Ga naar inhoud

blub13

Lid
  • Items

    4
  • Registratiedatum

  • Laatst bezocht

blub13's prestaties

  1. Op dit moment start de pc weer normaal op(al een aantal keer). zou het kunnen komen door services die ik nu heb uitgeschakeld bij het opstarten, die elkaar conflicteerden? in ieder geval bedankt voor het controleren van mijn logjes.
  2. Hierbij de inhoud van zoek-result.log: Zoek.exe Version 4.0.0.1 Updated 13-February-2013 Tool run by Gebruiker on zo 17-02-2013 at 18:34:14,03. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe C:\Program Files (x86)\Zend\MySQL51\bin\mysqld.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files (x86)\Zend\ZendServer\bin\zdd.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Users\Gebruiker\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-02-17 11:55:57 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\DllHost.exe.Z-missing.txt 2013-02-13 19:32:52 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-02-13 19:32:52 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-02-13 19:32:52 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-02-13 19:32:51 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-02-13 19:32:51 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-02-13 19:32:51 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-02-13 19:32:50 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-02-13 19:32:50 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-02-13 19:32:50 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-02-13 19:32:49 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-02-13 19:32:49 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-02-13 19:32:49 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-02-13 19:32:48 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-02-13 19:32:48 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-02-13 19:32:47 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-02-13 19:32:46 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-02-13 17:32:47 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-02-13 17:32:46 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-02-13 17:32:38 79FCCC6662CA3DB6E6D2F1FCF3060FB5 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-02-13 17:32:37 E7A4DE9232E097829F62755BC0ABE0F2 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-02-13 17:32:37 61386FEAEFAD1AF971578602130A22B6 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-02-13 17:32:37 4F0C624E8E2BE4A8DB0820337B15395D 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-02-13 17:32:36 990702DB35E3698AFB298D8743DACF53 2048 ----a-w- C:\Windows\SysWOW64\user.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-02-13 19:32:52 C126E94D887482CC3EB84180D4DFE84B 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-02-13 19:32:52 318551170D0A525969769B224FD07EA7 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-02-13 19:32:51 FC94371FCE85F391F976F2BB560367CF 237056 ----a-w- C:\Windows\Sysnative\url.dll 2013-02-13 19:32:51 D43FF47399D0972B3D514378EC914272 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-02-13 19:32:51 9907747D39B37958180B4BCD756D3C47 248320 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-02-13 19:32:50 F3500B8809AC8642AF9C51B80B1C946C 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-02-13 19:32:50 91C25CA815433AA0672F7D722C3BF796 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-02-13 19:32:50 87BEA2616EFDEC6A1CB3BFCFB09D816A 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-02-13 19:32:50 5A4BC13F8C53017C9147B448870562CD 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-02-13 19:32:49 C2E1CA7848D834ADD708BB79FA05B6D2 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-02-13 19:32:49 BD69A0116B11A91761AB30A25DCB4C9D 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-02-13 19:32:49 47C1C7D580E39CB1401FD9209CD413BC 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-02-13 19:32:49 435E9C764E1EF70058580996452BE6A2 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-02-13 19:32:48 F431C3C86FCCC1C53814F043A6CAD825 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-02-13 19:32:46 35126DDDE8241C4C4A5F15F6CDDF4434 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-02-13 19:32:46 14DEB733ACB08A71CC0783ED02FF1F8D 17812992 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-02-13 17:32:48 6B0D9CF92C08D42533C12FC1A0B5403F 5553512 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-02-13 17:32:40 59E21156113E438D1D91AF4FC0C3B19F 3153408 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-02-13 17:32:38 0C27239FEA4DB8A2AAC9E502186B7264 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll ====== C:\Windows\Sysnative\drivers ===== 2013-02-13 17:32:36 B62A953F2BF3922C8764A29C34A22899 1913192 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-02-13 17:32:35 41C67E4205C606A103DEC8651D0B6FE6 288088 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-02-13 17:44:51 -------- d-----w- C:\Program Files\ESET ======= C:\Program Files (x86) ===== 2013-02-17 13:21:14 -------- d-----w- C:\Program Files (x86)\Trend Micro ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== ====== C:\Users\Gebruiker ====== 2013-02-13 17:44:51 -------- d-----w- C:\ProgramData\ESET ====== C: exe-files == 2013-02-13 19:32:51 D43FF47399D0972B3D514378EC914272 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-13 19:32:51 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-02-13 19:32:51 698EB1E5F8C66344D97C00B5699E871D 757280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-02-13 19:32:50 0100BCF23941C83462E4A70F94C3392E 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-02-13 17:32:48 6B0D9CF92C08D42533C12FC1A0B5403F 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-13 17:32:47 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-02-13 17:32:46 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-02-13 17:32:37 E7A4DE9232E097829F62755BC0ABE0F2 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-02-13 17:32:37 4F0C624E8E2BE4A8DB0820337B15395D 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-02-13 17:32:36 990702DB35E3698AFB298D8743DACF53 2048 ----a-w- C:\Windows\SysWOW64\user.exe === C: other files == 2013-02-15 17:37:23 7114070D9BDA5901B692D896A001EC95 12638576 ----a-w- C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll 2013-02-13 19:34:01 E763D28DB5DC62EB38527B6F68926A68 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 19:34:01 E74C018279BB3FB2596AA4CEEA97EC0C 768000 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 2013-02-13 19:32:52 ED17AE04E19B5C779703EA35B2F607C0 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2013-02-13 19:32:52 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-02-13 19:32:52 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-02-13 19:32:52 76497D5AF6F682371DD1D5E18F37352F 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll 2013-02-13 19:32:52 318551170D0A525969769B224FD07EA7 96768 ----a-w- C:\Windows\System32\mshtmled.dll 2013-02-13 19:32:52 0F4871B3BF0E48664A24D2717F2117A0 149528 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2013-02-13 19:32:51 FC94371FCE85F391F976F2BB560367CF 237056 ----a-w- C:\Windows\System32\url.dll 2013-02-13 19:32:51 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-02-13 19:32:51 F7BC1D90C3A976A5259BD1A5D7D43038 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll 2013-02-13 19:32:51 9907747D39B37958180B4BCD756D3C47 248320 ----a-w- C:\Windows\System32\ieui.dll 2013-02-13 19:32:51 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-02-13 19:32:50 F3500B8809AC8642AF9C51B80B1C946C 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-13 19:32:50 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-02-13 19:32:50 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-02-13 19:32:50 91C25CA815433AA0672F7D722C3BF796 729088 ----a-w- C:\Windows\System32\msfeeds.dll 2013-02-13 19:32:50 87BEA2616EFDEC6A1CB3BFCFB09D816A 1346048 ----a-w- C:\Windows\System32\urlmon.dll 2013-02-13 19:32:50 7F73235D527DCF16C38578CD1CD9F7A8 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll 2013-02-13 19:32:50 66E4246FEF8C364611F9782AA0809F42 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2013-02-13 19:32:49 C2E1CA7848D834ADD708BB79FA05B6D2 816640 ----a-w- C:\Windows\System32\jscript.dll 2013-02-13 19:32:49 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-02-13 19:32:49 BD69A0116B11A91761AB30A25DCB4C9D 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-13 19:32:49 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-02-13 19:32:49 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-02-13 19:32:49 47C1C7D580E39CB1401FD9209CD413BC 85504 ----a-w- C:\Windows\System32\jsproxy.dll 2013-02-13 19:32:49 435E9C764E1EF70058580996452BE6A2 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-13 19:32:48 F431C3C86FCCC1C53814F043A6CAD825 2147840 ----a-w- C:\Windows\System32\iertutil.dll 2013-02-13 19:32:48 EE53ACBBE021BD598230E0FDA8313CB7 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll 2013-02-13 19:32:48 D2C4AFF19FFF1E218DC8ACA177244449 86528 ----a-w- C:\Windows\System32\migration\WininetPlugin.dll 2013-02-13 19:32:48 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-02-13 19:32:48 C2AD78FF88FEC9663B0227A72E65F0C3 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll 2013-02-13 19:32:48 9B70C6CF83DBF5C56E82B7C30F1E300F 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll 2013-02-13 19:32:48 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-02-13 19:32:48 2E22305A88AD0F37434C896F5A4746F8 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 2013-02-13 19:32:48 23AA73F4024DE78ED5A2F5F0BEB5388F 66048 ----a-w- C:\Windows\SysWOW64\migration\WininetPlugin.dll 2013-02-13 19:32:47 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-02-13 19:32:46 35126DDDE8241C4C4A5F15F6CDDF4434 10925568 ----a-w- C:\Windows\System32\ieframe.dll 2013-02-13 19:32:46 14DEB733ACB08A71CC0783ED02FF1F8D 17812992 ----a-w- C:\Windows\System32\mshtml.dll 2013-02-13 19:32:46 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-02-13 17:32:40 59E21156113E438D1D91AF4FC0C3B19F 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 17:32:38 BFC68382466436FAE8B7A27966FB98CB 44032 ----a-w- C:\Windows\AppPatch\acwow64.dll 2013-02-13 17:32:38 79FCCC6662CA3DB6E6D2F1FCF3060FB5 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-02-13 17:32:38 0C27239FEA4DB8A2AAC9E502186B7264 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-02-13 17:32:37 61386FEAEFAD1AF971578602130A22B6 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-02-13 17:32:36 B62A953F2BF3922C8764A29C34A22899 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-02-13 17:32:35 41C67E4205C606A103DEC8651D0B6FE6 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 7.0] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 7.0" "hkey"="HKLM" "command"="\"C:\\Programs\\Adobe\\Adobe Acrobat 7.0\\Distillr\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Version Cue CS2] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Version Cue CS2" "hkey"="HKLM" "command"="\"C:\\Programs\\Adobe\\Adobe Version Cue CS2\\ControlPanel\\VersionCueCS2Tray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AthBtTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Bluetooth Suite\\AthBtTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AtherosBtStack" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Bluetooth Suite\\BtvStack.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updateMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="updateMgr" "hkey"="HKCU" "command"="C:\\Programs\\Adobe\\Adobe Acrobat 7.0\\Acrobat\\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-748787389-2214460280-1917387238-1000Core.job --a------ C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [08-08-2012 20:09] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\a2m7d7tx.default - Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\a2m7d7tx.default 9AC863FD5976316C29D4CB5E4C9EFD9C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll - Shockwave Flash 586FDC4E02623EE228EC35B9604AE5F2 - C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll - Google Update ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{3B45EF73-6B6A-4523-9E4C-63DE52EA176A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {3B45EF73-6B6A-4523-9E4C-63DE52EA176A} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Programs\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u24-windows-i586.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Programs\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apache2.2-Zend - Apache Software Foundation - C:\Program Files (x86)\Zend\Apache2\bin\httpd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL_ZendServer51 - Unknown owner - C:\Program.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Zend Deployment (ZendDeployment) - Zend Technologies Ltd. - C:\Program Files (x86)\Zend\ZendServer\bin\zdd.exe O23 - Service: Zend Java Bridge (ZendJavaBridge) - Zend Technologies Ltd. - C:\Program Files (x86)\Zend\ZendServer\bin\JavaServer.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\a2m7d7tx.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
  3. Beste juisterr, Is er uit de hijack this iets vreemds naar boven gekomen? Op dit moment, lijkt na het uitschakelen van enkele zaken welke windows direct opstartte het probleem zich niet voor te doen (aantal reboots gedaan en start ok op). Kan het zijn dat er twee services met elkaar in conflict waren? Of raad je toch aan de zoek.exe uit te voeren?
  4. Hallo, Sinds deze ochtend heb ik het probleem dat mijn PC direct vast loopt na het opstarten. De muis valt nog wel te bewegen, maar ik kan nergens op klikken en toetsenbord acties reageren ook niet. Heb reeds enkele stappen ondernomen: - Heb ik veilige modus een virusscan laten uitvoeren (ESET Nod32 v6 (meest recente)), maar hier komt niets terug. - Heb sfc / scannow uitgevoerd, ook hier geen fouten gevonden. - Daarnaast nog chkdsk uitgevoerd, ook hier geen fouten - Laatste stap die ik heb gedaan is een hele rits aan items uitgeschakeld bij opstarten via msconfig. Na de laatste stap start de PC op en loopt (voorlopig) niet direct vast. Ik weet niet of ik hier in het juiste onderdeel van het forum zit voor mijn probleem, maar las dat voor het plaatsen van een hijack this log, dit de plaats is. Bijgevoegd is mijn hijack this bestandje. Ik hoop dat iemand deze wil nalopen om de reden 'malware' uit te kunnen schakelen. En wellicht dat iemand mij verder kan helpen met uitvinden hoe dit probleem ontstaan is. Mocht meer informatie gewenst zijn, hoor ik dit graag. [ATTACH]24179[/ATTACH] hijackthis.log
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.