damo
-
Items
160 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door damo
-
-
Hallo Dassle,
De 5V blijft mooi tussen 5,9 en max 5,10 V
De 12V tussen 5,14 (bij opstart) en max 12,30 V
mvg
Damo
-
Daar kan ik wel aan geraken, hoe doe ik dit ?
thanks
-
Voeding : AMDP4-ATX 420WP
-
Hallo,
Enkele minuten na opstart met de Ubuntu CD blokkeerde de PC. Gisteren hele avond gewerkt zonder problemen. Raar...
Damo
-
vraagje : hoe brand ik het iso-bestand (= wubi bestand ?) op een cd als image ?
PS heb nero 9
-
ongelooflijk maar PC is na vorig bericht geblokkeerd
-
Hallo,
Vorige week heb ik een nieuwe versie van Google geïnstalleerd (met nieuwe adobe flash...) en sindsdien geen uitval meer gehad. Indien het probleem terug optreedt maak ik die opstart CD mat moet ik dan doen : een screenshot of logje hier posten ?
thanks
Damo
-
Vooral zaken ivm power management
ik kan me herinneren dat ik een "auto" instelling van de ventilator heb geselecteerd waarbij de computer eerst de temperatuur op verschillende snelheden van de ventilator teste.
-
-
Hallo Dasle :
Onderstaand het resultaat van de test.
HD Tune: Hitachi HDS721616PLA Error Scan
Scanned data : 152566 MB
Damaged Blocks : 0.0 %
Elapsed Time : 87:30
-
bedankt, tweede poging (serienummer windows verwijderd) : [ATTACH]24532[/ATTACH]
-
Hallo Dasle,
Voeding : AMDP4-ATX 420WP
Logje :
alvast bedankt !
Damo
PC Helpforum moderator bericht: logje verwijderd want je installatiecode stond er nog in. -
Hier ben ik helaas al terug : net weer 3 keer uitval. De eerste na een toch een hele tijd gewerkt te hebben, de tweede en derde enkele minuten na opstart
-
Thanks, : na update Avast naar versie 4 en uitschakeling webrip geen problemen meer gehad. Maar 'k wacht nog een week tot ik markeer als opgelost.
-
-
Net ruim een uur gewerkt in veilige modus met zowel IE als Chrome (10 tabbladen) open => geen probleem
In gewone modus nadien na 1 minuut PC geblokkeerd (website HLN op google chrome)
Wat me ook opviel was dat de ventilator in veilige modus harder leek te draaien, kan dat ?
-
Helaas helaas : ondertussen weer enkele malen geblokkeerd.
Ook firefox geïnstalleerd en maar ook met die browser blijft het probleem bestaan (voorlopig houdt IE het 't langste uit).
wat ook (even) lijkt te helpen is de ADWCleaner, Combofix en MBAM gebruiken.
-
Volgende Iobit programma's stonden inderdaad nog aangevinkt (status "wordt uitgevoerd") en heb ik uitgevinkt :
- advanced system care
- IMF Service
Ook volgende 2 programma's van NVIDIA staan aangevinkt :
- Driver Helper Service
- Update Server Deamon
Bij volgende aangevinkte programma's is de fabrikant onkekend (telkens status "gestopt"):
- Windows cardspace
- office source engine
- windows madia player network shering service
Welke van deze 5 programma's mag ik uitschakelen ?
mvg
Damo
-
ondertussen ook deze oplossing geprobeerd : How To: Solve your Google Chrome Freezing and Hanging Problems
Als dit noch de volledige uitschakeling van Iobit Avanced System Care niet helpt overweeg ik over te schakelen naar Firefox : goed idee ?
mvg
Damo
-
Hallo Dasle,
Inderdaad, via het programma zelf. Kan ik dit beter op een andere manier doen ?
Blijkbaar ben ik niet de enige met het probleem : windows 7 - Google Chrome freezes and hangs the computer, keyboard mouse, Alt+Ctrl+Del is dead slow? - Super User
-
Na een van de vorige berichten heb ik inderdaad Iobit Avanced System Care uitgeschakeld en sindsdien niet meer ingeschakeld. Als het actief is zie ik het aan het icoontje rechtsonder de start balk en dit was niet het geval.
- - - Updated - - -
Na het logje (waar ik niks van versta) zelf eens bekeken te hebben zie ik er een aantal zaken tussen staan waarvan ik toch dacht dat ze uitgeschakeld waren :
SolidConverterDWG
IObit Malware Fighter
Easeus ShellFolder
WinRar
=> ?
-
Hallo Dasle,
Onderstaand het gevraagde
PS : PS start zeer traag op...
"Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat!
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (32-bit)
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe [MS]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
avast = "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [AVAST Software]
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [MS]
nwiz = nwiz.exe /installquiet [NVIDIA Corporation]
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [MS]
KernelFaultCheck = C:\WINDOWS\system32\dumprep 0 -k
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub
-> {HKLM…CLSID} = Adobe PDF Link Helper
\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = (no title provided)
-> {HKLM…CLSID} = avast! WebRep
\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [AVAST Software]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
-> {HKLM…CLSID} = avast
\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
{88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal-pictogramuitbreiding
-> {HKLM…CLSID} = HyperTerminal Icon Ext
\InProcServer32\(Default) = C:\WINDOWS\System32\hticons.dll [Hilgraeve, Inc.]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = D:\Program Files\Microsoft Office\OFFICE11\msohev.dll [MS]
{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class
-> {HKLM…CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]
{1CDB2949-8F65-4355-8456-263E7C208A5D} = Desktop Explorer
-> {HKLM…CLSID} = Desktop Explorer
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} = Desktop Explorer Menu
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} = nView Desktop Context Menu
-> {HKLM…CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]
{0561EC90-CE54-4f0c-9C55-E226110A740C} = Haali Column Provider
-> {HKLM…CLSID} = Haali Column Provider
\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} = Haali Matroska Shell Property Page
-> {HKLM…CLSID} = Haali Matroska Shell Property Page
\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]
{327669A0-59A7-4be9-B99E-1C9F3A57611A} = Haali Matroska Thumbnail Extractor
-> {HKLM…CLSID} = Haali Matroska Thumbnail Extractor
\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler
-> {HKLM…CLSID} = Microsoft Office Outlook
\InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\MLSHEXT.DLL [MS]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler
-> {HKLM…CLSID} = Outlook-extensie voor bestandspictogrammen
\InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\OLKFSTUB.DLL [MS]
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
-> {HKLM…CLSID} = Microsoft Office Metadata Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
-> {HKLM…CLSID} = Microsoft Office Thumbnail Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]
{472083B0-C522-11CF-8763-00608CC02F24} = avast
-> {HKLM…CLSID} = avast
\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]
{C1051DD2-472F-4B24-B47A-06769096CE34} = Easeus ShellFolder!
-> {HKLM…CLSID} = Easeus ShellFolder!
\InProcServer32\(Default) = d:\Program Files\EASEUS\Todo Backup\bin\ImageSh.dll [CHENGDU YIWO Tech Development Co.,Ltd]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]
{FFB699E0-306A-11d3-8BD1-00104B6F7516} = Play on my TV helper
-> {HKLM…CLSID} = NVIDIA CPL Extension
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]
HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = {807553E5-5146-11D5-A672-00B0D022E945}
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL [MS]
HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\
<<!>> mso-offdap11\CLSID = {32505114-5902-49B2-880A-1F7738E5A384}
-> {HKLM…CLSID} = Data Page Plugable Protocal mso-offdap11 Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL [MS]
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
Advanced SystemCare\(Default) = {9486A9B2-D787-4eca-A25C-4A0086BB4154}
-> {HKLM…CLSID} = CExtMenu Class
\InProcServer32\(Default) = d:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll [null data]
avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
-> {HKLM…CLSID} = avast
\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]
IObit Malware Fighter\(Default) = {0BB81440-5F42-4480-A5F7-770A6F439FC8}
-> {HKLM…CLSID} = BlueBirdShell Class
\InProcServer32\(Default) = d:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [iObit]
SolidConverterDWG\(Default) = {36EB2FB7-593D-45aa-9669-582196FB1B2A}
-> {HKLM…CLSID} = Solid Converter DWG
\InProcServer32\(Default) = C:\Program Files\SolidDocuments\SolidConverterDWG\ExploreExtDWG.dll [solid Documents, LLC]
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]
HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
-> {HKLM…CLSID} = avast
\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
Advanced SystemCare\(Default) = {9486A9B2-D787-4eca-A25C-4A0086BB4154}
-> {HKLM…CLSID} = CExtMenu Class
\InProcServer32\(Default) = d:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll [null data]
IObit Malware Fighter\(Default) = {0BB81440-5F42-4480-A5F7-770A6F439FC8}
-> {HKLM…CLSID} = BlueBirdShell Class
\InProcServer32\(Default) = d:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [iObit]
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]
HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]
HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\
00nView\(Default) = {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
-> {HKLM…CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]
NvCplDesktopContext\(Default) = {A70C977A-BF00-412C-90B7-034C51DA2439}
-> {HKLM…CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{0561EC90-CE54-4f0c-9C55-E226110A740C}\(Default) = Haali Column Provider
-> {HKLM…CLSID} = Haali Column Provider
\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
-> {HKLM…CLSID} = PDF Shell Extension
\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]
HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}
-> {HKLM…CLSID} = avast
\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]
IObit Malware Fighter\(Default) = {0BB81440-5F42-4480-A5F7-770A6F439FC8}
-> {HKLM…CLSID} = BlueBirdShell Class
\InProcServer32\(Default) = d:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [iObit]
SolidConverterDWG\(Default) = {36EB2FB7-593D-45aa-9669-582196FB1B2A}
-> {HKLM…CLSID} = Solid Converter DWG
\InProcServer32\(Default) = C:\Program Files\SolidDocuments\SolidConverterDWG\ExploreExtDWG.dll [solid Documents, LLC]
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]
HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]
Default executables:
--------------------
.scr
HKLM\SOFTWARE\Classes\.scr\(Default) = AutoCADScriptFile
HKLM\SOFTWARE\Classes\AutoCADScriptFile\(Default) = AutoCAD Script
HKLM\SOFTWARE\Classes\AutoCADScriptFile\shell\open\command\(Default) = C:\WINDOWS\NOTEPAD.EXE "%1" [MS]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDrives = (REG_DWORD) dword:0x00000000
{unrecognized setting}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDrives = (REG_DWORD) dword:0x00000000
{unrecognized setting}
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\
NoUpdateCheck = (REG_DWORD) dword:0x00000001
{unrecognized setting}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\
DisableRegistryTools = (REG_DWORD) dword:0x00000000
{unrecognized setting}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
Wallpaper = C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Documents and Settings\Xxxxx Xxxx.XXXXX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr [MS]
Windows Portable Device AutoPlay Handlers
-----------------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\
MPCPlayBluRayOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayBlurayMovie
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayBlurayMovie\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %L\BDMV\INDEX.BDMV [MPC-HC Team]
MPCPlayCDAudioOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayCDAudio
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /cd [MPC-HC Team]
MPCPlayDVDMovieOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayDVDMovie
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /dvd [MPC-HC Team]
MPCPlayMusicFilesOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayMusicFiles
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team]
MPCPlayVideoFilesOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayVideoFiles
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team]
MSWPDShellNamespaceHandler\
Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine =
-> {HKLM…CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS]
NeroAutoPlay9AudioToNeroDigital\
Provider = Nero Burning ROM
InvokeProgID = Nero.AutoPlay8
InvokeVerb = AudioToNeroDigital_PlayCDAudioOnArrival
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Burning ROM\Nero.exe /Dialog:SaveTracks %L [Nero AG]
NeroAutoPlay9CDAudio\
Provider = Nero Express
InvokeProgID = Nero.AutoPlay8
InvokeVerb = CDAudio_HandleCDBurningOnArrival
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Express\NeroExpress.exe -w /New:AudioCD [Nero AG]
NeroAutoPlay9CopyCD\
Provider = Nero Express
InvokeProgID = Nero.AutoPlay8
InvokeVerb = CopyCD_PlayMusicFilesOnArrival
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Express\NeroExpress.exe -w /Dialog:DiscCopy [Nero AG]
NeroAutoPlay9DataDisc\
Provider = Nero Express
InvokeProgID = Nero.AutoPlay8
InvokeVerb = DataDisc_HandleCDBurningOnArrival
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\DataDisc_HandleCDBurningOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Express\NeroExpress.exe -w /New:ISODisc [Nero AG]
NeroAutoPlay9LaunchNeroStartSmart\
Provider = Nero StartSmart
InvokeProgID = Nero.AutoPlay8
InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG]
NeroAutoPlay9RipCD\
Provider = Nero Burning ROM
InvokeProgID = Nero.AutoPlay8
InvokeVerb = RipCD_PlayCDAudioOnArrival
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Burning ROM\Nero.exe /Dialog:SaveTracks %L [Nero AG]
ShowBizCancelAutoPlay\
Provider =
ProgID = ShowBizCancelAutoPlay.CancelAutoPlay
HKLM\SOFTWARE\Classes\ShowBizCancelAutoPlay.CancelAutoPlay\CLSID\(Default) = {C730D06E-F984-421F-B71C-2E7144CFE10E}
-> {HKLM…CLSID} = ShowBiz Cancel AutoPlay
\LocalServer32\(Default) = CancelAutoPlay.exe [file not found]
Enabled Scheduled Tasks: {++}
------------------------
avast! Emergency Update -> launches: C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [AVAST Software]
SmartDefragUpdate -> launches: C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe /autorun [iObit]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} = (no title provided)
-> {HKLM…CLSID} = avast! WebRep
\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [AVAST Software]
Explorer Bars
HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoek
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
ButtonText = Onderzoek
BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
-> {HKLM…CLSID} = &Onderzoek
\InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL [MS]
{E2E2DD38-D088-4134-82B7-F2BA38496583}\
MenuText = @xpsp3res.dll,-20001
Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]
Miscellaneous IE Hijack Points
------------------------------
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\
<<H>> DesktopItemNavigationFailure = res://shdoclc.dll/navcancl.htm [MS]
<<H>> oldTabs = res://ieframe.dll/tabswelcome.htm [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Advanced SystemCare Service 6, AdvancedSystemCareService6, d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [iObit]
avast! Antivirus, avast! Antivirus, "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [AVAST Software]
HP CUE DeviceDiscovery-service, hpqddsvc, C:\WINDOWS\system32\svchost.exe -k hpdevmgmt {C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [Hewlett-Packard Co.]}
hpqcxs08, hpqcxs08, C:\WINDOWS\system32\svchost.exe -k hpdevmgmt {C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [Hewlett-Packard Co.]}
IMF Service, IMFservice, d:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [iObit]
Microsoft .NET Framework NGEN v4.0.30319_X86, clr_optimization_v4.0.30319_32, C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [MS]
Net Driver HPZ12, Net Driver HPZ12, C:\WINDOWS\System32\svchost.exe -k HPZ12 {C:\WINDOWS\system32\HPZinw12.dll [Hewlett-Packard]}
NVIDIA Driver Helper Service, NVSvc, C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation]
NVIDIA Update Service Daemon, nvUpdatusService, C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [NVIDIA Corporation]
Pml Driver HPZ12, Pml Driver HPZ12, C:\WINDOWS\System32\svchost.exe -k HPZ12 {C:\WINDOWS\system32\HPZipm12.dll [Hewlett-Packard]}
Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\
<<!>> IMFservice, Service
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\
<<!>> {1a3e09be-1e45-494b-9174-d7385b45bbf5}, (title not found)
Keyboard Driver Filters:
------------------------
HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\
<<!>> UpperFilters = <<!>> aswKbd [AVAST Software],kbdclass [MS]
Print Monitors:
---------------
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
hpf3l70v.dll\Driver = hpf3l70v.dll [Hewlett-Packard Company]
Microsoft Document Imaging Writer Monitor\Driver = mdimon.dll [MS]
---------- (launch time: 2013-03-01 19:57:01)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 60 seconds, including 19 seconds for message boxes)
-
Dasle,
Jawel : zeker 10 keer geprobeerd (met en zonder deel >C:\tasklist.txt), ook vanuit verschillend mappen waaronder de root
mvg
Damo
-
Hallo Dasle,
Ik krijg steeds volgende melding : "tasklist wordt niet herkend als een interne of externe opdracht, programma of batchbestand"
groetjes,
Damo
PC valt spontaan uit
in Archief Bestrijding malware & virussen
Geplaatst:
Hallo Dassle,
Net foutje gezien in vorige post : 12V gaat van 12,14V bij opstart naar 12,24V tot max 12,30V na opstart.
damo