snieboer
-
Items
4 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door snieboer
-
-
waarschijnlijk lag het aan mijn draadloze toetsenbord, de muis had ik al uitgeprobeerd.
vooralsnog is het nu goed.
Bedankt nog voor uw tijd en meedenken!
Simon
-
de piepjes zijn er 3: - --
alle 3 binnen 1 seconde
log hijack:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:27:19, on
20-2-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet
Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running
processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program
Files\Microsoft Security
Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program
Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program
Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
C:\Program Files\Linksys\Linksys
Updater\bin\LinksysUpdater.exe
C:\Program Files\Common Files\Nero\Nero
BackItUp
4\NBService.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program
Files\PDF
Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program
Files\Common Files\Pure Networks
Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program
Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common
Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program
Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program
Files\Trend Micro\HijackThis\HiJackThis.exe
R0 -
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.conduit.com?SearchSource=10&ctid=CT2737658
R1
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Koppelingen
O2 - BHO: AcroIEHelperStub -
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com
IESiteBlocker.NavFilter -
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no
file)
O2 - BHO: Java Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Perfect
PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} -
C:\Program Files\soft
Xpansion\Perfect PDF 5\PDF4ie.dll
O4 - HKLM\..\Run: [setRefresh] C:\Program
Files\COMPAQ\SetRefresh\\SetRefresh.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]
C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program
Files\Microsoft Security
Client\msseces.exe" -hide -runkey
O4 -
HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader
9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program
Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [iSUSPM]
"C:\Program Files\Common
Files\InstallShield\UpdateService\ISUSPM.exe"
-scheduler
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE
(User 'Lokale service')
O4 -
HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
(User
'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:
[CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
(User 'Default user')
O4 -
Startup: Snelkoppeling naar thunderbird.lnk = ?
O9 - Extra button: (no name)
- {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF:
{6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection
Class) -
http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16
- DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: linkscanner -
{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
(no file)
O22 -
SharedTaskScheduler: Preloader van browseui -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} -
C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor
onderdeelcategorieën -
{8C7461EF-2B13-11d2-BE35-3078302C2030} -
C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon
(ACDaemon) - Unknown owner -
C:\Program Files\Common
Files\ArcSoft\Connection
Service\Bin\ACService.exe (file missing)
O23 -
Service: Firebird Server - MAGIX Instance
(FirebirdServerMAGIXInstance) -
MAGIX® - C:\Program
Files\MAGIX\Common\Database\bin\fbserver.exe
O23 -
Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation -
C:\Program Files\Common
Files\InstallShield\Driver\1050\Intel
32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) -
Sun
Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 -
Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program
Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService
Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company
- C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service:
Linksys Updater (LinksysUpdater) - Unknown owner -
C:\Program
Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: Nero
BackItUp Scheduler 4.0 - Nero AG - C:\Program
Files\Common Files\Nero\Nero
BackItUp 4\NBService.exe
O23 - Service: Pure Networks Platform Service
(nmservice) - Cisco
Systems, Inc. - C:\Program Files\Common Files\Pure
Networks
Shared\Platform\nmsrvc.exe
O23 - Service: PDF Document Manager
(pdfcDispatcher) - PDF Complete Inc
- C:\Program Files\PDF
Complete\pdfsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. -
C:\Program
Files\Common Files\SureThing Shared\stllssvr.exe
O23 -
Service: soft Xpansion Dispatch Service (SXDS10) - soft Xpansion -
C:\Program Files\Common Files\soft Xpansion\SXDS10.exe
O23 - Service:
TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp
Software GmbH -
C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: UPnPService -
Magix AG - C:\Program Files\Common
Files\MAGIX
Shared\UPnPService\UPnPService.exe
--
End of file - 6883 bytes
-
Als ik mijn muisaanwijzer in een veld met schuifbalken zet, begint alles te trillen en gaan de schuifbalken zeer snel op en neer. zet ik hem uit het bewuste veld is alles rustig. Andere muis geprobeerd: zelfde verhaal. Bij het opstartee hoor ik steeds wat piepjes die er anders niet waren. Wat te doen? Alvast bedankt, Simon
muisaanwijzer
in Archief Windows Algemeen
Geplaatst:
De oorzaak zat vermoedelijk in het draadloze toetsenbord. maar de Malware scan vond toch diverse items die zijn verwijderd.
Mijn nieuwe log na herstarten is:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:46:03, on
20-2-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet
Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running
processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program
Files\Microsoft Security
Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program
Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
C:\Program Files\Linksys\Linksys
Updater\bin\LinksysUpdater.exe
C:\Program Files\Common Files\Nero\Nero
BackItUp
4\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\java.exe
C:\WINDOWS\System32\svchost.exe
C:\Program
Files\PDF
Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program
Files\Common Files\Pure Networks
Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program
Files\Microsoft Security
Client\msseces.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program
Files\Common
Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program
Files\Mozilla
Thunderbird\thunderbird.exe
C:\WINDOWS\System32\svchost.exe
C:\Program
Files\WinNc\WinNc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program
Files\Trend Micro\HijackThis\HiJackThis.exe
R1 -
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Koppelingen
O2 - BHO: AcroIEHelperStub -
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In 2
SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Perfect
PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} -
C:\Program Files\soft
Xpansion\Perfect PDF 5\PDF4ie.dll
O4 - HKLM\..\Run: [setRefresh] C:\Program
Files\COMPAQ\SetRefresh\\SetRefresh.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]
C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program
Files\Microsoft Security
Client\msseces.exe" -hide -runkey
O4 -
HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader
9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program
Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [iSUSPM]
"C:\Program Files\Common
Files\InstallShield\UpdateService\ISUSPM.exe"
-scheduler
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE
(User 'Lokale service')
O4 -
HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
(User
'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:
[CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
(User 'Default user')
O4 -
Startup: Snelkoppeling naar thunderbird.lnk = ?
O9 - Extra button: (no name)
- {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF:
{6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection
Class) -
http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16
- DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O22 - SharedTaskScheduler:
Preloader van browseui -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} -
C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor
onderdeelcategorieën -
{8C7461EF-2B13-11d2-BE35-3078302C2030} -
C:\WINDOWS\system32\browseui.dll
O23 - Service: Firebird Server - MAGIX
Instance
(FirebirdServerMAGIXInstance) - MAGIX® - C:\Program
Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver
Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java
Quick Starter (JavaQuickStarterService) - Sun
Microsystems, Inc. -
C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService
Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company
- C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service:
Linksys Updater (LinksysUpdater) - Unknown owner -
C:\Program
Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: Nero
BackItUp Scheduler 4.0 - Nero AG - C:\Program
Files\Common Files\Nero\Nero
BackItUp 4\NBService.exe
O23 - Service: Pure Networks Platform Service
(nmservice) - Cisco
Systems, Inc. - C:\Program Files\Common Files\Pure
Networks
Shared\Platform\nmsrvc.exe
O23 - Service: PDF Document Manager
(pdfcDispatcher) - PDF Complete Inc
- C:\Program Files\PDF
Complete\pdfsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. -
C:\Program
Files\Common Files\SureThing Shared\stllssvr.exe
O23 -
Service: soft Xpansion Dispatch Service (SXDS10) - soft Xpansion -
C:\Program Files\Common Files\soft Xpansion\SXDS10.exe
O23 - Service:
TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp
Software GmbH -
C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: UPnPService -
Magix AG - C:\Program Files\Common
Files\MAGIX
Shared\UPnPService\UPnPService.exe
--
End of file - 6267 bytes