Ga naar inhoud

GerDep

Lid
  • Items

    3
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door GerDep

  1. Alvast bedankt voor de reactie ! Nog een ander fenomeen dat ik ondervonden heb : het draadloos internet valt erg vaak uit (maar waarschijnlijk ligt het probleem aan de verbinding zelf want op een ander draadloos netwerk heb ik hier veel minder problemen mee..) Hier de link van Speccy : http://speccy.piriform.com/results/vrJqmyLGTENYFWJWUm6231C
  2. Na een klein half uurtje kwam dit uit de bus : ComboFix 12-09-18.05 - pcgerdep2 18/09/2012 17:42:48.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.447.156 [GMT 2:00] Running from: c:\documents and settings\pcgerdep2\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . . ((((((((((((((((((((((((( Files Created from 2012-08-18 to 2012-09-18 ))))))))))))))))))))))))))))))) . . 2012-09-17 09:44 . 2012-09-17 09:58 -------- d-----w- C:\automation20120917 2012-09-14 08:12 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll 2012-09-14 08:07 . 2012-07-02 17:49 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2012-09-14 08:07 . 2012-07-02 17:49 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll 2012-09-14 08:07 . 2012-07-02 17:49 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll 2012-09-14 08:07 . 2012-07-02 17:49 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll 2012-09-14 07:33 . 2012-09-14 07:33 -------- d-sh--w- c:\documents and settings\pcgerdep2\PrivacIE 2012-09-13 13:30 . 2012-09-13 13:30 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2012-09-13 13:17 . 2012-09-17 13:50 -------- d-----w- c:\documents and settings\NetworkService\Application Data\VMware 2012-09-13 13:16 . 2012-09-13 13:16 -------- d-sh--w- c:\documents and settings\pcgerdep2\IETldCache 2012-09-13 12:33 . 2012-09-13 12:36 -------- dc-h--w- c:\windows\ie8 2012-09-13 11:55 . 2012-09-13 11:55 -------- d-----w- c:\windows\system32\winrm 2012-09-13 11:55 . 2012-09-13 11:56 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$ 2012-09-13 11:26 . 2012-09-13 11:26 -------- d-----w- c:\documents and settings\pcgerdep2\Local Settings\Application Data\Identities 2012-09-13 11:25 . 2012-09-14 07:38 -------- d-----w- c:\program files\Windows Desktop Search 2012-09-13 11:23 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll 2012-09-13 11:23 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll 2012-09-13 11:23 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll 2012-09-13 11:22 . 2012-09-13 11:22 -------- d-----w- c:\program files\Windows Media Connect 2 2012-09-13 11:18 . 2012-09-13 11:20 -------- d-----w- c:\windows\system32\drivers\UMDF 2012-09-13 09:46 . 2012-09-13 09:46 -------- d-----w- c:\documents and settings\pcgerdep2\Application Data\Schneider Electric 2012-09-13 09:34 . 2012-09-13 09:34 15096 ----a-w- c:\windows\system32\drivers\VdWinIo.sys 2012-09-13 08:13 . 2012-09-13 12:52 -------- d-----w- c:\windows\system32\XPSViewer 2012-09-13 08:13 . 2012-09-13 08:13 -------- d-----w- c:\program files\Reference Assemblies 2012-08-26 20:01 . 2012-09-13 11:18 -------- d-----w- c:\windows\system32\LogFiles 2012-08-26 15:29 . 2012-08-26 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo 2012-08-26 15:29 . 2012-08-26 15:30 -------- d-----w- c:\program files\COMODO 2012-08-26 12:28 . 2012-08-26 12:28 -------- d-----w- c:\documents and settings\pcgerdep2\Local Settings\Application Data\PCHealth 2012-08-25 17:13 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll 2012-08-25 17:13 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll 2012-08-25 17:11 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll 2012-08-25 17:10 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2012-08-25 17:05 . 2012-07-04 14:05 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys 2012-08-25 17:04 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys 2012-08-25 17:02 . 2012-05-28 18:16 536576 ------w- c:\windows\system32\dllcache\msado15.dll 2012-08-25 16:57 . 2011-04-30 03:01 758784 ----a-w- c:\windows\system32\dllcache\vgx.dll 2012-08-25 16:53 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2012-08-25 16:52 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll 2012-08-25 16:52 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll 2012-08-25 16:52 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe 2012-08-25 16:30 . 2012-08-25 16:30 -------- d-----w- c:\documents and settings\pcgerdep2\Application Data\Malwarebytes 2012-08-25 16:30 . 2012-08-25 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-08-25 16:30 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-25 16:30 . 2012-08-25 16:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-25 14:51 . 2011-10-28 16:07 726528 ----a-w- c:\windows\system32\dllcache\jscript.dll 2012-08-25 14:06 . 2012-08-25 14:06 -------- d-----w- c:\documents and settings\pcgerdep2\Application Data\Avira 2012-08-25 14:00 . 2012-07-18 16:05 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-08-25 14:00 . 2012-07-18 16:05 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-08-25 14:00 . 2012-07-18 16:05 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-08-25 13:59 . 2012-08-25 13:59 -------- d-----w- c:\program files\Avira 2012-08-25 13:59 . 2012-08-25 13:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2012-08-25 13:47 . 2012-08-25 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\CPA_VA 2012-08-25 13:13 . 2012-08-25 13:13 -------- d-----w- c:\windows\system32\scripting 2012-08-25 13:13 . 2012-08-25 13:13 -------- d-----w- c:\windows\l2schemas 2012-08-25 13:13 . 2012-08-25 13:13 -------- d-----w- c:\windows\system32\en 2012-08-25 13:13 . 2012-08-25 13:13 -------- d-----w- c:\windows\system32\bits 2012-08-25 12:49 . 2012-08-25 12:49 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ApplicationHistory 2012-08-25 12:49 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-06 13:58 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05 . 2004-08-04 08:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40 . 2004-08-04 08:00 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:49 . 2004-08-04 08:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:49 . 2004-08-04 08:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-07-02 17:49 . 2004-08-04 08:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05 . 2004-08-04 08:00 385024 ----a-w- c:\windows\system32\html.iec 1998-04-27 18:15 . 2011-12-08 08:55 570128 ------w- c:\program files\Common Files\dao350.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="mqrt.dll" [2009-06-25 177152] "PTHOSTTR"="c:\program files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2006-02-14 122880] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-03-28 454656] "CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920] "Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-02-15 892928] "prg242u"="c:\program files\COMMON FILES\PLATFORM3000U\PRG242U.EXE" [2010-11-18 299008] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN] 2006-03-03 15:08 434176 ----a-w- c:\windows\system32\IfxWlxEN.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2005-07-25 18:41 40960 ----a-w- c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk backup=c:\windows\pss\Bluetooth.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] 2006-05-10 18:12 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset] 2006-04-21 16:30 40960 ----a-w- c:\program files\Hewlett-Packard\Default Settings\Cpqset.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA] 2005-08-31 12:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-17 06:11 49152 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2004-07-27 23:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2004-07-27 23:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2012-07-03 11:46 462920 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] 2006-03-23 18:38 131072 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2005-11-10 20:03 36975 ----a-w- c:\program files\Java\jre1.5.0_06\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-09-15 00:27 1015808 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\WINDOWS\\system32\\mstsc.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Siemens\\SQLANY\\dbsrv9.exe"= "c:\\Program Files\\Siemens\\Step7\\S7BIN\\S7tgtopx.exe"= "c:\\Program Files\\Siemens\\Step7\\S7INF\\S7usiapx.exe"= "c:\\WINDOWS\\system32\\s7otbxsx.exe"= "c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008\\HmiES.exe"= "c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008\\TraceServer.exe"= "c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\MiniWeb.exe"= "c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\SmartServer.exe"= "c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\HmiLoad.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"= "c:\\Program Files\\VMware\\VMware Player\\vmware-authd.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [8/08/2011 15:58 98928] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [25/08/2012 16:00 36000] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [11/03/2012 21:13 494968] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11/03/2012 21:13 31704] R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [29/11/2005 18:56 36768] R1 VDWINIO;VDWINIO;c:\windows\system32\drivers\VdWinIo.sys [13/09/2012 11:34 15096] R2 almservice;Automation License Manager Service;c:\program files\Common Files\Siemens\SWS\almsrv\almsrvx.exe [29/03/2010 10:13 1594368] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [25/08/2012 16:00 86224] R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4/08/2004 10:00 14336] R2 Dpmtrcdd;Dpmtrcdd;c:\windows\system32\drivers\dpmtrcdd.sys [10/03/2009 21:57 28363] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [25/08/2012 18:30 655944] R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10/02/2007 15:29 29178224] R2 NewServiceInstall1;IDS;c:\program files\Schneider Electric\Vijeo-Designer\IDS\IDS Manager\IDS.exe [29/01/2010 17:10 16384] R2 s7asysvx;S7 Global Services;c:\program files\Siemens\Step7\S7BIN\s7asysvx.exe [10/03/2009 0:46 69685] R2 s7snsrtx;PROFINET IO RT-Protocol;c:\windows\system32\drivers\s7snsrtx.sys [24/02/2009 18:39 73088] R2 S7TraceServiceX;S7TraceServiceX;c:\program files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2/03/2010 9:47 240776] R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [29/08/2011 23:11 665200] R2 XBTZG935 USB Link Cable;XBTZG935 USB Link Cable;c:\program files\Schneider Electric\Vijeo-Designer\Vijeo-Frame\XBTZG935\XBTZG935svr.exe [22/10/2010 2:42 90112] R3 fwkbd;fwkbd;c:\windows\system32\drivers\FwKbd.sys [8/12/2011 12:31 2976] R3 fwkbdrtm;fwkbdrtm;c:\windows\system32\drivers\fwkbdrtm.sys [8/04/2010 12:15 12112] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [21/10/2005 13:19 36352] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [25/08/2012 18:30 22344] R3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [11/01/2012 13:43 91376] S2 Productys.PWEService;Explorer Web Server;c:\program files\Schneider Electric\Vijeo-Designer\IDS\IDS Explorer\Productys.PWEService.exe [22/06/2011 8:37 37376] S2 s7oiehsx;SIMATIC IEPG Help Service;c:\program files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2/03/2010 9:47 1576072] S2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP);c:\windows\system32\drivers\s7opcsrtx.sys [1/03/2010 17:51 31232] S3 BacnetDataServer;BacnetDataServer;c:\program files\Newron System\BACnetDataServer\BdsServer.exe [7/09/2011 10:39 36864] S3 dpmcslv;dpmcslv;c:\windows\system32\drivers\dpmcslv.sys [4/07/2005 17:04 68280] S3 s7oefs_x;SIMATIC MPI/EFS Driver;c:\windows\system32\drivers\s7oefs_x.sys [18/10/2002 2:34 30512] S3 s7oppinx;s7oppinx;c:\windows\system32\drivers\s7oppinx.sys [2/03/2010 9:39 124928] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASChannel . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.be/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 LSP: %SystemRoot%\system32\vsocklib.dll Trusted Zone: gernal.be\vpn TCP: DhcpNameServer = 192.168.1.101 192.168.1.1 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-18 17:56 Windows 5.1.2600 Service Pack 3 NTFS . detected NTDLL code modification: ZwClose . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1128) c:\windows\system32\Ati2evxx.dll c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll c:\windows\system32\IfxWlxEN.dll . - - - - - - - > 'lsass.exe'(1184) c:\windows\system32\guard32.dll . - - - - - - - > 'csrss.exe'(1088) c:\windows\system32\cmdcsr.dll . Completion time: 2012-09-18 18:01:12 ComboFix-quarantined-files.txt 2012-09-18 16:01 ComboFix2.txt 2012-09-18 14:24 ComboFix3.txt 2012-08-25 19:42 . Pre-Run: 27.519.590.400 bytes free Post-Run: 27.547.992.064 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - 6CE2D59A6DC652E8D381C0B963406237
  3. Hallo, Het CPU gebruik van m'n HP portable ligt meestal behoorlijk hoog. Wanneer je dan bvb een map opent, een programma start,.. hangt ie direct een tijdje tegen de 100%. Waarschijnlijk daarmee gepaard werkt alles aan de trage kant. Hopelijk vinden jullie iets in het onderstaande hijack logje ! Alvast heel erg bedankt voor de tijd en moeite Groetjes HiJackThis logje : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:49:05, on 14/09/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\HPQ\IAM\bin\asghost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\program files\common files\Siemens\sws\almsrv\almsrvx.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\IFXSPMGT.exe C:\WINDOWS\system32\IFXTCS.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Schneider Electric\Vijeo-Designer\IDS\IDS Manager\IDS.exe C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE C:\Program Files\Schneider Electric\Vijeo-Designer\IDS\IDS Explorer\Productys.PWEService.exe C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\WINDOWS\system32\vmnat.exe C:\Program Files\Schneider Electric\Vijeo-Designer\Vijeo-Frame\XBTZG935\XBTZG935svr.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\VMware\VMware Player\vmware-authd.exe C:\WINDOWS\system32\vmnetdhcp.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\mstsc.exe C:\Documents and Settings\pcgerdep2\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [prg242u] C:\PROGRAM FILES\COMMON FILES\PLATFORM3000U\PRG242U.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} (XTSAC Control) - https://vpn.gernal.be/XTSAC.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1347529923234 O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://vpn.gernal.be/msrdp.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\program files\common files\Siemens\sws\almsrv\almsrvx.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BacnetDataServer - Newron System - C:\Program Files\Newron System\BACnetDataServer\BdsServer.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: IDS (NewServiceInstall1) - Unknown owner - C:\Program Files\Schneider Electric\Vijeo-Designer\IDS\IDS Manager\IDS.exe O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\Opcenum.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE O23 - Service: Explorer Web Server (Productys.PWEService) - XPSP2 - C:\Program Files\Schneider Electric\Vijeo-Designer\IDS\IDS Explorer\Productys.PWEService.exe O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: XBTZG935 USB Link Cable - Schneider Electric Inc. - C:\Program Files\Schneider Electric\Vijeo-Designer\Vijeo-Frame\XBTZG935\XBTZG935svr.exe -- End of file - 10338 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.