Problemen met schijfbeheer en nero. [Archief]

Volledige versie bekijken : Problemen met schijfbeheer en nero.

ghost

13 July 2009, 20:21

Ik heb juist hetzelfde als deze persoon , ik zie ook niks meer in schijfbeheer:damn:klik (http://www.nationaalcomputerforum.nl/showthread.php?t=51644) en klik (http://www.nationaalcomputerforum.nl/showthread.php?t=51642)
Alleen zie ik ook geen cd/dvdrom's niet meer .
Die persoon gebruikte toen combofix , zou dit ook bij mij kunnen helpen?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:16, on 13/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://pac.telenet.be:8080/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 4684 bytes

Rosty

14 July 2009, 08:04

Eerst eens kijken met MBAM alvorens een zwaarder kanon in te zetten!! :)

Download MBAM (Malwarebytes' Anti-Malware) via hier (http://www.besttechie.net/tools/mbam-setup.exe) of hier (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html).
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
Kopieer en plak de inhoud van het logje in je volgend antwoord, samen met een nieuw HijackThis log.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

ghost

14 July 2009, 10:41

Malwarebytes' Anti-Malware 1.39
Database versie: 2424
Windows 5.1.2600 Service Pack 3

14/07/2009 10:40:31
mbam-log-2009-07-14 (10-40-31).txt

Scan type: Snelle Scan
Objecten gescand: 95997
Verstreken tijd: 3 minute(s), 24 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:24, on 14/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://pac.telenet.be:8080/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 4907 bytes

Rosty

15 July 2009, 21:50

Download Combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) naar je Bureaublad en gebruik het volgens deze handleiding (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden).

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen! Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Klik op OK in het "NirCmd" venstertje.
Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster.
Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.Post dit logje in je volgende antwoord.

ghost

15 July 2009, 22:31

ComboFix 09-07-14.08 - user 15/07/2009 22:20.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2047.1715 [GMT 2:00]
Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe
AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Aanwezig AV is actief

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\user\Application Data\inst.exe
c:\windows\Install.txt
c:\windows\irc.txt
c:\windows\system32\drivers\hjgruihopabrfu.sys
c:\windows\system32\hjgruiklttxphe.dat
c:\windows\system32\hjgruilog.dat
c:\windows\system32\hjgruippbvvdns.dll
c:\windows\system32\hjgruiqoqxmvwq.dat
c:\windows\system32\hjgruixjnbevme.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_hjgruirmfoexrx
-------\Legacy_MSNCACHE
-------\Legacy_SOPIDKC

(((((((((((((((((((( Bestanden Gemaakt van 2009-06-15 to 2009-07-15 ))))))))))))))))))))))))))))))
.

2009-07-13 16:58 . 2009-07-13 16:58 -------- d-----w- c:\program files\Western Digital
2009-07-13 16:37 . 2009-07-13 16:37 -------- d-----w- c:\program files\CPUID
2009-07-13 15:31 . 2009-07-13 15:32 -------- d-----w- c:\windows\system32\drivers\BurnProf
2009-07-13 15:31 . 2009-07-13 15:31 -------- d-----w- c:\windows\system32\BurnProf
2009-07-13 15:31 . 2009-07-13 15:31 0 ----a-w- c:\windows\system32\MX_SHARE.DAT
2009-07-13 15:29 . 2008-10-18 12:56 643072 ----a-w- c:\windows\system32\DLLAV32.dll
2009-07-13 15:29 . 2008-10-18 12:56 106496 ----a-w- c:\windows\system32\DLLCPY32.dll
2009-07-13 15:29 . 2008-10-18 12:56 49152 ----a-w- c:\windows\system32\DLLPRF32.dll
2009-07-13 15:29 . 2008-10-18 12:56 40960 ----a-w- c:\windows\system32\DLLPNT32.dll
2009-07-13 15:29 . 2008-10-18 12:56 53248 ----a-w- c:\windows\system32\DLLIO32.dll
2009-07-13 15:29 . 2008-10-18 12:56 167936 ----a-w- c:\windows\system32\DLLDEV32.dll
2009-07-13 15:29 . 2008-10-18 12:56 163840 ----a-w- c:\windows\system32\DLLDRV32.dll
2009-07-13 15:29 . 2008-10-18 12:55 233472 ----a-w- c:\windows\system32\DLLRES32.dll
2009-07-13 15:29 . 2008-10-18 12:55 32768 ----a-w- c:\windows\system32\STRING32.dll
2009-07-13 15:29 . 2007-01-04 09:02 663552 ----a-w- c:\windows\system32\mgxoschk.dll
2009-07-13 12:16 . 2009-07-13 12:16 87272 ----a-w- c:\windows\system32\prfc0413.dat
2009-07-13 12:16 . 2009-07-13 12:16 502198 ----a-w- c:\windows\system32\prfh0413.dat
2009-07-13 09:48 . 2009-07-13 10:15 -------- d-----w- c:\documents and settings\user\Application Data\IObit
2009-07-13 09:48 . 2009-07-13 09:48 -------- d-----w- c:\program files\IObit
2009-07-12 19:33 . 2009-07-15 09:01 -------- d--h--r- c:\documents and settings\user\Onlangs geopend
2009-07-12 17:50 . 2009-07-12 17:50 -------- d-----w- c:\program files\GetData
2009-07-12 17:10 . 2009-07-12 17:10 -------- d-----w- c:\program files\iXi Tools
2009-07-12 12:10 . 2009-07-12 12:10 -------- d-----w- c:\program files\Windows Sidebar
2009-07-12 11:52 . 2008-06-24 12:45 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
2009-07-12 11:30 . 2001-09-06 19:27 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2009-07-12 11:29 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2009-07-12 11:28 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2009-07-12 11:27 . 2001-08-17 20:07 30688 -c--a-w- c:\windows\system32\dllcache\sym_u3.sys
2009-07-12 11:26 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2009-07-12 11:25 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2009-07-12 11:24 . 2001-08-17 18:50 61504 -c--a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2009-07-12 11:23 . 2001-08-17 19:52 40448 -c--a-w- c:\windows\system32\dllcache\ql1240.sys
2009-07-12 11:22 . 2001-08-17 20:07 27296 -c--a-w- c:\windows\system32\dllcache\perc2.sys
2009-07-12 11:21 . 2001-09-06 19:26 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2009-07-12 11:20 . 2001-08-17 18:50 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys
2009-07-12 11:19 . 2001-09-06 16:39 728234 -c--a-w- c:\windows\system32\dllcache\ltck000c.sys
2009-07-12 11:18 . 2001-09-06 19:26 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll
2009-07-12 11:17 . 2001-08-17 19:28 115807 -c--a-w- c:\windows\system32\dllcache\hsf_fsks.sys
2009-07-12 11:16 . 2001-08-17 18:15 454912 -c--a-w- c:\windows\system32\dllcache\fxusbase.sys
2009-07-12 11:15 . 2001-08-17 18:12 18503 -c--a-w- c:\windows\system32\dllcache\epro4.sys
2009-07-12 11:14 . 2001-08-17 18:11 24648 -c--a-w- c:\windows\system32\dllcache\dfe650.sys
2009-07-12 11:13 . 2001-09-06 16:47 13952 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2009-07-06 14:35 . 2009-07-06 14:35 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCach e
2009-07-05 09:54 . 2009-07-05 09:54 -------- d-----w- C:\upgrade psp
2009-07-02 12:00 . 2009-07-02 12:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Forge of Games
2009-07-02 11:59 . 2009-07-02 12:00 -------- d-----w- c:\program files\Treasures Of The Deep
2009-07-02 11:54 . 2009-07-02 11:57 -------- d-----w- c:\program files\Warkanoid 2
2009-06-30 15:16 . 2009-07-14 08:41 -------- d-----w- C:\hijackthis
2009-06-30 15:16 . 2009-06-30 15:16 -------- d-----w- c:\program files\Trend Micro
2009-06-29 15:26 . 2009-06-29 15:26 -------- d-----w- c:\program files\Common Files\DirectX
2009-06-28 17:58 . 2009-06-28 17:58 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Criterion Games
2009-06-28 14:52 . 2009-06-28 15:09 -------- d-----w- c:\program files\Steam
2009-06-28 14:11 . 2009-06-28 14:11 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Help
2009-06-28 14:10 . 2009-06-28 14:10 -------- d-----w- c:\windows\solcache
2009-06-28 14:09 . 2009-06-28 14:09 -------- d-----w- c:\program files\Sierra On-Line
2009-06-28 14:06 . 2009-06-28 14:06 -------- d-----w- C:\Sierra
2009-06-27 10:29 . 2009-06-27 10:29 -------- d-----w- c:\documents and settings\user\Application Data\V-Games
2009-06-27 06:42 . 2001-09-06 16:30 77824 -c--a-w- c:\windows\system32\dllcache\ati.sys
2009-06-27 06:42 . 2001-09-06 19:26 96128 -c--a-w- c:\windows\system32\dllcache\ati.dll
2009-06-27 06:42 . 2001-08-17 18:12 97354 -c--a-w- c:\windows\system32\dllcache\aspndis3.sys
2009-06-27 06:40 . 2001-09-06 19:26 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-06-26 14:42 . 2008-07-30 04:20 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-06-26 14:42 . 2008-07-10 09:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-06-26 14:42 . 2008-07-10 09:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-06-25 21:15 . 2009-06-25 21:15 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\PunkBuster
2009-06-25 20:58 . 2009-06-25 21:04 22328 ----a-w- c:\documents and settings\user\Application Data\PnkBstrK.sys
2009-06-25 20:58 . 2009-06-25 21:22 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-06-25 20:58 . 2009-07-12 11:01 -------- d-----w- c:\windows\system32\LogFiles
2009-06-25 20:25 . 2009-06-25 20:25 -------- d-sh--w- c:\windows\ftpcache
2009-06-24 19:14 . 2009-06-24 19:14 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\eSupport.com
2009-06-23 22:22 . 2009-06-23 22:24 -------- d-----w- c:\documents and settings\user\.housecall6.6
2009-06-22 15:04 . 2008-10-27 08:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2009-06-22 15:04 . 2008-10-27 08:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2009-06-22 15:04 . 2008-10-27 08:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2009-06-22 15:04 . 2008-07-30 04:20 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-06-22 15:04 . 2008-07-30 04:20 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-06-22 15:04 . 2008-07-10 09:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-06-22 12:42 . 2009-06-22 12:42 -------- d-----w- C:\NVIDIA
2009-06-22 12:40 . 2009-06-25 20:49 -------- d-----w- c:\program files\SystemRequirementsLab
2009-06-22 12:27 . 2008-10-10 02:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-06-22 12:27 . 2008-10-10 02:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-06-22 12:27 . 2008-10-10 02:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-06-22 12:27 . 2008-10-27 08:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2009-06-22 12:27 . 2009-06-22 12:27 -------- d-----w- c:\windows\system32\AGEIA
2009-06-22 12:27 . 2009-06-22 12:27 -------- d-----w- c:\program files\AGEIA Technologies
2009-06-22 12:26 . 2009-07-13 17:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-22 12:22 . 2009-06-22 12:22 418480 ----a-w- c:\windows\system32\wrap_oal.dll
2009-06-22 12:22 . 2009-06-22 12:22 115432 ----a-w- c:\windows\system32\OpenAL32.dll
2009-06-22 12:22 . 2009-06-22 12:22 -------- d-----w- c:\program files\OpenAL
2009-06-17 12:34 . 2009-06-17 12:35 -------- d-----w- c:\windows\system32\NtmsData
2009-06-16 21:54 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-06-16 21:54 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-06-16 21:54 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-06-16 21:54 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-06-16 21:54 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-06-16 21:54 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-06-16 21:54 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2009-06-16 21:54 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-06-16 21:54 . 2009-06-16 21:54 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-16 16:20 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-06-16 16:20 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-07-15 11:54 . 2009-02-08 18:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-14 21:43 . 2009-03-15 16:42 -------- d-----w- c:\documents and settings\user\Application Data\GrabIt
2009-07-14 18:58 . 2009-03-16 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-14 08:36 . 2009-03-23 15:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-14 08:35 . 2009-04-04 17:29 3775176 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-07-13 17:40 . 2009-07-13 17:40 0 ---hatw- C:\pcwtest.tmp
2009-07-13 12:14 . 2009-03-21 08:38 -------- d-----w- c:\documents and settings\user\Application Data\Vso
2009-07-13 11:36 . 2009-03-23 15:37 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-13 11:36 . 2009-03-23 15:37 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-13 10:28 . 2009-02-28 09:42 68440 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-13 09:49 . 2009-05-17 12:26 -------- d-----w- c:\program files\RegistryFix7
2009-07-13 09:38 . 2006-03-02 12:00 87272 ----a-w- c:\windows\system32\perfc013.dat
2009-07-13 09:38 . 2006-03-02 12:00 502198 ----a-w- c:\windows\system32\perfh013.dat
2009-07-13 09:33 . 2009-03-16 18:51 -------- d-----w- c:\program files\Microsoft Works
2009-07-12 12:26 . 2009-03-19 19:18 -------- d-----w- c:\documents and settings\user\Application Data\Nero
2009-07-12 12:10 . 2009-03-19 19:16 -------- d-----w- c:\program files\Common Files\Nero
2009-07-12 12:09 . 2009-03-19 19:16 -------- d-----w- c:\program files\Nero
2009-07-12 12:03 . 2009-03-19 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-07-11 09:16 . 2009-03-21 08:42 -------- d-----w- c:\program files\DVDlabPro2
2009-07-09 17:36 . 2009-03-15 10:00 -------- d-----w- c:\program files\GrabIt
2009-07-01 07:46 . 2009-06-05 14:13 -------- d-----w- c:\program files\Alawar
2009-06-16 16:20 . 2009-03-21 08:38 -------- d-----w- c:\program files\VSO
2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-14 12:05 . 2009-06-14 12:04 -------- d-----w- c:\documents and settings\user\Application Data\MagicBall3
2009-06-11 08:46 . 2009-06-11 08:46 -------- d-----w- c:\program files\Collectorz.com
2009-06-10 16:33 . 2009-06-10 16:33 671744 ----a-w- c:\windows\system32\nvcuvid.dll
2009-06-10 16:33 . 2009-06-10 16:33 1720320 ----a-w- c:\windows\system32\nvcuda.dll
2009-06-10 16:33 . 2009-06-10 16:33 1580550 ----a-w- c:\windows\system32\nvdata.bin
2009-06-10 16:33 . 2009-06-10 16:33 1310720 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-06-10 16:33 . 2009-02-08 18:43 457248 ----a-w- c:\windows\system32\nvudisp.exe
2009-06-10 16:33 . 2009-02-08 16:50 8087712 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-06-10 16:33 . 2008-04-14 17:02 5908608 ----a-w- c:\windows\system32\nv4_disp.dll
2009-06-10 16:33 . 2006-02-15 11:07 9998336 ----a-w- c:\windows\system32\nvoglnt.dll
2009-06-10 16:33 . 2006-02-13 13:05 815104 ----a-w- c:\windows\system32\nvapi.dll
2009-06-10 16:33 . 2006-02-13 13:05 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-06-10 16:33 . 2006-02-13 13:05 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-06-10 13:33 . 2009-06-10 12:40 -------- d-----w- c:\documents and settings\user\Application Data\MagicBall4
2009-06-10 06:28 . 2009-06-10 06:28 3510272 ----a-w- c:\windows\system32\nvgames.dll
2009-06-10 06:28 . 2009-06-10 06:28 5890048 ----a-w- c:\windows\system32\nvdispsr.dll
2009-06-10 06:28 . 2009-06-10 06:28 4022272 ----a-w- c:\windows\system32\nvdisps.dll
2009-06-10 06:28 . 2009-06-10 06:28 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-06-10 06:28 . 2009-06-10 06:28 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-06-10 06:28 . 2009-06-10 06:28 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-06-10 06:28 . 2009-06-10 06:28 13758464 ----a-w- c:\windows\system32\nvcpl.dll
2009-06-10 06:28 . 2009-06-10 06:28 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-06-07 16:23 . 2009-06-07 16:23 -------- d-----w- c:\documents and settings\user\Application Data\EleFun Games
2009-06-07 10:20 . 2009-06-07 10:20 -------- d-----w- c:\program files\ReflexiveArcade
2009-06-07 10:17 . 2009-06-07 10:14 -------- d-----w- c:\program files\Inca Ball
2009-06-06 10:36 . 2009-06-06 10:36 -------- d-----w- c:\documents and settings\user\Application Data\URSE Games
2009-06-05 20:43 . 2009-06-05 20:30 -------- d-----w- c:\program files\Zylom Games
2009-06-05 20:30 . 2009-06-05 20:30 -------- d-----w- c:\documents and settings\user\Application Data\Zylom
2009-06-05 20:30 . 2009-06-05 20:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Zylom
2009-06-05 15:14 . 2009-06-05 15:07 -------- d-----w- c:\program files\Aquaball
2009-06-05 14:14 . 2009-06-05 14:14 -------- d-----w- c:\documents and settings\All Users\Application Data\rionix
2009-06-04 14:39 . 2009-02-08 18:35 457248 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-06-04 10:29 . 2009-06-04 10:29 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-03 19:11 . 2006-03-02 12:00 1295360 ----a-w- c:\windows\system32\quartz.dll
2009-06-03 10:57 . 2009-06-03 10:50 -------- d-----w- c:\program files\QuickTime
2009-06-03 10:57 . 2009-06-03 10:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-03 10:56 . 2009-06-03 10:56 -------- d-----w- c:\program files\Apple Software Update
2009-06-03 10:56 . 2009-06-03 10:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-02 23:54 . 2009-06-02 23:54 48640 ----a-w- C:\Iexploreiosg.exe
2009-06-01 07:36 . 2009-05-31 08:14 -------- d-----w- c:\program files\Curse of the Pharaoh Quest for Nefertiti - NL
2009-05-31 08:15 . 2009-05-31 08:15 4096 ----a-w- c:\windows\d3dx.dat
2009-05-24 08:37 . 2009-05-24 08:37 -------- d-----w- c:\program files\Common Files\Common Share
2009-05-24 08:37 . 2009-05-24 08:37 -------- d-----w- c:\program files\OJOsoft
2009-05-15 06:02 . 2009-05-15 06:02 2373416 ----a-w- c:\documents and settings\All Users\Application Data\Nero\Nero\DrWeb\DrWeb32.dll
2009-05-15 05:50 . 2009-05-15 05:50 2373416 ----a-w- c:\documents and settings\All Users\Application Data\Nero\Nero 9\DrWeb\DrWeb32.dll
2009-05-13 05:06 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:34 . 2006-03-02 12:00 347136 ----a-w- c:\windows\system32\localspl.dll
2009-04-19 19:51 . 2006-03-02 12:00 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-03-26 19:27 . 2009-03-26 19:27 1390 ----a-w- c:\program files\uninstal.log
2001-08-13 14:51 . 2001-08-13 14:51 1396337 ----a-w- c:\program files\Captura.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Netlog 24"="c:\program files\Netlog 24\Notifier\Netlog24Notifier.exe" [2009-03-14 1380352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2005-10-24 90112]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hp psc 2000 Series.lnk]
backup=c:\windows\pss\hp psc 2000 Series.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^officejet 6100.lnk]
backup=c:\windows\pss\officejet 6100.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\WhatPulse\\WhatPulse.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\games instal\\prototype\\prototypef.exe"=
"d:\\games instal\\burnout\\BurnoutLauncher.exe"=
"d:\\games instal\\burnout\\BurnoutConfigTool.exe"=
"d:\\games instal\\burnout\\BurnoutParadise.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod3 2drv.sys [16/03/2009 20:33 15424]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Inhoud van de 'Gedeelde Taken' map

2009-07-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-07-08 c:\windows\Tasks\FRU Task 2002-06-27 08:46ewlett-Packard2002-06-27 08:46p psc 2100 seriesF56855811176EC24C9B302F94878AD886AF77CFF2392 15785.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2002-06-26 23:46]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-15 22:25
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'lsass.exe'(592)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll

- - - - - - - > 'explorer.exe'(2524)
c:\windows\system32\webcheck.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\ESET\nod32krn.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
************************************************** ************************
.
Voltooingstijd: 2009-07-15 22:29 - machine werd herstart
ComboFix-quarantined-files.txt 2009-07-15 20:29

Pre-Run: 51.020.476.416 bytes beschikbaar
Post-Run: 51.572.240.384 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

295 --- E O F --- 2009-07-14 15:27

Rosty

16 July 2009, 08:24

Nog problemen nu?

ghost

16 July 2009, 14:09

Nee alles is inorde nu , merci Rosty:good:

Rosty

16 July 2009, 22:03

Graag gedaan, ghost. ;)

Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U klik op OK of toets Enter.

http://i78.photobucket.com/albums/j116/amateur_photos/CFuninstall.png

Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en reset je Systeemherstel opnieuw.

ghost

16 July 2009, 22:09

Done :)

Rosty

17 July 2009, 09:09

Slotje op dus!!