SSMMgr.exe reageert niet/sisbase.dll niet gevonden

[Relinda]

ComboFix 12-11-03.02 - dbc 04/11/2012 12:01:03.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.895.361 [GMT 1:00]

Gestart vanuit: c:\documents and settings\dbc\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\dbc\Bureaublad\CFScript.txt

AV: ESET Smart Security 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

.

FILE ::

"C:\ccsetup324.exe"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

c:\documents and settings\All Users\Application Data\Ask

c:\documents and settings\dbc\Local Settings\Application Data\AskToolbar

c:\documents and settings\dbc\Local Settings\Application Data\AskToolbar\accl.xml

c:\documents and settings\dbc\Local Settings\Application Data\AskToolbar\APNU\config.xml

c:\documents and settings\dbc\Local Settings\Application Data\AskToolbar\cache.dat

c:\documents and settings\dbc\Local Settings\Application Data\AskToolbar\config.xml

c:\documents and settings\dbc\Local Settings\Application Data\AskToolbar\osearch.xml

c:\program files\Ask.com

c:\program files\Ask.com\assets\oobe\b.png

c:\program files\Ask.com\assets\oobe\bl.png

c:\program files\Ask.com\assets\oobe\br.png

c:\program files\Ask.com\assets\oobe\l.png

c:\program files\Ask.com\assets\oobe\pointer.png

c:\program files\Ask.com\assets\oobe\r.png

c:\program files\Ask.com\assets\oobe\t.png

c:\program files\Ask.com\assets\oobe\tl.png

c:\program files\Ask.com\assets\oobe\tr.png

c:\program files\Ask.com\cobrand.ico

c:\program files\Ask.com\config.xml

c:\program files\Ask.com\favicon.ico

c:\program files\Ask.com\GenericAskToolbar.dll

c:\program files\Ask.com\mupcfg.xml

c:\program files\Ask.com\precache.exe

c:\program files\Ask.com\SaUpdate.exe

c:\program files\Ask.com\Updater\config.xml

c:\program files\Ask.com\Updater\Updater.exe

c:\program files\Ask.com\UpdateTask.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-10-04 to 2012-11-04 ))))))))))))))))))))))))))))))

.

.

2012-11-03 17:42 . 2012-11-03 17:42 -------- d-----w- c:\documents and settings\dbc\Application Data\TuneUp Software

2012-11-03 17:42 . 2012-11-03 18:15 -------- d-----w- c:\program files\TuneUp Utilities 2013

2012-11-03 17:42 . 2012-11-03 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software

2012-11-02 17:26 . 2012-11-04 10:53 -------- d--h--r- c:\documents and settings\dbc\Onlangs geopend

2012-11-02 16:33 . 2012-11-02 16:47 -------- d-----w- c:\program files\CCleaner

2012-11-02 16:30 . 2012-11-02 16:31 4010544 ----a-w- C:\ccsetup324.exe

2012-11-02 15:56 . 2012-11-02 15:56 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files

2012-11-02 12:48 . 2012-11-02 12:48 -------- d-----w- C:\Firefox

2012-11-02 12:43 . 2012-11-02 12:42 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-11-02 12:43 . 2012-11-02 12:42 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-02 10:59 . 2012-11-02 10:59 -------- d-----w- c:\documents and settings\dbc\Application Data\DriverCure

2012-11-02 10:59 . 2012-11-02 10:59 -------- d-----w- c:\documents and settings\dbc\Application Data\SpeedMaxPc

2012-11-02 10:59 . 2012-11-02 12:39 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedMaxPc

2012-10-30 19:09 . 2012-10-30 19:09 388096 ----a-r- c:\documents and settings\dbc\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-10-30 19:09 . 2012-10-30 19:09 -------- d-----w- c:\program files\Trend Micro

2012-10-30 12:29 . 2012-10-30 12:29 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache

2012-10-23 09:28 . 2011-06-01 02:17 987904 ----a-r- c:\windows\system32\drivers\RTL8192cu.sys

2012-10-21 08:45 . 2012-10-21 08:45 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll

2012-10-21 08:45 . 2012-10-21 08:45 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll

2012-10-14 05:31 . 2012-10-14 05:31 -------- d-----w- c:\program files\Heat Pump Configurator

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-02 12:42 . 2008-09-10 11:17 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-10-08 17:50 . 2012-04-08 08:58 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-08 17:50 . 2011-08-09 07:06 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-28 15:17 . 2008-04-15 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:17 . 2008-04-15 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-08-28 15:17 . 2008-04-15 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2008-04-15 12:00 385024 ----a-w- c:\windows\system32\html.iec

2012-08-24 13:53 . 2008-04-15 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-08-23 06:27 . 2008-04-15 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-23 06:27 . 2008-04-14 22:11 2032128 ----a-w- c:\windows\system32\ntkrnlpa.exe

2008-06-19 09:16 . 2008-06-19 09:16 118784 ----a-w- c:\program files\mozilla firefox\plugins\MyCamera.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2003-09-01 376912]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-23 68856]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]

"RTHDCPL"="RTHDCPL.EXE" [2007-08-20 16384512]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]

"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-06-07 618496]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2010-07-06 1023576]

"SkyTel"="SkyTel.EXE" [2007-08-03 1826816]

"SiSPower"="SiSPower.dll" [2007-06-25 53248]

"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2007-06-25 36864]

"SetIcon"="c:\program files\Icons\SetIcon.exe" [2002-12-16 39936]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-08-06 155648]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]

"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]

ImageMixer 3 SE Camera Monitor Ver.4.lnk - c:\program files\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe [2010-7-31 253952]

Instant Update Herinnering.lnk - c:\program files\U.S. Robotics\ControlCenter\Reminder.exe [2008-9-10 851968]

Pervasive.SQL Workgroup Engine.lnk - c:\pvsw\bin\w3dbsmgr.exe [2006-5-18 106546]

Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2009-12-27 2297856]

Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-9-10 262144]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"sdCoreService"=3 (0x3)

"sdAuxService"=3 (0x3)

"getPlus® Helper"=3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\PVSW\\bin\\w3dbsmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"=

"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=

"c:\\Program Files\\ESET\\ESET Smart Security\\egui.exe"=

"c:\\Program Files\\RALINK\\Common\\RaUI.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

.

R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21/12/2007 7:21 468224]

R2 MSSQL$MNTTOOL;SQL Server (MNTTOOL);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10/12/2010 18:29 29293408]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008]

R3 RTL8192cu;%RTL8192cu.DeviceDesc%;c:\windows\system32\drivers\RTL8192cu.sys [23/10/2012 10:28 987904]

S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]

S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [11/09/2009 9:24 29292]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [15/04/2008 13:00 14336]

S3 Wibukey2;Wibukey2;c:\windows\system32\drivers\Wibukey2.sys [29/09/2008 12:10 16384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

2012-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 17:50]

.

2012-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

.

2012-11-03 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-21 10:46]

.

2012-11-04 c:\windows\Tasks\User_Feed_Synchronization-{8BC598E8-C7AC-4FB5-8345-54948AF3317F}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Free YouTube to MP3 Converter - c:\documents and settings\dbc\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

Trusted Zone: kbc.be

Trusted Zone: kbcgroup.eu

TCP: DhcpNameServer = 195.130.130.131 195.130.131.131

DPF: {54D53429-945C-4188-B460-C81356541882} - hxxp://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB

DPF: {A93FB56D-2F76-4DD7-8E38-9B1EB38C88A5} - hxxp://www.dvmsystem.com/TrustNET/SecuiSecIE_eng.cab

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-11-04 12:12

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

Voltooingstijd: 2012-11-04 12:15:21

ComboFix-quarantined-files.txt 2012-11-04 11:15

ComboFix2.txt 2012-11-03 19:29

.

Pre-Run: 21.676.322.816 bytes beschikbaar

Post-Run: 21.659.009.024 bytes beschikbaar

.

- - End Of File - - 05ACE58FE52C1719D1FFC6D9F9CC4807

[kape]

Hoe staat het nu met de meldingen die je eerder kreeg ?

[Relinda]

Nog steeds hetzelfde.

[Relinda]

Kan ik Sisbase.dll niet gewoon terug installeren? Indien ja, hoe kan ik dit het best doen?

[Relinda]

Dag Kape,

Ik heb het euvel gevonden. We hebben de VGA grafische kaart opnieuw geinstalleerd, daar zat de fout dus.

Toch heel erg bedankt voor jouw moeite en tijd.

Linda