Ga naar inhoud

WINhans

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    22

  • Registratiedatum

  • Laatst bezocht

WINhans's prestaties

Leerling

Leerling (3/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. WINhans
    Ik ga het met haar bespreken danje.
  2. WINhans
    Tante: Ik wil graag dat je wat concreter bent. Je weet nu ongeveer wat ik doe met een computer. Ik wil graag een laptop om makkelijk te kunnen verplaatsen. Je weet ongeveer de prijs die ik er voor kwijt wil. Wat je nog niet weet (of wel) dat ik er mee wil skypen en dus zo'n ingebouwd oog er in en om dat hij voor dagelijks gebruik is een redelijk groot scherm. Hoe meer informatie ik krijg hoe ingewikkelder het voor mij wordt. Keep it simpel.
  3. WINhans
    Hoeveel zal het door u ideaal geschetste totaal plaatje kosten, en hoe kan ze dit bestellen? Groeten
  4. WINhans
    kan je meer vertellen over de nadelen?
  5. WINhans
    HP psc 1219 all in one printer - scanner - copier
  6. WINhans
    Ze woont in Nederland, De printer maakt niet veel uit.
  7. WINhans
    verder nog suggesties?
  8. WINhans
    Ik heb het doorgegeven aan mijn tante. bedankt!
  9. WINhans
    Hallo iedereen, Mijn tante wil een nieuwe laptop kopen (ook voor haar bedrijf) en ik wil graag een uitgebreid advies van jullie als er kosten voor gerekend worden is dat prima maar het liefst uiteraard gratis dit is haar tekst: als reactie vroeg ik naar haar budget Heel erg bedankt alvast! ~ Hans
  10. WINhans
    met verzendkosten kom ik nu uit op Totaal €1.399,36 Ben er erg tevreden mee, bedankt is dit overigens nodig?: Azerty Montage volledig systeem 1 jaar garantie
  11. WINhans
    Moeilijk te zeggen, ik heb mijn PC sneller gezien maar dit is al een stuk beter! nog meer tips of was dit het? zo ja dan ben ik meer als tevreden!!
  12. WINhans
    Ik weet niet zeker of ik het goed heb gedaan log: ComboFix 11-10-20.05 - Hans 20-10-2011 19:07:20.2.2 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1392 [GMT 2:00] Gestart vanuit: c:\documents and settings\Hans\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Hans\Bureaublad\CFScript.txt AV: AntiVir Desktop *Disabled/Updated* {11638345-E4FC-4BEE-BB73-EC754659C5F6} FW: Avira FireWall *Disabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-20 to 2011-10-20 )))))))))))))))))))))))))))))) . . 2011-10-19 15:48 . 2011-10-19 15:48 -------- d-----w- c:\documents and settings\Hans\Application Data\Malwarebytes 2011-10-19 15:48 . 2011-10-19 15:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-10-19 15:48 . 2011-10-19 15:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-19 15:48 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-19 13:56 . 2011-10-19 13:56 388096 ----a-r- c:\documents and settings\Hans\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-19 13:56 . 2011-10-19 13:56 -------- d-----w- c:\program files\Trend Micro 2011-10-18 12:55 . 2011-10-18 13:01 -------- d-----w- c:\documents and settings\Administrator 2011-10-01 17:38 . 2011-10-01 17:38 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe 2011-10-01 17:38 . 2011-10-01 17:38 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2008-04-15 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2008-04-15 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-09 09:12 . 2008-04-15 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 14:09 . 2008-04-15 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-22 23:41 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:41 . 2008-04-15 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:41 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-08-22 11:58 . 2008-04-15 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-08-17 13:49 . 2008-04-15 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2010-10-01 07:11 . 2010-12-29 16:14 462112 ----a-w- c:\program files\Common Files\ZugoInstaller.exe 2010-07-25 10:58 . 2010-07-25 10:58 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-25 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-06 281768] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 1809992] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 358472] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 3649096] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ WlanUtility.lnk - c:\program files\MicroStar\WLANUtility\WlanUtility.exe [2005-3-8 146944] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^GamersFirst LIVE!.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\GamersFirst LIVE!.lnk backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Hans^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\documents and settings\Hans\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] 2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2010-12-14 16:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface] 2009-12-30 23:25 1208832 ----a-w- c:\program files\FileZilla Server\FileZilla Server Interface.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2010-07-25 10:58 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 20:33 1695232 ------w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] 2010-11-05 14:23 2975640 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-04-18 15:30 15146376 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2011-10-14 16:51 1242448 ----a-w- c:\program files\Steam\steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-06-25 13:18 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wscsvc"=2 (0x2) "FileZilla Server"=2 (0x2) "TeamViewer5"=2 (0x2) "iPod Service"=3 (0x3) "gusvc"=2 (0x2) "gupdate"=2 (0x2) "GoogleDesktopManager-051210-111108"=3 (0x3) "Apple Mobile Device"=2 (0x2) "WMPNetworkSvc"=3 (0x3) "TeamViewer6"=2 (0x2) "SwitchBoard"=3 (0x3) "rpcapd"=3 (0x3) "ose"=3 (0x3) "odserv"=3 (0x3) "nSvcIp"=2 (0x2) "MyWebSearchService"=2 (0x2) "ForceWare Intelligent Application Manager (IAM)"=2 (0x2) "CrossLoopService"=2 (0x2) "tvnserver"=3 (0x3) "JavaQuickStarterService"=2 (0x2) "idsvc"=3 (0x3) "gupdatem"=3 (0x3) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= "c:\\Documents and Settings\\Hans\\Local Settings\\Application Data\\CrossLoop\\vncviewer.exe"= "c:\\Documents and Settings\\Hans\\Local Settings\\Application Data\\CrossLoop\\tvnserver.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty black ops\\BlackOps.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty black ops\\BlackOpsMP.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57716:TCP"= 57716:TCP:Pando Media Booster "57716:UDP"= 57716:UDP:Pando Media Booster "57576:TCP"= 57576:TCP:Pando Media Booster "57576:UDP"= 57576:UDP:Pando Media Booster "5910:TCP"= 5910:TCP:vnc5910 "1173:TCP"= 1173:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [24-6-2010 18:50 106904] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [15-4-2008 14:00 14336] R2 AntiVirFirewallService;Avira FireWall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [24-6-2010 18:50 567464] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [24-6-2010 18:50 136360] R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [22-2-2007 11:28 30864] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [19-10-2011 17:48 366152] R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [24-6-2010 14:46 28256] R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [24-6-2010 18:50 82952] R3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\drivers\LGPBTDD.sys [16-7-2011 17:36 23432] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [19-10-2011 17:48 22216] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [28-3-2009 20:00 31392] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [28-3-2009 19:59 238080] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384] S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [24-6-2010 14:46 28256] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [14-7-2009 15:35 19720] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [16-7-2011 19:16 14856] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [10-5-2010 11:44 22328] S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [10-5-2010 11:44 25912] S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [10-5-2010 11:44 16696] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25-1-2007 19:31 42000] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504] S3 XDva344;XDva344;\??\c:\windows\system32\XDva344.sys --> c:\windows\system32\XDva344.sys [?] S4 CrossLoopService;CrossLoop Service;c:\documents and settings\Hans\Local Settings\Application Data\CrossLoop\CrossLoopService.exe [26-12-2010 15:06 560848] S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [25-6-2010 15:18 30192] S4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25-6-2010 15:19 136176] S4 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25-6-2010 15:19 136176] S4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19-2-2010 13:37 517096] S4 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [28-6-2010 9:20 173352] S4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [30-11-2010 19:08 2222376] S4 tvnserver;TightVNC Server;c:\documents and settings\Hans\Local Settings\Application Data\CrossLoop\tvnserver.exe [26-12-2010 15:06 814080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Inhoud van de 'Gedeelde Taken' map . 2011-10-20 c:\windows\Tasks\AdobeAAMUpdater-1.0-HANS-869825C078-Hans.job - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-11-08 02:44] . 2011-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2011-10-20 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-25 15:45] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-25 13:19] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-25 13:19] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 LSP: %SYSTEMROOT%\system32\nvLsp.dll Trusted Zone: com\www.msi TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\documents and settings\Hans\Application Data\Mozilla\Firefox\Profiles\pzxua3dh.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-20 19:15 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1976) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'lsass.exe'(2032) c:\windows\system32\nvLsp.dll . - - - - - - - > 'explorer.exe'(2636) c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2011-10-20 19:16:23 ComboFix-quarantined-files.txt 2011-10-20 17:16 ComboFix2.txt 2011-10-20 16:01 . Pre-Run: 46.475.382.784 bytes beschikbaar Post-Run: 46.460.645.376 bytes beschikbaar . - - End Of File - - 0CDADC1B103BE02AB0E908FE55ACC272
  13. WINhans
    Log: ComboFix 11-10-20.05 - Hans 20-10-2011 17:49:45.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1198 [GMT 2:00] Gestart vanuit: c:\documents and settings\Hans\Bureaublad\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {11638345-E4FC-4BEE-BB73-EC754659C5F6} FW: Avira FireWall *Disabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\DFR4.tmp C:\DFR41.tmp C:\DFR42.tmp C:\DFR453.tmp C:\DFR6.tmp c:\documents and settings\Hans\Application Data\Local c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\(2).ddr c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\(3).ddr c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\(4).ddr c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\.ddr c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\1.ddi c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\4.ddi c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\5.ddi c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\6.ddi c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\settings.ddi c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2).ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3).ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(4).ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(5).ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(6).ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(7).ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(8).ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp c:\documents and settings\Hans\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx.ddp c:\windows\system32\d3d9caps.dat c:\windows\system32\Thumbs.db c:\windows\system32\wl.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MYWEBSEARCHSERVICE . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-20 to 2011-10-20 )))))))))))))))))))))))))))))) . . 2011-10-19 15:48 . 2011-10-19 15:48 -------- d-----w- c:\documents and settings\Hans\Application Data\Malwarebytes 2011-10-19 15:48 . 2011-10-19 15:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-10-19 15:48 . 2011-10-19 15:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-19 15:48 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-19 13:56 . 2011-10-19 13:56 388096 ----a-r- c:\documents and settings\Hans\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-19 13:56 . 2011-10-19 13:56 -------- d-----w- c:\program files\Trend Micro 2011-10-18 12:55 . 2011-10-18 13:01 -------- d-----w- c:\documents and settings\Administrator 2011-10-01 17:38 . 2011-10-01 17:38 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe 2011-10-01 17:38 . 2011-10-01 17:38 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2008-04-15 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2008-04-15 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-09 09:12 . 2008-04-15 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 14:09 . 2008-04-15 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-22 23:41 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:41 . 2008-04-15 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:41 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-08-22 11:58 . 2008-04-15 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-08-17 13:49 . 2008-04-15 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2010-10-01 07:11 . 2010-12-29 16:14 462112 ----a-w- c:\program files\Common Files\ZugoInstaller.exe 2010-07-25 10:58 . 2010-07-25 10:58 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-25 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-06 281768] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 1809992] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 358472] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 3649096] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ WlanUtility.lnk - c:\program files\MicroStar\WLANUtility\WlanUtility.exe [2005-3-8 146944] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^GamersFirst LIVE!.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\GamersFirst LIVE!.lnk backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Hans^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\documents and settings\Hans\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] 2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2010-12-14 16:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface] 2009-12-30 23:25 1208832 ----a-w- c:\program files\FileZilla Server\FileZilla Server Interface.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2010-07-25 10:58 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 20:33 1695232 ------w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] 2010-11-05 14:23 2975640 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-04-18 15:30 15146376 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2011-10-14 16:51 1242448 ----a-w- c:\program files\Steam\steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-06-25 13:18 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wscsvc"=2 (0x2) "FileZilla Server"=2 (0x2) "TeamViewer5"=2 (0x2) "iPod Service"=3 (0x3) "gusvc"=2 (0x2) "gupdate"=2 (0x2) "GoogleDesktopManager-051210-111108"=3 (0x3) "Apple Mobile Device"=2 (0x2) "WMPNetworkSvc"=3 (0x3) "TeamViewer6"=2 (0x2) "SwitchBoard"=3 (0x3) "rpcapd"=3 (0x3) "ose"=3 (0x3) "odserv"=3 (0x3) "nSvcIp"=2 (0x2) "MyWebSearchService"=2 (0x2) "ForceWare Intelligent Application Manager (IAM)"=2 (0x2) "CrossLoopService"=2 (0x2) "tvnserver"=3 (0x3) "JavaQuickStarterService"=2 (0x2) "idsvc"=3 (0x3) "gupdatem"=3 (0x3) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= "c:\\Documents and Settings\\Hans\\Local Settings\\Application Data\\CrossLoop\\vncviewer.exe"= "c:\\Documents and Settings\\Hans\\Local Settings\\Application Data\\CrossLoop\\tvnserver.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty black ops\\BlackOps.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\call of duty black ops\\BlackOpsMP.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57716:TCP"= 57716:TCP:Pando Media Booster "57716:UDP"= 57716:UDP:Pando Media Booster "57576:TCP"= 57576:TCP:Pando Media Booster "57576:UDP"= 57576:UDP:Pando Media Booster "5910:TCP"= 5910:TCP:vnc5910 "1034:TCP"= 1034:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [24-6-2010 18:50 106904] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [15-4-2008 14:00 14336] R2 AntiVirFirewallService;Avira FireWall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [24-6-2010 18:50 567464] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [24-6-2010 18:50 136360] R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [22-2-2007 11:28 30864] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [19-10-2011 17:48 366152] R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [24-6-2010 14:46 28256] R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [24-6-2010 18:50 82952] R3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\drivers\LGPBTDD.sys [16-7-2011 17:36 23432] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [19-10-2011 17:48 22216] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [28-3-2009 20:00 31392] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [28-3-2009 19:59 238080] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384] S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [24-6-2010 14:46 28256] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [14-7-2009 15:35 19720] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [16-7-2011 19:16 14856] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [10-5-2010 11:44 22328] S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [10-5-2010 11:44 25912] S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [10-5-2010 11:44 16696] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25-1-2007 19:31 42000] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504] S3 XDva344;XDva344;\??\c:\windows\system32\XDva344.sys --> c:\windows\system32\XDva344.sys [?] S4 CrossLoopService;CrossLoop Service;c:\documents and settings\Hans\Local Settings\Application Data\CrossLoop\CrossLoopService.exe [26-12-2010 15:06 560848] S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [25-6-2010 15:18 30192] S4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25-6-2010 15:19 136176] S4 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25-6-2010 15:19 136176] S4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19-2-2010 13:37 517096] S4 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [28-6-2010 9:20 173352] S4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [30-11-2010 19:08 2222376] S4 tvnserver;TightVNC Server;c:\documents and settings\Hans\Local Settings\Application Data\CrossLoop\tvnserver.exe [26-12-2010 15:06 814080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Inhoud van de 'Gedeelde Taken' map . 2011-10-20 c:\windows\Tasks\AdobeAAMUpdater-1.0-HANS-869825C078-Hans.job - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-11-08 02:44] . 2011-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2011-10-20 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-25 15:45] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-25 13:19] . 2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-25 13:19] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 LSP: %SYSTEMROOT%\system32\nvLsp.dll Trusted Zone: com\www.msi TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\documents and settings\Hans\Application Data\Mozilla\Firefox\Profiles\pzxua3dh.default\ FF - prefs.js: browser.search.selectedEngine - Ask FF - prefs.js: browser.startup.homepage - hxxp://www.buzqo.com/?cfg=2-401-0-2JLsY FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{A8864317-E18B-4292-99D9-E6E65AB905D3} - (no file) MSConfigStartUp-Form1 - c:\documents and settings\Hans\Mijn documenten\Downloads\server.exe MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\2.bin\mwsoemon.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-20 17:57 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1976) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'lsass.exe'(2032) c:\windows\system32\nvLsp.dll . - - - - - - - > 'explorer.exe'(3144) c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\Google\Update\1.3.21.69\GoogleCrashHandler.exe c:\program files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe c:\program files\MicroStar\WLANUtility\WLAN_Service.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Voltooingstijd: 2011-10-20 18:01:07 - machine werd herstart ComboFix-quarantined-files.txt 2011-10-20 16:00 . Pre-Run: 45.025.345.536 bytes beschikbaar Post-Run: 45.725.106.176 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - EA5E3EC23008E54FEC0E186618F5A3DA
  14. WINhans
    Als ik vergelijkbare kwaliteit wil hebben maar iets goedkoper (zeg rond de 1250 - 1500) waar moet ik dan aan denken? Bedankt trouwens voor de samenstelling ik ga er zeker wat mee doen
  15. WINhans
    Sorry je hebt helemaal gelijk, ik heb de tijd hoor IK zal mijn computer opstarten en je instructies uitvoeren.. ---------- Post toegevoegd om 11:39 ---------- Vorige post was om 11:34 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:37:03, on 20-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\1.3.21.69\GoogleCrashHandler.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: WlanUtility.lnk = C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277327931421 O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- End of file - 8144 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.