wjr
-
Items
8 -
Registratiedatum
-
Laatst bezocht
wjr's prestaties
-
Hallo, Ik heb nu op mijn laptop windows 7 32-bit staan maar mijn laptop heeft 4GB ram. In het control panel zeggen ze dat er maar 3GB bruikbaar is en na wat googlen kwam ik te weten dat een 32-bit systeem maar tot 3GB ram ondersteunt. Ik ben een echte gamer en de meeste games draaien ook vlot op mijn laptop maar de nieuwste games zoals empire total war draaien niet echt vlot. Nu vroeg ik me af of het nuttig zou zijn om over te schakelen op windows 7 64-bit om die 1Gb extra te benutten. Is dit de moeite of zal er eigenlijk niet veel verschil te merken zijn (in de games). alvast bedankt wjr
-
Hallo, Misschien is het gewoon beter om mijn computer eens volledig te formateren. Dan heb ik al die problemen in een keer opgelost. Ik denk niet dat mijn harde schijf kapot is want in veilige modus (dan loopt hij niet vast) kan ik zonder problemen iets installeren. Groetjes Wjr
-
Hij loopt jammer genoeg nog steeds vast
-
Voila het logje: ComboFix 10-01-19.07 - Willem-Jan 20/01/2010 14:18:12.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.1978 [GMT 1:00] Gestart vanuit: c:\users\Willem-Jan\Desktop\ComboFix.exe SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ADS - Windows: deleted 72 bytes in 1 streams. (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-245312034-3336776827-3623255419-500 c:\$recycle.bin\S-1-5-21-2466365761-1582336881-1551427631-500 c:\users\Willem-Jan\AppData\Roaming\inst.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-20 to 2010-01-20 )))))))))))))))))))))))))))))) . 2010-01-20 13:24 . 2010-01-20 13:25 -------- d-----w- c:\users\Willem-Jan\AppData\Local\temp 2010-01-20 13:24 . 2010-01-20 13:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-19 17:52 . 2010-01-19 17:52 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-19 17:04 . 2010-01-19 17:04 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\Malwarebytes 2010-01-19 17:04 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-19 17:04 . 2010-01-19 17:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-19 17:04 . 2010-01-19 17:04 -------- d-----w- c:\programdata\Malwarebytes 2010-01-19 17:04 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-19 16:50 . 2010-01-19 16:50 388096 ----a-r- c:\users\Willem-Jan\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-18 20:14 . 2010-01-18 20:14 -------- d-----w- c:\program files\uTorrent Turbo Accelerator 2010-01-18 20:07 . 2010-01-18 20:07 -------- d-----w- c:\users\Public 2010-01-18 18:40 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll 2010-01-18 18:40 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-01-18 15:26 . 2010-01-18 15:26 -------- d-----w- c:\program files\TrendMicro 2010-01-17 19:54 . 2010-01-18 17:11 -------- d-----w- c:\program files\ATnotes 2010-01-11 20:41 . 2010-01-11 20:41 -------- d-----w- C:\Intel 2010-01-11 20:37 . 2009-07-22 09:12 937984 ----a-w- c:\windows\system32\drivers\athr.sys 2010-01-11 20:37 . 2010-01-11 20:37 -------- d-----w- c:\program files\DIFX 2010-01-11 20:31 . 2010-01-11 20:31 -------- d-----w- c:\program files\Bonjour 2010-01-11 20:16 . 2010-01-18 18:05 -------- d-----w- c:\program files\Common Files\EZB Systems 2010-01-09 17:54 . 2010-01-09 18:28 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\Download Manager 2010-01-09 17:38 . 2009-11-16 11:25 17224 ----a-w- c:\windows\system32\authuitu.dll 2010-01-09 17:38 . 2009-11-16 11:25 29000 ----a-w- c:\windows\system32\uxtuneup.dll 2010-01-09 17:38 . 2010-01-09 17:38 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2010-01-09 17:27 . 2010-01-09 17:27 -------- d-----w- c:\users\Willem-Jan\AppData\Local\2BrightSparks 2010-01-06 15:28 . 2010-01-08 20:40 -------- d-----w- c:\program files\Download Direct 2010-01-05 17:40 . 2010-01-05 17:40 -------- d-----w- c:\program files\QuickTime 2010-01-05 17:40 . 2010-01-05 17:40 -------- d-----w- c:\programdata\Apple Computer 2010-01-04 19:13 . 2010-01-04 19:13 -------- d-----w- c:\users\Willem-Jan\AppData\Local\Graboid_Inc 2010-01-04 19:13 . 2010-01-04 19:24 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\MozillaControl 2010-01-04 19:13 . 2010-01-04 19:30 -------- d-----w- c:\users\Willem-Jan\AppData\Local\Graboid 2010-01-04 19:12 . 2010-01-04 19:12 -------- d-----w- c:\program files\Mozilla ActiveX Control v1.7.12 2010-01-04 19:12 . 2010-01-04 19:12 -------- d-----w- c:\program files\VideoLAN 2010-01-04 19:11 . 2010-01-19 17:20 -------- d-----w- c:\program files\Graboid 2010-01-03 12:16 . 2010-01-06 19:18 -------- d-----w- c:\program files\All Office Converter Platinum 2009-12-31 11:34 . 2009-12-31 11:34 -------- d-----w- c:\users\Default\AppData\Roaming\iolo 2009-12-31 10:00 . 2009-12-31 10:00 74703 ----a-w- c:\windows\system32\mfc45.dll 2009-12-31 10:00 . 2010-01-07 18:20 -------- d-----w- c:\programdata\iolo 2009-12-31 10:00 . 2009-12-31 10:48 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\iolo 2009-12-27 14:21 . 2009-12-27 14:25 -------- d-----w- C:\$AVG 2009-12-23 13:51 . 2009-12-23 13:51 8854 ----a-r- c:\users\Willem-Jan\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe 2009-12-23 13:51 . 2009-12-23 13:51 40960 ----a-r- c:\users\Willem-Jan\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2009-12-23 13:51 . 2009-12-23 13:51 40960 ----a-r- c:\users\Willem-Jan\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2009-12-22 17:37 . 2009-12-22 17:37 -------- d--h--r- c:\users\Willem-Jan\AppData\Roaming\SecuROM 2009-12-22 16:52 . 2009-12-22 16:52 -------- d-----w- c:\program files\SEGA . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-20 13:23 . 2008-04-16 11:26 677454 ----a-w- c:\windows\system32\perfh013.dat 2010-01-20 13:23 . 2008-04-16 11:26 131774 ----a-w- c:\windows\system32\perfc013.dat 2010-01-20 13:15 . 2009-08-06 09:42 28314 ----a-w- c:\programdata\nvModes.dat 2010-01-20 13:14 . 2009-08-06 17:28 12 ----a-w- c:\windows\bthservsdp.dat 2010-01-20 13:14 . 2009-08-07 11:07 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\uTorrent 2010-01-19 17:22 . 2009-08-06 08:56 1356 ----a-w- c:\users\Willem-Jan\AppData\Local\d3d9caps.dat 2010-01-19 16:25 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-01-18 18:09 . 2009-08-06 08:56 75968 ----a-w- c:\users\Willem-Jan\AppData\Local\GDIPFONTCACHEV1.DAT 2010-01-18 18:06 . 2009-08-08 09:41 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\uniblue 2010-01-18 18:06 . 2009-09-19 14:24 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-01-18 18:06 . 2009-08-24 14:33 -------- d-----w- c:\program files\YouTube Downloader 2010-01-18 18:06 . 2009-09-20 10:41 -------- d-----w- c:\program files\UltraISO 2010-01-18 18:06 . 2009-08-08 09:40 -------- d-----w- c:\program files\Uniblue 2010-01-18 18:06 . 2009-08-07 11:15 -------- d-----w- c:\program files\Master Converter 2010-01-18 18:06 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2010-01-18 18:06 . 2009-08-11 17:38 -------- d-----w- c:\program files\LucasArts 2010-01-18 18:06 . 2009-09-29 17:21 -------- d-----w- c:\program files\IObit 2010-01-18 18:06 . 2009-08-08 09:37 -------- d-----w- c:\program files\LimeWire Plus 2010-01-18 18:06 . 2009-08-06 09:20 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-18 18:05 . 2009-08-20 09:27 -------- d-----w- c:\program files\Firefly Studios 2010-01-18 18:05 . 2009-08-17 16:20 -------- d-----w- c:\program files\Electronic Arts 2010-01-18 18:05 . 2009-08-09 19:19 -------- d-----w- c:\program files\DVD Decrypter 2010-01-18 18:05 . 2009-08-08 09:23 -------- d-----w- c:\program files\Cheatbook Database 2009 2010-01-18 18:05 . 2009-08-08 09:03 -------- d-----w- c:\program files\DVD Shrink 2010-01-18 17:15 . 2009-08-08 09:45 -------- d-----w- c:\programdata\DriverScanner 2010-01-18 17:15 . 2009-08-08 09:42 -------- dc-h--w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81} 2010-01-18 17:15 . 2009-08-08 09:43 -------- dc-h--w- c:\programdata\{8A09CD83-59E1-4DB1-AAFC-E25174FC6706} 2010-01-18 17:04 . 2009-08-11 17:49 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\Petroglyph 2010-01-18 17:01 . 2009-09-16 14:54 -------- d-----w- c:\programdata\Firefly Studios 2010-01-17 13:24 . 2009-09-05 10:59 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\Auslogics 2010-01-13 14:08 . 2009-10-11 16:47 -------- d-----w- c:\program files\AviSynth 2.5 2010-01-09 17:38 . 2009-08-09 12:03 604488 ----a-w- c:\windows\system32\TUProgSt.exe 2010-01-09 17:38 . 2009-08-09 12:01 -------- d-----w- c:\program files\TuneUp Utilities 2009 2010-01-08 20:45 . 2009-11-02 18:53 -------- d-----w- c:\programdata\Media Center Programs 2009-12-27 14:19 . 2009-08-06 09:12 -------- d-----w- c:\program files\AVG 2009-12-23 18:36 . 2009-09-20 11:39 -------- d-----w- c:\program files\ThreatFire 2009-12-23 13:51 . 2009-08-06 10:20 -------- d-----w- c:\program files\Project64 1.6 2009-12-19 17:26 . 2009-12-19 17:24 -------- d-----w- c:\program files\Microsoft 2009-12-13 18:36 . 2009-12-13 18:36 -------- d-----w- c:\program files\utorrent2 2009-12-09 19:22 . 2009-08-06 10:05 -------- d-----w- c:\programdata\Microsoft Help 2009-12-08 19:39 . 2009-08-06 11:24 -------- d-----w- c:\program files\EA Games 2009-12-08 19:06 . 2009-08-09 16:00 -------- d-----w- c:\users\Willem-Jan\AppData\Roaming\Vso 2009-12-08 19:06 . 2009-08-09 16:00 47360 ----a-w- c:\users\Willem-Jan\AppData\Roaming\pcouffin.sys 2009-12-08 19:06 . 2009-08-09 16:00 47360 ----a-w- c:\users\Willem-Jan\AppData\Roaming\pcouffin.sys 2009-12-06 19:03 . 2009-08-20 15:56 -------- d-----w- c:\program files\Ubisoft 2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll 2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe 2009-11-21 18:38 . 2009-11-21 18:38 -------- d-----w- c:\program files\HotPotatoes6 2009-11-21 06:40 . 2009-12-09 18:14 916480 ----a-w- c:\windows\system32\wininet.dll 2009-11-21 06:34 . 2009-12-09 18:14 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-11-21 06:34 . 2009-12-09 18:14 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-11-21 04:59 . 2009-12-09 18:14 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-11-18 20:38 . 2009-11-18 20:39 38208 ----a-w- c:\users\Willem-Jan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2009-11-18 20:38 . 2009-11-18 20:39 38208 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2009-11-17 16:04 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-10 13:54 . 2009-11-10 13:54 95568 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2009-11-10 13:54 . 2009-12-07 16:34 116560 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2009-11-10 13:53 . 2009-12-07 16:34 41424 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2009-11-09 12:31 . 2009-12-09 19:22 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-11-09 12:30 . 2009-12-09 19:22 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-11-09 10:36 . 2009-12-09 19:22 411648 ----a-w- c:\windows\system32\drivers\http.sys 2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll 2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-11-02 19:42 . 2009-10-03 11:48 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-29 09:17 . 2009-11-24 18:55 2048 ----a-w- c:\windows\system32\tzres.dll 2003-03-21 12:45 . 2009-11-21 18:38 250544 ----a-w- c:\program files\Common Files\keyhelp.ocx . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "uTorrent"="c:\program files\utorrent2\uTorrent.exe" [2009-12-13 289584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-09 13543968] "HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304] "ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Uniblue RegistryBooster 2009"=c:\program files\uniblue\registrybooster\StartRegistryBooster.exe "UNILEX"=c:\program files\Easy Computing\De Grote Encyclopedie '99\tft.exe "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount "ehTray.exe"=c:\windows\ehome\ehTray.exe "Auslogics BoostSpeed"=c:\program files\Auslogics\Auslogics BoostSpeed\boostspeed.exe "uTorrent"="c:\program files\uTorrent\uTorrent.exe" "L09AXLRD_17798575"="c:\program files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE" -m "L09AXLRD_13141586"="c:\program files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE" -m [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RtHDVCpl"=RtHDVCpl.exe "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit "ATKMEDIA"=c:\program files\ASUS\ATK Media\DMedia.exe "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s "Skytel"=Skytel.exe "dcmsvc"=c:\program files\dcmsvc\dcmsvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:b2,6f,5b,61,4f,34,ca,01 R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [19/09/2009 15:24 1153368] R2 Uniblue DiskRescue;Uniblue DiskRescue;c:\program files\Uniblue\DiskRescue\UBDiskRescueSrv.exe [10/09/2008 16:22 229648] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [9/09/2008 18:15 48128] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [8/08/2009 19:34 721904] S2 avg9emc;AVG E-mail Scanner;"c:\program files\AVG\AVG9\avgemc.exe" --> c:\program files\AVG\AVG9\avgemc.exe [?] S2 avg9wd;AVG WatchDog;"c:\program files\AVG\AVG9\avgwdsvc.exe" --> c:\program files\AVG\AVG9\avgwdsvc.exe [?] S2 AVGIDSAgent;AVG9IDSAgent;"c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe" AVGIDSAgent --> c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [6/08/2009 10:29 29736] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 3:23 21504] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [19/01/2010 18:04 38224] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\System32\drivers\VBoxNetAdp.sys [10/11/2009 14:54 95568] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map 2009-08-08 c:\windows\Tasks\Uniblue DiskRescue 2009.job - c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 15:22] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . . ------- Bestandsassociaties ------- . JSEFile=NOTEPAD.EXE %1 . - - - - ORPHANS VERWIJDERD - - - - BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll HKLM-Run-AVG9_TRAY - c:\progra~1\AVG\AVG9\avgtray.exe AddRemove-AVG9Uninstall - c:\program files\AVG\AVG9\setup.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-20 14:25 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2010-01-20 14:27:02 ComboFix-quarantined-files.txt 2010-01-20 13:27 Pre-Run: 168.962.347.008 bytes beschikbaar Post-Run: 168.833.351.680 bytes beschikbaar - - End Of File - - 74E672B9DF2BB0B7EC9D8A0143D95837
-
Hallo, Ik heb alle stappen volledig voltooid (met nog heel veel vastzitten en opnieuw opstarten). Na al deze stappen (in malwarebytes werden 7 infecties gevonden) is het probleem nog steeds aanwezig. Hieronder de nieuwe logs Van mbam: Malwarebytes' Anti-Malware 1.44 Database versie: 3598 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18865 19/01/2010 19:13:51 mbam-log-2010-01-19 (19-13-51).txt Scan type: Snelle Scan Objecten gescand: 96906 Verstreken tijd: 4 minute(s), 35 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 5 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 2 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) en de nieuwe van hijackthis: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 19:37:01, on 19/01/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ATK Hotkey\HControlUser.exe C:\Program Files\ATKOSD2\ATKOSD2.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe" O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\utorrent2\uTorrent.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe O23 - Service: Uniblue DiskRescue - Uniblue - C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- End of file - 6271 bytes Groetjes Wjr
-
Oké bedankt
-
Beste Angel, Bedankt voor de snelle reactie. Ik heb het progje op mijn pc gezet en gehoopt dat hij weer niet vast zou komen te zitten maar ik heb zonder verdere problemen de log kunnen maken, deze zie je hieronder: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 16:29:15, on 18/01/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ATK Hotkey\HControlUser.exe C:\Program Files\ATKOSD2\ATKOSD2.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\utorrent2\uTorrent.exe C:\Program Files\ATnotes\ATnotes.exe C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - *{46cf08e6-2e94-478c-94fd-8b2140c6ff10} - (no file) R3 - URLSearchHook: (no name) - *{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file) R3 - URLSearchHook: (no name) - *{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file) R3 - URLSearchHook: (no name) - *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe" O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\utorrent2\uTorrent.exe" O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe O23 - Service: Uniblue DiskRescue - Uniblue - C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- End of file - 7243 bytes Alvast bedankt Wjr
-
Hallo iedereen, Ik zit al enkele dagen met een enorm probleem, telkens als ik mijn computer opstart kan ik mijn pc een tijdje normaal gebruiken maar dan lijkt de cursor te bevriezen en werkt niets meer, het toetsenbord,de muis en zelfs ctrl-alt-del helpt niet. De enige oplossing is de computer helemaal sluiten met de (aan)knop. Als ik hem dan opnieuw opstart werkt hij nog minder lang goed dan de vorige keer en zo gaat dit verder tot hij direct vastzit bij het aanmeldmenu. Vervolgens heb ik mijn pc in veilige modus volledig gecontoleerd op virussen met AVG Internet Security maar hij vond niets. Zou AVG het virus niet vinden of zou er een andere oorzaak zijn van mijn probleem. Ik zou echt heel blij zijn moest iemand mij kunnen helpen. Groetjes wjr
