Archief - Hijackthis Log

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

Turnin

Legacy Member
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:12:13, on 24/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRAM FILES\MAMUTU\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\system32\TASKMAN.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Xfire\Xfire.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\A2START.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = My VMN.net - Your Personalized Start Page Customizable with Free Widgets and Newsfeeds.
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IDMIECC.dll
O2 - BHO: (no name) - {0A1F22F0-A6E9-46AB-B3D7-9F426D2AD797} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {2ebdf6fa-1067-3648-f724-336e415cf92a} - {a29fc514-e633-427f-8463-7601af6fdbe2} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download all links with IDM - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEExt.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1219331626654
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: fjubkl.dll
O20 - Winlogon Notify: ssqqqpOh - ssqqqpOh.dll (file missing)
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mamutu Service (Mamutu) - Emsi Software GmbH - C:\PROGRAM FILES\MAMUTU\a2service.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 7488 bytes
Btw , Elke keer als mijn pc opstart komt er een progamme genaamt _> Poison ivy 2.3.exe ofzo iets...hans mijn System32 folder zit er vol van..Ik heb geprobeert om mijn C: te formarteren , maar het enigste wat het gedaan heeft is windows opnieuw installeren////\\\\

Die backdoor trojan heeft mijn Windowsupd.exe & CTFMOn.exe besmet en allerlei andere dinges///\\\ elke keer als ik het verwijdert , dan komt het opnieuw op.. :help: :help: :help: :help:

Turnin

Legacy Member
ikheb ook nog een MalwareBytes laten draaien
Logje
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 6
Registerwaarden geïnfecteerd: 1
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{85dd4e0d-2b01-4d4d-9e66-3a165ab6eda4} (Trojan.Vundo) -> No action taken.

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Juisterr

Legacy Member
Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: (no name) - {0A1F22F0-A6E9-46AB-B3D7-9F426D2AD797} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: {2ebdf6fa-1067-3648-f724-336e415cf92a} - {a29fc514-e633-427f-8463-7601af6fdbe2} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O20 - AppInit_DLLs: fjubkl.dll
O20 - Winlogon Notify: ssqqqpOh - ssqqqpOh.dll (file missing)

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.


Heeft U cracks gebruikt ?????????



Download Combofix naar je Bureaublad en gebruik het volgens deze handleiding.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
  • Dubbelklik op Combofix.exe om het te starten.
  • Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  • Klik op OK in het "NirCmd" venstertje.
  • Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster.
  • Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
  • Klik na afloop terug op Ja om het scannen op malware te starten.
  • Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  • Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.
Post dit logje in je volgende antwoord.

Turnin

Legacy Member
Logje van combofix 1
2008-12-26 17:16 . 2008-12-26 17:16 <DIR> d-------- c:\documents and settings\User\Application Data\InstallShield Installation Information
2008-12-24 18:33 . 2008-12-24 18:33 <DIR> d-------- c:\documents and settings\User\Application Data\Malwarebytes
2008-12-24 18:33 . 2008-12-24 18:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-24 18:33 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-24 18:33 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-24 17:41 . 2008-12-24 17:41 <DIR> d-------- c:\program files\Trend Micro
2008-12-24 15:53 . 2006-04-10 13:00 16,384 --a--c--- c:\windows\system32\dllcache\isignup.exe
2008-12-24 15:29 . 2006-04-10 13:00 1,086,058 -ra------ c:\windows\SET88.tmp
2008-12-24 15:29 . 2006-04-10 13:00 106,147 -ra------ c:\windows\SET85.tmp
2008-12-24 15:29 . 2006-04-10 13:00 14,573 -ra------ c:\windows\SETCF.tmp
2008-12-24 15:29 . 2006-04-10 13:00 14,043 -ra------ c:\windows\SET94.tmp
2008-12-23 20:56 . 2008-12-23 20:56 <DIR> d-------- c:\program files\McAfee.com
2008-12-23 20:56 . 2005-07-18 12:03 349,760 --a------ c:\windows\system32\mcinsctl.dll
2008-12-23 20:56 . 2005-05-24 19:23 288,320 --a------ c:\windows\system32\mcgdmgr.dll
2008-12-23 15:42 . 2008-12-24 16:00 22 --a------ c:\windows\system32\Poison Ivy.ini
2008-12-23 15:01 . 2008-12-23 15:01 <DIR> d-------- c:\program files\Common Files\Adobe
2008-12-23 13:06 . 2008-12-23 13:06 2,855 --a------ c:\windows\system32\edit.PIF
2008-12-22 15:32 . 2009-01-02 15:02 <DIR> d-------- c:\program files\a-squared Anti-Dialer
2008-12-22 15:01 . 2008-12-22 17:32 <DIR> d-------- c:\program files\Mamutu
2008-12-22 14:57 . 2008-12-22 14:57 <DIR> d-------- c:\documents and settings\User\Application Data\Uniblue
2008-12-21 20:36 . 2008-12-21 20:36 122 --a------ c:\windows\Winchat.ini
2008-12-21 18:13 . 2008-12-31 12:49 <DIR> d-------- c:\documents and settings\User\Application Data\Xfire
2008-12-21 18:08 . 2008-12-23 16:48 <DIR> d-------- c:\windows\ie8updates
2008-12-21 16:44 . 2008-12-21 16:44 <DIR> d-------- c:\program files\Common Files\EasyInfo
2008-12-21 14:29 . 2008-12-24 17:27 355,961 --a------ c:\windows\system32\windowsupd
2008-12-21 12:19 . 1998-09-02 09:02 194,320 --a------ c:\windows\system32\qcut.dll
2008-12-21 12:19 . 1998-10-06 13:04 173,568 --a------ c:\windows\LEGO LOCO.scr
2008-12-21 12:19 . 1998-08-20 12:02 140,800 --a------ c:\windows\system32\tm20dec.ax
2008-12-21 12:19 . 1998-09-02 09:28 63,488 --a------ c:\windows\system32\unam4ie.exe
2008-12-21 12:19 . 1998-09-02 09:28 38,160 --a------ c:\windows\system32\LMRTREND.dll
2008-12-21 12:19 . 1998-08-17 10:21 11,776 --a------ c:\windows\system32\mciqtz.drv
2008-12-21 12:19 . 1998-08-17 10:21 10,240 --a------ c:\windows\system32\vidx16.dll
2008-12-21 12:19 . 1998-08-17 10:21 5,672 --a------ c:\windows\system32\quartz.vxd
2008-12-21 12:19 . 2008-12-21 12:19 4,608 --a------ c:\windows\system32\w95inf32.dll
2008-12-21 12:19 . 2008-12-21 12:19 2,272 --a------ c:\windows\system32\w95inf16.dll
2008-12-21 12:17 . 2008-12-21 12:17 <DIR> d-------- c:\program files\LEGO Media
2008-12-21 12:17 . 1998-07-30 18:40 306,176 --a------ c:\windows\IsUn0413.exe
2008-12-21 12:16 . 2008-12-21 12:16 <DIR> d-------- c:\documents and settings\User\WINDOWS
2008-12-20 12:23 . 2008-12-14 15:02 5,699,584 --a------ c:\windows\system32\SET8.tmp
2008-12-14 19:25 . 2008-12-14 19:25 1,060,864 --a------ c:\windows\system32\mfc71.dll
2008-12-14 13:18 . 2008-12-14 13:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Metacafe
2008-12-11 21:38 . 2008-12-11 21:38 42,320 --a------ c:\windows\system32\xfcodec.dll
2008-12-10 16:44 . 2008-12-10 16:44 244 --ah----- C:\sqmnoopt00.sqm
2008-12-10 16:44 . 2008-12-10 16:44 232 --ah----- C:\sqmdata00.sqm
2008-12-04 21:22 . 2004-02-27 00:00 962,612 --a------ c:\windows\system32\mfc42d.dll
2008-12-04 21:22 . 2004-02-17 00:00 434,252 --a------ c:\windows\system32\MSVCRTD.DLL
2008-12-04 21:22 . 2006-01-10 09:50 24,576 -ra------ c:\windows\system32\AsIO.dll
2008-12-04 21:22 . 2005-12-22 03:22 5,685 -ra------ c:\windows\system32\drivers\AsIO.sys
2008-12-04 21:22 . 2004-09-07 11:41 5,120 --a------ c:\windows\system32\drivers\AsInsHelp64.sys
2008-12-04 21:22 . 2004-03-10 14:31 3,328 --a------ c:\windows\system32\drivers\AsInsHelp32.sys
2008-12-04 17:58 . 2008-12-04 21:23 <DIR> d-------- c:\program files\ASUS
2008-12-04 17:49 . 2006-02-08 09:26 11,264 -ra------ c:\windows\system32\drivers\EIO.sys
2008-12-03 16:45 . 2008-12-19 18:02 <DIR> d-------- c:\windows\system32\drivers\umdf
2008-12-03 16:44 . 2008-12-03 16:50 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2008-12-03 15:55 . 2008-12-07 12:11 <DIR> d-------- c:\documents and settings\NetworkService\Application Data\shim clock
2008-12-03 12:20 . 2008-12-03 12:20 <DIR> d-------- c:\program files\Common Files\Futuremark Shared
2008-12-03 12:20 . 2008-09-17 15:14 27,672 -ra------ c:\windows\system32\drivers\Entech.sys

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 14:25 --------- d-----w c:\program files\SpeedBit Video Accelerator
2009-01-02 14:10 --------- d-----w c:\program files\a-squared Anti-Malware
2009-01-02 12:46 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-12-30 19:45 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-28 15:23 --------- d-----w c:\documents and settings\User\Application Data\Azureus
2008-12-21 18:18 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-21 17:27 --------- d-----w c:\program files\Xfire
2008-12-21 15:05 --------- d-----w c:\program files\IrfanView
2008-12-21 14:41 --------- d-----w c:\documents and settings\User\Application Data\Adobe-BackupByPhotoshopPortable
2008-12-20 11:19 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-12-20 11:14 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-12-18 17:56 --------- d-----w c:\documents and settings\User\Application Data\skypePM
2008-12-14 21:32 --------- d-----w c:\documents and settings\User\Application Data\LimeWire
2008-12-08 21:23 --------- d-----w c:\documents and settings\User\Application Data\FrostWire
2008-12-07 13:16 --------- d-----w c:\documents and settings\User\Application Data\DMCache
2008-12-07 11:11 --------- d-----w c:\documents and settings\User\Application Data\shim clock
2008-12-03 16:06 --------- d-----w c:\program files\Java
2008-11-23 15:21 --------- d-----w c:\documents and settings\User\Application Data\Sony
2008-11-23 15:21 --------- d-----w c:\documents and settings\User\Application Data\Publish Providers
2008-11-23 15:16 --------- d-----w c:\documents and settings\All Users\Application Data\Sony
2008-11-21 18:12 --------- d-----w c:\documents and settings\User\Application Data\SystemRequirementsLab
2008-11-20 17:06 --------- d-----w c:\documents and settings\All Users\Application Data\part dead amok eggs
2008-11-13 17:38 --------- d-----w c:\program files\Microsoft Silverlight
2008-11-12 11:44 --------- d-----w c:\documents and settings\User\Application Data\VMNTOOLBAR
2008-11-12 11:36 --------- d-----w c:\program files\CCleaner
2008-11-10 16:58 --------- d-----w c:\documents and settings\User\Application Data\IDM
2008-11-09 08:58 --------- d-----w c:\documents and settings\All Users\Application Data\Adobe-BackupByPhotoshopPortable
2008-11-06 19:35 --------- d-----w c:\program files\LimeWire
2008-10-13 16:49 73,216 ----a-w c:\windows\ST6UNST.EXE
2008-10-03 20:32 4 --sh--r c:\documents and settings\All Users\Application Data\sysqcl0.dat
2008-10-01 11:46 4 --sh--r c:\documents and settings\All Users\Application Data\sysqcl1129139270.dat
2008-08-30 16:19 22,328 ----a-w c:\documents and settings\User\Application Data\PnkBstrK.sys
.

Turnin

Legacy Member
Vervolg 2 -> Logje van COmboFix

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-04-10 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^CONNECTAUTrayApp.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\CONNECTAUTrayApp.lnk
backup=c:\windows\pss\CONNECTAUTrayApp.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Amok Eggs Four Web]
--a------ 2008-12-21 16:56 4474880 c:\documents and settings\All Users\Application Data\part dead amok eggs\soap copy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2006-02-21 22:23 1073152 c:\program files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-08-08 13:11 490952 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-12-18 20:08 133104 c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch Ai Booster]
--a------ 2006-07-13 16:32 3712512 c:\program files\ASUS\AI Booster\OverClk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mamutu Guard]
--a------ 2008-10-18 12:26 1370112 c:\program files\Mamutu\mamutu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2008-10-07 13:33 13574144 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2008-10-07 13:33 86016 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-08-29 13:17 413696 c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator]
--a------ 2008-10-11 11:49 2705008 c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-10-08 12:18 1410296 d:\program files\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"d:\\Program Files\\Steam\\steamapps\\j3rom3186\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"d:\\Program Files\\Steam\\steamapps\\vgas_\\team fortress 2\\hl2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"d:\\Program Files\\Steam\\steamapps\\j3rom3186\\garrysmod\\hl2.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Program Files\\FrostWire\\FrostWire.exe"=
"d:\\Program Files\\Steam\\steamapps\\j3rom3186\\insurgency\\hl2.exe"=
"c:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=
"d:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"d:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2ServerLauncher.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"d:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"d:\\Exe\\Loco.exe"=
"d:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"=

R2 Mamutu;Mamutu Service;"c:\program files\MAMUTU\a2service.exe" [2008-12-22 419448]
R2 sbbotdi;sbbotdi;\??\c:\progra~1\SPEEDB~1\sbbotdi.sys [2008-10-11 35584]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm []
S3 cpuz130;cpuz130;\??\c:\docume~1\User\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-24 38496]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{04A37834-CAD3-57B0-9E8A-92D72111040D}]
C:\WINDOWS: svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9631DA5B-5670-D350-C8B6-EB745B71CA7D}]
c:\windows\system32\windowsupd.exe
.
Inhoud van de 'Gedeelde Taken' map

2009-01-02 c:\windows\Tasks\ACB72A3591C4DD05.job
- c:\docume~1\user\applic~1\shimcl~1\LOVEPOLLRDR.exe []

2009-01-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2009-01-01 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-18 20:08]

2008-12-24 c:\windows\Tasks\User_Feed_Synchronization-{A9373DAB-CF0B-46E7-8F59-AF5761EF0934}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{A057A204-BACC-4D26-8287-79A187E26987} - (no file)
HKLM-Run-MSUpdate - C:\WINDOWS: svchost.exe
MSConfigStartUp-CONNECTScheduler - c:\program files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe

Turnin

Legacy Member
Vervolg 3 -> Logje van Combofix

------- Bijkomende Scan -------
.
uStart Page = hxxp://www.vmn.net/?vmn01
IE: Download all links with IDM - c:\documents and settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEGetAll.htm
IE: Download FLV video content with IDM - c:\documents and settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEGetVL.htm
IE: Download with IDM - c:\documents and settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEExt.htm

c:\windows\Downloaded Program Files\sysreqlab3.dll - c:\windows\Downloaded Program Files\sysreqlab_srl.dll
O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E}
hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab
c:\windows\Downloaded Program Files\sysreqlab.osd

c:\windows\Downloaded Program Files\Manager.exe - c:\windows\Downloaded Program Files\DownloadManagerV2.ocx
O16 -: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
c:\windows\Downloaded Program Files\DownloadManagerV2.inf
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\kdhsvb8d.default\
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\User\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-02 15:25:48
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MSUpdate = C:\WINDOWS:
svchost.exe????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scannen van verborgen bestanden ...


C:\WINDOWS: svchost.exe 10240 bytes executable

Scan succesvol afgerond
verborgen bestanden: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-602162358-448539723-839522115-1003\Software\SecuROM\License information*NULL*]
"datasecu"=hex:fe,35,88,e7,7e,18,7a,56,d0,a4,43,9f,48,d5,69,b4,ea,ac,a6,79,f3,\
fe,ab,9e,23,ee,39,44,4a,4b,01,9d,05,ce,99,4b,40,39,31,f1,77,b2,a8,41,be,b6,\
0d,56,e4,f4,7d,ff,4a,67,65,c8,61,bf,96,4a,bf,f8,31,aa,25,2c,f1,45,c8,43,c3,\
0b,64,1d,13,da,40,37,28,54,09,af,15,2e,d0,87,4f,ab,9f,1c,40,13,ed,e4,a9,40,\
bd,63,80,60,0c,57,32,43,49,5f,67,60,5f,4b,6f,2e,0e,b1,0f,05,53,a7,06,0b,8a,\
78,0d,e1,6e,da,8d,ed,3f,55,aa,f1,12,ff,c4,54,d9,f3,55,f9,93,44,a4,ea,e1,e5,\
eb,66,63,12,21,9f,a5,3f,57,6d,da,43,f6,2c,87,44,0c,e5,f7,0e,d6,c4,2f,e8,c4,\
ec,5d,40,d3,46,a2,4e,de,79,83,87,69,2e,11,7e,88,5d,1d,e3,a5,1f,fd,f4,de,c3,\
73,49,68,0d,83,0b,7e,74,d0,e9,75,4a,02,a2,0e,b0,6c,09,50,b3,53,a0,c9,fc,51,\
ff,2b,f4,a5,c3,8a,ed,ac,b9,d0,e0,ac,b6,fa,94,05,99,9f,7a,67,6d,92,e1,2c,dd,\
71,ad,5e,0c,af,db,72,3c,b8,e3,d9,2f,33,32,37,c0,3b,e8,d9,20,15,26,19,9d,dc,\
fd,53,ef,f0,22,5f,29,b2,1b,f9,47,f6,25,5d,d1,91,25,5c,35,14,16,3d,8a,60,84,\
d4,8b,2b,1a,6d,70,5c,f6,f3,a9,6c,5c,85,12,bf,ee,58,c9,41,d5,fd,9e,2c,f1,39,\
b4,c1,24,f5,af,65,df,2d,97,bb,2f,7b,ad,e7,7c,05,82,59,15,eb,1a,84,31,2b,df,\
d5,6d,04,03,5b,18,52,e9,0d,f3,dc,fe,fc,c3,1f,e0,a6,f8,69,11,05,21,75,be,04,\
0c,0c,33,0b,e3,1c,ee,87,2f,52,7e,ab,3d,8a,7e,be,ca,bd,a6,a8,9c,2e,35,85,e5,\
26,b2,44,db,21,9d,e8,bc,70,83,ba,cc,35,3a,e6,1b,26,dd,28,d7,54,a2,bd,0a,97,\
9c,50,68,4f,ee,bf,bf,04,56,6b,89,2c,40,61,8d,c6,3c,92,54,f1,c7,1d,d4,33,4e,\
90,dd,a3,28,ac,26,4a,ec,7e,94,19,0d,fc,00,c7,20,e3,c2,d3,95,c5,f1,4f,43,d9,\
02,37,1a,8f,7c,ab,38,57,06,e4,d0,4f,3a,5f,af,a6,ae,23,20,d4,8f,0c,ba,d0,09,\
0a,9d,1d,08,1b,9f,2a,dc,10,e6,5f,0e,66,c5,12,94,2b,6b,fb,d9,d4,ee,c0,50,85,\
1a,a1,82,be,13,b7,78,da,2f,71,95,1f,9d,a5,61,93,13,46,f9,70,e9,78,29,73,50,\
62,49,6d,33,b0,a4,ca,10,71,d0,53,ca,a1,af,b8,e1,14,a9,b9,b4,c4,70,59,8f,f9,\
e9,94,85,0b,e9,8b,4a,c8,5a,44,d5,ad,e2,0f,80,aa,f1,e7,0c,41,c3,a7,38,75,51,\
5b,74,ea,8f,94,2f,ad,8e,00,e9,7f,cc,fb,c5,f1,01,ac,ea,b4,f9,ba,f3,03,4a,b2,\
5b,3a,9b,ce,32,9d,9b,cd,0e,01,d2,ac,52,0a,8f,95,e4,89,d9,c8,fa,92,f1,9e,e2,\
39,43,93,a5,33,b5,e2,09,89,43,15,f2,db,c3,b3,d7,32,bd,4c,d9,0f,41,a2,e7,81,\
70,4d,b7,44,40,2c,a7,90,91,c1,0c,f5,a4,1a,07,ad,ac,c5,27,78,c4,b4,18,9c,a2,\
df,f9,0d,0b,1e,67,85,1c,40,fd,5e,97,18,c7,50,b1,b4,3b,6a,16,a3,7d,1b,39,4e,\
28,25,72,9e,a4,e1,d5,84,6a,c6,aa,2e,6b,8d,de,ab,92,7e,13,1b,8d,6a,39,2e,47,\
1a,61,54,c9,4d,fb,de,ec,22,03,8c,71,f1,44,7c,78,f0,45,31,30,77,07,09,46,89,\
be,2e,55,e6,f8,8f,93,97,35,83,cd,a8,27,8e,87,53,ba,ea,d8,3e,2e,fb,6d,45,2d,\
9c,55,87,dc,7a,35,20,01,71,a4,b6,14,35,39,64,aa,66,82,62,df,85,6b,8a,db,bf,\
22,be,27,e9,51,b0,26,e5,22,00,13,d6,15,35,fb,d3,3d,1e,bb,35,96,f7,ca,8c,a6,\
a8,68,14,b1,f5,84,b7,72,9f,f6,c9,03,07,bc,74,52,99,ba,53,cf,49,2c,8f,73,5f,\
06,b5,f8,86,bc,40,b3,a5,e2,73,cc,11,97,09,16,dd,91,d3,e5,59,ae,f0,8a,12,cf,\
a3,7b,dc,8c,bd,e0,ba,8b,7c,9a,b4,70,18,70,7a,df,19,3d,b7,f3,d6,12,fe,e1,a9,\
d8,59,e2,7f,b7,63,2a,88,13,af,25,2a,9d,f7,8a,fb,48,27,d7,09,9a,fa,f1,e7,a3,\
c9,c1,dc,6c,fd,5c,57,e2,6c,0a,39,b0,51,c3,5a,72,ba,2d,d1,36,42,5e,88,2e,77,\
68,13,74,cd,c3,f3,dc,fd,30,e3,2e,3b,2d,08,ea,35,48,7a,f9,58,55,62,70,94,f6,\
09,f1,82,4a,22,ae,8c,7d,26,bb,b7,7f,95,6c,98,cd,41,6f,2b,ef,d7,74,4f,12,ce,\
65,bf,7a,eb,f9,aa,05,f1,17,97,e4,40,c2,48,34,86,57,cf,03,95,1d,3a,db,50,44,\
ab,29,b1,31,d4,3a,4d,c6,18,46,89,52,7a,89,cf,63,8a,6d,57,54,a2,e6,f5,ac,b7,\
a7,5f,3d,22,7c,44,fc,dc,fe,c6,d0,6a,4c,d6,93,31,b4,01,ca,0f,99,b5,15,ba,8c,\
01,76,08,e2,c3,41,90,aa,eb,e6,46,94,78,d8,50,ba,da,97,59,e3,ba,d1,f9,23,0f,\
f1,27,bf,24,3a,42,a0,ad,14,50,b1,c4,24,b6,f4,b4,04,53,17,89,72,f9,9f,4c,2d,\
f4,fb,cb,92,ec,77,88,1b,c8,87,c3,c1,02,2f,52,55,8d,9f,c3,08,aa,4c,95,e4,39,\
85,4a,47,be,c3,58,a3,e6,7b,f0,ab,43,d6,ff,50,51,93,cb,90,94,a8,22,af,59,47,\
70,f0,9e,73,05,99,8d,a3,c3,3d,90,5a,05,40,28,e4,9c,df,04,5d,c4,8f,77,8c,7b,\
33,3b,96,f5,f4,25,96,6d,cb,90,5b,04,6b,28,9f,45,8b,21,50,8b,67,73,df,8d,34,\
9a,3f,9e,db,4e,bd,43,6c,4c,4f,47,ee,c3,d8,c2,ab,be,8a,ad,55,e7,4e,90,f9,b8,\
fb,bc,0b,bc,d8,49,a9,39,43,31,56,35,15,b4,ed,ce,76,62,92,26,bf,d8,c1,0c,cb,\
16,7d,e4,11,f9,51,40,26,f0,75,00,bc,24,53,6f,58,03,55,3f,d5,1b,e8,43,99,38,\
ef,f2,7a,69,93,04,49,ad,2b,5b,71,64,d7,f9,6a,80,01,9d,9f,d6,ce,a8,95,4a,74,\
d3,7c,b7,76,75,dd,25,20,ce,cc,7e,9c,33,89,ae,0e,75,e7,01,d0,99,c6,ca,e8,37,\
bb,51,88,08,93,db,81,af,03,9e,87,71,d5,2e,9a,cc,a2,40,73,08,be,75,0e,7e,33,\
c8,8f,20,ae,54,9f,68,c4,96,70,63,eb,b2,9c,53,85,cb,62,e3,ec,ca,b7,b6,e5,d1,\
75,60,49,be,77,4f,98,cf,cb,8c,08,87,b6,ef,00,21,d4,33,78,47,b5,74,86,6c,af,\
07,cc,9e,f8,b9,28,f3,9f,f2,a3,6b,df,3c,6b,af,7b,a3,e4,be,50,1a,cd,78,bb,ee,\
47,69,4a,f1,76,26,db,ee,a9,9d,17,d1,8a,31,4b,38,cd,98,72,c2,85,5d,12,85,7e,\
2a,e5,8a,a2,eb,55,35,67,c1,9d,56,22,41,2e,1c,3e,81,8c,7a,bf,f1,bf,9a,54,5a,\
f9,c0,c6,c9,0f,f6,49,c2,00,9a,cd,9e,2d,d3,48,62,e4,e5,f8,6c,8e,4b,ae,f5,96,\
da,aa,26,17,7a,c9,f5,3d,94,eb,71,29,5d,1c,d0,a4,d0,92,7d,71,4a,d0,99,bf,ac,\
0f,dc,c3,7a,4a,ac,b8,19,eb,28,7c,d9,5e,c9,90,11,e3,63,b4,fb,0d,85,8f,b2,1e,\
56,e7,d8,bb,4a,69,3a,87,8f,0b,51,49,09,93,5d,52,03,8f,96,d7,f0,fe,a9,ef,ef,\
08,92,7b,45,6b,84,8b,c3,77,c0,c8,c6,d3,dd,12,c0,00,c9,ff,2a,30,a4,ef,e7,db,\
8f,15,3e,7c,74,f6,d4,a9,17,d0,52,56,2a,69,24,bb,08,b2,e1,2c,08,ce,95,b1,2e,\
1f,db,c2,31,7c,b6,b0,4a,92,e8,3a,03,69,ab,57,f2,9f,7a,4d,64,08,c7,18,dd,aa,\
45,e7,75,9a,2d,ae,54,06,ac,3e,86,bc,b1,5b,c9,d9,7d,f2,d3,45,8c,b2,fe,59,9b,\
a7,c1,98,00,6a,39,72,62,42,c0,4b,77,63,f8,5b,8f,de,43,0d,75,3b,fa,8b,5d,0f,\
47,e6,2a,04,35,b0,d1,e1,08,fd,f3,e0,41,74,20,06,5b,c3,9c,b3,cc,69,07,94,3a,\
7a,03,e7,c2,44,db,ce,3c,11,77,ab,38,01,9d,30,e6,39,83,bd,3e,88,d6,ee,97,af,\
9c,8e,1e,6d,56,a0,30,82,4c,7c,f9,41,52,01,1c,d7,43,d3,f7,26,2a,12,8f,a6,e7,\
cc,d6,5e,e6,34,4f,0c,56,88,3b,9c,6e,4a,55,c0,53,e1,1d,b5,cd,e2,59,9c,53,fd,\
c4,00,42,63,32,e3,73,a2,0e,a1,b8,fd,14,ec,74,58,d9,2a,c0,fd,34,13,3f,e2,cf,\
c2,3f,18,b0,bc,0d,f0,cd,6d,5a,8a,24,21,3f,2e,2d,e0,02,4c,4d,14,d6,d7,dc,57,\
22,79,79,cc,7e,30,10,21,df,cf,f0,af,42,ad,ed,da,19,50,49,ff,15,2b,d4,9c,3e,\
f4,82,20,56,83,cd,73,29,8a,cf,99,e9,8b,3a,b2,d0,75,32,14,ba,82,c3,4b,eb,0a,\
b5,35,09,4b,36,e0,75,57,3c,43,b8,91,73,da,0a,b3,dd,c6,47,c6,0a,ac,ce,8c,51,\
7d,91,6d,7e,e3,9f,2a,15,dd,49,1e,6a,6f,ef,fb,7b,66,62,1e,38,b5,1c,ee,7e,da,\
fe,4a,aa,5c,01,01,76,52,c1,0e,0b,ef,21,e2,6a,75,a5,d0,88,60,c3,9e,eb,6f,67,\
1b,e6,bd,b9,b7,e8,a0,d7,ac,61,94,5b,71,57,5e,e8,f4,e1,57,41,82,b8,4f,68,bd,\
43,80,42,48,36,7d,4f,e4,d1,94,0c,d8,84,93,ce,3d,bf,b7,1b,c8,fe,02,10,2f,31,\
46,f8,77,cf,c7,10,9b,b6,f1,0d,d7,8f,c3,46,ce,b7,49,21,36,54,e6,1f,e3,dd,de,\
cd,98,8d,16,cd,b9,74,35,da,20,89,1e,93,09,82,9e,2b,e3,27,62,ae,9e,c1,c2,d9,\
1b,04,fc,07,4e,32,5a,8a,d6,03,78,8c,a5,94,0b,0b,e1,9b,8d,43,d6,57,9d,56,a1,\
ee,2e,66,d9,42,f0,03,78,bf,0b,69,38,33,ee,41,9a,73,94,5f,3b,f4,97,82,ea,45,\
e4,e5,b5,4d,14,f6,e5,ac,49,62,61,80,e8,98,82,77,94,29,02,27,7c,2e,b6,52,0f,\
cc,1f,cb,79,38,8a,92,11,7c,17,10,39,00,18,7c,3b,c0,44,e1,fa,58,cd,3b,08,63,\
69,bb,5f,eb,aa,1f,ed,80,e3,f2,9b,82,aa,4c,4b,53,b6,b2,69,a4,90,e1,ff,84,4e,\
7b,1a,26,35,f0,ab,6d,bb,96,27,a0,cb,d6,11,da,c3,eb,be,f9,0f,8f,0b,e9,e4,67,\
9a,c9,ea,12,47,d1,65,54,0e,cf,e2,6a,9f,52,3c,a6,5d,a3,61,ed,c6,5a,c3,f0,51,\
53,03,ce,9f,82,a4,fc,be,cd,8d,c1,3d,e4,0c,51,c6,a1,b9,d8,00,0c,a0,8f,9f,7c,\
02,f3,55,3f,d3,3e,27,9c,46,30,26,f8,ac,ac,d2,11,5e,01,6e,b3,2d,e4,54,c8,ab,\
12,ec,81,8e,71,5b,cb,f3,fc,f8,01,8b,1a,60,ea,fc,ac,16,04,d9,a5,26,8d,d5,be,\
30,59,01,68,3b,a7,ce,c2,56,b7,95,20,26,3e,97,3f,1b,12,a2,cf,f4,7b,1e,99,fe,\
0c,c7,d6,28,0d,16,0a,d1,8f,05,57,d0,1e,15,54,52,ed,29,c5,5b,f9,2c,c0,56,c9
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe
c:\progra~1\SPEEDB~1\VideoAcceleratorEngine.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Voltooingstijd: 2009-01-02 15:26:48 - machine werd herstart
ComboFix-quarantined-files.txt 2009-01-02 14:26:46

Pre-Run: 16.423.313.408 bytes beschikbaar
Post-Run: 16,356,081,664 bytes beschikbaar

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

485 --- E O F --- 2009-01-02 10:56:39

Turnin

Legacy Member
HiJackThis log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:48:15, on 2/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRAM FILES\MAMUTU\a2service.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = My VMN.net - Your Personalized Start Page Customizable with Free Widgets and Newsfeeds.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Download all links with IDM - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Documents and Settings\User\Mijn documenten\IDM_full\IDM 5.14\Crack\IEExt.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1219331626654
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mamutu Service (Mamutu) - Emsi Software GmbH - C:\PROGRAM FILES\MAMUTU\a2service.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 6687 bytes

Turnin

Legacy Member
awel..

  1. Hij verwisselt mijn ServicePack1 Met ServicePack2 (windows install cds)
  2. .Net Framework 3.5 wilt niet installeren
  3. Windows Installer 3.1 wilt niet installern
  4. Kan Mscoree.dll niet meer laden
  5. Herkent Mscorlib.dll niet (Failed to delay...)
  6. Kan .Net Framework niet installeren [als ik Windows installeer]
  7. Kan geen regi-sleutel maken [als ik Windows installeer]

maar voor de rest is alles perfect

Juisterr

Legacy Member
Je mag alle gebruikte tools en aangemaakte mappen terug verwijderen.

Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U
Klik op OK of toets Enter.
Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.

CFuninstall.png



plaats nog eens een nieuw HJT logje

Turnin

Legacy Member
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:15:00, on 4/01/2009

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRAM FILES\MAMUTU\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = My VMN.net - Your Personalized Start Page Customizable with Free Widgets and Newsfeeds.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSUpdate] C:\WINDOWS:svchost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1219331626654
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mamutu Service (Mamutu) - Emsi Software GmbH - C:\PROGRAM FILES\MAMUTU\a2service.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 5841 bytes

Juisterr

Legacy Member
Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O4 - HKLM\..\Run: [MSUpdate] C:\WINDOWSvchost.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab


Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.

start opnieuw op.

vertel even hoe het nu gaat aub

Turnin

Legacy Member
het gaat heel wat sneller..zeker bij het opstarten...
maar kan geen Gta4 of dergelijke spelen omwille van het

# .Net Framework 3.5 wilt niet installeren
# Windows Installer 3.1 wilt niet installern
# Kan Mscoree.dll niet meer laden
# Herkent Mscorlib.dll niet (Failed to delay...)
# Kan .Net Framework niet installeren [als ik Windows installeer]
# Kan geen regi-sleutel maken [als ik Windows installeer]

Offtopic

Add-Remove Programs

7-Zip 4.60 beta
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Reader 9
Adobe Shockwave Player
AI Booster
ASUS SmartDoctor
ASUS Utilities
Battlefield 2: Deluxe Edition
Beveiligingsupdate for Windows XP (KB923689)
Beveiligingsupdate for Windows XP (KB941569)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215)
Beveiligingsupdate voor Windows XP (KB923789)
Beveiligingsupdate voor Windows XP (KB938464)
Beveiligingsupdate voor Windows XP (KB944338-v2)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951066)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951698)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB954211)
Beveiligingsupdate voor Windows XP (KB954600)
Beveiligingsupdate voor Windows XP (KB955069)
Beveiligingsupdate voor Windows XP (KB956391)
Beveiligingsupdate voor Windows XP (KB956802)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956841)
Beveiligingsupdate voor Windows XP (KB957095)
Beveiligingsupdate voor Windows XP (KB957097)
Beveiligingsupdate voor Windows XP (KB958215)
Beveiligingsupdate voor Windows XP (KB958644)

CCleaner (remove only)
CONNECT Auto Update
CONNECT Player
CONNECT Player Language Pack
Cool & Quiet
Counter-Strike: Source
Far Cry 2
Fraps (remove only)
FrostWire 4.17.0
Futuremark SystemInfo
Garry's Mod
Google Chrome
Grand Theft Auto IV
HijackThis 2.0.2
Hotfix for Windows XP (KB915865)
Hotfix voor Windows XP (KB952287)

Insurgency
Internet Download Manager
IrfanView (remove only)
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Kellogg's Mix Master
LEGO LOCO
LimeWire 4.18.8
Malwarebytes' Anti-Malware
Marc Ecko's Getting Up - Contents Under Pressure
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0

Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.0.5)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB925673)

Need for Speed Carbon
NVIDIA Drivers
NVIDIA PhysX v8.09.04
OpenMG Secure Module 4.3.00
Opera 9.62
Peggle Extreme
PunkBuster Services
QuickTime
Revo Uninstaller 1.75
Rockstar Games Social Club
SoundMAX
Source SDK
SpeedBit Video Accelerator
Steam
System Requirements Lab
Team Fortress 2
Tom Clancy's Rainbow Six Vegas 2
Update voor Windows XP (KB904942)
Update voor Windows XP (KB925720)
Update voor Windows XP (KB955839)

Vegas Movie Studio Platinum 9.0
Video Edit Magic 4.4
VideoLAN VLC media player 0.8.6i
Vuze
Vuze Launcher
WebFldrs XP
Windows Communication Foundation
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live aanmeldhulp
Windows Live installer
Windows Live Messenger
Windows Media Format 11 runtime
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Service Pack 3
Xfire (remove only)
XML Paper Specification Shared Components Pack 1.0

Dat kan toch niet ? meerdere windows dinges ge-installeerd... ?nieuwe versies samen met ouwe versies...

Juisterr

Legacy Member
Mijn lijst op mijn pc is nog veel langer, niks mis volgens mij.

Turnin

Legacy Member
ik bedoel die windows versies , dat klopt toch niet , ofwel ?
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan