Ga naar inhoud

HairyHippie

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    18

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door HairyHippie

  1. HairyHippie
    Ja beiden op dezelfde pc.
  2. HairyHippie
    @plx Ik werk in een gesloten netwerk (intranet) en maak daarbij gebruik van Lotusnotes als mailprogramma. Het mailen lukt probleemloos als ik dit doe door de applicatie met de fullversie (ontwikkelversie) van Access op te starten. Doe ik dit met de runtimeversie dan volgt een melding dat de opdracht niet aanwezig is. Het probleem heeft dus volgens mij met de runtime van Access te maken. Dit probleem doet zich ook voor als ik een Excelbestand wil exporteren met de runtimeversie.
  3. HairyHippie
    Beste lezer, Ik heb in Access2010 een applicatie gemaakt waarmee je o.a. Brieven kunt uitdraaien. Voor dit printen heb ik een apart lint gemaakt omdat, na het printen, er een tabel wordt gemaakt met een tabelmaak query en de tabel vervolgens naar iemand toe wordt gemaild. Al deze handelingen staan in een macro. De macro wordt aangeroepen als je op de print-icoon in het lint klikt. Met de fullversie is er geen probleem. Met de runtimeversie werken de eerste twee opdrachten (printen en tabel maken) wel maar het mailen niet. Er volgt een melding dat de opdracht niet aanwezig is en de macro wordt afgesloten. Wat doe ik hier niet goed? Vr.gr. HairyHippe
  4. HairyHippie
    Heb de hotfix gedraaid maar deze gaf aan dat de geinstalleerde servicepack is nieuwer dan deze versie. Deze versie is geschikt voor servicepack 1. Zie je nog andere mogelijkheden?
  5. HairyHippie
    De Hotfix betreft service pack 2 terwijl ik beschik over service pack 3. Kan dit geen kwaad?
  6. HairyHippie
    Sinds enkele dagen krijg ik de volgende melding van Windows: 'Windows - Uitgestelde schrijfbewerkingen zijn mislukt Kan niet alle gegevens voor bestand I:\$Mft opslaan. De gegevens zijn verloren gegaan. Deze fout kan zijn veroorzaakt door een fout in de computerhardware of netwerkverbinding. Probeer het bestand ergens anders op te slaan.' Als ik via de verkenner de mappen open zijn deze leeg, maar hij geeft wel een verbruik van 380Gb aan. Het betreft een externe harde schijf van Philips. Wat kan hier aan de hand zijn en is dit probleem op te lossen? Is de data in de mappen nu wel of niet verdwenen? Wie zou mij hiermee kunnen helpen.
  7. HairyHippie
    Heb de laatste handelingen ook uitgevoerd. De problemen zijn , wat mij betreft, opgelost. Nogmaals hartelijk bedankt voor jullie moeite.
  8. HairyHippie
    Het is gelukt! Wupdmgr1.exe is inderdaad verdwenen. Heb zojuist DevNotifySvc helemaal kunnen verwijderen. Dit programma is geinstalleerd na het plaatsen van een USB-poort. Deze drivers heb ik toch niet nodig omdat de Widows drivers worden gebruikt. Inmiddels blijkt dat ook CoreServiceShell.exe aanmerkelijk minder cpu capaciteit gebruikt. 2 à 3 % in plaats van 30 tot 50 %. Het probleem is gelukkig opgelost. Heel erg bedankt voor de tijd en moeite die jullie hieraan hebben besteed en ook voor de oplossing. ---------- Post toegevoegd om 19:50 ---------- Vorige post was om 19:46 ---------- Vergeet iets. Met het draaien van al die scanners zijn er mappen aangemaakt en bestanden ge(ver)plaatst. Kan ik deze gewoon handmatig verwijderen? Weten jullie nog welke mappen er zijn aangemaakt, voor het geval ik iets over het hoofd zie.
  9. HairyHippie
    ComboFix 11-07-18.04 - Joop 18-07-2011 20:59:14.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1535.1114 [GMT 2:00] Gestart vanuit: c:\documents and settings\Joop\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Joop\Bureaublad\CFScript.txt AV: Trend Micro Titanium Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5} . FILE :: "c:\windows\system32\wupdmgr1.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Joop\DoctorWeb c:\documents and settings\Joop\DoctorWeb\CureIt.log c:\windows\system32\Projects c:\windows\system32\wupdmgr1.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_WUAUMGR -------\Service_wuaumgr . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 )))))))))))))))))))))))))))))) . . 2011-07-18 15:14 . 2011-07-18 15:17 -------- d-----w- C:\Snelkoppelingen 2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\Joop\Application Data\Malwarebytes 2011-07-13 18:58 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-07-13 18:58 . 2011-07-16 19:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-13 18:58 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-10 18:21 . 2011-07-10 18:30 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-07-10 17:47 . 2011-07-18 18:53 -------- d--h--r- c:\documents and settings\Joop\Onlangs geopend 2011-07-10 17:16 . 2011-07-10 17:16 -------- d-----w- c:\program files\CCleaner 2011-07-10 17:08 . 2011-07-10 17:08 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-07-09 09:55 . 2011-07-09 09:55 53 ----a-w- c:\windows\DelToolbox.bat 2011-06-26 12:15 . 2011-06-26 15:37 -------- d-----w- c:\windows\SxsCaPendDel 2011-06-25 15:00 . 2011-06-25 15:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\Trend Micro 2011-06-25 14:59 . 2011-06-25 14:48 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2011-06-25 14:59 . 2010-12-30 11:39 80464 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2011-06-25 14:59 . 2010-12-30 11:39 64080 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2011-06-25 14:59 . 2010-12-30 11:39 190544 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-06-25 14:59 . 2011-06-25 14:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Trend Micro 2011-06-24 22:01 . 2011-06-24 22:01 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-24 22:01 . 2011-06-24 22:01 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-18 19:22 . 2011-06-18 19:22 -------- d-----w- c:\program files\TagRename . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-21 18:38 . 2011-05-15 11:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 11:35 . 2006-03-10 22:43 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-05-04 02:52 . 2011-06-18 19:12 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2007-06-14 20:06 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-02 15:31 . 2006-03-10 22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2006-03-10 22:42 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2006-03-10 22:42 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2006-03-10 22:43 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-04-26 11:07 . 2006-03-10 22:40 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-25 16:05 . 2006-03-10 22:43 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2006-03-10 22:42 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2006-03-10 22:41 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2006-03-10 15:50 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2006-03-10 22:42 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-06-24 22:01 . 2011-05-09 17:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-07-18_15.40.26 ))))))))))))))))))))))))))))))))))))))))) . + 2011-07-18 19:09 . 2011-07-18 19:09 16384 c:\windows\Temp\Perflib_Perfdata_648.dat + 2011-07-18 19:13 . 2011-07-18 19:13 16384 c:\windows\Temp\Perflib_Perfdata_508.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2002-11-18 4243456] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928] "HP Lamp"="c:\program files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" [2001-04-27 53248] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SetDefaultMIDI"="MIDIDEF.EXE" [2002-01-14 61440] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Data Secure"=c:\apps\DataSecure\PBBckupUI.exe /HIDDEN "CTFMON.EXE"=c:\windows\system32\ctfmon.exe "Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" "PnPUI Registrator"=c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\PnPUIReg.exe -s . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "nwiz"=nwiz.exe /install "USB Storage Toolbox"=c:\program files\USB Disk Win98 Driver\Res.EXE "WINDVDPatch"=CTHELPER.EXE "HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Utorrent\\utorrent.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [13-3-2006 22:49 4064] R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [25-6-2011 16:57 188272] R2 DevNotifySvc;DevNotifySvc;c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe [14-6-2011 20:49 32768] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [13-7-2011 20:58 366640] R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [25-6-2011 16:59 64080] R3 EL910;3Com 3CSOHO100B-TX PCI;c:\windows\system32\drivers\EL910N51.sys [11-3-2006 0:49 38400] R3 hpusbfd;Hewlett-Packard USB Filter Class;c:\windows\system32\drivers\hpusbfd.sys [13-3-2006 23:08 7552] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13-7-2011 20:58 22712] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - PAVDRV *NewlyCreated* - PAVSRV *Deregistered* - PAVDRV *Deregistered* - PAVSRV . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map . 2011-06-24 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 08:09] . 2011-06-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50] . 2011-07-18 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 14:01] . 2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59] . 2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59] . 2011-07-18 c:\windows\Tasks\User_Feed_Synchronization-{33643F96-3646-430A-939C-882F19BB282B}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.soople.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx Trusted Zone: postbank.nl TCP: DhcpNameServer = 192.168.1.1 Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\COPERN~1\COPERN~1.DLL Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\COPERN~1\COPERN~1.DLL DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Joop\Application Data\Mozilla\Firefox\Profiles\fn9fdfcb.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: content.max.tokenizing.time - 200000 FF - user.js: content.notify.interval - 100000 FF - user.js: content.switch.threshold - 650000 FF - user.js: nglayout.initialpaint.delay - 300 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-07-18 21:16 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3835882175-825991918-161847939-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(168) c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\signhook.dll c:\program files\Logitech\iTouch\iTchHk.dll c:\program files\iTunes\iTunesMiniPlayer.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Trend Micro\AMSP\coreFrameworkHost.exe c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\System32\nvsvc32.exe c:\windows\system32\IoctlSvc.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2011-07-18 21:21:50 - machine werd herstart ComboFix-quarantined-files.txt 2011-07-18 19:21 ComboFix2.txt 2011-07-18 15:43 . Pre-Run: 77.915.234.304 bytes beschikbaar Post-Run: 77.767.155.712 bytes beschikbaar . - - End Of File - - AC6CCC91210BABB984C1A817F4362628
  10. HairyHippie
    Hierbij het resultaat van ComboFix. ComboFix 11-07-18.01 - Joop 18-07-2011 17:33:52.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1535.987 [GMT 2:00] Gestart vanuit: c:\documents and settings\Joop\Bureaublad\ComboFix.exe AV: Trend Micro Titanium Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Bezoeker\WINDOWS c:\documents and settings\Default User\WINDOWS c:\documents and settings\Joop\WINDOWS c:\documents and settings\Thea\WINDOWS c:\windows\AUTOLNCH.REG c:\windows\IsUn0413.exe c:\windows\system32\config\systemprofile\WINDOWS c:\windows\system32\Projects c:\windows\system32\service c:\windows\system32\service\10032011_TIS17_SfFniAU.log c:\windows\system32\service\14052011_TIS17_SfFniAU.log c:\windows\system32\service\28052010_TIS17_SfFniAU.log c:\windows\unin0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 )))))))))))))))))))))))))))))) . . 2011-07-18 15:14 . 2011-07-18 15:17 -------- d-----w- C:\Snelkoppelingen 2011-07-15 16:32 . 2011-07-16 08:22 -------- d-----w- c:\documents and settings\Joop\DoctorWeb 2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\Joop\Application Data\Malwarebytes 2011-07-13 18:58 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-07-13 18:58 . 2011-07-16 19:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-13 18:58 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-10 18:21 . 2011-07-10 18:30 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-07-10 17:47 . 2011-07-18 15:13 -------- d--h--r- c:\documents and settings\Joop\Onlangs geopend 2011-07-10 17:16 . 2011-07-10 17:16 -------- d-----w- c:\program files\CCleaner 2011-07-10 17:08 . 2011-07-10 17:08 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-07-09 09:55 . 2011-07-09 09:55 53 ----a-w- c:\windows\DelToolbox.bat 2011-06-26 12:15 . 2011-06-26 15:37 -------- d-----w- c:\windows\SxsCaPendDel 2011-06-25 15:00 . 2011-06-25 15:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\Trend Micro 2011-06-25 14:59 . 2011-06-25 14:48 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2011-06-25 14:59 . 2010-12-30 11:39 80464 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2011-06-25 14:59 . 2010-12-30 11:39 64080 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2011-06-25 14:59 . 2010-12-30 11:39 190544 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-06-25 14:59 . 2011-06-25 14:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Trend Micro 2011-06-24 22:01 . 2011-06-24 22:01 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-24 22:01 . 2011-06-24 22:01 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-18 19:22 . 2011-06-18 19:22 -------- d-----w- c:\program files\TagRename 2011-06-18 19:12 . 2011-05-04 02:52 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-06-18 19:12 . 2011-05-04 02:52 472808 ----a-w- c:\windows\system32\deployJava1.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-21 18:38 . 2011-05-15 11:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 11:35 . 2006-03-10 22:43 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-05-04 00:25 . 2007-06-14 20:06 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-02 15:31 . 2006-03-10 22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2006-03-10 22:42 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2006-03-10 22:42 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2006-03-10 22:43 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-04-26 11:07 . 2006-03-10 22:40 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-25 16:05 . 2006-03-10 22:43 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2006-03-10 22:42 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2006-03-10 22:41 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2006-03-10 15:50 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2006-03-10 22:42 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-06-24 22:01 . 2011-05-09 17:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2002-11-18 4243456] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928] "HP Lamp"="c:\program files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" [2001-04-27 53248] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SetDefaultMIDI"="MIDIDEF.EXE" [2002-01-14 61440] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Data Secure"=c:\apps\DataSecure\PBBckupUI.exe /HIDDEN "CTFMON.EXE"=c:\windows\system32\ctfmon.exe "Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" "PnPUI Registrator"=c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\PnPUIReg.exe -s . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "nwiz"=nwiz.exe /install "USB Storage Toolbox"=c:\program files\USB Disk Win98 Driver\Res.EXE "WINDVDPatch"=CTHELPER.EXE "HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Utorrent\\utorrent.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [13-3-2006 22:49 4064] R2 DevNotifySvc;DevNotifySvc;c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe [14-6-2011 20:49 32768] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [13-7-2011 20:58 366640] R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [25-6-2011 16:59 64080] R2 wuaumgr;Windows Updates;c:\windows\system32\wupdmgr1.exe -daemon --> c:\windows\system32\wupdmgr1.exe -daemon [?] R3 EL910;3Com 3CSOHO100B-TX PCI;c:\windows\system32\drivers\EL910N51.sys [11-3-2006 0:49 38400] R3 hpusbfd;Hewlett-Packard USB Filter Class;c:\windows\system32\drivers\hpusbfd.sys [13-3-2006 23:08 7552] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13-7-2011 20:58 22712] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [25-6-2011 16:57 188272] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - PAVDRV *NewlyCreated* - PAVSRV *Deregistered* - PAVDRV *Deregistered* - PAVSRV . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map . 2011-06-24 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 08:09] . 2011-06-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50] . 2011-07-18 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 14:01] . 2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59] . 2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59] . 2011-07-18 c:\windows\Tasks\User_Feed_Synchronization-{33643F96-3646-430A-939C-882F19BB282B}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.soople.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx Trusted Zone: postbank.nl TCP: DhcpNameServer = 192.168.1.1 Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\COPERN~1\COPERN~1.DLL Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\COPERN~1\COPERN~1.DLL DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Joop\Application Data\Mozilla\Firefox\Profiles\fn9fdfcb.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: content.max.tokenizing.time - 200000 FF - user.js: content.notify.interval - 100000 FF - user.js: content.switch.threshold - 650000 FF - user.js: nglayout.initialpaint.delay - 300 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-Adobe PhotoDeluxe Business Editie 1.0 - c:\windows\UNIN0413.EXE AddRemove-Adobe Type Manager 4.0 - c:\windows\unin0413.exe AddRemove-HP PrecisionScan Pro - c:\windows\IsUn0413.exe AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-07-18 17:40 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3835882175-825991918-161847939-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . Voltooingstijd: 2011-07-18 17:43:31 ComboFix-quarantined-files.txt 2011-07-18 15:43 . Pre-Run: 77.626.359.808 bytes beschikbaar Post-Run: 77.951.873.024 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn . - - End Of File - - D5DF65A25A28AD8ED5766186A3F7F414
  11. HairyHippie
    Ja inderdaad, maar waarom is b.v. wupdmgr1.exe niet te vinden met een zoekopdracht en ook niet te verwijderen in de map en niet terug te vinden in de opstart van mijn systeemconfiguratie terwijl het toch resident draait. De windowsversie heet overigens wupdmgr.exe dus zonder de 1. De uninstall.exe van DevNotifySvc.exe functioneert ook niet en verbruikt net als CoreServiceShell vanaf het moment van aanzetten van de pc continue veel pcu capaciteit. Ik kan geen van deze programma's uitschakelen.
  12. HairyHippie
    Was het de bedoeling dat ik de inhoud van CuerIt.log ook hier zou plakken? Ik heb n.l. 1,7 tb aan schijfruimte in gebruik. CureIt.log is dus 74.572 bytes.
  13. HairyHippie
    [TABLE] [TR] [TD]PDFConverterSetup.exe [/TD] [TD]D:\Downloads\PDF-converter [/TD] [TD]Trojan.DownLoader3.32982 [/TD] [TD]Niet repareerbaar.Verplaatst. [/TD] [/TR] [TR] [TD]A0093265.exe [/TD] [TD]D:\System Volume Information\_restore{47F98C0F-53E0-401A-8C7B-9A25AA8B5F3D}\RP995 [/TD] [TD]Trojan.DownLoader3.32982 [/TD] [TD]Niet repareerbaar.Verplaatst. [/TD] [/TR] [/TABLE]
  14. HairyHippie
    Dit kwam ik nog tegen over het bestand wupdmgr1.exe SETIATHOME and BOINC - Page 3
  15. HairyHippie
    Zojuist gescand maar er is niets gevonden. [h=3]Extra informatie[/h] [TABLE=class: scannertable] [TR] [TD=width: 100] Bestandsgrootte: [/TD] [TD] 327680 bytes [/TD] [/TR] [TR] [TD=width: 100] Bestandstype: [/TD] [TD] PE32 executable for MS Windows (console) Intel 80386 32-bit [/TD] [/TR] [TR] [TD] MD5: [/TD] [TD] 1cc9df4c2b23116760df778ec784c816 [/TD] [/TR] [TR] [TD] SHA1: [/TD] [TD] 2bf1246acf6774d379e2bc29f75609af614bfbed [/TD] [/TR] [/TABLE]
  16. HairyHippie
    De scan heeft niet opgeleverd m.b.t. de 3 files. Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 7116 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 13-7-2011 21:35:59 mbam-log-2011-07-13 (21-35-59).txt Scantype: Snelle scan Objecten gescand: 187264 Verstreken tijd: 10 minuut/minuten, 16 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 1 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) _________________________________________________________________________________ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:10:29, on 13-7-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wupdmgr1.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.soople.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: DevNotifySvc - ASD - C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 11639 bytes
  17. HairyHippie
    Beste Clarkie, hierbij het logfile Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:39:12, on 12-7-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wupdmgr1.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.soople.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Sammsoft Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: DevNotifySvc - ASD - C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O24 - Desktop Component 1: (no name) - Stichting voor Surinaamse Genealogie -- End of file - 11936 bytes
  18. HairyHippie
    Beste beheerders, Sinds een tijdje staat bij mij onder taakbeheer het proces wupdmgr1.exe. Op 14 juni van dit jaar heb ik een usb-kaart geplaatst en op 25 juni een nieuwe versie van Trend Micro geinstalleerd. Sindsdien zie ik ook de processen DevNotifySvc.exe en core ServiceShel.exe die vanaf het opstarten van de pc continue heel veel cpu capaciteit gebruiken. Omdat ik deze 3 bestanden niet vertrouwde ben ik aan het googelen gegaan en ben er nu van overtuigd dat het om virussen gaat. Alleen heb ik geen oplossing kunnen vinden. Het bestand wupdmgr1.exe is ook niet te vinden met de Windows zoekoptie. Trenmicro geeft niets aan en ook Spybotscearch en Ccleaner vinden niets. Wat kan ik doen om zeker te zijn dat het inderdaad om virussen gaat en hoe kan ik die dan ook verwijderen. Graag jullie hulp. HairyHippie
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.