Ga naar inhoud

albada53

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    58

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door albada53

  1. albada53
    Bijgaand het log-bestand van EmisoftEmergencyKit: Emsisoft Emergency Kit - Versie 3.0 Laatste Update: 7-11-2012 12:46:19 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\ Detecteer riskware: Uit Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 7-11-2012 12:56:37 C:\Program Files\Common Files\totem shared Ontdekt: Trace.File.ISTbar (A) C:\Program Files\NoAdware5.0\ Ontdekt: Trace.File.NoAdware50 (A) Value: hkey_users\s-1-5-21-746137067-1844237615-725345543-1004\software\vb and vba program settings\spyspotter system defender\settings -> AttemptAfterScan Ontdekt: Trace.Registry.SpySpotter (A) Value: hkey_users\s-1-5-21-746137067-1844237615-725345543-1004\software\vb and vba program settings\spyspotter system defender\settings -> DoNotRemindMe Ontdekt: Trace.Registry.SpySpotter (A) Gescand 401746 Gevonden 4 Scan geëindigd: 7-11-2012 17:27:34 Scantijd: 4:30:57 Value: hkey_users\s-1-5-21-746137067-1844237615-725345543-1004\software\vb and vba program settings\spyspotter system defender\settings -> AttemptAfterScan Verwijderd Trace.Registry.SpySpotter (A) Value: hkey_users\s-1-5-21-746137067-1844237615-725345543-1004\software\vb and vba program settings\spyspotter system defender\settings -> DoNotRemindMe Verwijderd Trace.Registry.SpySpotter (A) C:\Program Files\NoAdware5.0\ Verwijderd Trace.File.NoAdware50 (A) C:\Program Files\Common Files\totem shared Verwijderd Trace.File.ISTbar (A) Verwijderd 4
  2. albada53
    Ja. Er staat het icoon van pc helpforum, dan snap do - pagina 2. ook in de link in mijn outlook die doorlinkt naar reactie op bericht: : snap do - Pagina 2 De computer blijft ook traag reageren. Ik heb MBAM er weer afgehaald, omdat deze ook de computer vertraagd, maar het blijft
  3. albada53
    Ik heb dit gedaan. Is er nog iets wat ik moet doen of is het probleem nu opgelost?
  4. albada53
    Ik zie SnapDo niet meer als ik internet opstart. Alleen als ik naar deze pagina ga, dus bij PC Helpforum, en kijk naar de reactie op de discussie, geeft de werkbalk aan: icoon pc helpforum-snap do - pagina 2. Wellicht omdat dit nog in het geheugen zit? Ik ben u bijzonder dankbaar voor de hulp!
  5. albada53
    Moet ik nu verder nog iets doen?
  6. albada53
    Dankuwel! Bijgaand de log van AdwCleaner: # AdwCleaner v2.006 - Verslag gemaakt op 01/11/2012 om 20:32:49 # Geactualiseerd op 30/10/2012 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : albert - WEB-BY3NR533HTV # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\albert\Mijn documenten\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Documents and Settings\albert\Application Data\Mozilla\Firefox\Profiles\wnuimocd.default-1348131996500\searchplugins\Web Search.xml File Verwijdert : C:\Program Files\Mozilla FireFox\Components\AskSearch.js File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml File Verwijdert : C:\WINDOWS\system32\conduitEngine.tmp Map Verwijdert : C:\Documents and Settings\albert\Application Data\Babylon Map Verwijdert : C:\Documents and Settings\albert\Application Data\BabylonToolbar Map Verwijdert : C:\Documents and Settings\albert\Application Data\searchquband Map Verwijdert : C:\Documents and Settings\albert\Local Settings\Application Data\Babylon Map Verwijdert : C:\Documents and Settings\albert\Local Settings\Application Data\Conduit Map Verwijdert : C:\Documents and Settings\albert\Local Settings\Application Data\ConduitEngine Map Verwijdert : C:\Documents and Settings\albert\Local Settings\Application Data\Ilivid Player Map Verwijdert : C:\Documents and Settings\albert\Local Settings\Application Data\Search_USA Map Verwijdert : C:\Documents and Settings\albert\Local Settings\Application Data\Softonic_VLC_EN Map Verwijdert : C:\Documents and Settings\albert\Local Settings\Application Data\Vuze_Remote Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Babylon Map Verwijdert : C:\Documents and Settings\All Users\Application Data\boost_interprocess Map Verwijdert : C:\Documents and Settings\All Users\Application Data\InstallMate Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Premium Map Verwijdert : C:\Documents and Settings\All Users\Menu Start\Programma's\DealPly Map Verwijdert : C:\Program Files\Babylon Map Verwijdert : C:\Program Files\BabylonToolbar Map Verwijdert : C:\Program Files\Conduit Map Verwijdert : C:\Program Files\ConduitEngine Map Verwijdert : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com Map Verwijdert : C:\Program Files\Search_USA Map Verwijdert : C:\Program Files\Softonic_VLC_EN Map Verwijdert : C:\Program Files\Vuze_Remote ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\AskBarDis Sleutel Verwijdert : HKCU\Software\AppDataLow\Software Sleutel Verwijdert : HKCU\Software\BabylonToolbar Sleutel Verwijdert : HKCU\Software\BrowserCompanion Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\conduitEngine Sleutel Verwijdert : HKCU\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\DealPly Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F6A2D3B6-BAAE-44F3-9025-0C426F843CEC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D360201-FFF5-11D1-8D03-00A0C959BC0A} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74716C6B-25EE-429C-9616-3CE33E2CE51A} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6A2D3B6-BAAE-44F3-9025-0C426F843CEC} Sleutel Verwijdert : HKCU\Software\Need2Find Sleutel Verwijdert : HKCU\Software\Search_USA Sleutel Verwijdert : HKCU\Software\Softonic_VLC_EN Sleutel Verwijdert : HKCU\Software\Vuze_Remote Sleutel Verwijdert : HKCU\Toolbar Sleutel Verwijdert : HKLM\Software\AskBarDis Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\Software\BabylonToolbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\b Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Babylon.dskBnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylnApp.appCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{2D360201-FFF5-11D1-8D03-00A0C959BC0A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{4D1C4E8B-A32A-416B-BCDB-33B3EF3617D3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{630D6140-04C5-4DB0-B27A-020D766FF09B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F78B32D6-D6D8-4137-A18F-91EBE1A4AEDB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_launcher Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_printmanager Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.tbtoolband Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.useroptions Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.useroptions.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\conduitEngine Sleutel Verwijdert : HKLM\Software\DealPly Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3632A495-5A60-4A9E-96C9-EB1AE0FB88A9} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BD086F9-8ADB-486F-B543-81B9C0C4F2B0} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{440591CD-DA23-4723-BEF5-D7DB0D850B92} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3DA2FE4-E7DB-457B-9890-B94499789B14} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A598D1E8-53B6-400A-9267-6E232AA74EB0} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C867B62A-126B-45A8-AA41-E9DB0151EAC2} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF66E79A-6C17-4B64-AE7B-8C0CB87FB402} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Need2FindBar Uninstall Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search_USA Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic_VLC_EN Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze_Remote Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{74716C6B-25EE-429C-9616-3CE33E2CE51A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6A2D3B6-BAAE-44F3-9025-0C426F843CEC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search_USA Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_VLC_EN Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar Sleutel Verwijdert : HKLM\Software\Need2Find Sleutel Verwijdert : HKLM\Software\Search_USA Sleutel Verwijdert : HKLM\Software\Softonic_VLC_EN Sleutel Verwijdert : HKLM\Software\Vuze_Remote ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v16.0.2 (nl) Profielnaam : default-1348131996500 [Profil par défaut] File : C:\Documents and Settings\albert\Application Data\Mozilla\Firefox\Profiles\wnuimocd.default-1348131996500\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v22.0.1229.94 File : C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Verwijdert [l.9] : homepage = "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=hp", Verwijdert [l.13] : urls_to_restore_on_startup = [ "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=hp" ] Verwijdert [l.62] : search_url = "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=ds&q={searchTerms}", Verwijdert [l.1333] : homepage = "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=hp", Verwijdert [l.1700] : urls_to_restore_on_startup = [ "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=hp" ] ************************* AdwCleaner[s1].txt - [17897 octets] - [01/11/2012 20:32:49] ########## EOF - C:\AdwCleaner[s1].txt - [17958 octets] ##########
  7. albada53
    Bijgaand een nieuwe log van ComboFix. Hoop, dat ik het goed heb gedaan met het inplakken van het kladblokbestand. Snap do blijft nog steeds openen: ComboFix 12-10-30.03 - albert 31-10-2012 4:06.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.512.176 [GMT 1:00] Gestart vanuit: c:\documents and settings\albert\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\albert\Bureaublad\CFScript.txt AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: PC Veilig 9.12 *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: *Enabled* {D4747503-0346-49EB-9262-997542F79BF4} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\albert\Application Data\OpenCandy c:\documents and settings\albert\Application Data\OpenCandy\F4C32655895A4E9788CFFE06AD010379\3378.ico c:\documents and settings\albert\Application Data\OpenCandy\F4C32655895A4E9788CFFE06AD010379\EBB77268-338F-4C6A-8590-AD88FED26F4A c:\documents and settings\albert\Application Data\OpenCandy\F4C32655895A4E9788CFFE06AD010379\Installer.exe c:\documents and settings\albert\Application Data\OpenCandy\F4C32655895A4E9788CFFE06AD010379\OCBrowserHelper_1.0.3.85.dll c:\documents and settings\albert\Application Data\OpenCandy\F4C32655895A4E9788CFFE06AD010379\SnapDo_ALL_p1v5.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-31 )))))))))))))))))))))))))))))) . . 2012-10-31 02:24 . 2012-10-31 02:24 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C43227FC-113E-423D-8B19-8FB5B5359795}\MpKslab6025b4.sys 2012-10-31 01:15 . 2012-10-31 01:15 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C43227FC-113E-423D-8B19-8FB5B5359795}\MpKsl127fabb6.sys 2012-10-30 23:19 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C43227FC-113E-423D-8B19-8FB5B5359795}\mpengine.dll 2012-10-30 18:38 . 2012-10-31 02:36 -------- d--h--r- c:\documents and settings\albert\Onlangs geopend 2012-10-30 07:43 . 2012-10-30 07:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-30 07:43 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-29 20:08 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-10 11:53 . 2012-10-10 12:03 -------- d-----w- c:\program files\Advanced Fix 2012 2012-10-06 10:06 . 2012-10-06 10:06 -------- d-----w- c:\program files\Microsoft Security Client . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-10 11:42 . 2012-04-05 10:34 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-10 11:42 . 2012-04-05 10:34 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-30 20:03 . 2012-08-30 20:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-28 15:17 . 2004-08-23 18:35 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:17 . 2003-04-08 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:17 . 2003-04-08 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2004-08-04 07:55 385024 ------w- c:\windows\system32\html.iec 2012-08-24 13:53 . 2003-04-08 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-23 06:27 . 2003-04-08 12:00 2197248 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-23 06:27 . 2002-09-09 13:17 2073984 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-13 12:38 . 2012-03-26 16:15 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-10-28 10:25 . 2012-10-28 10:22 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="\Program\" [X] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-22 39408] "Octoshape Streaming Services"="c:\documents and settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-12 70936] "NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-05-02 49152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-05 202256] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 144384] "SpeedTouch USB Diagnostics"="c:\program files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-11-12 860672] "nwiz"="nwiz.exe" [2003-05-02 323584] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768] "Logitech Utility"="Logi_MwX.Exe" [2002-11-08 19968] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "F-Secure Manager"="c:\program files\PC Veilig\Common\FSM32.EXE" [2009-11-18 201128] "F-Secure TNB"="c:\program files\PC Veilig\FSGUI\TNBUtil.exe" [2009-11-18 1655208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-2-12 450560] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\dreamboxedit\\dreamboxedit.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [26-3-2012 17:15 44240] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [26-3-2012 17:14 81864] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Veilig\HIPS\drivers\fshs.sys [26-3-2012 17:14 69928] R1 MpKslab6025b4;MpKslab6025b4;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C43227FC-113E-423D-8B19-8FB5B5359795}\MpKslab6025b4.sys [31-10-2012 3:24 29904] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [30-10-2012 8:43 399432] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30-10-2012 8:43 676936] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Veilig\Anti-Virus\minifilter\fsgk.sys [26-3-2012 17:13 144440] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [30-10-2012 8:43 22856] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8-2-2010 20:34 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5-4-2012 11:34 250808] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Veilig\ORSP Client\fsorsp.exe [26-3-2012 17:14 61088] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11-7-2008 13:20 13352] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8-2-2010 20:34 135664] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [20-9-2012 10:43 115168] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\PC Veilig\Anti-Virus\win2k\fsfilter.sys [26-3-2012 17:13 41640] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\PC Veilig\Anti-Virus\win2k\fsrec.sys [26-3-2012 17:13 27048] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSLAB6025B4 . Inhoud van de 'Gedeelde Taken' map . 2012-10-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 11:42] . 2012-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 19:34] . 2012-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 19:34] . 2012-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1844237615-725345543-1004Core.job - c:\documents and settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-26 05:29] . 2012-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1844237615-725345543-1004UA.job - c:\documents and settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-26 05:29] . 2012-10-31 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 15:25] . 2012-10-31 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-746137067-1844237615-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] . 2012-10-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-746137067-1844237615-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] . 2012-10-22 c:\windows\Tasks\ReclaimerUpdateFiles_albert.job - c:\documents and settings\albert\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-10-17 07:22] . 2012-10-28 c:\windows\Tasks\ReclaimerUpdateXML_albert.job - c:\documents and settings\albert\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-10-17 07:22] . 2012-10-31 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_albert.job - c:\documents and settings\albert\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-10-17 07:22] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html LSP: c:\program files\PC Veilig\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 192.168.1.254 DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab FF - ProfilePath - c:\documents and settings\albert\Application Data\Mozilla\Firefox\Profiles\wnuimocd.default-1348131996500\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-10-31 04:21 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(528) c:\program files\PC Veilig\FWES\Program\fsdc32.dll . - - - - - - - > 'lsass.exe'(584) c:\program files\PC Veilig\FSPS\program\FSLSP.DLL c:\program files\PC Veilig\FWES\Program\fsdc32.dll . - - - - - - - > 'csrss.exe'(504) c:\program files\PC Veilig\FWES\Program\fsdc32.dll . Voltooingstijd: 2012-10-31 04:25:21 ComboFix-quarantined-files.txt 2012-10-31 03:25 ComboFix2.txt 2012-10-30 19:31 ComboFix3.txt 2012-09-16 22:41 . Pre-Run: 21.533.618.176 bytes beschikbaar Post-Run: 21.505.048.576 bytes beschikbaar . - - End Of File - - 033B5CEE2BF0136C6AB25F76148B6C13
  8. albada53
    Dank voor uw antwoord. Hoe sleep ik het bovenstaande bestand in ComboFix.exe? Wanneer ik ComboFix.exe open start deze met scannen en bestanden uitpakken. Wellicht een domme vraag misschien?
  9. albada53
    Ik stuur bijgaand de log van ComboFix. Snap do blijft openen in de browser van Firefox en ook van Chrome. Bovendien is de computer traag en reageert vreemd. ComboFix log: ComboFix 12-10-30.03 - albert 30-10-2012 20:12:49.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.512.139 [GMT 1:00] Gestart vanuit: c:\documents and settings\albert\Mijn documenten\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: PC Veilig 9.12 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: PC Veilig 9.12 *Enabled* {D4747503-0346-49EB-9262-997542F79BF4} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-30 )))))))))))))))))))))))))))))) . . 2012-10-30 17:00 . 2012-10-30 17:00 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8265461-493D-4D76-A602-EB06355C0DCE}\offreg.dll 2012-10-30 14:55 . 2012-10-30 14:55 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8265461-493D-4D76-A602-EB06355C0DCE}\MpKsl75bb7e32.sys 2012-10-30 08:17 . 2012-10-30 08:17 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8265461-493D-4D76-A602-EB06355C0DCE}\MpKsla0586940.sys 2012-10-30 07:43 . 2012-10-30 07:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-30 07:43 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-29 20:08 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8265461-493D-4D76-A602-EB06355C0DCE}\mpengine.dll 2012-10-28 17:54 . 2012-10-28 17:54 -------- d-----w- c:\documents and settings\albert\Application Data\OpenCandy 2012-10-28 11:13 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-10 11:53 . 2012-10-10 12:03 -------- d-----w- c:\program files\Advanced Fix 2012 2012-10-06 10:06 . 2012-10-06 10:06 -------- d-----w- c:\program files\Microsoft Security Client . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-10 11:42 . 2012-04-05 10:34 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-10 11:42 . 2012-04-05 10:34 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-30 20:03 . 2012-08-30 20:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-28 15:17 . 2004-08-23 18:35 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:17 . 2003-04-08 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:17 . 2003-04-08 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2004-08-04 07:55 385024 ------w- c:\windows\system32\html.iec 2012-08-24 13:53 . 2003-04-08 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-23 06:27 . 2003-04-08 12:00 2197248 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-23 06:27 . 2002-09-09 13:17 2073984 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-13 12:38 . 2012-03-26 16:15 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-10-28 10:25 . 2012-10-28 10:22 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="\Program\" [X] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-22 39408] "Octoshape Streaming Services"="c:\documents and settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-12 70936] "NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-05-02 49152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-05 202256] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 144384] "SpeedTouch USB Diagnostics"="c:\program files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-11-12 860672] "nwiz"="nwiz.exe" [2003-05-02 323584] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768] "Logitech Utility"="Logi_MwX.Exe" [2002-11-08 19968] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "F-Secure Manager"="c:\program files\PC Veilig\Common\FSM32.EXE" [2009-11-18 201128] "F-Secure TNB"="c:\program files\PC Veilig\FSGUI\TNBUtil.exe" [2009-11-18 1655208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-2-12 450560] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\dreamboxedit\\dreamboxedit.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [26-3-2012 17:15 44240] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [26-3-2012 17:14 81864] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Veilig\HIPS\drivers\fshs.sys [26-3-2012 17:14 69928] R1 MpKslac71ea18;MpKslac71ea18;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8265461-493D-4D76-A602-EB06355C0DCE}\MpKslac71ea18.sys [30-10-2012 19:52 29904] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [30-10-2012 8:43 399432] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30-10-2012 8:43 676936] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Veilig\Anti-Virus\minifilter\fsgk.sys [26-3-2012 17:13 144592] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [30-10-2012 8:43 22856] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8-2-2010 20:34 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5-4-2012 11:34 250808] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Veilig\ORSP Client\fsorsp.exe [26-3-2012 17:14 61088] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11-7-2008 13:20 13352] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8-2-2010 20:34 135664] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [20-9-2012 10:43 115168] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\PC Veilig\Anti-Virus\win2k\fsfilter.sys [26-3-2012 17:13 41640] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\PC Veilig\Anti-Virus\win2k\fsrec.sys [26-3-2012 17:13 27048] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSLAC71EA18 *Deregistered* - MBAMSwissArmy . Inhoud van de 'Gedeelde Taken' map . 2012-10-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 11:42] . 2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 19:34] . 2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 19:34] . 2012-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1844237615-725345543-1004Core.job - c:\documents and settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-26 05:29] . 2012-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1844237615-725345543-1004UA.job - c:\documents and settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-26 05:29] . 2012-10-30 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 15:25] . 2012-10-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-746137067-1844237615-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] . 2012-10-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-746137067-1844237615-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] . 2012-10-22 c:\windows\Tasks\ReclaimerUpdateFiles_albert.job - c:\documents and settings\albert\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-10-17 07:22] . 2012-10-28 c:\windows\Tasks\ReclaimerUpdateXML_albert.job - c:\documents and settings\albert\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-10-17 07:22] . 2012-10-30 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_albert.job - c:\documents and settings\albert\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-10-17 07:22] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html LSP: c:\program files\PC Veilig\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 192.168.1.254 DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab FF - ProfilePath - c:\documents and settings\albert\Application Data\Mozilla\Firefox\Profiles\wnuimocd.default-1348131996500\ FF - prefs.js: browser.startup.homepage - hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=hp FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=ds&q= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-10-30 20:26 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(588) c:\program files\PC Veilig\FWES\Program\fsdc32.dll . - - - - - - - > 'lsass.exe'(644) c:\program files\PC Veilig\FSPS\program\FSLSP.DLL c:\program files\PC Veilig\FWES\Program\fsdc32.dll . - - - - - - - > 'explorer.exe'(2540) c:\program files\Logitech\MouseWare\System\LgWndHk.dll c:\program files\Logitech\iTouch\iTchHk.dll c:\progra~1\WINDOW~2\wmpband.dll c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . - - - - - - - > 'csrss.exe'(564) c:\program files\PC Veilig\FWES\Program\fsdc32.dll . Voltooingstijd: 2012-10-30 20:31:42 ComboFix-quarantined-files.txt 2012-10-30 19:31 ComboFix2.txt 2012-09-16 22:41 . Pre-Run: 21.069.500.416 bytes beschikbaar Post-Run: 21.509.451.776 bytes beschikbaar . - - End Of File - - 1D0777EC11CFFF9299D5B4472FC5C5BF
  10. albada53
    Dankjewel! Ik heb de acties ondernomen, maar nog steeds krijg ik Snap do. Daarnaast is mijn computer erg traag en start internet niet of traag op. Wellicht door MBAM? Ik heb gemerkt, dat deze de computer erg vertraagd. Op een eerdere vraag hierover kreeg ik het advies op real time uit te schakelen. Het programma geeft hier echter geen mogelijkheid toew, volgens mij. Bijgaand de log MBAM: Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.10.30.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 albert :: WEB-BY3NR533HTV [administrator] 30-10-2012 16:53:49 mbam-log-2012-10-30 (16-53-49).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 228410 Verstreken tijd: 16 minuut/minuten, 2 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) En de log HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:13:57, on 30-10-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe C:\Program Files\PC Veilig\Common\FSMA32.EXE C:\Program Files\PC Veilig\Anti-Virus\FSGK32.EXE C:\Program Files\PC Veilig\Common\FSHDLL32.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe C:\Program Files\PC Veilig\Anti-Virus\fssm32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\PC Veilig\Common\FSM32.EXE C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\PC Veilig\Anti-Virus\fsav32.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Documents and Settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [LDM] \Program\ O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/7.20.0003/OCI/setup.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342552226406 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/controls/msnchat45.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- End of file - 9703 bytes Dank voor alle hulp!
  11. albada53
    Ook ik heb sinds 2 dagen ineens Snap do als zoekmachine. Ik begrijp, dat dit spyware is. Bijgaand mijn HiJackThis log: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=ds&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=hp&exp=true R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=8975a72a-792b-4f54-a580-9db417e47e91&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [LDM] \Program\ O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Documents and Settings\albert\Local Settings\Application Data\Smartbar\Application\SnapDo.exe startup O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/7.20.0003/OCI/setup.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342552226406 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/controls/msnchat45.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- End of file - 11124 bytes
  12. albada53
    Ok, dat zal ik doen. Dankjewel voor je advies!!
  13. albada53
    Als ik Malware Bytes installaleer vertraagt de computer heel erg. Bij het opstarten van Outlook blijft mijn mail hangen. Kan het zijn dat Malware Bytes conflicteert met andere anti-virus programma van F-secure? Meestal scan ik de computer met Malware Bytes, maar moet ik daarna het prgramma weer verwijderen om mijn computer normaal te laten functioneren
  14. albada53
    Ok super. Dankjewel voor je snelle antwoord!
  15. albada53
    Ik heb enige tijd geleden het programma CCleaner geïnstalleerd vanwege problemen met mijn pc. Kan ik dit programma regelmatig gebruiken en dan schoonmaken van bestanden of verwijder ik dan wellicht iets belangrijks?
  16. albada53
    Ik heb de brandsoftware gedownload en het werkt!! Ik heb net weer een cd gebrand. Geweldig! Ik had ook nog eerst de installatiecd van Nero opnieuw geinstalleerd maar dat loste het probleem niet op. Heel erg bedankt voor uw tijd en enorme hulp!
  17. albada53
    Ik heb het betreffende bestand verwijderd. Het is nu weer mogelijk om met de rechtermuisknop bestanden naar de cd-rom te kopieren. Echter wanneer zij klaar staan om te branden en ik links aangeef in Windows XP: bestanden op cd zetten, dan gebeurt er niets. Haal ik de schijf er uit, dan krijg ik de wizard branden, dat er items klaarstaan om te branden, klik ik op volgende om het branden alsnog te starten dan gebeurt er weer niets. Voorheen kreeg ik de Media Player en zag je dat de bestanden werden gebrand. Het lijkt alsof de cd-rom nog steeds niet kan branden
  18. albada53
    Bijgaand de log van ComboFix: ComboFix 12-09-16.01 - albert 17-09-2012 0:21.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.512.236 [GMT 2:00] Gestart vanuit: c:\documents and settings\albert\Mijn documenten\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: PC Veilig 9.12 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: PC Veilig 9.12 *Disabled* {D4747503-0346-49EB-9262-997542F79BF4} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\albert\Application Data\facemoods.com c:\documents and settings\albert\Application Data\PriceGong c:\documents and settings\albert\Application Data\PriceGong\Data\1.txt c:\documents and settings\albert\Application Data\PriceGong\Data\1.xml c:\documents and settings\albert\Application Data\PriceGong\Data\2258.txt c:\documents and settings\albert\Application Data\PriceGong\Data\371.txt c:\documents and settings\albert\Application Data\PriceGong\Data\4489.txt c:\documents and settings\albert\Application Data\PriceGong\Data\450.txt c:\documents and settings\albert\Application Data\PriceGong\Data\a.txt c:\documents and settings\albert\Application Data\PriceGong\Data\a.xml c:\documents and settings\albert\Application Data\PriceGong\Data\b.txt c:\documents and settings\albert\Application Data\PriceGong\Data\b.xml c:\documents and settings\albert\Application Data\PriceGong\Data\c.txt c:\documents and settings\albert\Application Data\PriceGong\Data\c.xml c:\documents and settings\albert\Application Data\PriceGong\Data\d.txt c:\documents and settings\albert\Application Data\PriceGong\Data\d.xml c:\documents and settings\albert\Application Data\PriceGong\Data\e.txt c:\documents and settings\albert\Application Data\PriceGong\Data\e.xml c:\documents and settings\albert\Application Data\PriceGong\Data\f.txt c:\documents and settings\albert\Application Data\PriceGong\Data\f.xml c:\documents and settings\albert\Application Data\PriceGong\Data\g.txt c:\documents and settings\albert\Application Data\PriceGong\Data\g.xml c:\documents and settings\albert\Application Data\PriceGong\Data\h.txt c:\documents and settings\albert\Application Data\PriceGong\Data\h.xml c:\documents and settings\albert\Application Data\PriceGong\Data\i.txt c:\documents and settings\albert\Application Data\PriceGong\Data\i.xml c:\documents and settings\albert\Application Data\PriceGong\Data\j.txt c:\documents and settings\albert\Application Data\PriceGong\Data\J.xml c:\documents and settings\albert\Application Data\PriceGong\Data\k.txt c:\documents and settings\albert\Application Data\PriceGong\Data\k.xml c:\documents and settings\albert\Application Data\PriceGong\Data\l.txt c:\documents and settings\albert\Application Data\PriceGong\Data\l.xml c:\documents and settings\albert\Application Data\PriceGong\Data\m.txt c:\documents and settings\albert\Application Data\PriceGong\Data\m.xml c:\documents and settings\albert\Application Data\PriceGong\Data\mru.xml c:\documents and settings\albert\Application Data\PriceGong\Data\n.txt c:\documents and settings\albert\Application Data\PriceGong\Data\n.xml c:\documents and settings\albert\Application Data\PriceGong\Data\o.txt c:\documents and settings\albert\Application Data\PriceGong\Data\o.xml c:\documents and settings\albert\Application Data\PriceGong\Data\p.txt c:\documents and settings\albert\Application Data\PriceGong\Data\p.xml c:\documents and settings\albert\Application Data\PriceGong\Data\q.txt c:\documents and settings\albert\Application Data\PriceGong\Data\q.xml c:\documents and settings\albert\Application Data\PriceGong\Data\r.txt c:\documents and settings\albert\Application Data\PriceGong\Data\r.xml c:\documents and settings\albert\Application Data\PriceGong\Data\s.txt c:\documents and settings\albert\Application Data\PriceGong\Data\s.xml c:\documents and settings\albert\Application Data\PriceGong\Data\t.txt c:\documents and settings\albert\Application Data\PriceGong\Data\t.xml c:\documents and settings\albert\Application Data\PriceGong\Data\u.txt c:\documents and settings\albert\Application Data\PriceGong\Data\u.xml c:\documents and settings\albert\Application Data\PriceGong\Data\v.txt c:\documents and settings\albert\Application Data\PriceGong\Data\v.xml c:\documents and settings\albert\Application Data\PriceGong\Data\w.txt c:\documents and settings\albert\Application Data\PriceGong\Data\w.xml c:\documents and settings\albert\Application Data\PriceGong\Data\wlu.txt c:\documents and settings\albert\Application Data\PriceGong\Data\x.txt c:\documents and settings\albert\Application Data\PriceGong\Data\x.xml c:\documents and settings\albert\Application Data\PriceGong\Data\y.txt c:\documents and settings\albert\Application Data\PriceGong\Data\y.xml c:\documents and settings\albert\Application Data\PriceGong\Data\z.txt c:\documents and settings\albert\Application Data\PriceGong\Data\z.xml c:\documents and settings\albert\WINDOWS c:\documents and settings\All Users\Application Data\TEMP c:\program files\DealPly c:\program files\DealPly\DealPly.crx c:\program files\DealPly\icon.ico c:\program files\DealPly\uninst.exe c:\program files\Need2Find c:\program files\Need2Find\bar\1.bin\N2FFXTBR.JAR c:\program files\Need2Find\bar\1.bin\N2NTSTBR.JAR c:\program files\Need2Find\bar\1.bin\PARTNER.DAT c:\program files\Need2Find\bar\Cache\00AB0B0C c:\program files\Need2Find\bar\Cache\00AB0E38 c:\program files\Need2Find\bar\Cache\files.ini c:\program files\Need2Find\bar\History\search c:\program files\Need2Find\bar\Settings\prevcfg.htm c:\program files\RegGenie c:\program files\RegGenie\Backups\41103,9645128009 c:\program files\RegGenie\RegGenie.ini c:\windows\CdaC13BA.EXE c:\windows\CdaC14BA.DLL c:\windows\Fonts\acrsec.fon c:\windows\IsUn0413.exe c:\windows\system32\ctfmon(2).exe c:\windows\system32\SET6B.tmp c:\windows\system32\SET6C.tmp c:\windows\system32\SET6D.tmp c:\windows\system32\SET6E.tmp c:\windows\system32\SET6F.tmp c:\windows\system32\SET72.tmp c:\windows\system32\SET73.tmp c:\windows\system32\SET76.tmp c:\windows\system32\SET7B.tmp c:\windows\system32\SET7D.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-16 to 2012-09-16 )))))))))))))))))))))))))))))) . . 2012-09-16 22:00 . 2012-09-16 22:00 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C56D00D-194D-4DCB-BFDF-50C785E730BF}\MpKsla57e6d86.sys 2012-09-16 18:14 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C56D00D-194D-4DCB-BFDF-50C785E730BF}\mpengine.dll 2012-09-15 07:35 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-02 19:06 . 2012-09-16 19:29 -------- d--h--r- c:\documents and settings\albert\Onlangs geopend . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-17 09:42 . 2012-04-05 10:34 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-17 09:42 . 2012-04-05 10:34 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-13 12:38 . 2012-03-26 16:15 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-07-14 01:12 . 2012-07-14 01:12 388096 ----a-r- c:\documents and settings\albert\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-07-06 13:58 . 2003-04-08 12:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05 . 2003-06-21 14:47 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:23 . 2003-04-08 12:00 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:38 . 2004-08-23 18:35 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:38 . 2003-04-08 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-07-02 17:38 . 2003-04-08 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05 . 2004-08-04 07:55 385024 ------w- c:\windows\system32\html.iec 2012-03-23 05:29 . 2012-03-23 05:29 0 -c--a-w- c:\program files\GUT3F.tmp . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="\Program\" [X] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-22 39408] "Octoshape Streaming Services"="c:\documents and settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-12 70936] "NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-05-02 49152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-05 202256] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 144384] "SpeedTouch USB Diagnostics"="c:\program files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-11-12 860672] "nwiz"="nwiz.exe" [2003-05-02 323584] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768] "Logitech Utility"="Logi_MwX.Exe" [2002-11-08 19968] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "C-Media Mixer"="Mixer.exe" [2002-10-15 1818624] "F-Secure Manager"="c:\program files\PC Veilig\Common\FSM32.EXE" [2009-11-18 201128] "F-Secure TNB"="c:\program files\PC Veilig\FSGUI\TNBUtil.exe" [2009-11-18 1655208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-2-12 450560] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\dreamboxedit\\dreamboxedit.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [26-3-2012 18:15 44240] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [26-3-2012 18:14 81864] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Veilig\HIPS\drivers\fshs.sys [26-3-2012 18:14 69928] R1 MpKsla57e6d86;MpKsla57e6d86;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C56D00D-194D-4DCB-BFDF-50C785E730BF}\MpKsla57e6d86.sys [17-9-2012 0:00 29904] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Veilig\Anti-Virus\minifilter\fsgk.sys [26-3-2012 18:13 149672] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8-2-2010 21:34 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5-4-2012 12:34 250056] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Veilig\ORSP Client\fsorsp.exe [26-3-2012 18:14 61088] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11-7-2008 14:20 13352] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8-2-2010 21:34 135664] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\PC Veilig\Anti-Virus\win2k\fsfilter.sys [26-3-2012 18:13 41640] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\PC Veilig\Anti-Virus\win2k\fsrec.sys [26-3-2012 18:13 27048] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSLA57E6D86 . Inhoud van de 'Gedeelde Taken' map . 2012-09-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 09:42] . 2012-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 19:34] . 2012-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 19:34] . 2012-09-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1844237615-725345543-1004Core.job - c:\documents and settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-26 05:29] . 2012-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1844237615-725345543-1004UA.job - c:\documents and settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-26 05:29] . 2012-09-16 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2011-10-07 c:\windows\Tasks\prismShakeIcon.job - c:\program files\NCH Software\Prism\prism.exe [2011-10-07 15:51] . 2012-09-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-746137067-1844237615-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] . 2012-07-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-746137067-1844237615-725345543-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] . 2011-10-07 c:\windows\Tasks\videopadSevenDays.job - c:\program files\NCH Software\VideoPad\videopad.exe [2011-10-07 15:52] . 2011-10-07 c:\windows\Tasks\videopadShakeIcon.job - c:\program files\NCH Software\VideoPad\videopad.exe [2011-10-07 15:52] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html LSP: c:\program files\PC Veilig\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 192.168.1.254 DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{E6570CD8-9978-4621-B1F9-6A62436F0466} - (no file) WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) WebBrowser-{48405D3D-2674-4CD8-B1EF-9A719443BD3F} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) AddRemove-CdaC13Ba - c:\windows\CdaC13BA.EXE AddRemove-DealPly - c:\program files\DealPly\uninst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-17 00:36 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(520) c:\program files\PC Veilig\FWES\Program\fsdc32.dll . - - - - - - - > 'lsass.exe'(576) c:\program files\PC Veilig\FSPS\program\FSLSP.DLL c:\program files\PC Veilig\FWES\Program\fsdc32.dll . - - - - - - - > 'csrss.exe'(496) c:\program files\PC Veilig\FWES\Program\fsdc32.dll . Voltooingstijd: 2012-09-17 00:41:51 ComboFix-quarantined-files.txt 2012-09-16 22:41 . Pre-Run: 22.720.258.048 bytes beschikbaar Post-Run: 22.853.046.272 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn . - - End Of File - - 2B739C716E9E7637B4338B2197DC66E5
  19. albada53
    Bijgaand de MBAM-log: Malwarebytes Anti-Malware 1.65.0.1400 Malwarebytes : Free anti-malware download Databaseversie: v2012.09.16.11 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 albert :: WEB-BY3NR533HTV [administrator] 16-9-2012 21:01:04 mbam-log-2012-09-16 (21-01-04).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 223281 Verstreken tijd: 13 minuut/minuten, 9 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) En de HijackThis-log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:29:13, on 16-9-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe C:\Program Files\PC Veilig\Common\FSMA32.EXE C:\Program Files\PC Veilig\Anti-Virus\FSGK32.EXE C:\Program Files\PC Veilig\Common\FSHDLL32.EXE C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe C:\Program Files\PC Veilig\Anti-Virus\fssm32.exe C:\Program Files\PC Veilig\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\PC Veilig\Common\FSM32.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Documents and Settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Update\1.3.21.115\GoogleCrashHandler.exe C:\WINDOWS\notepad.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] \Program\ O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/7.20.0003/OCI/setup.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342552226406 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/controls/msnchat45.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- End of file - 10392 bytes
  20. albada53
    Hierbij de log van HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:05:26, on 15-9-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exehttp://speccy.piriform.com/results/qUsCjSrx2HeocUT0SIs7guT C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe C:\Program Files\PC Veilig\Common\FSMA32.EXE C:\Program Files\PC Veilig\Anti-Virus\FSGK32.EXE C:\Program Files\PC Veilig\Common\FSHDLL32.EXE C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe C:\Program Files\PC Veilig\Anti-Virus\fssm32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\PC Veilig\Common\FSM32.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Documents and Settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Update\1.3.21.115\GoogleCrashHandler.exe C:\Program Files\PC Veilig\Anti-Virus\fsav32.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\albert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\albert\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] \Program\ O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/7.20.0003/OCI/setup.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342552226406 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4881/mcfscan.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/controls/msnchat45.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- End of file - 10798 bytes
  21. albada53
    Hierbij de log van Speccy: http://speccy.piriform.com/results/qUsCjSrx2HeocUT0SIs7guT
  22. albada53
    Hierbij het logje van Speccy: http://speccy.piriform.com/results/ohEZE7aSJMjw7KiBcR1Sdfj
  23. albada53
    Ik ga naar mijn externe harde schijf. Daar zoek ik het betreffende bestand, bijv. muziek met extensie mp3. Vervolgens klik ik met de rechtermuisknop op het betreffende bestand en kies: kopieren naar: bureaublad-mijn documenten-externe harde schijf-. Normaal stond daar ook het cd-rom station tussen (als ik daar een schijf in geplaatst had) Nu geeft de pc deze mogelijkheid niet meer. Normaal kopieerde ik het bestand vervolgens naar het cd-rom station. Klikte op: deze bestanden op cd zetten en dan werden de betreffende bestanden gebrand. Windows geeft geen foutmelding. Als ik het cd-rom station open en dan het bestand met de rechtermuisknop kopieer en vervolgens probeer te plakken gebeurt er niets. Hoop, dat het duidelijk is
  24. albada53
    Sorry, zag in de info waar ze staan. Heb de lower filters verwijderd. Upper filters stonden niet in het register en daarna de computer weer opgestart. Het cd-rom-station is zichtbaar in Mijn Computer en speelt ook bestand af, alleen opnemen werkt niet. Wellicht moet ik andere schijfjes gebruiken? Normaal kan ik een gedownload bestand via de rechtermuisknop kopieren naar het cd-rom-station maar dat wordt niet meer weergegegeven. Ook kopieren en "er in plakken"gaat niet
  25. albada53
    Dank voor je reactie.Misschien een domme vraag maar waar vind ik deze upper en lower filters?
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.