Traagheid

[Skippy]

Hij vroeg niet om te herstarten maar ik kreeg uiteindelijk wel volgend logje:

ComboFix 12-06-12.01 - Jurgen & Kim 12/06/2012 16:43:33.8.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1023.568 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Jurgen & Kim\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Jurgen & Kim\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

FILE ::

"C:\found.000"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\drivers\etc\hosts.ics

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-05-12 to 2012-06-12 ))))))))))))))))))))))))))))))

.

.

2012-06-11 11:13 . 2012-06-11 11:15 -------- dc----w- c:\documents and settings\Jurgen & Kim\Application Data\DVD Flick

2012-06-11 11:11 . 2008-08-31 11:27 28672 -c--a-w- c:\windows\system32\mousewheel.ocx

2012-06-11 11:11 . 2007-08-31 16:36 36864 -c--a-w- c:\windows\system32\trayicon_handler.ocx

2012-06-11 11:11 . 2004-03-08 22:00 662288 -c--a-w- c:\windows\system32\mscomct2.ocx

2012-06-11 11:11 . 2003-01-26 11:41 40960 -c--a-w- c:\windows\system32\ssubtmr6.dll

2012-06-11 11:11 . 1998-06-23 22:00 164144 -c--a-w- c:\windows\system32\comct232.ocx

2012-06-11 11:11 . 2012-06-11 11:11 -------- dc----w- c:\program files\DVD Flick

2012-06-11 11:11 . 2004-03-08 22:00 212240 -c--a-w- c:\windows\system32\richtx32.ocx

2012-06-11 09:55 . 2012-06-11 09:55 -------- dc----w- c:\documents and settings\Jurgen & Kim\Local Settings\Application Data\bluesoleil

2012-06-08 18:08 . 2012-06-08 18:08 770384 -c--a-w- c:\program files\Mozilla Firefox\msvcr100.dll

2012-06-08 18:08 . 2012-06-08 18:08 421200 -c--a-w- c:\program files\Mozilla Firefox\msvcp100.dll

2012-06-08 09:40 . 2012-06-08 09:40 -------- dc----w- c:\documents and settings\All Users\Application Data\Soluto

2012-06-03 11:27 . 2012-06-03 11:27 -------- d-----w- C:\found.000

2012-06-03 09:40 . 2012-06-12 14:19 -------- dc-h--r- c:\documents and settings\Jurgen & Kim\Onlangs geopend

2012-06-03 09:18 . 2012-06-03 09:18 -------- dc----w- c:\program files\IVT Corporation

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-05 08:49 . 2012-04-02 10:36 419488 -c--a-w- c:\windows\system32\FlashPlayerApp.exe

2012-05-05 08:49 . 2011-05-18 18:23 70304 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-11 13:55 . 2004-08-04 00:58 2031104 -c--a-w- c:\windows\system32\ntkrnlpa.exe

2012-04-11 13:55 . 2004-08-04 00:58 2152960 -c--a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 13:55 . 2005-01-27 09:31 1862400 -c--a-w- c:\windows\system32\win32k.sys

2012-04-04 13:56 . 2011-01-23 11:38 22344 -c--a-w- c:\windows\system32\drivers\mbam.sys

2012-01-07 10:13 . 2012-01-07 06:00 60 -c--a-w- c:\program files\CommandlineScanner.bat

2012-01-07 10:13 . 2012-01-07 06:00 1585560 -c--a-w- c:\program files\start.exe

2011-01-02 10:44 . 2011-01-02 10:43 396152 -c--a-w- c:\program files\utorrent.exe

2012-06-08 18:08 . 2012-03-06 11:15 85472 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2012-03-01 . 3BDB7741F27C37725FB025CEE150513A . 3616768 . . [7.00.6000.17109] . . c:\windows\system32\mshtml.dll

[-] 2012-03-01 . 3BDB7741F27C37725FB025CEE150513A . 3616768 . . [7.00.6000.17109] . . c:\windows\system32\dllcache\mshtml.dll

[-] 2012-03-01 . 3E839CE1B107D7C835CFFFE54BAF4327 . 3619328 . . [7.00.6000.21311] . . c:\windows\$hf_mig$\KB2675157-IE7\SP3QFE\mshtml.dll

.

[-] 2012-03-01 . BDDE958EFBF08A308B477A54EA0FD82B . 832512 . . [7.00.6000.17109] . . c:\windows\system32\wininet.dll

[-] 2012-03-01 . BDDE958EFBF08A308B477A54EA0FD82B . 832512 . . [7.00.6000.17109] . . c:\windows\system32\dllcache\wininet.dll

[-] 2012-03-01 . 0743FEA21BFE356BCDB60F723BE6325F . 841216 . . [7.00.6000.21311] . . c:\windows\$hf_mig$\KB2675157-IE7\SP3QFE\wininet.dll

.

[-] 2012-04-11 . 0ED21672B45858B3D6F72B898362A3F2 . 2031104 . . [5.1.2600.6206] . . c:\windows\system32\ntkrnlpa.exe

[-] 2012-04-11 . E7A9D6E071F8ABDAED0D8610FEA3F828 . 2073472 . . [5.1.2600.6206] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe

.

[-] 2012-04-11 . 7A34AE10A68CA9F94E9EDE5D18A94AE9 . 2152960 . . [5.1.2600.6206] . . c:\windows\system32\ntoskrnl.exe

[-] 2012-04-11 . 8E5DFDF86DF4B5E66CFA794C92C4606C . 2196992 . . [5.1.2600.6206] . . c:\windows\Driver Cache\i386\ntoskrnl.exe

.

((((((((((((((((((((((((((((( SnapShot@2012-06-12_11.24.50 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-06-12 14:12 . 2012-06-12 14:12 16384 c:\windows\Temp\Perflib_Perfdata_6b4.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 88363]

"Keyboard Status"="c:\progra~1\Medion Tools\KeyStat\KeyStat.exe" [2005-01-25 411648]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2005-02-21 118926]

"Ulead AutoDetector"="c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-11-19 45056]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2011-04-13 319574]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\fxsclnt.exe"=

"c:\\Program Files\\Home Cinema\\PowerCinema\\PowerCinema.exe"=

"c:\\StubInstaller.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"21920:TCP"= 21920:TCP:@xpsp2res.dll,-22009

"49826:TCP"= 49826:TCP:@xpsp2res.dll,-22009

"163:TCP"= 163:TCP:@xpsp2res.dll,-22009

"47822:TCP"= 47822:TCP:@xpsp2res.dll,-22009

"16289:TCP"= 16289:TCP:@xpsp2res.dll,-22009

"59299:TCP"= 59299:TCP:@xpsp2res.dll,-22009

"58918:TCP"= 58918:TCP:@xpsp2res.dll,-22009

"22947:TCP"= 22947:TCP:@xpsp2res.dll,-22009

"32930:TCP"= 32930:TCP:@xpsp2res.dll,-22009

"49824:TCP"= 49824:TCP:@xpsp2res.dll,-22009

"2977:TCP"= 2977:TCP:@xpsp2res.dll,-22009

"23713:TCP"= 23713:TCP:@xpsp2res.dll,-22009

"43722:TCP"= 43722:TCP:@xpsp2res.dll,-22009

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [11/07/2011 2:14 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13/09/2011 7:30 32592]

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [6/04/2010 19:32 20104]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/10/2011 7:23 230608]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11/07/2011 2:14 295248]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 7:25 4433248]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/08/2011 7:09 192776]

R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [13/02/2005 15:02 666368]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [11/07/2011 2:14 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [11/07/2011 2:14 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [4/10/2011 7:21 16720]

R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [20/01/2005 16:05 1272000]

R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [27/01/2005 13:37 19928]

S0 gnakms;gnakms;c:\windows\system32\drivers\cssxr.sys --> c:\windows\system32\drivers\cssxr.sys [?]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?]

S1 MpKsl0023d320;MpKsl0023d320;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E564AE57-5781-48E6-BEDB-2FD8B04111C3}\MpKsl0023d320.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E564AE57-5781-48E6-BEDB-2FD8B04111C3}\MpKsl0023d320.sys [?]

S1 MpKsl02e6e64f;MpKsl02e6e64f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3DFD0C5F-5E77-4869-AD41-3003CC100A4F}\MpKsl02e6e64f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3DFD0C5F-5E77-4869-AD41-3003CC100A4F}\MpKsl02e6e64f.sys [?]

S1 MpKsl2c96cd76;MpKsl2c96cd76;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{67FE8CBD-38C8-4892-9B75-7EB882BF4D5D}\MpKsl2c96cd76.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{67FE8CBD-38C8-4892-9B75-7EB882BF4D5D}\MpKsl2c96cd76.sys [?]

S1 MpKsl3b9756f2;MpKsl3b9756f2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{093653F4-527A-475B-9CF9-9E4AC5A96858}\MpKsl3b9756f2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{093653F4-527A-475B-9CF9-9E4AC5A96858}\MpKsl3b9756f2.sys [?]

S1 MpKsl40e9b947;MpKsl40e9b947;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{00DC232A-9D29-4B8F-92E5-A2AD1700477B}\MpKsl40e9b947.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{00DC232A-9D29-4B8F-92E5-A2AD1700477B}\MpKsl40e9b947.sys [?]

S1 MpKsl40f3cc4d;MpKsl40f3cc4d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF94879C-F419-485F-A526-B56C1F9303C3}\MpKsl40f3cc4d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF94879C-F419-485F-A526-B56C1F9303C3}\MpKsl40f3cc4d.sys [?]

S1 MpKsl429b1ee7;MpKsl429b1ee7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BA4D90ED-CEF2-444C-8B2D-5843269F6CDA}\MpKsl429b1ee7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BA4D90ED-CEF2-444C-8B2D-5843269F6CDA}\MpKsl429b1ee7.sys [?]

S1 MpKsl685a36aa;MpKsl685a36aa;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{783E70DD-2714-46EF-BEC2-D86B4C061C06}\MpKsl685a36aa.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{783E70DD-2714-46EF-BEC2-D86B4C061C06}\MpKsl685a36aa.sys [?]

S1 MpKsla9e19044;MpKsla9e19044;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{093653F4-527A-475B-9CF9-9E4AC5A96858}\MpKsla9e19044.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{093653F4-527A-475B-9CF9-9E4AC5A96858}\MpKsla9e19044.sys [?]

S1 MpKslc2ca3e69;MpKslc2ca3e69;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DDE99DEC-9CE5-4106-AEF7-F69035CA769E}\MpKslc2ca3e69.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DDE99DEC-9CE5-4106-AEF7-F69035CA769E}\MpKslc2ca3e69.sys [?]

S1 MpKslc51ba6f0;MpKslc51ba6f0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BA4D90ED-CEF2-444C-8B2D-5843269F6CDA}\MpKslc51ba6f0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BA4D90ED-CEF2-444C-8B2D-5843269F6CDA}\MpKslc51ba6f0.sys [?]

S1 MpKslee0e7875;MpKslee0e7875;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6BDF603-9170-4D2B-A310-E76F912BA3BA}\MpKslee0e7875.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6BDF603-9170-4D2B-A310-E76F912BA3BA}\MpKslee0e7875.sys [?]

S1 MpKsleefeb021;MpKsleefeb021;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2985D14D-39FF-4547-BF4A-85DEE567CC47}\MpKsleefeb021.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2985D14D-39FF-4547-BF4A-85DEE567CC47}\MpKsleefeb021.sys [?]

S1 MpKslf1b175e4;MpKslf1b175e4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CF72B02-FA57-4DA4-A61C-146C16D1BE70}\MpKslf1b175e4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2CF72B02-FA57-4DA4-A61C-146C16D1BE70}\MpKslf1b175e4.sys [?]

S1 MpKslf6fc5c95;MpKslf6fc5c95;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F731EA22-51CA-4927-9F1B-62B898156917}\MpKslf6fc5c95.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F731EA22-51CA-4927-9F1B-62B898156917}\MpKslf6fc5c95.sys [?]

S1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004;c:\windows\system32\DRIVERS\tdx.sys --> c:\windows\system32\DRIVERS\tdx.sys [?]

S2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500;c:\windows\System32\svchost.exe -k NetSvcs [27/01/2005 11:31 14336]

S2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103;c:\windows\System32\svchost.exe -k secsvcs [27/01/2005 11:31 14336]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2/04/2012 12:36 257696]

S3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\drivers\btcomport.sys [26/08/2010 21:29 25992]

S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\drivers\btcombus.sys [26/08/2010 21:29 22024]

S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [6/04/2010 19:33 25864]

S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [27/01/2005 13:34 17408]

S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [6/04/2010 19:32 23048]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/05/2012 18:56 113120]

S3 SNDO963;Trust DB-1180 Binocular DigiCam;c:\windows\system32\drivers\sndo963.sys [15/01/2006 16:25 221056]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - IPHLPSVC

*NewlyCreated* - WINDEFEND

.

Inhoud van de 'Gedeelde Taken' map

.

2012-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 08:49]

.

2012-05-14 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]

.

2009-02-22 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8161080022.job

- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

.

2012-06-12 c:\windows\Tasks\User_Feed_Synchronization-{A6A9102E-CE81-42B2-8EF8-26E7479CFFA0}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 10:58]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uStart Page = hxxp://www.hln.be/

mStart Page = hxxp://dutch.toggle.com/nl/index.php?rvs=google

uInternet Settings,ProxyOverride = localhost

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.130.2 195.130.131.2

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://86.81.214.224/activex/AMC.cab

FF - ProfilePath - c:\documents and settings\Jurgen & Kim\Application Data\Mozilla\Firefox\Profiles\03m92ztn.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.hln.be/

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-06-12 17:06

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-3306070157-3809988416-1071509390-1007\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(776)

c:\windows\system32\Ati2evxx.dll

.

Voltooingstijd: 2012-06-12 17:15:23

ComboFix-quarantined-files.txt 2012-06-12 15:15

ComboFix2.txt 2012-06-12 11:33

.

Pre-Run: 28.970.176.512 bytes beschikbaar

Post-Run: 29.034.115.072 bytes beschikbaar

.

- - End Of File - - 86B5F164952D1913EB741BCA0E944162

[kweezie wabbit]

Verwijder de map C:\found.000

Hoe staat het nu met de snelheid?

[Skippy]

Deze heb ik verwijderd en 't gaat al iets beter nu. >

[kweezie wabbit]

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Een registeropruiming wil ook wel eens helpen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

[Skippy]

Ik zit nu met 't probleem dat ik niet meer kan internetten, blijkbaar heeft 't mijn IP-adres mee verwijdert, wat kan ik nu doen om dit te herstellen? Ik werk met draadloos internet.

[kweezie wabbit]

De gebruikte tools en procedures gaan niets veranderen aan je netwerkinstellingen.

Je IP krijg je normaal opnieuw telkens je de pc opstart.

Herstart de pc en als je dan nog geen draadloze verbinding krijgt, probeer het dan eens met een bedrade aansluiting en zie wat dat geeft.

[Skippy]

Het ligt niet aan de verbinding want het draadloos internet werkt wel met de laptop die ik nu gebruik in geval van nood.

[kweezie wabbit]

De modem/router zal nog wel goed werken.

Vandaar mijn tip

Herstart de pc en als je dan nog geen draadloze verbinding krijgt, probeer het dan eens met een bedrade aansluiting en zie wat dat geeft.

[Skippy]

In mijn vast pc steekt al een bedrading en dat werkt niet, ook niet met heropstarten. Hij geeft mij telkens een foutmelding van mijn ip-adres.

[kweezie wabbit]

Ga naar start - alle programma's - bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor uitvoeren als administrator om het opdrachtprompt te openen.

Type netsh winsock reset en druk op Enter.

Type exit en druk op Enter om het opdrachtprompt te sluiten.

Herstart de pc.

Als je nog steeds de foutmelding krijgt, maak er dan een afbeelding van en voeg deze toe als bijlage aan je volgend bericht.

Met paint snel een afbeelding maken

Hoe je een bijlage toevoegt aan een bericht, kan je lezen in deze handleiding.