![](https://www.pc-helpforum.be/uploads/set_resources_28/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
tomm
-
Items
25 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door tomm
-
-
Bedankt voor je reactie.
Hier is het Speccy linkje;
-
Hallo,
Aller eerst excuses als ik mijn post in het verkeerde topic plaats.
De laatste tijd begint mijn laptop traag te worden.
Het opstarten is van begin af aan altijd al traag geweest maar ik verwacht dat 't een combinatie zal zijn van Vista + HP.
Maar de laatste tijd is het wel heel erg traag.. Internet wordt trager en alles loopt met regelmaat vast.
Ik heb vooraf al Malware Bytes laten scannen maar deze vond niets. Ccleaner heb ik ook al gebruikt en heb zojuist ook Hijackthis gebruikt. Hieronder de logs van zowel Malware als Hijackthis.
Hopelijk kunnen jullie me weer helpen!
Alvast bedankt!
Gr, Tom
Malware log:
Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free anti-malware download
Databaseversie: v2013.02.13.07
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Tom :: PC_VAN_TOM [administrator]
13-2-2013 19:14:00
mbam-log-2013-02-13 (19-14-00).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 226425
Verstreken tijd: 14 minuut/minuten, 10 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
--------------------------------------------------
Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:57, on 13-2-2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Tom\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Tom\Downloads\HiJackThis.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Tom\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9860110-4EE7-48AC-896E-8C618BAED840}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 15247 bytes
-
Hmm.. Heb mn driver gereset en heb nu kunnen branden met IMGBurn. Alleen speelt hij m niet af op mijn dvd-speler haha. Maar dat gaat goed komen. Thanks voor je hulp
-
de link werkt niet bij mij..
-
Ja heel wazig..
Ja als ik op de dvd kijk is er wel gebrand.
-
uitslag Nero tool test:
Simulatie kan hij niet uitvoeren op dit soort schijf geeft hij aan..
Nu heb ik een andere dvd gepakt en weer gebrand ditmaal was het brandproces voltooid maar de dvd blijft leeg..
Ook als het brandproces mislukt geeft hij aan dat er niks op de dvd staat.
De foutmelding kan ik nu dus niet achterhalen doordat het proces nu ineens wel voltooid wordt.
Wazig..
-
Ik heb bij de volgende screenshots Nero, DVDFab en Power2Go gebruikt.
DVDFab:
DVD kopie - volledige disc - DVD 9 - Foutmelding tijdens branden.
Nero:
Nero express - DVD-Video bestanden - Video TS bestanden toegevoegd - Branden - Foutmelding
Van Nero heb ik ook nog een Log bestandje:
Windows Vista 6.0
IA32
WinAspi: -
NT-SPTI used
Nero Version: 9.4.26.100
Internal Version: 9, 4, 26, 100
(Nero Express)
Recorder: <TSSTcorp CDDVDW TS-L633L>Version: 0400 - HA 1 TA 0 - 9.4.26.100
Adapter driver: <IDE> HA 1
Drive buffer : 2048kB
Bus Type : via Inquiry data
CD-ROM: <TSSTcorp CDDVDW TS-L633L >Version: 0400 - HA 1 TA 0 - 9.4.26.100
Adapter driver: <IDE> HA 1
=== Scsi-Device-Map ===
CdRomPeripheral : XWX HUF4HMRWDAJW 1.03 aeimbhgh Port 9 ID 0 DMA: Off
=== CDRom-Device-Map ===
TSSTcorp CDDVDW TS-L633L E: CdRom0
XWX HUF4HMRWDAJW G: CdRom1
=======================
AutoRun : 1
Excluded drive IDs:
WriteBufferSize: 83886080 (0) Byte
BUFE : 0
Physical memory : 2047MB (2097151kB)
Free physical memory: 1392MB (1426404kB)
Memory in use : 54 %
Uncached PFiles: 0x0
Global Bus Type: default (0)
Check supported media : Disabled (0)
6.4.2012
UDF/ISO-compilatie
12:07:28 #1 Text 0 File SCSIPTICommands.cpp, Line 430
LockMCN - completed sucessfully for IOCTL_STORAGE_MCN_CONTROL
12:07:28 #2 Phase 112 File dlgbrnst.cpp, Line 1767
DVD-Video files reallocation started
12:07:28 #3 Phase 114 File dlgbrnst.cpp, Line 1767
DVD-Video files reallocation completed (no file modified)
12:07:28 #4 Text 0 File Isodoc.cpp, Line 6998
UDF document burn settings
------------------------------------------
Determine maximum speed : FALSE
Simulate : FALSE
Write : TRUE
Finalize CD : TRUE
Multisession : FALSE
Burning mode : DAO
Mode : 1
UDF Mode : UDF/ISO bridge
UDF Options : automatic
UDF Revision : 1.02
UDF Partition Type : physical
ISO Level : 1 (Max. of 11 = 8 + 3 char)
Character set : ISO 9660
Joliet : FALSE
Allow pathdepth more than 8 directories : FALSE
Allow more than 255 characters in path : FALSE
Write ISO9660 ;1 file extensions : TRUE
12:07:28 #5 Phase 111 File dlgbrnst.cpp, Line 1767
DVD-Video files sorted
12:07:28 #6 ISO9660GEN -11 File Geniso.cpp, Line 3327
First writeable address = 0 (0x00000000)
12:07:28 #7 ISO9660GEN -11 File Geniso.cpp, Line 3327
First writeable address = 0 (0x00000000)
12:07:28 #8 SPTI -1195 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1195)
CDB Data: 0x51 00 00 00 00 00 00 00 20 00 00 00
Sense Key: 0x02 (KEY_NOT_READY)
Sense Code: 0x3A
Sense Qual: 0x01
Sense Area: 0x70 00 02 00 00 00 00 0A 00 00 00 00 3A 01
Buffer x058cfc40: Len x20
12:07:28 #9 SPTI -1195 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1195)
CDB Data: 0x52 01 00 00 00 FF 00 00 20 00 00 00
Sense Key: 0x02 (KEY_NOT_READY)
Sense Code: 0x3A
Sense Qual: 0x01
Sense Area: 0x70 00 02 00 00 00 00 0A 00 00 00 00 3A 01
Buffer x058cfc40: Len x20
12:07:28 #10 SPTI -1195 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1195)
CDB Data: 0x52 01 00 00 00 FF 00 00 20 00 00 00
Sense Key: 0x02 (KEY_NOT_READY)
Sense Code: 0x3A
Sense Qual: 0x01
Sense Area: 0x70 00 02 00 00 00 00 0A 00 00 00 00 3A 01
Buffer x058cfc40: Len x20
12:07:28 #11 Text 0 File Burncd.cpp, Line 3572
Turn on Disc-At-Once, using DVD media
12:07:29 #12 SPTI -1195 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1195)
CDB Data: 0x51 00 00 00 00 00 00 00 20 00 00 00
Sense Key: 0x02 (KEY_NOT_READY)
Sense Code: 0x3A
Sense Qual: 0x01
Sense Area: 0x70 00 02 00 00 00 00 0A 00 00 00 00 3A 01
Buffer x058cfc40: Len x20
12:07:29 #13 SPTI -1195 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1195)
CDB Data: 0x52 01 00 00 00 FF 00 00 20 00 00 00
Sense Key: 0x02 (KEY_NOT_READY)
Sense Code: 0x3A
Sense Qual: 0x01
Sense Area: 0x70 00 02 00 00 00 00 0A 00 00 00 00 3A 01
Buffer x058cfc40: Len x20
12:07:29 #14 SPTI -1195 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1195)
CDB Data: 0x52 01 00 00 00 FF 00 00 20 00 00 00
Sense Key: 0x02 (KEY_NOT_READY)
Sense Code: 0x3A
Sense Qual: 0x01
Sense Area: 0x70 00 02 00 00 00 00 0A 00 00 00 00 3A 01
Buffer x058cfc40: Len x20
12:08:11 #15 Text 0 File DVDPlusDualLayer.cpp, Line 1452
SetDriveCaps: Set LAST LBA of layer 1 to 1573535
12:08:11 #16 ISO9660GEN -11 File Geniso.cpp, Line 3327
First writeable address = 0 (0x00000000)
12:08:11 #17 ISO9660GEN -11 File Geniso.cpp, Line 3327
First writeable address = 0 (0x00000000)
12:08:13 #18 Text 0 File DlgWaitCD.cpp, Line 313
Last possible write address on media: 4173823
Last address to be written: 3147071
12:08:13 #19 Text 0 File DlgWaitCD.cpp, Line 325
Write in overburning mode: NO (enabled: CD)
12:08:13 #20 Text 0 File DlgWaitCD.cpp, Line 2843
Recorder: TSSTcorp CDDVDW TS-L633L, Media type: DVD+R DL
Disc Manufacturer ID: <CMC MAG>, Media Type ID: <D03>, Product revision number: 64
Disc Application Code: 0, Extended Information Indicators: 3
12:08:13 #21 Text 0 File DlgWaitCD.cpp, Line 500
>>> Protocol of DlgWaitCD activities: <<<
=========================================
Insert empty disc to write to.
(Medium in drive: Onbekend. Medium required by compilation: DVD R/RW; DVD DL; DVD-RAM.)
12:08:13 #22 Text 0 File ThreadedTransferInterface.cpp, Line 739
Setup items (after recorder preparation)
0: TRM_DATA_MODE1 ()
2 indices, index0 (150) not provided
original disc pos #0 + 3147072 (3147072) = #3147072/699:20.72
relocatable, disc pos for caching/writing not required/ required
-> TRM_DATA_MODE1, 2048, config 0, wanted index0 0 blocks, length 3147072 blocks [E: TSSTcorp CDDVDW TS-L633L]
--------------------------------------------------------------
12:08:13 #23 Text 0 File ThreadedTransferInterface.cpp, Line 941
Prepare [E: TSSTcorp CDDVDW TS-L633L] for write in CUE-sheet-DAO
DAO infos:
==========
MCN: ""
TOCType: 0x00; Session Closed, disc fixated
Tracks 1 to 1: Idx 0 Idx 1 Next Trk
1: TRM_DATA_MODE1, 2048/0x00, FilePos 0 0 6445203456, ISRC ""
DAO layout:
===========
___Start_|____Track_|_Idx_|_CtrlAdr_|_____Size_|______NWA_|_RecDep__________
0 | lead-in | 0 | 0x41 | 0 | 0 | 0x00
0 | 1 | 0 | 0x41 | 0 | 0 | 0x00
0 | 1 | 1 | 0x41 | 3147072 | 0 | 0x00
3147072 | lead-out | 1 | 0x41 | 0 | 0 | 0x00
12:08:13 #24 Text 0 File SCSIPTICommands.cpp, Line 217
SPTILockVolume - completed successfully for FSCTL_LOCK_VOLUME
12:08:13 #25 Text 0 File Burncd.cpp, Line 4279
Caching options: cache CDRom or Network-Yes, small files-No (<64KB)
12:08:13 #26 Phase 24 File dlgbrnst.cpp, Line 1767
Caching of files started
12:08:13 #27 Text 0 File Burncd.cpp, Line 4401
Cache writing successful.
12:08:13 #28 Phase 25 File dlgbrnst.cpp, Line 1767
Caching of files completed
12:08:13 #29 Phase 36 File dlgbrnst.cpp, Line 1767
Burn process started at 6x (8.310 kB/sec)
12:08:13 #30 Text 0 File ThreadedTransferInterface.cpp, Line 2695
Verifying disc position of item 0 (relocatable, disc pos, no patch infos, orig at #0): write at #0
12:08:13 #31 Text 0 File DVDPlusDualLayer.cpp, Line 1929
GetDriveCaps: LAST LBA of layer 1 is 1573535
12:08:29 #32 SPTI -1066 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1066)
CDB Data: 0xAD 00 00 00 00 00 00 21 08 04 00 00
Sense Key: 0x05 (KEY_ILLEGAL_REQUEST)
Sense Code: 0x24
Sense Qual: 0x00
Sense Area: 0x70 00 05 00 00 00 00 0A 00 00 00 00 24
Buffer x07a2f080: Len x804
12:08:29 #33 Text 0 File DVDPlusDualLayer.cpp, Line 1452
SetDriveCaps: Set LAST LBA of layer 1 to 1573535
12:08:29 #34 Text 0 File DVDPlusDualLayer.cpp, Line 1929
GetDriveCaps: LAST LBA of layer 1 is 1573535
12:08:29 #35 Text 0 File DVDPlusDualLayer.cpp, Line 779
L0 Data Zone Capacity set to 1573536 (1802A0h, 3073MB) -> OK, confirmed setting
12:08:29 #36 CDR -1205 File DVDPlusDualLayer.cpp, Line 806
Burning Layer 1
12:08:29 #37 Text 0 File DVDPlusDualLayer.cpp, Line 816
Start writing layer 1 at address 0 (0h)
Recording mode: unknown Recording Mode
12:08:29 #38 Text 0 File Cdrdrv.cpp, Line 10282
---- Disc Structure: Physical Format Information (00h) ----
Media Type: 0, Layer: 0, Address: 0 (0 h), AGID: 0; Length: 2050
Book Type: DVD+R DL (14), Part Version: 1.0x (1)
Disc Size: 120 mm, Maximum Transfer Rate: <not specified> (F h)
Number of Layers: 2, Track Path: Opposite Track Path (OTP), Layer Type: recordable
Linear Density: 0,293 um/bit, Track Density: 0,74 um/track
Starting Physical Sector Number of Data Area: 30000 h (DVD-ROM, DVD-R/-RW, DVD+R/+RW)
End Physical Sector Number of Data Area: FCFFFF h
Data in Burst Cutting Area (BCA) does not exist
Disc Application Code: 0 / 0 h
Extended Information indicators: 3 h
Disc Manufacturer ID: CMC.MAG.
Media type ID: D03
Product revision number: 64
Number of Physical format information bytes in use in ADIP up to byte 63: 64
Media Specific [16..783]:
00 00 03 43 4D 43 20 4D - 41 47 00 44 30 33 40 40 ...CMC.MAG.D03@@
25 25 37 10 00 2C 6C 00 - 2C 6C 20 1F 0C 0C 14 14 %%7..,l.,l......
02 01 01 20 00 20 1F 0C - 0C 14 14 02 01 01 20 00 ................
04 00 33 7B 5C 00 25 69 - 3A 26 1C 0A 0B 20 02 01 ..3{\.%i:&......
01 00 00 58 62 42 26 1C - 0A 0B 20 02 01 01 00 5F ...XbB&........_
84 00 00 43 66 3E 26 1C - 0A 0B 20 02 01 01 00 00 ...Cf>&.........
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
E1 0F 32 10 00 03 00 00 - 00 FC FF FF 00 22 D7 FF ..2.........."..
00 00 03 43 4D 43 20 4D - 41 47 00 44 30 33 40 40 ...CMC.MAG.D03@@
25 25 37 15 00 2D 6D 00 - 2D 6D 19 19 0C 0B 0E 0E %%7..-m.-m......
00 00 00
12:08:29 #39 Text 0 File DVDPlusRW.cpp, Line 637
Start write address at LBA 0
DVD high compatibility mode: Yes
12:08:29 #40 Text 0 File ThreadedTransfer.cpp, Line 273
Pipe memory size 83836800
12:20:31 #41 CDR -1206 File DVDPlusDualLayer.cpp, Line 2227
Burning Layer 2
12:20:31 #42 Text 0 File DVDPlusDualLayer.cpp, Line 2236
Perform layer 1 to 2 jump before writing at address 1573536 (1802A0h)
12:28:17 #43 SPTI -1135 File SCSIPassThrough.cpp, Line 215
CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1135)
CDB Data: 0x2A 00 00 18 15 20 00 00 20 00 00 00
Sense Key: 0x03 (KEY_MEDIUM_ERROR)
Sense Code: 0x0C
Sense Qual: 0x00
Sense Area: 0x71 00 03 00 00 00 00 0A 00 00 00 00 0C
Buffer x1c00bd80: Len x10000
0x00 00 01 BA 44 F1 3E C4 94 B1 01 89 C3 F8 00 00
0x01 E0 07 EC 81 00 00 00 00 00 00 00 00 00 00 00
0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
12:28:17 #44 CDR -1135 File Writer.cpp, Line 306
Write error
E: TSSTcorp CDDVDW TS-L633L
12:35:31 #45 Text 0 File DVDPlusRW.cpp, Line 904
EndDAO: Last written address 1578272
12:35:31 #46 CDR -1176 File WriterStatus.cpp, Line 292
Session fixation error
E: TSSTcorp CDDVDW TS-L633L
12:35:31 #47 TRANSFER -24 File WriterStatus.cpp, Line 292
Could not perform end of Disc-at-once
12:35:31 #48 Text 0 File DVDPlusDualLayer.cpp, Line 1452
SetDriveCaps: Set LAST LBA of layer 1 to 0
12:35:31 #49 Phase 38 File dlgbrnst.cpp, Line 1767
Burn process failed at 6x (8.310 kB/sec)
12:35:31 #50 Text 0 File SCSIPTICommands.cpp, Line 267
SPTIDismountVolume - completed successfully for FSCTL_DISMOUNT_VOLUME
12:35:37 #51 Text 0 File Cdrdrv.cpp, Line 11592
DriveLocker: UnLockVolume completed
12:35:37 #52 Text 0 File SCSIPTICommands.cpp, Line 430
UnLockMCN - completed sucessfully for IOCTL_STORAGE_MCN_CONTROL
Existing drivers:
Registry Keys:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon
Power2Go:
Video/Foto schijf - DVD branden - branden - foutmelding
Ook hier heb ik een logbestandje van:
User Name : HP
Company Name : Hewlett-Packard
CDKey :
OS Version : Vista Personal Service Pack 2
C:\Program Files\CyberLink\Power2Go\Power2Go.exe : Version 5.6.0.3919
CBS.dll : Version 7.7.2511
==================================================================
Total physical memory : 2047MB (2097151KB)
Free physical memory : 1791MB (1834336KB)
Memory load : 41 percent
Number of CPU : 2
CPU Name : Intel® Core2 Duo CPU P7350 @ 2.00GHz
CPU Speed : 1995 MHz
==================================================================
6.4.2012
Task Type : Gegevensschijf -> Brand DVD-map
17:17:53, File(cl_DVDFolderBurning.cpp), Line(93)
-> Begin burning process
Current drive: <E: TSSTcorp CDDVDW TS-L633L 0400>
Current writing speed(x): 6.0
====== Disc Info =======
Disc Type: DVD+R DL
Disc Status: Blank, Appendable
Num. of Sessions: 1 Num. of Tracks: 1
Book Type: DVD+R DL
Track Path:
Opposite Track Path
Diameter Length: 120mm Layer Counts: 2
Data Area Start PSN: 196608 End PSN: 16580607 End PSN on Layer 0: 2086912
End PSN : 120mm Layer Counts: 2
Disc Capacity: 4173824LBs
Free Size: 4173824LBs Used Size: 0LBs
========================
Burn option: w/ buffer underrun protection
Burn option: w/o simulation
Burn option: w/ close disc
Burn option: w/ verify disc
MinAllowLBA: 265696, MaxAllowLBA: 2086912
Drive accepted LBA: 2047680
Burn mode: PACKET_INC
17:18:23, file(cl_DVDFolderBurning.cpp), line(1134)
-> Begin new track
17:18:23, file(cl_DVDFolderBurning.cpp), line(1150)
-> Write data
17:40:31, file(cl_DVDFolderBurning.cpp), line(1191)
-> End write
Last write LBA: 2227648
17:40:31, file(cl_DVDFolderBurning.cpp), line(1202)
-> End new track
==================================================================
Error Code : 0xeb020b88
Alvast bedankt.
Gr. Tom
-
Welke foutmelding krijg je?
Via welke functie brand je de gegevens in Nero?
Heb je het probleem enkel bij die film?
Welk soort film is het, bestandsextensie?
Bedankt voor de snelle reactie!
Ik ben nu op mn werk dus ik kan je zo niet vertellen welke foutmelding het is en bij welke functie het is maar ik verwacht dvd kopieren of .iso branden.
Ik heb het met verschillende films geprobeerd deze verschillen in grootte en in extensie.
Het zijn meestal .avi, .mkv, .iso en .mp4 bestanden.
Gr. Tom
-
Hallo,
Ik weet niet of ik op dit op de goede plaats post, zo niet? Mijn excuses.
Ik heb een vraag / probleem.
Ik probeer al een gehele tijd DVD's te branden op een DVD 9.
Ik krijg iedere keer een fout dat het branden mislukt.
Ligt het aan de DVD's die ik gebruik? (Philips DVD+R DL, 8.5GB - 240min 8x speed)
Of kan het aan de brander van mijn laptop liggen? (HP Pavilion DV7 1070 ED)
Op de brander zelf staat namelijk wel het icoontje RW met daaronder DVD+R DL.
Ik heb al verschillende programma's geprobeerd.. oa Nero, IMGburn, DVD flick, DVD shrink enz..
Verder is de film vaak groter van 4,7 GB ook als het bestand kleiner is maakt het me niet uit en wil ik het gewoon op een DVD 9 kunnen branden.
Kan iemand mij aub helpen?
Alvast bedankt!
Gr. Tom
-
Dat zou je idd denken.. Maar het lijkt me sterk.
Ook heb ik een aantal van de bestanden appart gescand met ESET en dan geeft hij geen melding.
Heb je nog andere dingen die tot een oplossing zouden kunnen leiden?
Alvast bedankt
-
Ik heb de bestanden gescand maar er werd niets gevonden:
Bestandsnaam: bcmwls32.exe
Status:
Scan voltooid. 0 uit 19 scanners vonden malware.
Scan genomen op: ma 18 jul 2011 11:34:57 (CET) Permalink
Bestandsnaam: FNPLicensingService.exe
Status:
Scan voltooid. 0 uit 20 scanners vonden malware.
Scan genomen op: ma 18 jul 2011 11:37:22 (CET) Permalink
Bestandsnaam: SCANOST.EXE
Status:
Scan voltooid. 0 uit 20 scanners vonden malware.
Scan genomen op: ma 18 jul 2011 11:39:56 (CET) Permalink
Bestandsnaam: ecls.exe
Status:
Scan voltooid. 0 uit 20 scanners vonden malware.
Scan genomen op: ma 18 jul 2011 11:42:50 (CET) Permalink
Bestandsnaam: hiddata.exe
Status:
Scan voltooid. 0 uit 20 scanners vonden malware.
Scan genomen op: ma 18 jul 2011 11:45:09 (CET) Permalink
Alvast bedankt!
-
Het zijn 15 infecties:
C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwls32.exe
C:\Program Files\Common Files\Macrovision Sh...\FNPlicensingService.exe
C:\Program Files\Common Files\System\MSMAPI\1043\scanost.exe
C:\Program Files\ESET\ESET Smart Security\ecls.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch buttons\hiddata.exe
C:\Program Files\InstallShield Installation Information\{01FB4998...\setup.exe
C:\Program Files\InstallShield Installation Information\34D2AB4...\setup.exe
C:\Program Files\InstallShield Installation Information\{3E67F68...\setup.exe
C:\Program Files\InstallShield Installation Information\{5DAA9C...\setup.exe
C:\Program Files\InstallShield Installation Information\{8833FFB6...\setup.exe
C:\Program Files\InstallShield Installation Information\{888F1505...\setup.exe
C:\Program Files\InstallShield Installation Information\{9867824...\setup.exe
C:\Program Files\InstallShield Installation Information\{9E2CCD5...\setup.exe
C:\Program Files\InstallShield Installation Information\{CB09989...\setup.exe
Dit zijn alle meldingen die ik krijg.
Alvast bedankt!
-
Ja dat kan.
Ga nu weer scannen en dan post ik het wel even!
het zijn er in totaal 17 dacht ik AMQ en LHE zijn er oa een van.
-
Ik heb de scan uitgevoerd.
resultaten:
rkill:
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 13-07-2011 at 19:22:04.
Operating System: Windows Vista Home Premium
Processes terminated by Rkill or while it was running:
C:\Windows\System32\vdsldr.exe
Rkill completed on 13-07-2011 at 19:22:42.
-------------------------------------------------------------
ESET
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e8ef83e66aec5443a6f1bc2538e271e8
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-07-13 09:18:45
# local_time=2011-07-13 11:18:45 (+0100, West-Europa (zomertijd))
# country="Netherlands"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 1027261 1027261 0 0
# compatibility_mode=1026 16777214 0 2 64136264 64136264 0 0
# compatibility_mode=5892 16776574 100 100 45023846 148111011 0 0
# compatibility_mode=8192 67108863 100 0 168 168 0 0
# scanned=351429
# found=1
# cleaned=1
# scan_time=13641
# nod_component=V3 Build:0x30000000
C:\Users\Tom\Documents\Downloads\Programm stuff\Eset Smart Security 3.0.621.0 + Indianboy\Eset Smart Security With 40 Years Validation.exe Win32/HackAV.AJ application (deleted - quarantined) 00000000000000000000000000000000 C
------------------------------------------------------------------
heb hierna de laptop opnieuw opgestart en weer met mijn eigen ESET gescand maar nog steeds worden de genoemde virussen gevonden. Ook is het nog steeds niet mogelijk deze te "Cleanen".
Alvast bedankt!
-
Ik heb geprobeerd om de scanner te gebruiken in zowel Firefox, Internet Explorer en Chrome.
Alle browsers heb ik uitgevoerd als administrator alleen krijg ik de melding dat hij niet kan updaten.
[ERROR: License has expired]
Ook staat er iets over de internet verbinding maar hier is niets mis mee.
Heb jij hier een oplossing voor?
Alvast bedankt!
-
Ik kan niks vinden in het Log bestand.
Wat kan ik nu doen?
Heb je nog andere dingen die mogelijk een oplossing kunnen zijn?
Alvast bedankt!
-
Ik heb DocterWeb net afgesloten en daar kreeg ik te zien waar een Log zou staan.
Het is een flinke log.. Wil je deze zien?
-
Ik heb zojuist weer met ESET gescand en hij doet nog steeds moeilijk..
Alvast bedankt!
-
Haha kan gebeuren!
ik heb de scan gedaan (scan tijd: 22:32:26! haha)
ik kan alleen geen Rapportage lijst opslaan.
dit waarschijnlijk omdat er niks is gevonden.. ik heb voor de zekerheid even 2 screenshots gemaakt en de scan open laten staan.
ik heb mijn laptop dus nog niet opnieuw opgestart met de reden dat jullie misschien weten hoe ik alsnog een log kan krijgen.
alvast bedankt!
-
-
Ik heb gedaan wat je allemaal hebt gevraagd.
Voordat ik jullie om hulp heb gevraagd, heb ik zelf al een Snelle Scan gedaan met malware.
Deze vond namelijk een aantal infecties:
Scan 1 voor de hulp:
Malwarebytes' Anti-Malware 1.51.0.1200
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 6991
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19088
1-7-2011 12:37:39
mbam-log-2011-07-01 (12-37-39).txt
Scantype: Snelle scan
Objecten gescand: 189718
Verstreken tijd: 9 minuut/minuten, 26 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 2
Registersleutels geïnfecteerd: 8
Registerwaarden geïnfecteerd: 1
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 5
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
c:\Windows\System32\vhpcykiduow.dll (Adware.Agent.Gen) -> Delete on reboot.
c:\Windows\System32\7ffbe175.dll (Adware.AdRotator) -> Delete on reboot.
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\CLSID\{300EC9FB-A3A9-B785-2D95-85FD65B1EDE5} (Adware.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{300EC9FB-A3A9-B785-2D95-85FD65B1EDE5} (Adware.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{300EC9FB-A3A9-B785-2D95-85FD65B1EDE5} (Adware.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{300EC9FB-A3A9-B785-2D95-85FD65B1EDE5} (Adware.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ibrpsbsdmgsthia (Adware.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ea5386c6-cc01-3b45-aef7-6348b90c7031} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea5386c6-cc01-3b45-aef7-6348b90c7031} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA5386C6-CC01-3B45-AEF7-6348B90C7031} (Adware.AdRotator) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wfrpdbgsgcbwqh (Adware.Agent.Gen) -> Value: wfrpdbgsgcbwqh -> Quarantined and deleted successfully.
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
c:\Windows\System32\vhpcykiduow.dll (Adware.Agent.Gen) -> Delete on reboot.
c:\Users\Tom\AppData\Local\Temp\upss.exe (Adware.Ezula) -> Quarantined and deleted successfully.
c:\Users\Tom\AppData\Local\Temp\tlntsvrs.exe (Adware.Ezula) -> Quarantined and deleted successfully.
c:\Users\Tom\AppData\Local\Temp\nsga789.tmp.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
c:\Windows\System32\7ffbe175.dll (Adware.AdRotator) -> Delete on reboot.
Nieuwe scan na HiJack aanpassingen:
Malwarebytes' Anti-Malware 1.51.0.1200
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 7004
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19088
2-7-2011 19:15:34
mbam-log-2011-07-02 (19-15-33).txt
Scantype: Snelle scan
Objecten gescand: 179336
Verstreken tijd: 12 minuut/minuten, 8 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
--------------------------------------------------
Nieuwe HiJack-log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:20:07, on 2-7-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9860110-4EE7-48AC-896E-8C618BAED840}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
--
End of file - 14275 bytes
Alvast bedankt voor de volgende reactie!
-
Sorry erg scheel van mij..
bedankt en hierbij mijn HiJack-log:
-------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:30, on 1-7-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: &AOL-werkbalk Zoeken - C:\ProgramData\AOL\ieToolbar\resources\nl-NL\local\search.html
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9860110-4EE7-48AC-896E-8C618BAED840}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - (no file)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
--
End of file - 15025 bytes
-------------------------------------------------------------------------
Alvast bedankt voor de reactie!
-
-
Hallo,
ik krijg sinds gister meldingen van trojans via ESET.
Als ik mijn laptop scan vind hij deze virussen:
- Win32/kryptik.LHE
- Win32/kryptik.AMQ
zodra ESET deze vind kan ik kiezen tussen: Clean, Delete en No action.
Als ik Clean krijg ik: Error while cleaning.
in totaal 17 infecties..
Ook heb ik Malmware eroverheen gehaald, alles geselecteerd en laten verwijderen. Daarna laptop opnieuw opgestart.
Opnieuw met ESET gescand maar nog steeds vind hij de trojans:
- Win32/kryptik.LHE
- Win32/kryptik.AMQ
Kan iemand mij misschien helpen om deze virussen te verwijderen van mijn laptop? Ik heb eigenlijk nog nooit een virus gehad die ESET niet heeft kunnen verwijderen dus dit is nieuw voor mij.
Wel heb ik al begrepen via het forum dat ik het best een HiJack-logje kan plaatsen om verder geholpen te kunnen worden. Maar geen idee wat HiJack is en hoe dit werkt..
Alvast bedankt voor de reacties!
Laptop begint traag te worden..
in Archief Bestrijding malware & virussen
Geplaatst:
Hallo,
Ik vroeg me af of er al naar mijn Speccy link is gekeken? xD
Alvast bedankt voor de reactie.