ElsV
-
Items
27 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door ElsV
-
-
oeps, die spatie inderdaad over het hoofd gezien en Combofix verwijderd. Moet ik die DrWeb-CureIt ook nog verwijderen ?
-
Combofix/uninstall kan niet gevonden worden ...
Is het ook ok als ik die via de zoekfunctie allemaal selecteer en verwijder ?
CCleaner staat hier standaard op.
Ik ga terug AVG installeren dan. Die heb ik er indertijd afgezwierd en vervangen door MSE omdat ik ineens vaststelde dat AVG op een of andere vreemde manier 36GB gebruikte ...
Nog maar eens terug proberen nu.
-
Een groot verschil ! Scrollen gaat een pak sneller als ik de real time protection uitschakel ... Schakel dit terug in en krijg meteen vertraging !
-
-
Bestand is te groot om te uploaden 2,07 mb !
-
Het is niet helemaal ok verlopen : de taal stond meteen goed, F9 werkte niet, zag enkel het groene pijltje. Heb daar dan maar op gedrukt en programma begon meteen te scannen zonder dat ik ook maar iets in de instellingen gewijzigd had, hopelijk geen grote gevolgen ?
Log is zodanig lang dat ik 'm hier niet geplaatst krijg. Kreeg melding dat er geen virussen gevonden waren, maar in de log zag ik toch dat er hier en daar iets was waar niet zomaar "ok" achter stond. Kan ik de log op een andere manier doorsturen ?
-
Opstarten gaat sneller heb ik de indruk, scrollen gaat ook iets sneller, op facebook blijft het nog regelmatig hangen ...
Stond er iets in de log wat voor de vertraging kon zorgen, want dat is allemaal chinees
-
Dank je voor de uitleg !
Hier de nieuwe log :
ComboFix 11-11-08.02 - ASUS 09/11/2011 16:21:46.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1015.250 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\ASUS\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: C:\Documents and Settings\ASUS\Bureaublad\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
(((((((((((((((((((( Bestanden Gemaakt van 2011-10-09 to 2011-11-09 ))))))))))))))))))))))))))))))
2011-11-09 12:24:55 . 2011-11-09 12:24:55 -------- d-----w- C:\WINDOWS\LastGood
2011-11-08 21:06:09 . 2011-11-08 21:06:09 28752 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8306A478-AAB3-4DBA-8C64-502F645D3338}\MpKsl86fff1f4.sys
2011-11-08 21:05:53 . 2011-11-08 21:05:53 56200 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8306A478-AAB3-4DBA-8C64-502F645D3338}\offreg.dll
2011-11-08 21:05:27 . 2011-10-07 03:48:07 6668624 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8306A478-AAB3-4DBA-8C64-502F645D3338}\mpengine.dll
2011-10-14 04:59:21 . 2011-11-09 15:17:38 -------- d--h--r- C:\Documents and Settings\ASUS\Onlangs geopend
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-10-07 03:48:07 . 2010-10-11 17:50:27 6668624 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-29 12:52:10 . 2011-06-08 09:08:53 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41:44 . 2009-05-18 19:45:30 23040 ----a-w- C:\WINDOWS\system32\oleaccrc.dll
2011-09-26 09:41:44 . 2008-07-29 17:59:58 614912 ----a-w- C:\WINDOWS\system32\uiautomationcore.dll
2011-09-26 09:41:20 . 2009-05-18 19:45:30 220160 ----a-w- C:\WINDOWS\system32\oleacc.dll
2011-09-09 09:12:05 . 2009-05-18 19:45:22 602624 ----a-w- C:\WINDOWS\system32\crypt32.dll
2011-09-06 14:09:57 . 2009-05-18 19:45:34 1859072 ----a-w- C:\WINDOWS\system32\win32k.sys
2011-08-31 16:00:50 . 2011-07-01 10:58:56 22216 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-08-22 23:41:22 . 2009-05-18 19:45:34 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2011-08-22 23:41:20 . 2009-05-18 19:45:27 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2011-08-22 23:41:20 . 2009-05-18 19:45:26 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2011-08-22 11:58:28 . 2009-05-18 19:45:26 385024 ----a-w- C:\WINDOWS\system32\html.iec
2011-08-17 13:49:54 . 2009-05-18 19:45:21 138496 ----a-w- C:\WINDOWS\system32\drivers\afd.sys
2011-06-16 06:58:07 . 2011-06-16 06:56:56 154914552 ----a-w- C:\Program Files\OOo_3.3.0_Win_x86_install-wJRE_nl.exe
2011-03-31 07:59:11 . 2010-11-08 13:43:20 1986520 ----a-w- C:\Program Files\SyncBack_Setup_NL.exe
2010-10-10 17:42:28 . 2010-10-10 17:42:17 13111256 ----a-w- C:\Program Files\mssefullinstall-x86fre-nl-nl-xp.exe
2010-09-19 15:39:45 . 2010-09-19 10:13:34 137920704 ----a-w- C:\Program Files\OOo_3.2.1_Win_x86_install_nl.exe
((((((((((((((((((((((((((((( SnapShot@2011-11-08_20.29.59 )))))))))))))))))))))))))))))))))))))))))
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-06 23:07:04 297808 ----a-w- C:\WINDOWS\system32\mscoree.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-06 23:07:04 297808 ----a-w- C:\WINDOWS\system32\mscoree.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-09 15:18:00 39408]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2011-06-24 19:53:16 2423608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-12-19 15:08:08 135168]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-12-19 15:08:12 159744]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-12-19 15:07:42 131072]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 08:57:54 1434920]
"SynAsusAcpi"="C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 08:58:06 79144]
"AsusACPIServer"="C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 17:46:30 630784]
"AsusEPCMonitor"="C:\Program Files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 14:15:02 98304]
"AsusTray"="C:\Program Files\EeePC\ACPI\AsTray.exe" [2009-04-16 16:58:54 118784]
"Parental Control"="C:\Program Files\Parental Control\bin\pcontrol.exe" [2009-03-20 22:23:32 1104384]
"RTHDCPL"="RTHDCPL.EXE" [2009-03-27 03:22:08 17567744]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 08:54:08 150016]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe" [2011-06-15 13:16:48 997920]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 01:57:22 40368]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 19:59:06 937920]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 10:59:52 254696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 16:00:48 449608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-15 12:00:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 23:44:24 435096]
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 20:41:34 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57:22 40368 ----a-w- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 20:12:58 3872080 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"427:UDP"= 427:UDP:SLP_Port(427)
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
R1 MpKsl4f45a6d8;MpKsl4f45a6d8;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D3E2198D-AE1E-4DCD-9E1F-38704C0CFA47}\MpKsl4f45a6d8.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D3E2198D-AE1E-4DCD-9E1F-38704C0CFA47}\MpKsl4f45a6d8.sys [?]
R1 MpKsl86fff1f4;MpKsl86fff1f4;C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8306A478-AAB3-4DBA-8C64-502F645D3338}\MpKsl86fff1f4.sys [8/11/2011 22:06:09 28752]
R1 policyappblockservice;Parental Control Application Filter;C:\Program Files\Parental Control\bin\policyappblock.sys [2/02/2009 21:22:44 5120]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;C:\WINDOWS\system32\drivers\l1c51x86.sys [9/04/2009 12:17:24 38912]
S1 MpKsl0a2d45d5;MpKsl0a2d45d5;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1EB86957-0BD3-487A-93B2-89DC96D32B2E}\MpKsl0a2d45d5.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1EB86957-0BD3-487A-93B2-89DC96D32B2E}\MpKsl0a2d45d5.sys [?]
S1 MpKsl10b1e89e;MpKsl10b1e89e;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6FE2290A-E2BC-424A-9C0C-FAE80203BE79}\MpKsl10b1e89e.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6FE2290A-E2BC-424A-9C0C-FAE80203BE79}\MpKsl10b1e89e.sys [?]
S1 MpKsl1f5390ab;MpKsl1f5390ab;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{371AE6E2-FE2F-4623-BE01-5C52704887BF}\MpKsl1f5390ab.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{371AE6E2-FE2F-4623-BE01-5C52704887BF}\MpKsl1f5390ab.sys [?]
S1 MpKsl42f0a878;MpKsl42f0a878;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F59D32E2-4131-48D2-8806-27C878194491}\MpKsl42f0a878.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F59D32E2-4131-48D2-8806-27C878194491}\MpKsl42f0a878.sys [?]
S1 MpKsl496cb3ce;MpKsl496cb3ce;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{633ED9ED-E23E-4EAB-B699-16F473227CFF}\MpKsl496cb3ce.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{633ED9ED-E23E-4EAB-B699-16F473227CFF}\MpKsl496cb3ce.sys [?]
S1 MpKsl4e51075c;MpKsl4e51075c;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8D0328BA-93A4-42FE-B49E-65731936DF34}\MpKsl4e51075c.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8D0328BA-93A4-42FE-B49E-65731936DF34}\MpKsl4e51075c.sys [?]
S1 MpKsl51a6a79a;MpKsl51a6a79a;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D0B33A3-B7D5-4ED4-992C-0A635FE38C3F}\MpKsl51a6a79a.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D0B33A3-B7D5-4ED4-992C-0A635FE38C3F}\MpKsl51a6a79a.sys [?]
S1 MpKsl65ff1186;MpKsl65ff1186;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7667D025-E546-49C8-8405-85468F60A4DC}\MpKsl65ff1186.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7667D025-E546-49C8-8405-85468F60A4DC}\MpKsl65ff1186.sys [?]
S1 MpKsl926e5c51;MpKsl926e5c51;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C73042AD-F68C-4F5F-BC8C-A1708CCA8801}\MpKsl926e5c51.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C73042AD-F68C-4F5F-BC8C-A1708CCA8801}\MpKsl926e5c51.sys [?]
S1 MpKsleef327e6;MpKsleef327e6;\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1CA98746-6D84-467A-AA0D-47CB422F1323}\MpKsleef327e6.sys --> C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1CA98746-6D84-467A-AA0D-47CB422F1323}\MpKsleef327e6.sys [?]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [9/04/2010 16:18:04 135664]
S3 Ambfilt;Ambfilt;C:\WINDOWS\system32\drivers\Ambfilt.sys [18/05/2009 21:42:00 1684736]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [9/04/2010 16:18:04 135664]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys [19/05/2009 9:02:46 232872]
S3 uvclf;uvclf;C:\WINDOWS\system32\drivers\uvclf.sys [2/04/2009 3:19:09 39040]
S3 uxddrv;Dynamically loaded UxdDrv;\??\UNC\192.168.254.253\public\Dynafix_32__01.06.11\uxddrv.sys --> UNC\192.168.254.253\public\Dynafix_32__01.06.11\uxddrv.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);C:\WINDOWS\system32\svchost.exe -k WINRM [18/05/2009 20:45:33 14336]
--- Andere Services/Drivers In Geheugen ---
*NewlyCreated* - MPKSL2934C6A1
*NewlyCreated* - MPKSL546C1C8E
*NewlyCreated* - MPKSL7560AEEC
*NewlyCreated* - MPKSL767DDF6F
*NewlyCreated* - MPKSL86FFF1F4
*NewlyCreated* - MPKSL89EB62A6
*NewlyCreated* - MPKSL8A60B988
*NewlyCreated* - MPKSLB46763C0
*NewlyCreated* - MPKSLD1F0D0C0
*NewlyCreated* - MPKSLDFDDB14B
*NewlyCreated* - MPKSLFD96699D
*Deregistered* - MpKsl2934c6a1
*Deregistered* - MpKsl546c1c8e
*Deregistered* - MpKsl7560aeec
*Deregistered* - MpKsl767ddf6f
*Deregistered* - MpKsl89eb62a6
*Deregistered* - MpKsl8a60b988
*Deregistered* - MpKslb46763c0
*Deregistered* - MpKsld1f0d0c0
*Deregistered* - MpKsldfddb14b
*Deregistered* - MpKslfd96699d
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
Inhoud van de 'Gedeelde Taken' map
2011-11-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-09 15:18:04 . 2010-04-09 15:18:02]
2011-11-09 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-09 15:18:04 . 2010-04-09 15:18:02]
------- Bijkomende Scan -------
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-09 16:31:59
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
Voltooingstijd: 2011-11-09 16:34:58
ComboFix-quarantined-files.txt 2011-11-09 15:34:54
ComboFix2.txt 2011-11-08 20:33:03
-
Ik probeer hier ook een beetje uit te leren, vandaar vroeg ik mij af waarom de regel die ik moest verwijderen uit het eerste HJT logje mbt de blanco startpagina op internet precies weg moest ? Dit is toch maar enkel om een blanco startpagina te krijgen en meer niet of zie ik dit verkeerd ?
-
Hier de ComboFix log :
ComboFix 11-11-08.02 - ASUS 08/11/2011 21:08:56.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1015.209 [GMT 1:00]
Gestart vanuit: c:\documents and settings\ASUS\Bureaublad\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\ASUS\Application Data\PriceGong
c:\documents and settings\ASUS\Application Data\PriceGong\Data\1.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\1.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\2229.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\2626.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\4489.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\6174.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\a.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\a.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\b.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\b.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\c.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\c.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\d.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\d.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\e.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\e.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\f.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\f.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\g.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\g.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\h.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\h.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\i.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\i.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\j.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\J.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\k.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\k.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\l.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\l.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\m.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\m.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\n.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\n.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\o.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\o.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\p.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\p.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\q.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\q.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\r.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\r.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\s.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\s.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\t.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\t.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\u.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\u.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\v.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\v.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\w.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\w.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\x.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\x.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\y.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\y.xml
c:\documents and settings\ASUS\Application Data\PriceGong\Data\z.txt
c:\documents and settings\ASUS\Application Data\PriceGong\Data\z.xml
c:\documents and settings\ASUS\Menu Start\Programma's\Opstarten\OpenOffice.org 3.2 .lnk
c:\documents and settings\ASUS\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk
c:\program files\Windows Searchqu Toolbar
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-10-08 to 2011-11-08 ))))))))))))))))))))))))))))))
.
.
2011-11-08 20:05 . 2011-11-08 20:05 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA96935B-8207-4AFB-9D66-21EAE3D10DBC}\offreg.dll
2011-11-08 20:05 . 2011-10-07 03:48 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA96935B-8207-4AFB-9D66-21EAE3D10DBC}\mpengine.dll
2011-10-14 04:59 . 2011-11-08 16:00 -------- d--h--r- c:\documents and settings\ASUS\Onlangs geopend
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 03:48 . 2010-10-11 17:50 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-29 12:52 . 2011-06-08 09:08 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2009-05-18 19:45 23040 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2009-05-18 19:45 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2009-05-18 19:45 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:09 . 2009-05-18 19:45 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 16:00 . 2011-07-01 10:58 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:41 . 2009-05-18 19:45 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2009-05-18 19:45 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2009-05-18 19:45 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:58 . 2009-05-18 19:45 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2009-05-18 19:45 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 06:58 . 2011-06-16 06:56 154914552 ----a-w- c:\program files\OOo_3.3.0_Win_x86_install-wJRE_nl.exe
2011-03-31 07:59 . 2010-11-08 13:43 1986520 ----a-w- c:\program files\SyncBack_Setup_NL.exe
2010-10-10 17:42 . 2010-10-10 17:42 13111256 ----a-w- c:\program files\mssefullinstall-x86fre-nl-nl-xp.exe
2010-09-19 15:39 . 2010-09-19 10:13 137920704 ----a-w- c:\program files\OOo_3.2.1_Win_x86_install_nl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-06 23:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-06 23:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-09 39408]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-06-24 2423608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784]
"Parental Control"="c:\program files\Parental Control\bin\pcontrol.exe" [2009-03-20 1104384]
"RTHDCPL"="RTHDCPL.EXE" [2009-03-27 17567744]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"removetoolbar"="RD" [X]
"removedatamngr"="RD" [X]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"427:UDP"= 427:UDP:SLP_Port(427)
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 MpKsl4f45a6d8;MpKsl4f45a6d8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D3E2198D-AE1E-4DCD-9E1F-38704C0CFA47}\MpKsl4f45a6d8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D3E2198D-AE1E-4DCD-9E1F-38704C0CFA47}\MpKsl4f45a6d8.sys [?]
R1 policyappblockservice;Parental Control Application Filter;c:\program files\Parental Control\bin\policyappblock.sys [2/02/2009 21:22 5120]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [9/04/2009 12:17 38912]
S1 MpKsl0a2d45d5;MpKsl0a2d45d5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1EB86957-0BD3-487A-93B2-89DC96D32B2E}\MpKsl0a2d45d5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1EB86957-0BD3-487A-93B2-89DC96D32B2E}\MpKsl0a2d45d5.sys [?]
S1 MpKsl10b1e89e;MpKsl10b1e89e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6FE2290A-E2BC-424A-9C0C-FAE80203BE79}\MpKsl10b1e89e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6FE2290A-E2BC-424A-9C0C-FAE80203BE79}\MpKsl10b1e89e.sys [?]
S1 MpKsl1f5390ab;MpKsl1f5390ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{371AE6E2-FE2F-4623-BE01-5C52704887BF}\MpKsl1f5390ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{371AE6E2-FE2F-4623-BE01-5C52704887BF}\MpKsl1f5390ab.sys [?]
S1 MpKsl42f0a878;MpKsl42f0a878;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F59D32E2-4131-48D2-8806-27C878194491}\MpKsl42f0a878.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F59D32E2-4131-48D2-8806-27C878194491}\MpKsl42f0a878.sys [?]
S1 MpKsl496cb3ce;MpKsl496cb3ce;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{633ED9ED-E23E-4EAB-B699-16F473227CFF}\MpKsl496cb3ce.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{633ED9ED-E23E-4EAB-B699-16F473227CFF}\MpKsl496cb3ce.sys [?]
S1 MpKsl4e51075c;MpKsl4e51075c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8D0328BA-93A4-42FE-B49E-65731936DF34}\MpKsl4e51075c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8D0328BA-93A4-42FE-B49E-65731936DF34}\MpKsl4e51075c.sys [?]
S1 MpKsl51a6a79a;MpKsl51a6a79a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D0B33A3-B7D5-4ED4-992C-0A635FE38C3F}\MpKsl51a6a79a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D0B33A3-B7D5-4ED4-992C-0A635FE38C3F}\MpKsl51a6a79a.sys [?]
S1 MpKsl65ff1186;MpKsl65ff1186;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7667D025-E546-49C8-8405-85468F60A4DC}\MpKsl65ff1186.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7667D025-E546-49C8-8405-85468F60A4DC}\MpKsl65ff1186.sys [?]
S1 MpKsl926e5c51;MpKsl926e5c51;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C73042AD-F68C-4F5F-BC8C-A1708CCA8801}\MpKsl926e5c51.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C73042AD-F68C-4F5F-BC8C-A1708CCA8801}\MpKsl926e5c51.sys [?]
S1 MpKsleef327e6;MpKsleef327e6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1CA98746-6D84-467A-AA0D-47CB422F1323}\MpKsleef327e6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1CA98746-6D84-467A-AA0D-47CB422F1323}\MpKsleef327e6.sys [?]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/04/2010 16:18 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [18/05/2009 21:42 1684736]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/04/2010 16:18 135664]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [19/05/2009 9:02 232872]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [2/04/2009 3:19 39040]
S3 uxddrv;Dynamically loaded UxdDrv;\??\UNC\192.168.254.253\public\Dynafix_32__01.06.11\uxddrv.sys --> UNC\192.168.254.253\public\Dynafix_32__01.06.11\uxddrv.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18/05/2009 20:45 14336]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSL2934C6A1
*NewlyCreated* - MPKSL546C1C8E
*NewlyCreated* - MPKSL7560AEEC
*NewlyCreated* - MPKSL767DDF6F
*NewlyCreated* - MPKSL89EB62A6
*NewlyCreated* - MPKSL8A60B988
*NewlyCreated* - MPKSLB46763C0
*NewlyCreated* - MPKSLD1F0D0C0
*NewlyCreated* - MPKSLDFDDB14B
*NewlyCreated* - MPKSLFD96699D
*Deregistered* - MpKsl2934c6a1
*Deregistered* - MpKsl546c1c8e
*Deregistered* - MpKsl7560aeec
*Deregistered* - MpKsl767ddf6f
*Deregistered* - MpKsl89eb62a6
*Deregistered* - MpKsl8a60b988
*Deregistered* - MpKslb46763c0
*Deregistered* - MpKsld1f0d0c0
*Deregistered* - MpKsldfddb14b
*Deregistered* - MpKslfd96699d
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
Inhoud van de 'Gedeelde Taken' map
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 15:18]
.
2011-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 15:18]
.
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Verzenden naar Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file)
MSConfigStartUp-SRS Premium Sound - c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-08 21:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
Voltooingstijd: 2011-11-08 21:33:02
ComboFix-quarantined-files.txt 2011-11-08 20:32
.
Pre-Run: 37.171.810.304 bytes beschikbaar
Post-Run: 37.740.371.968 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 3EEB49F9555C1AAE9D4CBCDED45C3C07
-
Het openen gaat iets sneller lijkt me, scrollen op een pagina (bijv Facebook) verloopt nog steeds traag !
-
Okidoki, voor alle zekerheid ook met de zoekfunctie alles van Bittorrent gezocht en verwijderd, zat nog wel één en ander verborgen.
Hier het MBAM logje :
Malwarebytes' Anti-Malware 1.51.2.1300
Databaseversie: 8109
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
8/11/2011 16:56:39
mbam-log-2011-11-08 (16-56-39).txt
Scantype: Snelle scan
Objecten gescand: 179206
Verstreken tijd: 29 minuut/minuten, 1 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
En hier het HJT logje :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:26, on 8/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Parental Control\bin\pcontrol.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [Parental Control] "C:\Program Files\Parental Control\bin\pcontrol.exe" --start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [removetoolbar] cmd.exe /c RD /S /Q "C:\PROGRA~1\WI9130~1\ToolBar"
O4 - HKLM\..\RunOnce: [removedatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Windows Searchqu Toolbar\"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271009336859
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Aibelive\VOICEC~1\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 9869 bytes
-
Hallo,
Kan iemand aub nog eens het volgend logje bekijken en zien of er iets abnormaals tussen staat ? Mijn internet werkt weer ongelooflijk traag ...
Alvast bedankt !
Els
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:04, on 7/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Parental Control\bin\pcontrol.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBit0.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBit0.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBit0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [Parental Control] "C:\Program Files\Parental Control\bin\pcontrol.exe" --start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271009336859
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Aibelive\VOICEC~1\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 10255 bytes
-
Mijn dochters gebruiken mijn netbookje ook om te chatten en op facebook te gaan. Ze zouden graag de ascii codes gebruiken, maar dat lukt niet.
Ik ken dus wel de lijst met de codes (alt + een cijfercombinatie) maar ze verschijnen gewoon niet op mijn scherm.
Ik heb al de landinstellingen en beeldscherminstellingen gecheckt, maar kan niet direct iets vinden. Ik heb zowel Nederlands (belgisch punt) als Engels (Verenigde Staten internationaal) als taal.
Welke instellingen moet ik wijzigen om de ascii vertaaltabel te laten werken ?
Alvast bedankt !
-
Download gelukt, krijg stick echter nog steeds niet aan de praat. Heb 'm eerst automatisch laten lopen, dat lukte niet, dan optie zelf kiezen aangevinkt en als locatie de plaats opgegeven waar de bestanden waren uitgepakt, maar hij blijft zeggen dat 'm de software niet kan vinden ...
---------- Post toegevoegd om 14:40 ---------- Vorige post was om 14:26 ----------
Gelukt:-)
Eerst nog even geklungeld omdat het niet meteen lukte, maar dan ff in de bestandjes rondgeneusd en de setup gedaan, want dat gebeurde niet automatisch !
Thx en ik zal meteen sluiten se
-
Ik moet daarvoor registreren, dat klopt toch en is toch gratis hé ?
-
Het enige wat erop staat is Hama 00011280, ben je daar iets mee, het is een gekregen stick ...
-
Ik heb hier een bluetooth stick van het merk Hama, wordt op pc weergegeven als ISSCEDRBRA. Helaas installeert dat ding zich niet automatisch, ik krijg steeds melding dat de software niet gevonden kon worden en er zit geen cdrom of zo bij.
Hoe kan ik dat ding aan de praat krijgen ?
Alvast bedankt !
-
Netbookje is ondertussen binnengeweest; CMOS batterij werd vervangen alsook een slecht contact op het moederbord.
Probleem is dus opgelost ! Nogmaals dank !
-
OK, alvast iedereen bedankt voor de geboden en de zeer snelle hulp !
Ik ga straks even langs om het batterijtje te laten vervangen.
Laat het resultaat nog weten, maar ik heb alvast een volledig "proper" netbookje
-
Helaas, ik moet na het opstarten nog steeds terug tijd en datum ingeven. Of probeer ik nu het herstelpunt nog eens ?
-
Hierbij de gevraagde logs
Malwarebytes' Anti-Malware 1.51.0.1200
Databaseversie: 6992
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
1/07/2011 13:28:46
mbam-log-2011-07-01 (13-28-46).txt
Scantype: Snelle scan
Objecten gescand: 151103
Verstreken tijd: 7 minuut/minuten, 13 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 1
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:38:48, on 1/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Parental Control\bin\pcontrol.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [Parental Control] "C:\Program Files\Parental Control\bin\pcontrol.exe" --start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271009336859
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Aibelive\VOICEC~1\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 9645 bytes
-
Dank je voor je heldere uitleg !
Hier de log, hopelijk heb ik het goed gedaan.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:48, on 1/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Parental Control\bin\pcontrol.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\PROGRA~1\WI9130~1\DataMngr\DataMngrUI.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [Parental Control] "C:\Program Files\Parental Control\bin\pcontrol.exe" --start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\WI9130~1\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271009336859
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Aibelive\VOICEC~1\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 10357 bytes
-
System recovery nog nooit geprobeerd, lijkt me niet iets om eens snel aan te beginnen voor een beginner zoals ik !
Dat zal ik straks eens op mijn gemak moeten bekijken. Alvast bedankt !
---------- Post toegevoegd om 11:46 ---------- Vorige post was om 11:44 ----------
Ja Asus, dat was inderdaad het geval, daar durfde ik niet zelf aan beginnen.
oeps, die spatie inderdaad over het hoofd gezien en Combofix verwijderd. Moet ik die DrWeb-CureIt ook nog verwijderen ?
Internet loopt zeer traag - nieuw HJT logje
in Archief Bestrijding malware & virussen
Geplaatst:
AVG terug geïnstalleerd, pc werkt iets sneller nu.
Bedankt voor de hulp