Na opstarten zwart scherm

[kape]

Geen probleem ... nu is het perfect verlopen

En nu een vraagje : hoe staat het met die "zwarte schermen" of andere merkbare problemen ?

[andreharderwijk]

ik probeer hem even normaal op te starten

---------- Post toegevoegd om 17:44 ---------- Vorige post was om 17:40 ----------

Nee, nog niet verholpen.

Ik kan wel screens maken denk ik, ik probeer het even

---------- Post toegevoegd om 17:45 ---------- Vorige post was om 17:44 ----------

Nee geen succes, kan geen paint opstarten natuurlijk.

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

FCOPY::

c:\windows\ServicePackFiles\i386\winlogon.exe|c:\windows\system32\winlogon.exe

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

[andreharderwijk]

ComboFix 10-10-04.02 - Administrator 05-10-2010 18:34:05.5.2 - x86 NETWORK

Microsoft Windows XP Professional 5.1.2600.2.1252.31.1043.18.2046.1764 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Administrator\Mijn documenten\CFScript.txt..txt

AV: avast! antivirus 4.7.942 [VPS 000724-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: NOD32 antivirus systeem 2.51 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\winlogon.exe . . . is geïnfecteerd!!

Besmet exemplaar van c:\windows\explorer.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

Besmet exemplaar van c:\windows\system32\msgsvc.dll werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\ERDNT\cache\msgsvc.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-09-05 to 2010-10-05 ))))))))))))))))))))))))))))))

.

2010-10-04 14:40 . 2010-10-04 14:40 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-10-04 05:38 . 2010-10-05 16:32 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend

2010-09-28 13:03 . 2010-09-28 12:59 14383616 ----a-w- C:\gta_sa.exe

2010-09-19 17:03 . 2010-09-19 17:03 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Opera

2010-09-19 17:03 . 2010-09-19 17:03 -------- d-----w- c:\program files\Opera

2010-09-15 16:13 . 2010-09-15 16:13 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Threat Expert

2010-09-15 15:47 . 2010-08-30 11:57 767952 ----a-w- c:\windows\BDTSupport.dll

2010-09-15 15:47 . 2010-08-23 07:36 149456 ----a-w- c:\windows\SGDetectionTool.dll

2010-09-15 15:47 . 2008-11-26 09:08 131 ----a-w- c:\windows\IDB.zip

2010-09-15 15:47 . 2010-08-30 11:57 739280 ----a-w- c:\windows\PCTBDRes.dll

2010-09-15 15:45 . 2010-09-15 15:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\PC Tools

2010-09-15 15:44 . 2010-09-15 15:44 80729096 ----a-w- c:\documents and settings\All Users\Application Data\PC Tools\DownloadManager\Spyware Doctor8.0\sdsetup_aff_dl.exe

2010-09-15 15:44 . 2010-09-15 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-05 16:43 . 2007-06-20 17:22 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-10-05 13:57 . 2007-12-24 19:54 1324 ----a-w- c:\windows\system32\d3d9caps.dat

2010-10-04 20:13 . 2008-05-21 18:05 1 ----a-w- c:\documents and settings\Administrator\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys

2010-10-04 20:13 . 2008-05-21 18:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\OpenOffice.org2

2010-10-04 13:57 . 2009-07-26 23:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\DNA

2010-10-04 05:40 . 2010-01-31 17:46 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent

2010-10-04 05:40 . 2010-08-07 21:42 -------- d-----w- c:\program files\League of Legends

2010-10-04 05:38 . 2009-07-26 23:06 -------- d-----w- c:\program files\DNA

2010-10-03 15:27 . 2009-08-25 19:55 -------- d-----w- c:\program files\Rockstar Games

2010-09-30 19:59 . 2010-03-11 22:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\LimeWirePlus

2010-09-29 12:26 . 2009-07-26 23:06 -------- d-----w- c:\program files\GamersFirst

2010-09-29 12:26 . 2010-05-11 18:58 -------- d-----w- c:\program files\Everest Poker

2010-09-29 12:23 . 2006-12-27 17:39 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-09-29 12:22 . 2009-12-02 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\ijjigame

2010-09-29 12:22 . 2010-08-15 20:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\Gygan

2010-09-29 12:22 . 2009-10-24 22:00 -------- d-----w- c:\program files\Crossfire

2010-09-29 12:20 . 2009-09-13 19:35 -------- d-----w- c:\program files\CCleaner

2010-09-27 13:54 . 2010-01-31 17:47 -------- d-----w- c:\program files\uTorrent

2010-09-25 13:56 . 2009-03-15 12:16 -------- d-----w- c:\program files\Common Files\Symantec Shared

2010-09-18 09:44 . 2009-04-28 20:09 -------- d-----w- c:\program files\iTunes

2010-09-15 16:09 . 2010-09-15 15:45 -------- d-----w- c:\program files\PC Tools Security

2010-09-15 15:47 . 2010-09-15 15:45 -------- d-----w- c:\program files\Common Files\PC Tools

2010-09-15 15:46 . 2010-09-15 15:46 979746 ----a-w- c:\windows\system32\drivers\Cat.DB

2010-09-04 10:07 . 2010-07-18 21:47 -------- d-----w- c:\program files\TheSandyRavage

2010-09-04 09:18 . 2010-09-04 09:18 -------- d-----w- c:\program files\Trend Micro

2010-09-02 17:40 . 2010-07-30 21:49 -------- d-----w- c:\documents and settings\Administrator\Application Data\DivX

2010-08-30 11:57 . 2010-09-15 15:47 1865680 ----a-w- c:\windows\PCTBDCore.dll

2010-08-28 09:25 . 2010-09-15 15:46 247824 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2010-08-27 14:29 . 2010-08-27 14:29 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2010-08-27 14:29 . 2010-08-27 14:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-08-27 14:29 . 2010-08-27 14:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-08-27 14:10 . 2010-08-27 14:10 110080 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconF7A21AF7.exe

2010-08-27 14:10 . 2010-08-27 14:10 110080 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconD7F16134.exe

2010-08-27 14:10 . 2010-08-27 14:10 -------- d-----w- c:\program files\Enigma Software Group

2010-08-27 14:09 . 2008-04-11 20:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-08-27 12:57 . 2010-07-30 21:50 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll

2010-08-27 12:54 . 2010-08-27 12:54 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe

2010-08-27 12:54 . 2010-07-30 21:50 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll

2010-08-27 12:54 . 2010-07-30 21:50 850200 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe

2010-08-27 08:13 . 2010-09-15 15:46 159296 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2010-08-27 06:26 . 2010-09-15 15:46 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2010-08-27 06:26 . 2010-09-15 15:46 123968 ----a-w- c:\windows\system32\drivers\pctplfw.sys

2010-08-27 06:25 . 2010-09-15 15:46 79672 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys

2010-08-26 07:30 . 2010-09-15 15:47 2074 ----a-w- c:\windows\UDB.zip

2010-08-20 03:00 . 2007-01-02 20:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ventrilo

2010-08-20 03:00 . 2009-03-11 20:35 -------- d-----w- c:\program files\SwiftKit

2010-08-20 03:00 . 2008-03-24 20:15 -------- d-----w- c:\program files\Teamspeak2_RC2

2010-08-20 03:00 . 2009-09-15 12:35 -------- d-----w- c:\program files\LimeWire

2010-08-20 03:00 . 2009-01-04 01:30 -------- d-----w- c:\program files\RivaTuner v2.22

2010-08-20 03:00 . 2008-07-05 20:50 -------- d-----w- c:\program files\PartyGaming

2010-08-18 11:51 . 2010-09-15 15:46 237632 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2010-08-17 18:24 . 2010-08-17 18:24 -------- d-----w- c:\program files\Counter-Strike 1.6

2010-08-15 20:25 . 2010-08-15 20:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\Stereoscopic Player

2010-08-15 20:24 . 2010-08-15 20:24 -------- d-----w- c:\program files\Stereoscopic Player

2010-08-15 20:16 . 2010-08-15 20:16 -------- d-----w- c:\program files\Xenocode

2010-08-15 20:10 . 2010-08-15 20:10 -------- d-----w- c:\program files\Virtools

2010-08-11 02:16 . 2009-04-10 20:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype

2010-08-10 15:34 . 2006-12-27 23:31 -------- d-----r- c:\program files\Skype

2010-08-10 15:34 . 2010-08-10 15:34 -------- d-----w- c:\program files\Common Files\Skype

2010-08-10 15:34 . 2006-12-27 23:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype

2010-08-10 15:33 . 2008-07-02 08:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM

2010-08-10 14:58 . 2010-09-15 15:46 31960 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys

2010-08-07 22:01 . 2010-08-07 22:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\LolClient

2010-08-07 21:47 . 2010-08-07 21:46 -------- d-----w- c:\program files\Common Files\Adobe AIR

2010-08-07 21:31 . 2009-08-31 19:18 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files

2010-07-30 21:49 . 2010-07-30 21:49 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe

2010-07-30 21:49 . 2010-07-30 21:49 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe

2010-07-30 21:49 . 2010-07-30 21:49 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe

2010-07-30 21:49 . 2010-07-30 21:49 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe

2010-07-30 21:49 . 2010-07-30 21:49 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe

2010-07-16 12:59 . 2010-09-15 15:46 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2010-07-16 12:59 . 2010-09-15 15:46 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys

.

------- Sigcheck -------

[-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\winlogon.exe

[-] 2002-12-31 . E2E4199F218F09F10BB030318FF13ECE . 504832 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe

[-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\explorer.exe

[-] 2007-06-13 . ABDBD248791E9D639A199AE5F347EB02 . 1036800 . . [6.00.2900.3156] . . c:\windows\explorer.exe

[7] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

[7] 2002-12-31 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\termsrv.dll

c:\windows\System32\termsrv.dll ... is niet aanwezig !!

.

((((((((((((((((((((((((((((( SnapShot@2010-10-04_17.14.17 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-10-05 16:43 . 2010-10-05 16:43 16384 c:\windows\temp\Perflib_Perfdata_6a4.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Octoshape Streaming Services"="c:\program files\Octoshape Streaming Services\Administrator\OctoshapeClient.exe" [2006-02-13 214648]

"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-09-24 1786168]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-26 328056]

"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-13 323392]

"Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-02-06 135664]

"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-08-02 2937528]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-06 148888]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-20 8429568]

"nwiz"="nwiz.exe" [2007-04-20 1626112]

"SW20"="c:\windows\system32\sw20.exe" [2006-02-06 208896]

"SW24"="c:\windows\system32\sw24.exe" [2006-02-06 69632]

"nod32kui"="c:\program files\Eset\nod32kui.exe" [2006-12-27 921600]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]

"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-08-14 352256]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-20 81920]

"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]

"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-08-23 100304]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]

path=c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\LimeWire On Startup.lnk

backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^GamersFirst LIVE!.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\GamersFirst LIVE!.lnk

backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]

2009-12-26 12:48 2335952 ----a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2010-02-17 17:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

2009-11-13 15:05 323392 ----a-w- c:\program files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-03-18 20:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=

"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=

"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\LimeWire Plus\\LimeWire.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Program Files\\League of Legends\\Air\\LolClient.exe"=

"c:\\Program Files\\League of Legends\\Game\\League of Legends.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"58715:TCP"= 58715:TCP:Pando Media Booster

"58715:UDP"= 58715:UDP:Pando Media Booster

"57042:TCP"= 57042:TCP:Pando Media Booster

"57042:UDP"= 57042:UDP:Pando Media Booster

"8394:TCP"= 8394:TCP:League of Legends Launcher

"8394:UDP"= 8394:UDP:League of Legends Launcher

"6881:TCP"= 6881:TCP:League of Legends Launcher

"6881:UDP"= 6881:UDP:League of Legends Launcher

"6967:TCP"= 6967:TCP:League of Legends Launcher

"6967:UDP"= 6967:UDP:League of Legends Launcher

"6991:TCP"= 6991:TCP:League of Legends Launcher

"6991:UDP"= 6991:UDP:League of Legends Launcher

"6927:TCP"= 6927:TCP:League of Legends Launcher

"6927:UDP"= 6927:UDP:League of Legends Launcher

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [11-2-2010 18:46 5248]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [15-9-2010 17:46 237632]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [15-9-2010 17:46 338880]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [15-9-2010 17:46 656320]

S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8-1-2010 1:51 380928]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [15-9-2010 17:47 235472]

S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [27-1-2010 18:10 5248]

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [15-9-2010 17:45 366840]

S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [11-2-2010 18:46 160640]

.

Inhoud van de 'Gedeelde Taken' map

2010-10-01 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

2010-10-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1647877149-725345543-500Core.job

- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-06 20:30]

2010-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1647877149-725345543-500UA.job

- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-06 20:30]

2010-10-04 c:\windows\Tasks\Norton Security Scan for Administrator.job

- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-09 07:48]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

LSP: c:\windows\system32\imon.dll

LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2d8n1pnt.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://radiobar.toolbarhome.com/?hp=df

FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?ei=utf-8&fr=megaup&p=

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1482476501-1647877149-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,99,0c,5b,bb,51,e5,6d,4d,89,15,ab,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,99,0c,5b,bb,51,e5,6d,4d,89,15,ab,\

[HKEY_USERS\S-1-5-21-1482476501-1647877149-725345543-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:0a,04,dc,73,bf,65,7f,aa,66,96,4a,c4,66,4d,ff,2e,80,61,df,d8,49,2b,37,

26,73,a9,47,69,0c,3d,cc,4a,30,67,84,08,4e,a0,cf,55,dc,10,7c,97,c1,9c,fc,3b,\

"??"=hex:51,26,68,11,bc,f8,f9,83,2f,7f,08,b5,c7,73,36,4c

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(816)

c:\windows\system32\sfc_os.dll

- - - - - - - > 'explorer.exe'(1008)

c:\windows\system32\sfc_os.dll

.

Voltooingstijd: 2010-10-05 19:13:21 - machine werd herstart

ComboFix-quarantined-files.txt 2010-10-05 17:13

ComboFix2.txt 2010-10-05 14:08

ComboFix3.txt 2010-10-04 18:57

ComboFix4.txt 2010-10-04 17:19

Pre-Run: 14.250.663.936 bytes beschikbaar

Post-Run: 14.239.928.320 bytes beschikbaar

- - End Of File - - F804B8581254D9F1173204EDB33A7235

Bedankt alvast voor de reacties,

Er is nog steeds een zwart scherm.

[kape]

Ga via Start -> Uitvoeren en typ sfc /scannow voor een controle van je Windows. Onderweg wordt (normaal) gevraagd naar de Windows-CD. Hou deze alvast bij de hand.

[andreharderwijk]

Ik heb hier een CD, maar heb geen idee of dit de goede is. Ik zal eerlijk zijn, ben heel slordig met dat soort spullen. Heb mijn pc nog nooit moeten reboote/systeem herstel ofzo.

Op de CD staat:

Alleen voor levering bij nieuwe pc's. Neem voor productondersteuning contact op met de fabrikant van uw pc.

CDrom1 Versie 2005.

Ik doe mijn best, In elk geval 100% bedankt voor alle hulp tot nutoe

[andreharderwijk]

Er flitst een zwart scherm voorbij als ik dat heb gedaan, maar voor de rest niks.

(ik doe dit in veilige modus)

[kape]

Er flitst een zwart scherm voorbij als ik dat heb gedaan, maar voor de rest niks.

(ik doe dit in veilige modus)

Dit kan inderdaad ... maar is er enige verbetering merkbaar nu ?

[andreharderwijk]

Nee, geen enkele verbetering.

Ik zal waarschijnlijk opnieuw moeten installeren?

In welk geval dan ook harstikke bedankt he voor de hulp