-----w- c:\windows\ServicePackFiles 2009-06-19 17:50 . 2009-06-19 17:50 -------- d-----w- c:\windows\EHome 2009-06-19 17:30 . 2009-05-12 13:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2009-06-19 17:28 . 2008-10-16 12:09 43544 ----a-w- c:\windows\system32\wups2.dll 2009-06-19 17:28 . 2009-06-19 17:28 -------- d-sh--w- c:\documents and settings\Doelly\UserData 2009-06-19 17:04 . 2009-06-19 17:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-06-19 17:03 . 2009-06-10 16:33 457248 ----a-w- c:\windows\system32\nvudisp.exe 2009-06-19 17:03 . 2009-06-04 14:39 457248 ----a-w- c:\windows\system32\NVUNINST.EXE 2009-06-19 16:38 . 2009-06-24 17:21 -------- d--h--r- c:\documents and settings\Doelly\Onlangs geopend 2009-06-19 16:32 . 2009-06-19 16:32 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-06-19 16:32 . 2009-06-19 16:32 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-06-19 16:32 . 2009-06-19 16:32 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-06-19 16:28 . 2009-06-19 16:32 94643 ----a-w- c:\windows\system32\drivers\klick.dat 2009-06-19 16:28 . 2009-06-19 16:32 105395 ----a-w- c:\windows\system32\drivers\klin.dat 2009-06-19 16:28 . 2009-06-25 12:04 270368 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-06-19 16:28 . 2009-06-25 12:04 1014304 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-06-19 16:28 . 2009-06-25 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-06-19 16:28 . 2009-06-19 16:28 -------- d-----w- c:\program files\Kaspersky Lab 2009-06-19 16:19 . 2005-11-10 10:54 402944 ----a-r- c:\windows\system32\drivers\BLKWGU.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-25 12:04 . 2009-06-19 16:28 9004 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-06-25 12:04 . 2009-06-19 16:28 2004 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-06-19 20:55 . 2009-06-19 18:27 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-19 19:18 . 2006-03-02 12:00 533928 ----a-w- c:\windows\system32\perfh013.dat 2009-06-19 19:18 . 2006-03-02 12:00 100060 ----a-w- c:\windows\system32\perfc013.dat 2009-06-19 18:27 . 2009-06-19 18:27 -------- d-----w- c:\program files\Realtek 2009-06-19 17:58 . 2009-06-18 20:45 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-06-19 16:32 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-06-18 20:46 . 2009-06-18 20:46 -------- d-----w- c:\program files\microsoft frontpage 2009-06-18 20:44 . 2009-06-18 20:44 21748 ----a-w- c:\windows\system32\emptyregdb.dat 2009-06-10 16:33 . 2009-06-10 16:33 9998336 ----a-w- c:\windows\system32\nvoglnt.dll 2009-06-10 16:33 . 2009-06-10 16:33 815104 ----a-w- c:\windows\system32\nvapi.dll 2009-06-10 16:33 . 2009-06-10 16:33 8087712 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2009-06-10 16:33 . 2009-06-10 16:33 671744 ----a-w- c:\windows\system32\nvcuvid.dll 2009-06-10 16:33 . 2009-06-10 16:33 5908608 ----a-w- c:\windows\system32\nv4_disp.dll 2009-06-10 16:33 . 2009-06-10 16:33 1720320 ----a-w- c:\windows\system32\nvcuda.dll 2009-06-10 16:33 . 2009-06-10 16:33 1580550 ----a-w- c:\windows\system32\nvdata.bin 2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcodins.dll 2009-06-10 16:33 . 2009-06-10 16:33 151552 ----a-w- c:\windows\system32\nvcod.dll 2009-06-10 16:33 . 2009-06-10 16:33 1310720 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-06-10 06:28 . 2009-06-10 06:28 3510272 ----a-w- c:\windows\system32\nvgames.dll 2009-06-10 06:28 . 2009-06-10 06:28 5890048 ----a-w- c:\windows\system32\nvdispsr.dll 2009-06-10 06:28 . 2009-06-10 06:28 4022272 ----a-w- c:\windows\system32\nvdisps.dll 2009-06-10 06:28 . 2009-06-10 06:28 86016 ----a-w- c:\windows\system32\nvmctray.dll 2009-06-10 06:28 . 2009-06-10 06:28 168004 ----a-w- c:\windows\system32\nvsvc32.exe 2009-06-10 06:28 . 2009-06-10 06:28 143360 ----a-w- c:\windows\system32\nvcolor.exe 2009-06-10 06:28 . 2009-06-10 06:28 13758464 ----a-w- c:\windows\system32\nvcpl.dll 2009-06-10 06:28 . 2009-06-10 06:28 229376 ----a-w- c:\windows\system32\nvmccs.dll 2009-05-24 22:24 . 2008-05-26 20:18 350208 ------w- c:\windows\system32\mssph.dll 2009-05-13 05:06 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-07 15:34 . 2006-03-02 12:00 347136 ----a-w- c:\windows\system32\localspl.dll 2009-04-29 04:46 . 2009-04-29 04:46 81920 ------w- c:\windows\system32\ieencode.dll 2009-04-19 19:51 . 2006-03-02 12:00 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 14:55 . 2006-03-02 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-06-20 190024] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-06-20 190024] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-06-10 1657376] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-17 17508864] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19/06/2009 20:27 1684736] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-06-25 c:\windows\Tasks\User_Feed_Synchronization-{A4D713B6-4D8F-405A-82FF-7C842D93D9B0}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.goegel.be/ LSP: %SYSTEMROOT%\system32\nvappfilter.dll DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.17.0.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-25 14:06 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-602162358-1897051121-839522115-1004\Software\SecuROM\License information*] "datasecu"=hex:31,c7,6b,36,1f,b4,b8,de,5d,14,86,18,dd,3d,33,6f,37,35,00,99,a3, fe,ac,40,a9,ef,12,86,88,57,1c,3d,56,8a,d1,2e,24,e0,77,f7,4a,7d,4d,c8,08,e8,\ "rkeysecu"=hex:53,6d,de,45,0f,21,4c,93,9c,5a,46,ff,88,3d,e1,97 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'lsass.exe'(1160) c:\windows\system32\nvappfilter.dll - - - - - - - > 'explorer.exe'(2688) c:\program files\MessengerPlus! 3\MsgPlusLoader.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\rundll32.exe c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\windows\system32\searchindexer.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\windows\system32\wscntfy.exe c:\windows\system32\searchprotocolhost.exe c:\windows\system32\searchfilterhost.exe . ************************************************************************** . Voltooingstijd: 2009-06-25 14:07 - machine werd herstart ComboFix-quarantined-files.txt 2009-06-25 12:07 Pre-Run: 63.230.169.088 bytes beschikbaar Post-Run: 63.224.324.096 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 263 --- E O F --- 2009-06-24 22:30
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.