Archief - lag in game

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

JezuS^

Legacy Member
Hallo, ik heb sinds vorige week counterstrike source opnieuw op pc gezet en ik heb last van enorme fps drops in game en als ik iemand zie lag ik zo enorm neig weet echt niet hoe het komt...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:55:42, on 20/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\program files\steam\steam.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_DriverUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Hoofdaccount\Bureaublad\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [wikolisepe] Rundll32.exe "C:\WINDOWS\system32\mabigeku.dll",s (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [wikolisepe] Rundll32.exe "C:\WINDOWS\system32\mabigeku.dll",s (User 'Netwerkservice')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\manrtreg.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1187094799265
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://www.tgbf.tv/SOPCORE.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ED08CE5-6D7A-438E-A8E3-C6D013779448}: NameServer = 208.67.222.222,208.67.222.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\system32\vevinaho.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 9337 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:55:42, on 20/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\program files\steam\steam.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_DriverUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Hoofdaccount\Bureaublad\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [wikolisepe] Rundll32.exe "C:\WINDOWS\system32\mabigeku.dll",s (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [wikolisepe] Rundll32.exe "C:\WINDOWS\system32\mabigeku.dll",s (User 'Netwerkservice')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\manrtreg.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1187094799265
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://www.tgbf.tv/SOPCORE.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ED08CE5-6D7A-438E-A8E3-C6D013779448}: NameServer = 208.67.222.222,208.67.222.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\system32\vevinaho.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 9337 bytes

Juisterr

Legacy Member
Klik met de rechtermuis op het programma Hijackthis
En kies dan 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O4 - HKUS\S-1-5-19\..\Run: [wikolisepe] Rundll32.exe "C:\WINDOWS\system32\mabigeku.dll",s (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [wikolisepe] Rundll32.exe "C:\WINDOWS\system32\mabigeku.dll",s (User 'Netwerkservice')
O20 - AppInit_DLLs: c:\windows\system32\vevinaho.dll


Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.


Download Combofix naar je Bureaublad en gebruik het volgens deze handleiding.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
  • Dubbelklik op Combofix.exe om het te starten.
  • Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  • Klik op OK in het "NirCmd" venstertje.
  • Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster.
  • Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
  • Klik na afloop terug op Ja om het scannen op malware te starten.
  • Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  • Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.
Post dit logje in je volgende antwoord.

JezuS^

Legacy Member
ComboFix 09-01-21.04 - Hoofdaccount 2009-01-23 22:29:46.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.1023.617 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Hoofdaccount\Bureaublad\ComboFix.exe
AV: avast! antivirus 4.8.1201 [VPS 081120-0] *On-access scanning enabled* (Updated)
* Nieuw herstelpunt werd aangemaakt
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\update.exe
c:\windows\system32\404Fix.exe
c:\windows\system32\adazevif.ini
c:\windows\system32\agudiwoh.ini
c:\windows\system32\bopoyufi.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\fuwubidu.dll
c:\windows\system32\gesewufi.dll
c:\windows\system32\gitoribo.dll
c:\windows\system32\gumumare.dll
c:\windows\system32\IEDFix.exe
c:\windows\system32\jaduguyu.dll
c:\windows\system32\jazuyana.dll
c:\windows\system32\kirenalo.dll
c:\windows\system32\obuviges.ini
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\tokivafa.dll
c:\windows\system32\twex.exe
c:\windows\system32\VACFix.exe
c:\windows\system32\vapunatu.dll
c:\windows\system32\VCCLSID.exe
c:\windows\system32\vihavoyi.dll
c:\windows\system32\volutire.dll
c:\windows\system32\WS2Fix.exe
c:\windows\system32\zayitigi.dll
c:\windows\system32\zukuyepu.dll
c:\windows\Tasks\fyerxvat.job

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-12-23 to 2009-01-23 ))))))))))))))))))))))))))))))
.

2009-01-22 21:21 . 2009-01-22 21:21 <DIR> d-------- c:\program files\HD Tune
2009-01-22 15:56 . 2009-01-22 15:57 <DIR> d----c--- c:\documents and settings\Hoofdaccount\Application Data\Download Manager
2009-01-20 22:21 . 2009-01-22 23:35 4,958,588 --a------ c:\windows\{00000001-00000000-00000009-00001102-00000008-10211102}.BAK
2009-01-20 21:44 . 2009-01-20 21:44 2,288,128 --a------ c:\windows\system32\KERNEL.TMP
2009-01-20 21:44 . 2009-01-21 07:39 2,150,912 --a------ c:\windows\system32\kernel1.exe
2009-01-20 21:43 . 2008-12-30 14:36 210 -rahsc--- C:\BOOT.BKK
2009-01-20 21:41 . 2008-12-17 17:40 2,721,943 --a------ c:\windows\HPIM2313kkk.jpg
2009-01-20 21:39 . 2009-01-20 21:39 <DIR> d-------- c:\program files\TGTSoft
2009-01-20 21:39 . 2004-02-24 16:25 19,188 --a------ c:\windows\Q883956Readme.rtf
2009-01-20 21:20 . 2009-01-20 21:34 <DIR> d-------- c:\program files\RegCleaner
2009-01-20 19:13 . 2009-01-20 21:42 <DIR> dr-h-c--- c:\documents and settings\Hoofdaccount\Onlangs geopend
2009-01-15 19:04 . 2009-01-15 19:04 100 --a------ c:\windows\wininit.ini
2009-01-13 16:15 . 2009-01-13 16:15 <DIR> d----c--- c:\documents and settings\Hoofdaccount\Application Data\GrabIt
2009-01-13 15:53 . 2009-01-13 16:03 <DIR> d-------- c:\program files\FTDv3.8
2009-01-08 17:04 . 2009-01-08 17:04 <DIR> d-------- c:\program files\mp3DirectCut
2009-01-07 22:03 . 2009-01-07 22:03 253,139 --a------ c:\windows\PDFCreator_Toolbar_Uninstaller_7593.exe
2009-01-07 22:02 . 2009-01-07 22:03 <DIR> d-------- c:\program files\PDFCreator Toolbar
2009-01-07 22:00 . 2009-01-07 22:04 <DIR> d-------- c:\program files\PDFCreator
2009-01-07 20:06 . 2009-01-07 20:10 <DIR> d----c--- c:\documents and settings\Hoofdaccount\.jordan
2009-01-03 11:26 . 2009-01-03 11:26 <DIR> d-------- c:\program files\id Software
2009-01-03 11:20 . 2009-01-03 14:07 <DIR> d-------- c:\program files\PartyGaming
2009-01-02 16:20 . 2009-01-22 16:37 <DIR> d-------- c:\program files\PokerStars
2009-01-02 16:11 . 2009-01-15 19:03 <DIR> d-------- c:\program files\Everest Poker
2009-01-02 12:37 . 2009-01-02 12:40 <DIR> d-------- c:\windows\SHELLNEW
2009-01-02 12:36 . 2009-01-02 12:36 <DIR> d-------- c:\program files\Microsoft.NET
2008-12-31 10:23 . 2008-12-31 10:23 <DIR> d-------- c:\program files\Common Files\Skype
2008-12-30 21:24 . 2008-12-31 10:24 <DIR> d-------- c:\program files\NVIDIA nTune Performance Application
2008-12-30 21:09 . 2008-12-31 10:23 <DIR> d----c--- c:\documents and settings\Hoofdaccount\Application Data\Software Informer
2008-12-30 18:15 . 2009-01-23 16:00 <DIR> d----c--- c:\documents and settings\Hoofdaccount\Application Data\skypePM
2008-12-30 18:15 . 2008-12-30 18:15 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-12-24 13:45 . 2008-05-27 10:41 122,152 --a------ c:\windows\system32\drivers\s0017mdm.sys
2008-12-24 13:45 . 2008-05-27 10:41 117,672 --a------ c:\windows\system32\drivers\s0017unic.sys
2008-12-24 13:45 . 2008-05-27 10:41 115,496 --a------ c:\windows\system32\drivers\s0017mgmt.sys
2008-12-24 13:45 . 2008-05-27 10:41 111,912 --a------ c:\windows\system32\drivers\s0017obex.sys
2008-12-24 13:45 . 2008-05-27 10:41 90,536 --a------ c:\windows\system32\drivers\s0017bus.sys
2008-12-24 13:45 . 2008-05-27 10:41 25,768 --a------ c:\windows\system32\drivers\s0017nd5.sys
2008-12-24 13:45 . 2008-05-27 10:41 15,016 --a------ c:\windows\system32\drivers\s0017mdfl.sys
2008-12-24 13:45 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017whnt.sys
2008-12-24 13:45 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017wh.sys
2008-12-24 13:45 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017cmnt.sys
2008-12-24 13:45 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017cm.sys
2008-12-24 13:45 . 2008-05-27 10:41 10,792 --a------ c:\windows\system32\drivers\s0017cr.sys
2008-12-24 13:44 . 2008-12-24 13:44 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Sony Ericsson
2008-12-24 13:43 . 2008-12-24 13:43 <DIR> d----c--- c:\documents and settings\Hoofdaccount\Application Data\InstallShield
2008-12-24 13:37 . 2008-12-24 13:44 <DIR> d-------- c:\program files\Sony Ericsson
2008-12-24 13:37 . 2008-12-24 13:37 <DIR> d-------- c:\program files\Sony
2008-12-24 13:37 . 2008-12-24 13:37 <DIR> d-------- c:\program files\Common Files\Sony Shared
2008-12-23 10:50 . 2008-12-23 10:50 <DIR> d----c--- C:\Swsetup
2008-12-23 10:50 . 2008-12-23 10:50 <DIR> d-------- c:\program files\Marvell
2008-12-23 10:50 . 2008-12-23 10:51 <DIR> d----c--- c:\documents and settings\Hoofdaccount\Application Data\TMP
2008-12-23 10:25 . 2008-12-23 10:33 250 --a------ c:\windows\gmer.ini

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-23 21:23 --------- d-----w c:\documents and settings\Hoofdaccount\Application Data\Skype
2009-01-23 06:40 --------- d-----w c:\program files\Steam
2009-01-22 20:44 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\mIRC
2009-01-22 20:03 --------- d-----w c:\program files\mIRC
2009-01-21 21:48 --------- dc----w c:\documents and settings\All Users\Application Data\nView_Profiles
2009-01-21 16:35 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-21 16:34 --------- d-----w c:\program files\EA GAMES
2009-01-21 16:32 --------- d-----w c:\program files\IObit
2009-01-21 16:31 --------- dc----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-01-21 15:21 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\Image Zone Express
2009-01-16 13:22 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\LimeWire
2009-01-16 11:22 --------- dc----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-15 18:02 --------- d-----w c:\program files\Disk Cleaner
2009-01-15 09:48 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-01-14 20:00 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\Mumble
2009-01-13 20:23 --------- d-----w c:\documents and settings\Hoofdaccount\Application Data\Ventrilo
2009-01-12 16:15 --------- d-----w c:\program files\Mumble
2009-01-05 19:05 --------- dc----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-01-05 19:05 --------- d-----w c:\program files\LimeWire
2009-01-03 12:53 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-30 16:28 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2008-12-30 16:07 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\Auslogics
2008-12-27 09:42 --------- dc----w c:\documents and settings\All Users\Application Data\Sony
2008-12-27 09:42 --------- d-----w c:\documents and settings\Hoofdaccount\Application Data\Sony
2008-12-24 21:30 --------- d-----w c:\program files\Google
2008-12-22 21:59 --------- d-----w c:\program files\CCleaner
2008-12-16 18:55 98,304 ----a-w c:\windows\system32\hpzjsn01.dll
2008-12-16 18:54 155,648 ----a-w c:\windows\system32\addurl41.DLL
2008-12-16 18:54 147,456 ----a-w c:\windows\system32\AbsoluteHttp.dll
2008-12-16 18:54 12,288 ----a-w c:\windows\system32\btgpio32.dll
2008-12-16 18:50 24,576 ----a-w c:\windows\CTXFIDUT.DLL
2008-12-16 11:06 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-12-16 09:47 --------- d-----w c:\program files\MSECache
2008-12-15 16:04 201,352 ----a-w c:\windows\system32\PnkBstrB.exe
2008-12-15 16:04 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-12-15 11:34 22,328 -c--a-w c:\documents and settings\Hoofdaccount\Application Data\PnkBstrK.sys
2008-12-15 11:33 682,280 ----a-w c:\windows\system32\pbsvc.exe
2008-12-14 21:24 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\TranslateIt
2008-12-14 21:24 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\TeamViewer
2008-12-14 21:24 --------- d-----w c:\program files\VentriloMIX
2008-12-14 21:24 --------- d-----w c:\program files\HP
2008-12-14 21:24 --------- d-----w c:\program files\EndItAll
2008-12-14 21:24 --------- d-----w c:\program files\Cradle of Rome Deluxe
2008-12-12 21:47 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-08 14:24 --------- d-----w c:\program files\PeerGuardian2
2008-12-07 12:55 --------- dc----w c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2008-12-07 12:55 --------- d-----w c:\program files\PC Drivers HeadQuarters
2008-12-04 21:09 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\IObit
2008-12-04 20:51 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\Hide IP NG
2008-12-04 20:51 --------- d-----w c:\program files\Hide IP NG
2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-12-03 17:09 94,208 ----a-w c:\windows\system32\evntwin.exe
2008-12-03 17:09 106,496 ----a-w c:\windows\system32\evntagnt.dll
2008-12-03 16:29 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\Media Player Classic
2008-12-03 16:29 --------- d-----w c:\program files\Winamp
2008-12-03 15:25 --------- d-----w c:\program files\Auslogics
2008-12-03 13:55 --------- d-----w c:\program files\Java
2008-12-03 13:53 --------- d-----w c:\program files\Windows Installer Clean Up
2008-12-03 13:52 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-03 13:32 --------- d-----w c:\program files\Microsoft Virtual PC
2008-12-02 20:24 --------- d-----w c:\program files\Komodo Labs
2008-12-02 20:21 --------- d-----w c:\program files\VisualRoute 2008
2008-12-02 16:13 --------- dc----w c:\documents and settings\All Users\Application Data\Disk Cleaner
2008-12-02 15:54 --------- dc----w c:\documents and settings\Hoofdaccount\Application Data\Creative
2008-11-27 16:50 --------- d-----w c:\program files\Appwalk.com Sillico Software
2008-10-23 12:43 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-05-20 11:58 23 --sha-w c:\windows\system32\acebbdfb6_z.dll
2008-09-20 19:00 64,517 --sha-w c:\windows\system32\buyaneju.dll
2008-09-16 17:28 46,080 --sha-w c:\windows\system32\jogiduji.dll
2008-09-25 11:00 64,517 --sha-w c:\windows\system32\ruyebana.dll
2008-09-27 21:44 57,344 --sha-w c:\windows\system32\wubefivu.dll
2008-09-20 19:00 64,517 --sha-w c:\windows\system32\zetajare.dll
2008-09-16 17:28 89,088 --sha-w c:\windows\system32\zugahohe.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2008-12-08 102400]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-12-16 81920]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2009-01-06 202064]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"Steam"="c:\program files\steam\steam.exe" [2009-01-21 1410296]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-20 68856]
"SetDefaultMIDI"="MIDIDef.exe" [2006-08-11 c:\windows\MIDIDEF.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2008-12-08 49152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-16 13574144]
"UpdReg"="c:\windows\UpdReg.EXE" [2008-12-16 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-03 136600]
"CTDVDDET"="c:\program files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE" [2008-12-08 45056]
"CTSysVol"="c:\program files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe" [2008-12-08 57344]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
"CTHelper"="CTHELPER.EXE" [2006-08-11 c:\windows\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 c:\windows\system32\CTXFIHLP.EXE]
"nwiz"="nwiz.exe" [2008-12-16 c:\windows\system32\nwiz.exe]

c:\documents and settings\Hoofdaccount\Menu Start\Programma's\Opstarten\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"DisableStatusMessages"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=2 (0x2)
"WLSetupSvc"=2 (0x2)
"usnjsvc"=3 (0x3)
"ServiceLayer"=3 (0x3)
"PnkBstrB"=2 (0x2)
"PnkBstrA"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"ose"=3 (0x3)
"NVSvc"=2 (0x2)
"nTuneService"=2 (0x2)
"iPod Service"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"Boonty Games"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"MDM"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\mIRC\\uninstall.exe _=C\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Documents and Settings\\Hoofdaccount\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Steam\\steamapps\\geoh2\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-11 78416]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-11 20560]
S0 omlyscb;omlyscb;c:\windows\system32\drivers\zlgsmx.sys --> c:\windows\system32\drivers\zlgsmx.sys [?]
S0 prtnf;prtnf;c:\windows\system32\drivers\tpkchpm.sys --> c:\windows\system32\drivers\tpkchpm.sys [?]
S3 hcw88rc5;Hauppauge WinTV 88x IR Decoder;c:\windows\system32\drivers\HCW88rc5.sys [2006-02-27 10305]
S3 HCW88TUNE;Hauppauge WinTV 88x Tuner;c:\windows\system32\drivers\HCW88tun.sys [2006-02-27 116801]
S3 HCW88VID;Hauppauge WinTV 88x Video;c:\windows\system32\drivers\HCW88vid.sys [2006-02-27 569116]
S3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;c:\windows\system32\drivers\HCW88bar.sys [2006-02-27 26972]
S3 LtcyCfgWDM;PCI Latency Tool Driver Service;c:\windows\system32\drivers\LtcyCfgWDM.sys [2005-12-26 6656]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2008-12-24 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2008-12-24 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2008-12-24 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2008-12-24 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2008-12-24 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2008-12-24 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2008-12-24 117672]
S4 s3867.sys;s3867.sys;\??\c:\windows\system32\s3867.sys --> c:\windows\system32\s3867.sys [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44f4f00a-5844-11dd-9e89-0013d4c45675}]
\Shell\AutoRun\command - I:\AutoTransfer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec4856b6-791f-11dd-9ebc-0013d4c45675}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\m.exe /s
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: microsoft.com\update
TCP: {8ED08CE5-6D7A-438E-A8E3-C6D013779448} = 208.67.222.222,208.67.222.220
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Hoofdaccount\Application Data\Mozilla\Firefox\Profiles\sd8u1k50.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-23 22:31:43
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h&#8211;&#8364;|ÿÿÿÿ¤&#8226;&#8364;|ù&#8226;9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Voltooingstijd: 2009-01-23 22:34:19
ComboFix-quarantined-files.txt 2009-01-23 21:34:10
ComboFix2.txt 2008-05-21 05:29:28
ComboFix3.txt 2008-05-21 05:29:28

Pre-Run: 47.663.415.296 bytes beschikbaar
Post-Run: 47,655,972,864 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

341 --- E O F --- 2009-01-22 15:01:00

Juisterr

Legacy Member
Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:
  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Plaats dit logje samen met een nieuw logje van HijackThis.
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan