Vraag & Antwoord

Beveiliging & privacy

Hijackthis logje(van mezelf deze keer)

Anoniem
pimvandenderen
13 antwoorden
  • hallo allemaal
    ik heb hier namelijk een probleem
    me pc is weer gek geworden
    voor het probleem had ik met spyware doctor 5 en ad aware 7 full sytem scna gedaan vond ie niks opnieuw opstarte
    ff youtuben enz…
    ik zag een video en vond m leuk wou m naar me telefoon downloade dus
    imtoo 3gp video converter 3 downloaden
    ik wist wel van zonder registratie code converteerd ie maar tot de helft enzo.
    ik zocht een crack zoeke niks met geld enzo
    op t eind vond ik een site met crack(trojan denk ik)
    ik downlade hem
    was ingepakt
    pakte uit
    ik kreeg in een keer 3 waarschuwingen van spyware doctor van onguard protection enzo
    ik dacht van ahh
    converter 2 was aan
    ik klikte op serial(uitgepakte bestand)
    pc begon in en keer gek te worden
    ik had in een keer in de gaten van sh*t ben er in getrapt enzo
    pc heel traag
    kon de muis niet eens bedienen gelijk reset
    veilige modus
    met spyware doctor intelli scan 107 infecties
    en met trojan remover paar
    genaamd imagepath enzo.
    en [paar andere bestanden in t dll

    nou jah
    opstarte en pc was wel sneller
    maar het ding is nog steeds traag
    ik heb een logje gemaakt
    ik hoop dat jullie wat vinden

    alvast erggg bedankt


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:10:52, on 1-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\wsusupd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {837B45D6-BF85-457D-AABF-6D2E7815F791} - (no file)
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
    O4 - HKLM\..\Run: [ShareSearcher] C:\wsusupd.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188831081734
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188845633406
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - Winlogon Notify: ddcyvsq - ddcyvsq.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe
    O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe


    End of file - 5931 bytes


    ik hoop dat jullie me zo snel mogelijk helpen
    :P
  • Tja, wie zijn billen brand :P

    Start Hijackthis, kies voor [i:0e0a4e69e4]'Do a system scan only'[/i:0e0a4e69e4] en vink onderstaande regels aan:
    [b:0e0a4e69e4]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {837B45D6-BF85-457D-AABF-6D2E7815F791} - (no file)
    O4 - HKLM\..\Run: [ShareSearcher] C:\wsusupd.exe
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O20 - Winlogon Notify: ddcyvsq - ddcyvsq.dll (file missing)
    [/b:0e0a4e69e4]

    Sluit nu [u:0e0a4e69e4]alle[/u:0e0a4e69e4] openstaande vensters, behalve Hijackthis en klik op [b:0e0a4e69e4]Fix Checked[/b:0e0a4e69e4].

    Download Combofix naar je [b:0e0a4e69e4]bureaublad[/b:0e0a4e69e4]

    Dubbelklik op [u:0e0a4e69e4]combofix.exe[/u:0e0a4e69e4]
    Kies voor "Continue" door [b:0e0a4e69e4]1[/b:0e0a4e69e4] te typen gevolgd door [b:0e0a4e69e4]ENTER[/b:0e0a4e69e4].
    Tijdens het runnen van de fix, [b:0e0a4e69e4]NIET[/b:0e0a4e69e4] in het venster klikken, want dit zal je pc doen vasthangen.

    Wanneer de fix voltooid is en na herstart, zal de log [b:0e0a4e69e4]combofix.txt[/b:0e0a4e69e4] openen. Bewaar dit logje.

    [i:0e0a4e69e4]NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.[/i:0e0a4e69e4]

    Plaats in je volgende antwoord het logje van combofix ([i:0e0a4e69e4]combofix.txt[/i:0e0a4e69e4]) tesamen met een vers Hijackthis log.

    Succes!
    Pim
  • erg bedankt he
    helpte al erg veel

    ComboFix 07-10-02.2 - Sadik 2007-10-02 15:27:08.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.621 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Sadik\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\d.exe
    C:\Documents and Settings\Sadik\Bureaublad\internet.lnk
    C:\WINDOWS\system32\6_exception.nls
    C:\WINDOWS\system32\drivers\ip6fw.sys
    C:\WINDOWS\system32\instcat.dll
    C:\WINDOWS\system32\pskill.exe
    C:\wsusupd.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    ——-\LEGACY_NTMLSVC
    ——-\LEGACY_RUNTIME
    ——-\NtmlSvc


    (((((((((((((((((((( Bestanden Gemaakt van 2007-09-02 to 2007-10-02 ))))))))))))))))))))))))))))))
    .

    2007-10-02 15:26 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-10-01 22:01 158,496 –a—— C:\WINDOWS\system32\b1e35fe3.sys
    2007-10-01 21:46 <DIR> d——– C:\Documents and Settings\Administrator\Application Data\Simply Super Software
    2007-10-01 21:41 158,464 –a—— C:\WINDOWS\system32\e86169f6.sys
    2007-10-01 21:38 61,440 –a—— C:\WINDOWS\system32\aspimgr.exe.ren
    2007-10-01 21:38 41,771 –a—— C:\tislctg.exe
    2007-10-01 21:38 28,160 –a—— C:\qixik.exe
    2007-10-01 21:38 20,992 –a—— C:\gniinq.exe
    2007-10-01 21:38 158,464 –a—— C:\WINDOWS\system32\4f46087b.sys
    2007-10-01 21:38 13,312 –a—— C:\WINDOWS\system32\netfilter.dll
    2007-10-01 17:10 <DIR> d–hs—- C:\Documents and Settings\Sadik\Onlangs geopend
    2007-09-30 21:55 83,536 –a—— C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-09-30 21:55 59,984 –a—— C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-09-30 21:55 52,304 –a—— C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-09-30 21:55 39,248 –a—— C:\WINDOWS\system32\drivers\ikfileflt.sys
    2007-09-30 21:55 26,064 –a—— C:\WINDOWS\system32\drivers\kcom.sys
    2007-09-30 21:54 <DIR> d——– C:\Program Files\Spyware Doctor
    2007-09-30 21:54 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PC Tools
    2007-09-30 18:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\BitTorrent
    2007-09-29 16:57 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA
    2007-09-29 16:48 208,896 –a—— C:\WINDOWS\system32\nvudisp.exe
    2007-09-29 16:46 <DIR> d——– C:\NVIDIA
    2007-09-29 16:42 3,958,496 –a—— C:\WINDOWS\system32\drivers\nv4_mini.sys
    2007-09-29 16:42 1,897,408 –a–c— C:\WINDOWS\system32\dllcache\nv4_mini.sys
    2007-09-29 16:41 <DIR> d——– C:\Program Files\Driver Cleaner Pro
    2007-09-28 23:28 14,744 –ah—– C:\WINDOWS\system32\mlfcache.dat
    2007-09-28 21:25 <DIR> d——– C:\Deckard
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Safari
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Bonjour
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Apple Software Update
    2007-09-28 21:14 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
    2007-09-28 20:46 <DIR> d——– C:\Drivers
    2007-09-27 19:05 <DIR> d——– C:\Program Files\Ad-Aware 2007
    2007-09-27 19:05 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2007-09-27 16:50 <DIR> d——– C:\Program Files\Winamp
    2007-09-27 15:53 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PPStream
    2007-09-27 15:48 <DIR> d——– C:\Program Files\Nieuwe map
    2007-09-27 15:44 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\SopCast
    2007-09-25 18:00 77,312 –a—— C:\WINDOWS\system32\ztvunace26.dll
    2007-09-25 18:00 75,264 –a—— C:\WINDOWS\system32\unacev2.dll
    2007-09-25 18:00 69,632 –a—— C:\WINDOWS\system32\ztvcabinet.dll
    2007-09-25 18:00 162,304 –a—— C:\WINDOWS\system32\ztvunrar36.dll
    2007-09-25 18:00 153,088 –a—— C:\WINDOWS\system32\UNRAR3.dll
    2007-09-25 18:00 <DIR> d——– C:\Program Files\Trojan Remover
    2007-09-25 18:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Simply Super Software
    2007-09-25 18:00 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Simply Super Software
    2007-09-24 19:00 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
    2007-09-22 23:58 <DIR> d——– C:\Program Files\Western Digital
    2007-09-22 02:49 7,552 –a—— C:\WINDOWS\system32\drivers\enodpl.sys
    2007-09-22 02:49 4,736 –a—— C:\WINDOWS\system32\drivers\tandpl.sys
    2007-09-21 17:18 <DIR> d——– C:\Program Files\Windows Live Safety Center
    2007-09-16 22:54 1,156 –a—— C:\WINDOWS\mozver.dat
    2007-09-16 20:44 69,632 –a—— C:\WINDOWS\ALCMTR.EXE
    2007-09-15 20:35 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Tournament.com Client
    2007-09-15 00:55 <DIR> d——– C:\WINDOWS\system32\Nieuwe map
    2007-09-15 00:30 <DIR> d——– C:\WINDOWS\system32\VIRepair
    2007-09-14 17:30 <DIR> d——– C:\DECCHECK
    2007-09-14 14:20 <DIR> d——– C:\Program Files\DaemonTools_WhenUSave_Installer
    2007-09-13 22:40 <DIR> d——– C:\Program Files\SystemRequirementsLab
    2007-09-12 21:53 <DIR> d-a—— C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2007-09-12 18:11 <DIR> d——– C:\Program Files\Windows Journal Viewer
    2007-09-11 21:03 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Lavasoft
    2007-09-11 20:44 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
    2007-09-11 20:44 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2007-09-08 22:00 19,424 –a—— C:\WINDOWS\system32\drivers\ggsemc.sys
    2007-09-08 22:00 1,419,232 –a—— C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2007-09-08 14:09 22,328 –a—— C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-09-08 14:09 103,736 –a—— C:\WINDOWS\system32\PnkBstrB.exe
    2007-09-08 02:36 <DIR> d——– C:\Program Files\Kaspersky Lab
    2007-09-08 02:36 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
    2007-09-08 02:35 <DIR> d——– C:\KAV
    2007-09-08 02:24 0 –a—— C:\WINDOWS\nsreg.dat
    2007-09-07 21:49 <DIR> d——– C:\Program Files\SAGEM
    2007-09-06 17:48 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Apple Computer
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Shared
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Incomplete
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\LimeWire
    2007-09-05 16:27 86,016 –a—— C:\WINDOWS\system32\sbres32.dll
    2007-09-05 16:27 59,392 –a—— C:\WINDOWS\system\a3d.dll
    2007-09-05 16:27 465,536 –a—— C:\WINDOWS\system32\drivers\sbpci.sys
    2007-09-05 16:27 434,176 –a—— C:\WINDOWS\system32\sbmixres.dll
    2007-09-05 16:27 388,608 –a—— C:\WINDOWS\system32\ensmix32.exe
    2007-09-05 16:27 32,768 –a—— C:\WINDOWS\system32\starter.exe
    2007-09-05 16:27 <DIR> d——– C:\SBPCI
    2007-09-05 16:27 <DIR> d——– C:\cabs
    2007-09-05 14:21 5,632 –a—— C:\WINDOWS\system32\drivers\Entech64.sys
    2007-09-05 14:21 3,972 –a—— C:\WINDOWS\system32\drivers\PciBus.sys
    2007-09-05 14:21 21,664 –a—— C:\WINDOWS\system32\drivers\Entech.sys
    2007-09-05 14:21 <DIR> d——– C:\WINDOWS\system32\Futuremark
    2007-09-05 07:58 <DIR> d——– C:\Program Files\SpeedFan
    2007-09-04 17:49 271,224 –a—— C:\WINDOWS\system32\mucltui.dll
    2007-09-03 23:16 356,352 –a—— C:\WINDOWS\system32\NVUNINST.EXE
    2007-09-03 23:16 <DIR> d——– C:\WINDOWS\nview
    2007-09-03 22:40 66,668 –a—— C:\WINDOWS\BricoPackUninst.cmd
    2007-09-03 22:37 6,114 –a—— C:\WINDOWS\BricoPackFoldersDelete.cmd
    2007-09-03 22:36 <DIR> d——– C:\WINDOWS\BricoPacks
    2007-09-03 22:29 <DIR> d——– C:\Program Files\ViOrb
    2007-09-03 22:25 8,636 –a—— C:\WINDOWS\system32\modifype.exe
    2007-09-03 22:25 19,968 –a—— C:\WINDOWS\system32\reico.exe
    2007-09-03 22:25 111,104 –a—— C:\WINDOWS\system32\Uharc.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-01 22:28 ——— d——– C:\Program Files\ImTOO
    2007-09-30 19:18 ——— d–h—– C:\Program Files\InstallShield Installation Information
    2007-09-30 05:11 ——— d——– C:\Program Files\Yahoo!
    2007-09-28 20:48 ——— d——– C:\Program Files\Marvell
    2007-09-27 19:07 9344 –a—— C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-09-27 19:07 8320 –a—— C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-09-27 19:00 ——— d——– C:\Program Files\Hitman Pro
    2007-09-27 18:58 ——— d——– C:\Program Files\Lavasoft
    2007-09-27 15:53 ——— d——– C:\Program Files\MSN Messenger
    2007-09-22 04:52 ——— d——– C:\Program Files\CCleaner
    2007-09-16 20:44 ——— d——– C:\Program Files\Realtek
    2007-09-08 22:07 0 –ah—– C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-09-08 22:07 0 –ah—– C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
    2007-09-08 21:59 ——— d——– C:\Program Files\Sony Ericsson
    2007-09-06 17:24 ——— d——– C:\Program Files\LimeWire
    2007-09-03 22:01 ——— d——– C:\Program Files\Windows Installer Clean Up
    2007-09-03 21:37 ——— d——– C:\Program Files\directx
    2007-09-03 21:26 ——— d——– C:\Program Files\QuickTime
    2007-09-03 21:23 ——— d——– C:\Program Files\Common Files\Teleca Shared
    2007-09-03 20:31 ——— d——– C:\Program Files\MD40323
    2007-09-03 20:30 ——— d——– C:\Program Files\BitTorrent
    2007-09-03 20:28 ——— d——– C:\Program Files\Messenger Plus! Live
    2007-09-01 05:34 ——— d——– C:\Program Files\Google
    2007-09-01 01:50 ——— d——– C:\Program Files\CyberLink
    2007-08-31 05:16 ——— d——– C:\Program Files\MSXML 4.0
    2007-08-31 05:13 ——— d——– C:\Program Files\Lavalys
    2007-08-30 17:19 ——— d——– C:\Program Files\Team MediaPortal
    2007-08-30 15:47 ——— d——– C:\Program Files\Disc2Phone
    2007-08-29 21:21 ——— d——– C:\Program Files\Spyware Terminator
    2007-08-29 13:59 ——— d——– C:\Program Files\SpywareBlaster
    2007-08-29 13:50 ——— d——– C:\Program Files\Ashampoo
    2007-08-29 05:16 ——— d——– C:\Program Files\Trend Micro
    2007-08-29 05:07 ——— d——– C:\Program Files\Crawler
    2007-08-29 04:57 ——— d——– C:\Program Files\Adverts
    2007-08-28 18:48 ——— d——– C:\Program Files\Windows Defender
    2007-08-28 18:32 ——— d——– C:\Program Files\MSECACHE
    2007-08-28 18:17 ——— d——– C:\Program Files\Windows Media Connect 2
    2007-08-28 18:15 ——— d——– C:\Program Files\Windows Live
    2007-08-28 16:13 ——— d——– C:\Program Files\NVIDIA Corporation
    2007-08-28 15:45 ——— d——– C:\Program Files\SCREEN2EXE
    2007-08-28 15:00 ——— d——– C:\Program Files\Common Files\InstallShield
    2007-08-28 15:00 ——— d——– C:\Program Files\ASUS
    2007-08-28 14:52 ——— d——– C:\Program Files\Intel
    2007-08-28 14:45 ——— d——– C:\Program Files\microsoft frontpage
    2007-07-30 19:19 92504 –a—— C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 68440 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 203096 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 207736 –a—— C:\WINDOWS\system32\muweb.dll
    2007-07-03 12:33 6912 –a—— C:\WINDOWS\nvoclock.sys
    2007-07-03 12:32 397312 –a—— C:\WINDOWS\ntuneoem.dll
    2007-07-03 12:32 1622016 –a—— C:\WINDOWS\NVBenchMarks.dll
    2007-07-03 12:31 28672 –a—— C:\WINDOWS\AutoTuneScript.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"="RTHDCPL.EXE" [2006-08-01 13:10 C:\WINDOWS\RTHDCPL.EXE]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 21:43]
    "nwiz"="nwiz.exe" [2006-08-11 21:43 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 21:43]
    "SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-05-17 12:02]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03]
    "msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 14:54]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoRecentDocsHistory"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

    R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys
    S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca100v.sys
    S3 CrystalSysInfo;CrystalSysInfo;\??\C:\Documents and Settings\Sadik\Mijn documenten\setfsb20b15w\SysInfo.sys
    S3 NVR0Dev;NVR0Dev;\??\C:\WINDOWS\nvoclock.sys
    S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\Drivers\Bulk100.sys

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-09-28 19:14:21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-02 13:21:48 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-02 15:30:43
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-10-02 15:32:52 - machine was rebooted
    C:\ComboFix-quarantined-files.txt … 2007-10-02 15:32
    .
    — E O F —



    en nog een logje voor de zekerhied
  • erg bedankt he
    helpte al erg veel

    ComboFix 07-10-02.2 - Sadik 2007-10-02 15:27:08.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.621 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Sadik\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\d.exe
    C:\Documents and Settings\Sadik\Bureaublad\internet.lnk
    C:\WINDOWS\system32\6_exception.nls
    C:\WINDOWS\system32\drivers\ip6fw.sys
    C:\WINDOWS\system32\instcat.dll
    C:\WINDOWS\system32\pskill.exe
    C:\wsusupd.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    ——-\LEGACY_NTMLSVC
    ——-\LEGACY_RUNTIME
    ——-\NtmlSvc


    (((((((((((((((((((( Bestanden Gemaakt van 2007-09-02 to 2007-10-02 ))))))))))))))))))))))))))))))
    .

    2007-10-02 15:26 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-10-01 22:01 158,496 –a—— C:\WINDOWS\system32\b1e35fe3.sys
    2007-10-01 21:46 <DIR> d——– C:\Documents and Settings\Administrator\Application Data\Simply Super Software
    2007-10-01 21:41 158,464 –a—— C:\WINDOWS\system32\e86169f6.sys
    2007-10-01 21:38 61,440 –a—— C:\WINDOWS\system32\aspimgr.exe.ren
    2007-10-01 21:38 41,771 –a—— C:\tislctg.exe
    2007-10-01 21:38 28,160 –a—— C:\qixik.exe
    2007-10-01 21:38 20,992 –a—— C:\gniinq.exe
    2007-10-01 21:38 158,464 –a—— C:\WINDOWS\system32\4f46087b.sys
    2007-10-01 21:38 13,312 –a—— C:\WINDOWS\system32\netfilter.dll
    2007-10-01 17:10 <DIR> d–hs—- C:\Documents and Settings\Sadik\Onlangs geopend
    2007-09-30 21:55 83,536 –a—— C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-09-30 21:55 59,984 –a—— C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-09-30 21:55 52,304 –a—— C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-09-30 21:55 39,248 –a—— C:\WINDOWS\system32\drivers\ikfileflt.sys
    2007-09-30 21:55 26,064 –a—— C:\WINDOWS\system32\drivers\kcom.sys
    2007-09-30 21:54 <DIR> d——– C:\Program Files\Spyware Doctor
    2007-09-30 21:54 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PC Tools
    2007-09-30 18:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\BitTorrent
    2007-09-29 16:57 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA
    2007-09-29 16:48 208,896 –a—— C:\WINDOWS\system32\nvudisp.exe
    2007-09-29 16:46 <DIR> d——– C:\NVIDIA
    2007-09-29 16:42 3,958,496 –a—— C:\WINDOWS\system32\drivers\nv4_mini.sys
    2007-09-29 16:42 1,897,408 –a–c— C:\WINDOWS\system32\dllcache\nv4_mini.sys
    2007-09-29 16:41 <DIR> d——– C:\Program Files\Driver Cleaner Pro
    2007-09-28 23:28 14,744 –ah—– C:\WINDOWS\system32\mlfcache.dat
    2007-09-28 21:25 <DIR> d——– C:\Deckard
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Safari
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Bonjour
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Apple Software Update
    2007-09-28 21:14 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
    2007-09-28 20:46 <DIR> d——– C:\Drivers
    2007-09-27 19:05 <DIR> d——– C:\Program Files\Ad-Aware 2007
    2007-09-27 19:05 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2007-09-27 16:50 <DIR> d——– C:\Program Files\Winamp
    2007-09-27 15:53 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PPStream
    2007-09-27 15:48 <DIR> d——– C:\Program Files\Nieuwe map
    2007-09-27 15:44 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\SopCast
    2007-09-25 18:00 77,312 –a—— C:\WINDOWS\system32\ztvunace26.dll
    2007-09-25 18:00 75,264 –a—— C:\WINDOWS\system32\unacev2.dll
    2007-09-25 18:00 69,632 –a—— C:\WINDOWS\system32\ztvcabinet.dll
    2007-09-25 18:00 162,304 –a—— C:\WINDOWS\system32\ztvunrar36.dll
    2007-09-25 18:00 153,088 –a—— C:\WINDOWS\system32\UNRAR3.dll
    2007-09-25 18:00 <DIR> d——– C:\Program Files\Trojan Remover
    2007-09-25 18:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Simply Super Software
    2007-09-25 18:00 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Simply Super Software
    2007-09-24 19:00 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
    2007-09-22 23:58 <DIR> d——– C:\Program Files\Western Digital
    2007-09-22 02:49 7,552 –a—— C:\WINDOWS\system32\drivers\enodpl.sys
    2007-09-22 02:49 4,736 –a—— C:\WINDOWS\system32\drivers\tandpl.sys
    2007-09-21 17:18 <DIR> d——– C:\Program Files\Windows Live Safety Center
    2007-09-16 22:54 1,156 –a—— C:\WINDOWS\mozver.dat
    2007-09-16 20:44 69,632 –a—— C:\WINDOWS\ALCMTR.EXE
    2007-09-15 20:35 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Tournament.com Client
    2007-09-15 00:55 <DIR> d——– C:\WINDOWS\system32\Nieuwe map
    2007-09-15 00:30 <DIR> d——– C:\WINDOWS\system32\VIRepair
    2007-09-14 17:30 <DIR> d——– C:\DECCHECK
    2007-09-14 14:20 <DIR> d——– C:\Program Files\DaemonTools_WhenUSave_Installer
    2007-09-13 22:40 <DIR> d——– C:\Program Files\SystemRequirementsLab
    2007-09-12 21:53 <DIR> d-a—— C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2007-09-12 18:11 <DIR> d——– C:\Program Files\Windows Journal Viewer
    2007-09-11 21:03 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Lavasoft
    2007-09-11 20:44 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
    2007-09-11 20:44 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2007-09-08 22:00 19,424 –a—— C:\WINDOWS\system32\drivers\ggsemc.sys
    2007-09-08 22:00 1,419,232 –a—— C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2007-09-08 14:09 22,328 –a—— C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-09-08 14:09 103,736 –a—— C:\WINDOWS\system32\PnkBstrB.exe
    2007-09-08 02:36 <DIR> d——– C:\Program Files\Kaspersky Lab
    2007-09-08 02:36 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
    2007-09-08 02:35 <DIR> d——– C:\KAV
    2007-09-08 02:24 0 –a—— C:\WINDOWS\nsreg.dat
    2007-09-07 21:49 <DIR> d——– C:\Program Files\SAGEM
    2007-09-06 17:48 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Apple Computer
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Shared
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Incomplete
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\LimeWire
    2007-09-05 16:27 86,016 –a—— C:\WINDOWS\system32\sbres32.dll
    2007-09-05 16:27 59,392 –a—— C:\WINDOWS\system\a3d.dll
    2007-09-05 16:27 465,536 –a—— C:\WINDOWS\system32\drivers\sbpci.sys
    2007-09-05 16:27 434,176 –a—— C:\WINDOWS\system32\sbmixres.dll
    2007-09-05 16:27 388,608 –a—— C:\WINDOWS\system32\ensmix32.exe
    2007-09-05 16:27 32,768 –a—— C:\WINDOWS\system32\starter.exe
    2007-09-05 16:27 <DIR> d——– C:\SBPCI
    2007-09-05 16:27 <DIR> d——– C:\cabs
    2007-09-05 14:21 5,632 –a—— C:\WINDOWS\system32\drivers\Entech64.sys
    2007-09-05 14:21 3,972 –a—— C:\WINDOWS\system32\drivers\PciBus.sys
    2007-09-05 14:21 21,664 –a—— C:\WINDOWS\system32\drivers\Entech.sys
    2007-09-05 14:21 <DIR> d——– C:\WINDOWS\system32\Futuremark
    2007-09-05 07:58 <DIR> d——– C:\Program Files\SpeedFan
    2007-09-04 17:49 271,224 –a—— C:\WINDOWS\system32\mucltui.dll
    2007-09-03 23:16 356,352 –a—— C:\WINDOWS\system32\NVUNINST.EXE
    2007-09-03 23:16 <DIR> d——– C:\WINDOWS\nview
    2007-09-03 22:40 66,668 –a—— C:\WINDOWS\BricoPackUninst.cmd
    2007-09-03 22:37 6,114 –a—— C:\WINDOWS\BricoPackFoldersDelete.cmd
    2007-09-03 22:36 <DIR> d——– C:\WINDOWS\BricoPacks
    2007-09-03 22:29 <DIR> d——– C:\Program Files\ViOrb
    2007-09-03 22:25 8,636 –a—— C:\WINDOWS\system32\modifype.exe
    2007-09-03 22:25 19,968 –a—— C:\WINDOWS\system32\reico.exe
    2007-09-03 22:25 111,104 –a—— C:\WINDOWS\system32\Uharc.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-01 22:28 ——— d——– C:\Program Files\ImTOO
    2007-09-30 19:18 ——— d–h—– C:\Program Files\InstallShield Installation Information
    2007-09-30 05:11 ——— d——– C:\Program Files\Yahoo!
    2007-09-28 20:48 ——— d——– C:\Program Files\Marvell
    2007-09-27 19:07 9344 –a—— C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-09-27 19:07 8320 –a—— C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-09-27 19:00 ——— d——– C:\Program Files\Hitman Pro
    2007-09-27 18:58 ——— d——– C:\Program Files\Lavasoft
    2007-09-27 15:53 ——— d——– C:\Program Files\MSN Messenger
    2007-09-22 04:52 ——— d——– C:\Program Files\CCleaner
    2007-09-16 20:44 ——— d——– C:\Program Files\Realtek
    2007-09-08 22:07 0 –ah—– C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-09-08 22:07 0 –ah—– C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
    2007-09-08 21:59 ——— d——– C:\Program Files\Sony Ericsson
    2007-09-06 17:24 ——— d——– C:\Program Files\LimeWire
    2007-09-03 22:01 ——— d——– C:\Program Files\Windows Installer Clean Up
    2007-09-03 21:37 ——— d——– C:\Program Files\directx
    2007-09-03 21:26 ——— d——– C:\Program Files\QuickTime
    2007-09-03 21:23 ——— d——– C:\Program Files\Common Files\Teleca Shared
    2007-09-03 20:31 ——— d——– C:\Program Files\MD40323
    2007-09-03 20:30 ——— d——– C:\Program Files\BitTorrent
    2007-09-03 20:28 ——— d——– C:\Program Files\Messenger Plus! Live
    2007-09-01 05:34 ——— d——– C:\Program Files\Google
    2007-09-01 01:50 ——— d——– C:\Program Files\CyberLink
    2007-08-31 05:16 ——— d——– C:\Program Files\MSXML 4.0
    2007-08-31 05:13 ——— d——– C:\Program Files\Lavalys
    2007-08-30 17:19 ——— d——– C:\Program Files\Team MediaPortal
    2007-08-30 15:47 ——— d——– C:\Program Files\Disc2Phone
    2007-08-29 21:21 ——— d——– C:\Program Files\Spyware Terminator
    2007-08-29 13:59 ——— d——– C:\Program Files\SpywareBlaster
    2007-08-29 13:50 ——— d——– C:\Program Files\Ashampoo
    2007-08-29 05:16 ——— d——– C:\Program Files\Trend Micro
    2007-08-29 05:07 ——— d——– C:\Program Files\Crawler
    2007-08-29 04:57 ——— d——– C:\Program Files\Adverts
    2007-08-28 18:48 ——— d——– C:\Program Files\Windows Defender
    2007-08-28 18:32 ——— d——– C:\Program Files\MSECACHE
    2007-08-28 18:17 ——— d——– C:\Program Files\Windows Media Connect 2
    2007-08-28 18:15 ——— d——– C:\Program Files\Windows Live
    2007-08-28 16:13 ——— d——– C:\Program Files\NVIDIA Corporation
    2007-08-28 15:45 ——— d——– C:\Program Files\SCREEN2EXE
    2007-08-28 15:00 ——— d——– C:\Program Files\Common Files\InstallShield
    2007-08-28 15:00 ——— d——– C:\Program Files\ASUS
    2007-08-28 14:52 ——— d——– C:\Program Files\Intel
    2007-08-28 14:45 ——— d——– C:\Program Files\microsoft frontpage
    2007-07-30 19:19 92504 –a—— C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 68440 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 203096 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 207736 –a—— C:\WINDOWS\system32\muweb.dll
    2007-07-03 12:33 6912 –a—— C:\WINDOWS\nvoclock.sys
    2007-07-03 12:32 397312 –a—— C:\WINDOWS\ntuneoem.dll
    2007-07-03 12:32 1622016 –a—— C:\WINDOWS\NVBenchMarks.dll
    2007-07-03 12:31 28672 –a—— C:\WINDOWS\AutoTuneScript.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"="RTHDCPL.EXE" [2006-08-01 13:10 C:\WINDOWS\RTHDCPL.EXE]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 21:43]
    "nwiz"="nwiz.exe" [2006-08-11 21:43 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 21:43]
    "SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-05-17 12:02]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03]
    "msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 14:54]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoRecentDocsHistory"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

    R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys
    S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca100v.sys
    S3 CrystalSysInfo;CrystalSysInfo;\??\C:\Documents and Settings\Sadik\Mijn documenten\setfsb20b15w\SysInfo.sys
    S3 NVR0Dev;NVR0Dev;\??\C:\WINDOWS\nvoclock.sys
    S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\Drivers\Bulk100.sys

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-09-28 19:14:21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-02 13:21:48 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-02 15:30:43
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-10-02 15:32:52 - machine was rebooted
    C:\ComboFix-quarantined-files.txt … 2007-10-02 15:32
    .
    — E O F —



    en nog een logje voor de zekerheid

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:35:13, on 2-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\savedump.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188831081734
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188845633406
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe
    O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe


    End of file - 5558 bytes
  • :evil:

    nog steeds dezelfde
    opnieuw opgestart
    elke 2 minuten blijft windows vast zittn voor 30 sec :evil:
  • Verwijder via configuratiescherm –> software, [b:8025bc53d2] indien aanwezig[/b:8025bc53d2]:
    [b:8025bc53d2]
    Driver Cleaner Pro
    [/b:8025bc53d2]

    Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
    [b:8025bc53d2]
    File::
    C:\WINDOWS\system32\b1e35fe3.sys
    C:\WINDOWS\system32\e86169f6.sys
    C:\WINDOWS\system32\aspimgr.exe.ren
    C:\tislctg.exe
    C:\qixik.exe
    C:\gniinq.exe
    C:\WINDOWS\system32\4f46087b.sys
    C:\WINDOWS\system32\netfilter.dll

    Folder::
    C:\Program Files\Driver Cleaner Pro
    C:\Deckard

    DirLook::
    C:\Program Files\DaemonTools_WhenUSave_Installer
    [/b:8025bc53d2]

    Sla dit op op je Bureaublad als [b:8025bc53d2]CFScript.txt[/b:8025bc53d2].

    Sleep [b:8025bc53d2]CFScript.txt[/b:8025bc53d2] in [b:8025bc53d2]ComboFix.exe[/b:8025bc53d2] zoals getoond in onderstaand voorbeeld :

    [img:8025bc53d2]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:8025bc53d2]

    Dit zal ComboFix doen herstarten.
    Start opnieuw op als daarom gevraagd wordt,
    en post de inhoud van de [b:8025bc53d2]Combofix.txt[/b:8025bc53d2] in je volgende antwoord.

    succes!

    Pim
  • thxx


    hier
    ComboFix 07-10-02.2 - Sadik 2007-10-02 17:48:10.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.625 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Sadik\Bureaublad\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Sadik\Bureaublad\CFScript.txt..txt
    * Nieuw herstelpunt werd aangemaakt

    FILE::
    C:\WINDOWS\system32\b1e35fe3.sys
    C:\WINDOWS\system32\e86169f6.sys
    C:\WINDOWS\system32\aspimgr.exe.ren
    C:\tislctg.exe
    C:\qixik.exe
    C:\gniinq.exe
    C:\WINDOWS\system32\4f46087b.sys
    C:\WINDOWS\system32\netfilter.dll
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Deckard
    C:\gniinq.exe
    C:\qixik.exe
    C:\tislctg.exe
    C:\WINDOWS\system32\4f46087b.sys
    C:\WINDOWS\system32\aspimgr.exe.ren
    C:\WINDOWS\system32\b1e35fe3.sys
    C:\WINDOWS\system32\e86169f6.sys
    C:\WINDOWS\system32\netfilter.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    ——-\LEGACY_NTMLSVC
    ——-\LEGACY_RUNTIME


    (((((((((((((((((((( Bestanden Gemaakt van 2007-09-02 to 2007-10-02 ))))))))))))))))))))))))))))))
    .

    2007-10-02 15:26 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-10-01 21:46 <DIR> d——– C:\Documents and Settings\Administrator\Application Data\Simply Super Software
    2007-10-01 17:10 <DIR> d–hs—- C:\Documents and Settings\Sadik\Onlangs geopend
    2007-09-30 21:55 83,536 –a—— C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-09-30 21:55 59,984 –a—— C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-09-30 21:55 52,304 –a—— C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-09-30 21:55 39,248 –a—— C:\WINDOWS\system32\drivers\ikfileflt.sys
    2007-09-30 21:55 26,064 –a—— C:\WINDOWS\system32\drivers\kcom.sys
    2007-09-30 21:54 <DIR> d——– C:\Program Files\Spyware Doctor
    2007-09-30 21:54 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PC Tools
    2007-09-30 18:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\BitTorrent
    2007-09-29 16:57 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA
    2007-09-29 16:48 208,896 –a—— C:\WINDOWS\system32\nvudisp.exe
    2007-09-29 16:46 <DIR> d——– C:\NVIDIA
    2007-09-29 16:42 3,958,496 –a—— C:\WINDOWS\system32\drivers\nv4_mini.sys
    2007-09-29 16:42 1,897,408 –a–c— C:\WINDOWS\system32\dllcache\nv4_mini.sys
    2007-09-28 23:28 14,744 –ah—– C:\WINDOWS\system32\mlfcache.dat
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Safari
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Bonjour
    2007-09-28 21:14 <DIR> d——– C:\Program Files\Apple Software Update
    2007-09-28 21:14 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
    2007-09-28 20:46 <DIR> d——– C:\Drivers
    2007-09-27 19:05 <DIR> d——– C:\Program Files\Ad-Aware 2007
    2007-09-27 19:05 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2007-09-27 16:50 <DIR> d——– C:\Program Files\Winamp
    2007-09-27 15:53 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PPStream
    2007-09-27 15:48 <DIR> d——– C:\Program Files\Nieuwe map
    2007-09-27 15:44 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\SopCast
    2007-09-25 18:00 77,312 –a—— C:\WINDOWS\system32\ztvunace26.dll
    2007-09-25 18:00 75,264 –a—— C:\WINDOWS\system32\unacev2.dll
    2007-09-25 18:00 69,632 –a—— C:\WINDOWS\system32\ztvcabinet.dll
    2007-09-25 18:00 162,304 –a—— C:\WINDOWS\system32\ztvunrar36.dll
    2007-09-25 18:00 153,088 –a—— C:\WINDOWS\system32\UNRAR3.dll
    2007-09-25 18:00 <DIR> d——– C:\Program Files\Trojan Remover
    2007-09-25 18:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Simply Super Software
    2007-09-25 18:00 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Simply Super Software
    2007-09-24 19:00 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
    2007-09-22 23:58 <DIR> d——– C:\Program Files\Western Digital
    2007-09-22 02:49 7,552 –a—— C:\WINDOWS\system32\drivers\enodpl.sys
    2007-09-22 02:49 4,736 –a—— C:\WINDOWS\system32\drivers\tandpl.sys
    2007-09-21 17:18 <DIR> d——– C:\Program Files\Windows Live Safety Center
    2007-09-16 22:54 1,156 –a—— C:\WINDOWS\mozver.dat
    2007-09-16 20:44 69,632 –a—— C:\WINDOWS\ALCMTR.EXE
    2007-09-15 20:35 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Tournament.com Client
    2007-09-15 00:55 <DIR> d——– C:\WINDOWS\system32\Nieuwe map
    2007-09-15 00:30 <DIR> d——– C:\WINDOWS\system32\VIRepair
    2007-09-14 17:30 <DIR> d——– C:\DECCHECK
    2007-09-14 14:20 <DIR> d——– C:\Program Files\DaemonTools_WhenUSave_Installer
    2007-09-13 22:40 <DIR> d——– C:\Program Files\SystemRequirementsLab
    2007-09-12 21:53 <DIR> d-a—— C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2007-09-12 18:11 <DIR> d——– C:\Program Files\Windows Journal Viewer
    2007-09-11 21:03 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Lavasoft
    2007-09-11 20:44 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
    2007-09-11 20:44 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2007-09-08 22:00 19,424 –a—— C:\WINDOWS\system32\drivers\ggsemc.sys
    2007-09-08 22:00 1,419,232 –a—— C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2007-09-08 14:09 22,328 –a—— C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-09-08 14:09 103,736 –a—— C:\WINDOWS\system32\PnkBstrB.exe
    2007-09-08 02:36 <DIR> d——– C:\Program Files\Kaspersky Lab
    2007-09-08 02:36 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
    2007-09-08 02:35 <DIR> d——– C:\KAV
    2007-09-08 02:24 0 –a—— C:\WINDOWS\nsreg.dat
    2007-09-07 21:49 <DIR> d——– C:\Program Files\SAGEM
    2007-09-06 17:48 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Apple Computer
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Shared
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Incomplete
    2007-09-06 17:40 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\LimeWire
    2007-09-05 16:27 86,016 –a—— C:\WINDOWS\system32\sbres32.dll
    2007-09-05 16:27 59,392 –a—— C:\WINDOWS\system\a3d.dll
    2007-09-05 16:27 465,536 –a—— C:\WINDOWS\system32\drivers\sbpci.sys
    2007-09-05 16:27 434,176 –a—— C:\WINDOWS\system32\sbmixres.dll
    2007-09-05 16:27 388,608 –a—— C:\WINDOWS\system32\ensmix32.exe
    2007-09-05 16:27 32,768 –a—— C:\WINDOWS\system32\starter.exe
    2007-09-05 16:27 <DIR> d——– C:\SBPCI
    2007-09-05 16:27 <DIR> d——– C:\cabs
    2007-09-05 14:21 5,632 –a—— C:\WINDOWS\system32\drivers\Entech64.sys
    2007-09-05 14:21 3,972 –a—— C:\WINDOWS\system32\drivers\PciBus.sys
    2007-09-05 14:21 21,664 –a—— C:\WINDOWS\system32\drivers\Entech.sys
    2007-09-05 14:21 <DIR> d——– C:\WINDOWS\system32\Futuremark
    2007-09-05 07:58 <DIR> d——– C:\Program Files\SpeedFan
    2007-09-04 17:49 271,224 –a—— C:\WINDOWS\system32\mucltui.dll
    2007-09-03 23:16 356,352 –a—— C:\WINDOWS\system32\NVUNINST.EXE
    2007-09-03 23:16 <DIR> d——– C:\WINDOWS\nview
    2007-09-03 22:40 66,668 –a—— C:\WINDOWS\BricoPackUninst.cmd
    2007-09-03 22:37 6,114 –a—— C:\WINDOWS\BricoPackFoldersDelete.cmd
    2007-09-03 22:36 <DIR> d——– C:\WINDOWS\BricoPacks
    2007-09-03 22:29 <DIR> d——– C:\Program Files\ViOrb
    2007-09-03 22:25 8,636 –a—— C:\WINDOWS\system32\modifype.exe
    2007-09-03 22:25 19,968 –a—— C:\WINDOWS\system32\reico.exe
    2007-09-03 22:25 111,104 –a—— C:\WINDOWS\system32\Uharc.exe
    2007-09-03 22:24 <DIR> dr——- C:\Documents and Settings\Administrator\Menu Start
    2007-09-03 22:24 <DIR> d–h—– C:\Documents and Settings\Administrator\Sjablonen
    2007-09-03 22:24 <DIR> d–h—– C:\Documents and Settings\Administrator\Onlangs geopend
    2007-09-03 22:24 <DIR> d–h—– C:\Documents and Settings\Administrator\Netwerkprinteromgeving
    2007-09-03 22:24 <DIR> d——– C:\Documents and Settings\Administrator\Mijn documenten
    2007-09-03 22:24 <DIR> d——– C:\Documents and Settings\Administrator\Favorieten
    2007-09-03 22:24 <DIR> d——– C:\Documents and Settings\Administrator\Bureaublad
    2007-09-03 21:32 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\InstallShield
    2007-09-03 21:25 <DIR> d——– C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
    2007-09-03 21:23 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Teleca

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-01 22:28 ——— d——– C:\Program Files\ImTOO
    2007-09-30 19:18 ——— d–h—– C:\Program Files\InstallShield Installation Information
    2007-09-30 05:11 ——— d——– C:\Program Files\Yahoo!
    2007-09-28 20:48 ——— d——– C:\Program Files\Marvell
    2007-09-27 19:07 9344 –a—— C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-09-27 19:07 8320 –a—— C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-09-27 19:00 ——— d——– C:\Program Files\Hitman Pro
    2007-09-27 18:58 ——— d——– C:\Program Files\Lavasoft
    2007-09-27 15:53 ——— d——– C:\Program Files\MSN Messenger
    2007-09-22 04:52 ——— d——– C:\Program Files\CCleaner
    2007-09-16 20:44 ——— d——– C:\Program Files\Realtek
    2007-09-08 22:07 0 –ah—– C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-09-08 22:07 0 –ah—– C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
    2007-09-08 21:59 ——— d——– C:\Program Files\Sony Ericsson
    2007-09-06 17:24 ——— d——– C:\Program Files\LimeWire
    2007-09-03 22:01 ——— d——– C:\Program Files\Windows Installer Clean Up
    2007-09-03 21:37 ——— d——– C:\Program Files\directx
    2007-09-03 21:26 ——— d——– C:\Program Files\QuickTime
    2007-09-03 21:23 ——— d——– C:\Program Files\Common Files\Teleca Shared
    2007-09-03 20:31 ——— d——– C:\Program Files\MD40323
    2007-09-03 20:30 ——— d——– C:\Program Files\BitTorrent
    2007-09-03 20:28 ——— d——– C:\Program Files\Messenger Plus! Live
    2007-09-01 05:34 ——— d——– C:\Program Files\Google
    2007-09-01 01:50 ——— d——– C:\Program Files\CyberLink
    2007-08-31 05:16 ——— d——– C:\Program Files\MSXML 4.0
    2007-08-31 05:13 ——— d——– C:\Program Files\Lavalys
    2007-08-30 17:19 ——— d——– C:\Program Files\Team MediaPortal
    2007-08-30 15:47 ——— d——– C:\Program Files\Disc2Phone
    2007-08-29 21:21 ——— d——– C:\Program Files\Spyware Terminator
    2007-08-29 13:59 ——— d——– C:\Program Files\SpywareBlaster
    2007-08-29 13:50 ——— d——– C:\Program Files\Ashampoo
    2007-08-29 05:16 ——— d——– C:\Program Files\Trend Micro
    2007-08-29 05:07 ——— d——– C:\Program Files\Crawler
    2007-08-29 04:57 ——— d——– C:\Program Files\Adverts
    2007-08-28 18:48 ——— d——– C:\Program Files\Windows Defender
    2007-08-28 18:32 ——— d——– C:\Program Files\MSECACHE
    2007-08-28 18:17 ——— d——– C:\Program Files\Windows Media Connect 2
    2007-08-28 18:15 ——— d——– C:\Program Files\Windows Live
    2007-08-28 16:13 ——— d——– C:\Program Files\NVIDIA Corporation
    2007-08-28 15:45 ——— d——– C:\Program Files\SCREEN2EXE
    2007-08-28 15:00 ——— d——– C:\Program Files\Common Files\InstallShield
    2007-08-28 15:00 ——— d——– C:\Program Files\ASUS
    2007-08-28 14:52 ——— d——– C:\Program Files\Intel
    2007-08-28 14:45 ——— d——– C:\Program Files\microsoft frontpage
    2007-07-30 19:19 92504 –a—— C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 68440 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 203096 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 207736 –a—— C:\WINDOWS\system32\muweb.dll
    2007-07-03 12:33 6912 –a—— C:\WINDOWS\nvoclock.sys
    2007-07-03 12:32 397312 –a—— C:\WINDOWS\ntuneoem.dll
    2007-07-03 12:32 1622016 –a—— C:\WINDOWS\NVBenchMarks.dll
    2007-07-03 12:31 28672 –a—— C:\WINDOWS\AutoTuneScript.dll
    .

    (((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))


    —- Directory of C:\Program Files\DaemonTools_WhenUSave_Installer —-



    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"="RTHDCPL.EXE" [2006-08-01 13:10 C:\WINDOWS\RTHDCPL.EXE]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 21:43]
    "nwiz"="nwiz.exe" [2006-08-11 21:43 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 21:43]
    "SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-05-17 12:02]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03]
    "msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 14:54]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoRecentDocsHistory"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

    R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys
    S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca100v.sys
    S3 CrystalSysInfo;CrystalSysInfo;\??\C:\Documents and Settings\Sadik\Mijn documenten\setfsb20b15w\SysInfo.sys
    S3 NVR0Dev;NVR0Dev;\??\C:\WINDOWS\nvoclock.sys
    S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\Drivers\Bulk100.sys

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-09-28 19:14:21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-02 13:33:30 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
    - C:\Program Files\Windows Defender\MpCmdRun.exe
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-02 17:53:07
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-10-02 17:55:22 - machine was rebooted
    C:\ComboFix-quarantined-files.txt … 2007-10-02 17:54
    C:\ComboFix2.txt … 2007-10-02 15:32
    .
    — E O F —


    k hoop dat je meer vind :P :P
  • [quote:78ee1f831f]
    k hoop dat je meer vind :P :P
    [/quote:78ee1f831f]

    Zijn je problemen nog steeds niet over dan?

    Onderstaande map mag je verwijderen:
    C:\Program Files\[b:78ee1f831f]DaemonTools_WhenUSave_Installer[/b:78ee1f831f]

    Download ATF Cleaner (by Atribune)

    Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij [b:78ee1f831f]Select All[/b:78ee1f831f].
    Klik op de knop [b:78ee1f831f]Empty Selected[/b:78ee1f831f].

    Het volgende doen als je ook [u:78ee1f831f]FireFox[/u:78ee1f831f] als browser hebt:
    Klik op tabblad "Firefox", plaats een vinkje bij [b:78ee1f831f]Select All[/b:78ee1f831f].
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords";)
    Klik op de knop [b:78ee1f831f]Empty Selected.[/b:78ee1f831f]

    Het volgende doen als je ook [u:78ee1f831f]Opera[/u:78ee1f831f] als browser hebt:
    Klik op tabblad "Opera", plaats een vinkje bij [b:78ee1f831f]Select All[/b:78ee1f831f].
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop [b:78ee1f831f]Empty Selected[/b:78ee1f831f].
    Ga naar het tabblad "Main" en klik op de knop [b:78ee1f831f]Exit[/b:78ee1f831f] om het programma af te sluiten.

    Download Dr.Web Cureit naar je bureaublad.
    [list:78ee1f831f]
    * Dubbelklik [b:78ee1f831f]drweb-cureit.exe[/b:78ee1f831f] en sta het toe om de express scan te starten.
    * Indien een popup verschijnt met het voorstel tot kopen/50% korting,
    mag je deze sluiten met het kruisje.
    * Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt,
    klik de [b:78ee1f831f]Yes to all[/b:78ee1f831f] knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
    * Kies bovenaan in het menu voor [b:78ee1f831f]Language/Taal[/b:78ee1f831f] en wijzig deze naar [b:78ee1f831f]Dutch (Nederlands)[/b:78ee1f831f] indien deze bij jou anders staat ingesteld.
    * Druk op [b:78ee1f831f]F9[/b:78ee1f831f] en kies daarna voor [b:78ee1f831f]Acties[/b:78ee1f831f] en stel daar het volgende in onder [b:78ee1f831f]Malware[/b:78ee1f831f] :
    o Adware: [b:78ee1f831f]Verplaats[/b:78ee1f831f]
    Dialers: [b:78ee1f831f]Verplaats[/b:78ee1f831f]
    Jokes: [b:78ee1f831f]Rapportage[/b:78ee1f831f]
    Riskware: [b:78ee1f831f]Rapportage[/b:78ee1f831f]
    Hacktools: [b:78ee1f831f]Verplaats[/b:78ee1f831f]
    Haal dan het [b:78ee1f831f]vinkje weg bij "Prompt bij actie"[/b:78ee1f831f].
    Druk dan op [b:78ee1f831f]OK[/b:78ee1f831f].
    * Druk op [b:78ee1f831f]F9[/b:78ee1f831f] en kies daarna voor [b:78ee1f831f]Scan[/b:78ee1f831f] en verwijder het vinkje bij [b:78ee1f831f]Heuristische analyse[/b:78ee1f831f] en klik op [b:78ee1f831f]OK[/b:78ee1f831f].
    * Eenmaal de korte scan is beeïndigd, kan je de drives selecteren die je wilt laten scannen (Selecteer stations).
    * Selecteer hier [b:78ee1f831f]alle stations[/b:78ee1f831f]. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    * Klik daarna de
  • erg bedankt maar
    ik kan nu niet meer me pc starten
    voordat je dat drweb cureit gaf
    ik ging ff me pc zn plekie verwisselen
    computer uit
    voeding uit
    (alle kabels eruit en weer erin)
    starte me pc
    en start op
    komt tot t windows laad balk en in een keer en snelle blauw scherm en start opnieuw op
    ik kon wel iets in de midden leze
    stond iets van veilige modusm enzo(ben nu ook in veilige modus)
    wat nu???


    hier ik heb ook videos en frames vastgelegd van die video
    pleas ehelp mee




    en hier, videos die ik had opgenomen enzo(+ vastgelegde frames van t video)




    2 uur later…
    wat een geluk zeg
    die blauwe scherm bleef deze keer vast zitte

    hier het code+video's:




    http://rapidshare.com/files/59990126/Probleem_video.rar.html[code:1:6d0b8e389a] *** STOP: 0x0000003F (0x00000000,0x000014A8,0x00008BE4,0x0000CD2F)[/code:1:6d0b8e389a]


    alvast erg bedankt als jullie het kunnen oplosse :)


    10 min later…

    hmmm al gevonden
    http://www.geekstogo.com/forum/Windows-XP-Blue-Screen-Death-STOP-Codes-t43519.html
  • Opgelost….

    spyware doctor 5.0 en trojan remover verwijderd
    nou start ie normaal op
    ik denk dat spyware doctor t oorzaak was
    toen ik ging afsluiten (via t veilige modus)
    gaf t all een error als SWDSVC.EXE toepassingsfout

    en stond er onder ook nog wat met paar codes etc.

    maar bedankt echt heel erg bedankt voor jullie hulp hea :lol:


    me pc is weer bij :D
  • Mooi dat het is opgelost!

    De gebruikte tools mag je weer verwijderen :wink:
    Lees om herhaling te voorkomen deze beveiligingstips nog eens door:
    http://www.jawwi.nl/nederlands/tips/beveiligen/beveiligen.html

    Pim
  • ok
    :wink:



    nee het probleem was spyware doctor niet
    trojan remover

    allebei opnieuw geinstalleerd
    zelfde probleem
    spyware doctor verwijderd
    zelfde
    trojan remover verwijderd
    niks aan de hand
    (zeg dit als de anderen dit ook hebben en het kunnen oplossen)
  • nee niet opgelost dus
    me pc is traag als nog wat
    ik voer hele tijd scans uit en helemaal niks
    ik kan niet eens normaal deze computer openen :evil:

    als ik me pc stress(gewoon een appilcatie runne, zelfs bij windows media player openen :evil: :evil: :evil: :evil: )
    sluit ie automatisch af alsof je op t reset knop drukt :evil:

    echt ** ding jonge
    ik ben t echt zat met dit bak :evil:



    hier een logje




    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:52:32, on 5-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\savedump.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188831081734
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188845633406
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe


    End of file - 6031 bytes



    alvast bedankt



    en als ik alles formateer en windows opnieuw installeer
    is me pc nog steeds traag

    komt dat door dat me pc onstabiel is off??
    moet ik de timings enzo wijzige van me werkgeheugen ???
    pleass help

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.