HairyHippie
-
Items
18 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door HairyHippie
-
-
Er zijn verschillende manieren om een mail vanuit Access te verzenden.
Gebruik je Outlook.Application ?
Is in dat geval Outlook geïnstalleerd op de PC waarop de runtime draait?
@plx
Ik werk in een gesloten netwerk (intranet) en maak daarbij gebruik van Lotusnotes als mailprogramma.
Het mailen lukt probleemloos als ik dit doe door de applicatie met de fullversie (ontwikkelversie) van Access op te starten.
Doe ik dit met de runtimeversie dan volgt een melding dat de opdracht niet aanwezig is.
Het probleem heeft dus volgens mij met de runtime van Access te maken.
Dit probleem doet zich ook voor als ik een Excelbestand wil exporteren met de runtimeversie.
-
Beste lezer,
Ik heb in Access2010 een applicatie gemaakt waarmee je o.a. Brieven kunt uitdraaien.
Voor dit printen heb ik een apart lint gemaakt omdat, na het printen, er een tabel wordt gemaakt met een tabelmaak query en de tabel vervolgens naar iemand toe wordt gemaild.
Al deze handelingen staan in een macro. De macro wordt aangeroepen als je op de print-icoon in het lint klikt.
Met de fullversie is er geen probleem. Met de runtimeversie werken de eerste twee opdrachten (printen en tabel maken) wel maar het mailen niet.
Er volgt een melding dat de opdracht niet aanwezig is en de macro wordt afgesloten.
Wat doe ik hier niet goed?
Vr.gr. HairyHippe
-
Heb de hotfix gedraaid maar deze gaf aan dat de geinstalleerde servicepack is nieuwer dan deze versie.
Deze versie is geschikt voor servicepack 1.
Zie je nog andere mogelijkheden?
-
De Hotfix betreft service pack 2 terwijl ik beschik over service pack 3.
Kan dit geen kwaad?
-
Sinds enkele dagen krijg ik de volgende melding van Windows:
'Windows - Uitgestelde schrijfbewerkingen zijn mislukt
Kan niet alle gegevens voor bestand I:\$Mft opslaan. De gegevens zijn verloren gegaan. Deze fout kan zijn veroorzaakt door een fout in de computerhardware of netwerkverbinding. Probeer het bestand ergens anders op te slaan.'
Als ik via de verkenner de mappen open zijn deze leeg, maar hij geeft wel een verbruik van 380Gb aan.
Het betreft een externe harde schijf van Philips.
Wat kan hier aan de hand zijn en is dit probleem op te lossen?
Is de data in de mappen nu wel of niet verdwenen?
Wie zou mij hiermee kunnen helpen.
-
Heb de laatste handelingen ook uitgevoerd. De problemen zijn , wat mij betreft, opgelost.
Nogmaals hartelijk bedankt voor jullie moeite.
-
Het is gelukt! Wupdmgr1.exe is inderdaad verdwenen.
Heb zojuist DevNotifySvc helemaal kunnen verwijderen.
Dit programma is geinstalleerd na het plaatsen van een USB-poort.
Deze drivers heb ik toch niet nodig omdat de Widows drivers worden gebruikt.
Inmiddels blijkt dat ook CoreServiceShell.exe aanmerkelijk minder cpu capaciteit gebruikt.
2 à 3 % in plaats van 30 tot 50 %.
Het probleem is gelukkig opgelost.
Heel erg bedankt voor de tijd en moeite die jullie hieraan hebben besteed en ook voor de oplossing.
---------- Post toegevoegd om 19:50 ---------- Vorige post was om 19:46 ----------
Vergeet iets.
Met het draaien van al die scanners zijn er mappen aangemaakt en bestanden ge(ver)plaatst.
Kan ik deze gewoon handmatig verwijderen?
Weten jullie nog welke mappen er zijn aangemaakt, voor het geval ik iets over het hoofd zie.
-
ComboFix 11-07-18.04 - Joop 18-07-2011 20:59:14.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1535.1114 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Joop\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Joop\Bureaublad\CFScript.txt
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
FILE ::
"c:\windows\system32\wupdmgr1.exe"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Joop\DoctorWeb
c:\documents and settings\Joop\DoctorWeb\CureIt.log
c:\windows\system32\Projects
c:\windows\system32\wupdmgr1.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WUAUMGR
-------\Service_wuaumgr
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 ))))))))))))))))))))))))))))))
.
.
2011-07-18 15:14 . 2011-07-18 15:17 -------- d-----w- C:\Snelkoppelingen
2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\Joop\Application Data\Malwarebytes
2011-07-13 18:58 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-07-13 18:58 . 2011-07-16 19:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-13 18:58 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-10 18:21 . 2011-07-10 18:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-10 17:47 . 2011-07-18 18:53 -------- d--h--r- c:\documents and settings\Joop\Onlangs geopend
2011-07-10 17:16 . 2011-07-10 17:16 -------- d-----w- c:\program files\CCleaner
2011-07-10 17:08 . 2011-07-10 17:08 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-09 09:55 . 2011-07-09 09:55 53 ----a-w- c:\windows\DelToolbox.bat
2011-06-26 12:15 . 2011-06-26 15:37 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-25 15:00 . 2011-06-25 15:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\Trend Micro
2011-06-25 14:59 . 2011-06-25 14:48 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-06-25 14:59 . 2010-12-30 11:39 80464 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-06-25 14:59 . 2010-12-30 11:39 64080 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-06-25 14:59 . 2010-12-30 11:39 190544 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-06-25 14:59 . 2011-06-25 14:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Trend Micro
2011-06-24 22:01 . 2011-06-24 22:01 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-24 22:01 . 2011-06-24 22:01 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-18 19:22 . 2011-06-18 19:22 -------- d-----w- c:\program files\TagRename
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-21 18:38 . 2011-05-15 11:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2006-03-10 22:43 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-05-04 02:52 . 2011-06-18 19:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2007-06-14 20:06 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:31 . 2006-03-10 22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2006-03-10 22:42 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2006-03-10 22:42 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2006-03-10 22:43 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2006-03-10 22:40 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-25 16:05 . 2006-03-10 22:43 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05 . 2006-03-10 22:42 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05 . 2006-03-10 22:41 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2006-03-10 15:50 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2006-03-10 22:42 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-06-24 22:01 . 2011-05-09 17:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-18_15.40.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-18 19:09 . 2011-07-18 19:09 16384 c:\windows\Temp\Perflib_Perfdata_648.dat
+ 2011-07-18 19:13 . 2011-07-18 19:13 16384 c:\windows\Temp\Perflib_Perfdata_508.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2002-11-18 4243456]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"HP Lamp"="c:\program files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" [2001-04-27 53248]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMIDI"="MIDIDEF.EXE" [2002-01-14 61440]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Data Secure"=c:\apps\DataSecure\PBBckupUI.exe /HIDDEN
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"PnPUI Registrator"=c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\PnPUIReg.exe -s
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"nwiz"=nwiz.exe /install
"USB Storage Toolbox"=c:\program files\USB Disk Win98 Driver\Res.EXE
"WINDVDPatch"=CTHELPER.EXE
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Utorrent\\utorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [13-3-2006 22:49 4064]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [25-6-2011 16:57 188272]
R2 DevNotifySvc;DevNotifySvc;c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe [14-6-2011 20:49 32768]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [13-7-2011 20:58 366640]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [25-6-2011 16:59 64080]
R3 EL910;3Com 3CSOHO100B-TX PCI;c:\windows\system32\drivers\EL910N51.sys [11-3-2006 0:49 38400]
R3 hpusbfd;Hewlett-Packard USB Filter Class;c:\windows\system32\drivers\hpusbfd.sys [13-3-2006 23:08 7552]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13-7-2011 20:58 22712]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - PAVDRV
*NewlyCreated* - PAVSRV
*Deregistered* - PAVDRV
*Deregistered* - PAVSRV
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map
.
2011-06-24 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 08:09]
.
2011-06-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-07-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 14:01]
.
2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59]
.
2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59]
.
2011-07-18 c:\windows\Tasks\User_Feed_Synchronization-{33643F96-3646-430A-939C-882F19BB282B}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.soople.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
Trusted Zone: postbank.nl
TCP: DhcpNameServer = 192.168.1.1
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\COPERN~1\COPERN~1.DLL
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\COPERN~1\COPERN~1.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Joop\Application Data\Mozilla\Firefox\Profiles\fn9fdfcb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-07-18 21:16
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3835882175-825991918-161847939-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'explorer.exe'(168)
c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\signhook.dll
c:\program files\Logitech\iTouch\iTchHk.dll
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Trend Micro\AMSP\coreFrameworkHost.exe
c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\System32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Voltooingstijd: 2011-07-18 21:21:50 - machine werd herstart
ComboFix-quarantined-files.txt 2011-07-18 19:21
ComboFix2.txt 2011-07-18 15:43
.
Pre-Run: 77.915.234.304 bytes beschikbaar
Post-Run: 77.767.155.712 bytes beschikbaar
.
- - End Of File - - AC6CCC91210BABB984C1A817F4362628
-
Hierbij het resultaat van ComboFix.
ComboFix 11-07-18.01 - Joop 18-07-2011 17:33:52.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1535.987 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Joop\Bureaublad\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Bezoeker\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Joop\WINDOWS
c:\documents and settings\Thea\WINDOWS
c:\windows\AUTOLNCH.REG
c:\windows\IsUn0413.exe
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\Projects
c:\windows\system32\service
c:\windows\system32\service\10032011_TIS17_SfFniAU.log
c:\windows\system32\service\14052011_TIS17_SfFniAU.log
c:\windows\system32\service\28052010_TIS17_SfFniAU.log
c:\windows\unin0413.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 ))))))))))))))))))))))))))))))
.
.
2011-07-18 15:14 . 2011-07-18 15:17 -------- d-----w- C:\Snelkoppelingen
2011-07-15 16:32 . 2011-07-16 08:22 -------- d-----w- c:\documents and settings\Joop\DoctorWeb
2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\Joop\Application Data\Malwarebytes
2011-07-13 18:58 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-13 18:58 . 2011-07-13 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-07-13 18:58 . 2011-07-16 19:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-13 18:58 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-10 18:21 . 2011-07-10 18:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-10 17:47 . 2011-07-18 15:13 -------- d--h--r- c:\documents and settings\Joop\Onlangs geopend
2011-07-10 17:16 . 2011-07-10 17:16 -------- d-----w- c:\program files\CCleaner
2011-07-10 17:08 . 2011-07-10 17:08 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-09 09:55 . 2011-07-09 09:55 53 ----a-w- c:\windows\DelToolbox.bat
2011-06-26 12:15 . 2011-06-26 15:37 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-25 15:00 . 2011-06-25 15:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\Trend Micro
2011-06-25 14:59 . 2011-06-25 14:48 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-06-25 14:59 . 2010-12-30 11:39 80464 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-06-25 14:59 . 2010-12-30 11:39 64080 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-06-25 14:59 . 2010-12-30 11:39 190544 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-06-25 14:59 . 2011-06-25 14:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Trend Micro
2011-06-24 22:01 . 2011-06-24 22:01 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-24 22:01 . 2011-06-24 22:01 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-18 19:22 . 2011-06-18 19:22 -------- d-----w- c:\program files\TagRename
2011-06-18 19:12 . 2011-05-04 02:52 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-06-18 19:12 . 2011-05-04 02:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-21 18:38 . 2011-05-15 11:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2006-03-10 22:43 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-05-04 00:25 . 2007-06-14 20:06 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:31 . 2006-03-10 22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2006-03-10 22:42 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2006-03-10 22:42 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2006-03-10 22:43 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2006-03-10 22:40 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-25 16:05 . 2006-03-10 22:43 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05 . 2006-03-10 22:42 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05 . 2006-03-10 22:41 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2006-03-10 15:50 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2006-03-10 22:42 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-06-24 22:01 . 2011-05-09 17:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2002-11-18 4243456]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"HP Lamp"="c:\program files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" [2001-04-27 53248]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 57344]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMIDI"="MIDIDEF.EXE" [2002-01-14 61440]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Data Secure"=c:\apps\DataSecure\PBBckupUI.exe /HIDDEN
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"PnPUI Registrator"=c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\PnPUIReg.exe -s
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"nwiz"=nwiz.exe /install
"USB Storage Toolbox"=c:\program files\USB Disk Win98 Driver\Res.EXE
"WINDVDPatch"=CTHELPER.EXE
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Utorrent\\utorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [13-3-2006 22:49 4064]
R2 DevNotifySvc;DevNotifySvc;c:\program files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe [14-6-2011 20:49 32768]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [13-7-2011 20:58 366640]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [25-6-2011 16:59 64080]
R2 wuaumgr;Windows Updates;c:\windows\system32\wupdmgr1.exe -daemon --> c:\windows\system32\wupdmgr1.exe -daemon [?]
R3 EL910;3Com 3CSOHO100B-TX PCI;c:\windows\system32\drivers\EL910N51.sys [11-3-2006 0:49 38400]
R3 hpusbfd;Hewlett-Packard USB Filter Class;c:\windows\system32\drivers\hpusbfd.sys [13-3-2006 23:08 7552]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13-7-2011 20:58 22712]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [25-6-2011 16:57 188272]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10-1-2010 12:59 135664]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - PAVDRV
*NewlyCreated* - PAVSRV
*Deregistered* - PAVDRV
*Deregistered* - PAVSRV
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map
.
2011-06-24 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 08:09]
.
2011-06-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-07-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 14:01]
.
2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59]
.
2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-10 10:59]
.
2011-07-18 c:\windows\Tasks\User_Feed_Synchronization-{33643F96-3646-430A-939C-882F19BB282B}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.soople.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
Trusted Zone: postbank.nl
TCP: DhcpNameServer = 192.168.1.1
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\COPERN~1\COPERN~1.DLL
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\COPERN~1\COPERN~1.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Joop\Application Data\Mozilla\Firefox\Profiles\fn9fdfcb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe PhotoDeluxe Business Editie 1.0 - c:\windows\UNIN0413.EXE
AddRemove-Adobe Type Manager 4.0 - c:\windows\unin0413.exe
AddRemove-HP PrecisionScan Pro - c:\windows\IsUn0413.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-07-18 17:40
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3835882175-825991918-161847939-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Voltooingstijd: 2011-07-18 17:43:31
ComboFix-quarantined-files.txt 2011-07-18 15:43
.
Pre-Run: 77.626.359.808 bytes beschikbaar
Post-Run: 77.951.873.024 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - D5DF65A25A28AD8ED5766186A3F7F414
-
Ja inderdaad, maar waarom is b.v. wupdmgr1.exe niet te vinden met een zoekopdracht en ook niet te verwijderen in de map en niet terug te vinden in de opstart van mijn systeemconfiguratie terwijl het toch resident draait.
De windowsversie heet overigens wupdmgr.exe dus zonder de 1.
De uninstall.exe van DevNotifySvc.exe functioneert ook niet en verbruikt net als CoreServiceShell vanaf het moment van aanzetten van de pc continue veel pcu capaciteit.
Ik kan geen van deze programma's uitschakelen.
-
Was het de bedoeling dat ik de inhoud van CuerIt.log ook hier zou plakken?
Ik heb n.l. 1,7 tb aan schijfruimte in gebruik.
CureIt.log is dus 74.572 bytes.
-
[TABLE]
[TR]
[TD]PDFConverterSetup.exe
[/TD]
[TD]D:\Downloads\PDF-converter
[/TD]
[TD]Trojan.DownLoader3.32982
[/TD]
[TD]Niet repareerbaar.Verplaatst.
[/TD]
[/TR]
[TR]
[TD]A0093265.exe
[/TD]
[TD]D:\System Volume Information\_restore{47F98C0F-53E0-401A-8C7B-9A25AA8B5F3D}\RP995
[/TD]
[TD]Trojan.DownLoader3.32982
[/TD]
[TD]Niet repareerbaar.Verplaatst.
[/TD]
[/TR]
[/TABLE]
-
Dit kwam ik nog tegen over het bestand wupdmgr1.exe
-
Zojuist gescand maar er is niets gevonden.
[h=3]Extra informatie[/h] [TABLE=class: scannertable]
[TR]
[TD=width: 100] Bestandsgrootte: [/TD]
[TD] 327680 bytes [/TD]
[/TR]
[TR]
[TD=width: 100] Bestandstype: [/TD]
[TD] PE32 executable for MS Windows (console) Intel 80386 32-bit [/TD]
[/TR]
[TR]
[TD] MD5: [/TD]
[TD] 1cc9df4c2b23116760df778ec784c816 [/TD]
[/TR]
[TR]
[TD] SHA1: [/TD]
[TD] 2bf1246acf6774d379e2bc29f75609af614bfbed [/TD]
[/TR]
[/TABLE]
-
De scan heeft niet opgeleverd m.b.t. de 3 files.
Malwarebytes' Anti-Malware 1.51.0.1200
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 7116
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
13-7-2011 21:35:59
mbam-log-2011-07-13 (21-35-59).txt
Scantype: Snelle scan
Objecten gescand: 187264
Verstreken tijd: 10 minuut/minuten, 16 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 1
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
_________________________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:29, on 13-7-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wupdmgr1.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.soople.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DevNotifySvc - ASD - C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 11639 bytes
-
Beste Clarkie, hierbij het logfile
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:39:12, on 12-7-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wupdmgr1.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.soople.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend
Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program
Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search &
Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search
Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend
Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows
Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows
Live\Toolbar\wltcore.dll
O3 - Toolbar: Sammsoft Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1"
SplashURL ""
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Lokale
service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -
C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search &
Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program
Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend
Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend
Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -
C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} -
C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop
Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DevNotifySvc - ASD - C:\Program Files\Common Files\Sitecom Shared\PnP Universal Installer\DevNotifySvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH -
C:\WINDOWS\System32\TuneUpDefragService.exe
O24 - Desktop Component 1: (no name) - Stichting voor Surinaamse Genealogie
--
End of file - 11936 bytes
-
Beste beheerders,
Sinds een tijdje staat bij mij onder taakbeheer het proces wupdmgr1.exe.
Op 14 juni van dit jaar heb ik een usb-kaart geplaatst en op 25 juni een nieuwe versie van Trend Micro geinstalleerd.
Sindsdien zie ik ook de processen DevNotifySvc.exe en core ServiceShel.exe die vanaf het opstarten van de pc continue heel veel cpu capaciteit gebruiken.
Omdat ik deze 3 bestanden niet vertrouwde ben ik aan het googelen gegaan en ben er nu van overtuigd dat het om virussen gaat. Alleen heb ik geen oplossing kunnen vinden.
Het bestand wupdmgr1.exe is ook niet te vinden met de Windows zoekoptie.
Trenmicro geeft niets aan en ook Spybotscearch en Ccleaner vinden niets.
Wat kan ik doen om zeker te zijn dat het inderdaad om virussen gaat en hoe kan ik die dan ook verwijderen.
Graag jullie hulp.
HairyHippie
Access runtime 2010
in Archief Access
Geplaatst:
Ja beiden op dezelfde pc.