![](https://www.pc-helpforum.be/uploads/set_resources_28/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
zeebriesje
-
Items
21 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door zeebriesje
-
-
heb firefox er op gezet ging super snel maar jammer genoeg voor even
heb inderdaad windows toen op nieuw erop gezet omdat deze pc van iemand anders kwam effe alles eruit gegooid en opnieuw begonnen
pc werd vroeger gebruikt om te gamen door men neefje geloof ik
-
niets gekort hoor
-
Ga naar C:\Gebruikers\gebruikersnaam\AppData\Local\Google\Chrome\Application en verwijder daar het bestand first run.
kan deze niet vinden
-
ben benieuwd
-
ja die shockwave heb ik nodig op facebook , er zit er eentje in chrome maar ook als ik alleen deze gebruik , heb ik paginas die niet reageren , en de shockwave net van hetzelfde
zal maar eens stilletjes uitkijken naar nieuwe pc
hartstikke bedankt voor al jullie hulp
moest er iemand nog iets hebben dat ik kan proberen dan hoor ik t graag
-
oei pc aan vervanging toe met andere woorden , maar moet toch wel mogelijk zijn om in 1 pagina fatsoenlijk te werken of ni ?
-
-
met alle sorry hier zal ik overgekeken hebben internet explorer geeft hetzelfde probleem , heb alleen nog maar chrome en internet explorer gehad
-
niets gekort gaat even goed en dan ist weer zelfde
-
ccleaner ken ik die gebruik ik regelmatig zal de shockwave nog eens opnieuw doen
-
ComboFix 13-08-27.02 - Administrator 27/08/2013 19:51:35.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.709 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\documents and settings\Administrator\DelDAF.bat"
"c:\documents and settings\Default User\DelDAF.bat"
"c:\windows\system32\config\systemprofile\DelDAF.bat"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\DefaultTab
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-07-27 to 2013-08-27 ))))))))))))))))))))))))))))))
.
.
2013-08-27 17:43 . 2013-08-27 17:43 -------- d-----w- c:\windows\LastGood
2013-08-27 17:26 . 2013-08-27 17:26 -------- d-----w- c:\windows\system32\xircom
2013-08-27 17:26 . 2013-08-27 17:26 -------- d-----w- c:\windows\system32\wbem\snmp
2013-08-27 17:26 . 2013-08-27 17:26 -------- d-----w- c:\program files\microsoft frontpage
2013-08-27 06:49 . 2013-08-27 06:50 -------- d-----w- C:\AdwCleaner
2013-08-26 15:58 . 2013-08-26 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2013-08-26 15:57 . 2013-08-26 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-08-26 15:57 . 2013-08-26 15:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-26 15:57 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-25 05:56 . 2013-08-27 17:46 -------- d-sh--w- c:\documents and settings\Administrator\Onlangs geopend
2013-08-14 06:34 . 2013-08-14 06:37 -------- d-----w- c:\windows\system32\MRT
2013-08-13 05:57 . 2013-08-13 05:57 -------- d-----w- c:\documents and settings\Administrator\Application Data\ElevatedDiagnostics
2013-08-06 08:02 . 2013-08-06 08:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\FixItCenter
2013-08-06 08:00 . 2013-08-06 08:00 -------- d-----w- c:\windows\MATS
2013-08-06 08:00 . 2013-08-06 08:00 -------- d-----w- c:\program files\Microsoft Fix it Center
2013-08-04 10:35 . 2013-08-04 10:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2013-08-02 05:55 . 2013-08-02 05:55 105 ----a-w- C:\prefs.js
2013-07-31 12:06 . 2013-07-31 12:06 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-07-31 12:05 . 2013-07-31 12:05 -------- d--h--w- c:\windows\system32\GroupPolicy
2013-07-31 11:58 . 2013-07-31 11:58 -------- d-----w- c:\program files\VideoLAN
2013-07-30 09:27 . 2013-07-31 06:11 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-30 09:27 . 2013-07-31 06:11 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-29 12:29 . 2013-08-09 05:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\LavasoftStatistics
2013-07-29 12:29 . 2013-07-29 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Ad-Aware Antivirus
2013-07-29 12:24 . 2013-07-29 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2013-07-29 12:24 . 2013-07-29 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2013-07-29 12:23 . 2013-07-29 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\SecureSearch
2013-07-29 12:21 . 2013-07-29 12:21 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-07-29 12:21 . 2013-07-29 12:21 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-07-29 12:21 . 2013-07-31 05:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ad-Aware Antivirus
2013-07-29 06:33 . 2013-08-23 08:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Deployment
2013-07-29 06:32 . 2013-07-29 06:32 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2013-07-29 06:31 . 2013-07-29 06:31 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-26 11:24 . 2013-07-26 11:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-26 11:24 . 2013-07-26 11:24 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-26 11:24 . 2013-07-25 17:01 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-26 11:24 . 2013-07-26 11:24 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-26 02:49 . 2008-05-21 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:48 . 2008-05-21 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-07-26 02:48 . 2008-05-21 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-25 18:05 . 2013-07-25 18:05 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-25 18:05 . 2013-07-25 18:05 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-07-25 18:05 . 2013-07-25 18:05 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-25 17:26 . 2013-07-25 17:26 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2013-07-25 17:03 . 2013-07-25 17:03 55533 ----a-w- c:\windows\BricoPackUninst.cmd
2013-07-25 17:03 . 2013-07-25 17:02 6120 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2013-07-25 17:03 . 2008-05-21 12:00 219136 ----a-w- c:\windows\system32\uxtheme.dll
2013-07-25 17:01 . 2013-07-25 17:01 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-07-25 16:57 . 2013-07-25 17:06 86 ----a-w- c:\documents and settings\Administrator\DelDAF.bat
2013-07-25 16:57 . 2013-07-25 17:03 86 ----a-w- c:\windows\system32\config\systemprofile\DelDAF.bat
2013-07-25 16:57 . 2013-07-25 16:57 86 ----a-w- c:\documents and settings\Default User\DelDAF.bat
2013-07-25 15:58 . 2008-05-21 12:00 385024 ------w- c:\windows\system32\html.iec
2013-07-10 10:37 . 2008-05-21 12:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:33 . 2008-05-21 12:00 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33 . 2008-05-11 12:51 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-05 09:08 . 2008-05-21 12:00 1876864 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:22 . 2008-05-21 12:00 563200 ----a-w- c:\windows\system32\qedit.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-21 . 0667A612D847BD87667F3CB1FC4C0D6C . 979456 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-05-21 . 84FEBA228C626DA702A065C6B86FCB41 . 230912 . . [5.1.2600.5512] . . c:\windows\regedit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-09-24 7626752]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-09-24 86016]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-21 15360]
"VisualTaskTips"="c:\program files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 36352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"PackNoVs"="c:\windows\BricoPacks\Vista Inspirat 2\pack-it.exe" [2007-04-22 98304]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"SetVisualStyle"= c:\windows\Resources\Themes\Inspirat2\Inspirat2.msstyles
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkinClock]
2007-10-22 13:49 563519 ----a-w- c:\program files\Desktop Tray Clock\DTClock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 20:28 577536 ----a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips]
2007-09-05 09:20 36352 ----a-w- c:\program files\Utilities\VisualTaskTips\VisualTaskTips.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [25/07/2013 20:05 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [25/07/2013 20:05 175176]
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [29/07/2013 14:21 13560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25/07/2013 19:01 717296]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [26/07/2013 9:15 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25/07/2013 20:05 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25/07/2013 20:05 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/07/2013 20:05 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [25/07/2013 20:05 66336]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13/06/2011 22:09 267568]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-23 08:17 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-30 06:11]
.
2013-08-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-07-25 08:58]
.
2013-08-27 c:\windows\Tasks\ConfigExec.job
- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]
.
2013-08-27 c:\windows\Tasks\DataUpload.job
- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]
.
2013-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-23 08:16]
.
2013-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-23 08:16]
.
.
------- Bijkomende Scan -------
.
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - Microsoft Support
TCP: DhcpNameServer = 195.130.131.4 195.130.130.132
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2013-08-27 19:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-776561741-1972579041-1606980848-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'explorer.exe'(272)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
Voltooingstijd: 2013-08-27 19:57:56
ComboFix-quarantined-files.txt 2013-08-27 17:57
ComboFix2.txt 2013-08-27 15:55
.
Pre-Run: 72.035.700.736 bytes beschikbaar
Post-Run: 72.032.116.736 bytes beschikbaar
.
- - End Of File - - 8B28A2DE09E6272AA479720150BB4EF8
3051207086651214E435112E51817DC5
-
ComboFix 13-08-25.01 - Administrator 27/08/2013 17:49:35.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.712 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\DefaultTab\DefaultTab
c:\documents and settings\Administrator\DelDAF.tmp
c:\documents and settings\Default User\DelDAF.tmp
c:\windows\system32\config\systemprofile\DelDAF.tmp
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-07-27 to 2013-08-27 ))))))))))))))))))))))))))))))
.
.
2013-08-27 06:49 . 2013-08-27 06:50 -------- d-----w- C:\AdwCleaner
2013-08-26 15:58 . 2013-08-26 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2013-08-26 15:57 . 2013-08-26 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-08-26 15:57 . 2013-08-26 15:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-26 15:57 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-25 05:56 . 2013-08-26 16:28 -------- d-sh--w- c:\documents and settings\Administrator\Onlangs geopend
2013-08-14 06:34 . 2013-08-14 06:37 -------- d-----w- c:\windows\system32\MRT
2013-08-13 05:57 . 2013-08-13 05:57 -------- d-----w- c:\documents and settings\Administrator\Application Data\ElevatedDiagnostics
2013-08-06 08:02 . 2013-08-06 08:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\FixItCenter
2013-08-06 08:00 . 2013-08-06 08:00 -------- d-----w- c:\windows\MATS
2013-08-06 08:00 . 2013-08-06 08:00 -------- d-----w- c:\program files\Microsoft Fix it Center
2013-08-04 10:35 . 2013-08-04 10:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2013-08-02 05:55 . 2013-08-02 05:55 105 ----a-w- C:\prefs.js
2013-07-31 12:06 . 2013-07-31 12:06 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-07-31 12:05 . 2013-07-31 12:05 -------- d--h--w- c:\windows\system32\GroupPolicy
2013-07-31 12:05 . 2013-08-27 15:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\DefaultTab
2013-07-31 11:58 . 2013-07-31 11:58 -------- d-----w- c:\program files\VideoLAN
2013-07-30 09:27 . 2013-07-31 06:11 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-30 09:27 . 2013-07-31 06:11 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-29 12:29 . 2013-08-09 05:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\LavasoftStatistics
2013-07-29 12:29 . 2013-07-29 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Ad-Aware Antivirus
2013-07-29 12:24 . 2013-07-29 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2013-07-29 12:24 . 2013-07-29 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2013-07-29 12:23 . 2013-07-29 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\SecureSearch
2013-07-29 12:21 . 2013-07-29 12:21 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-07-29 12:21 . 2013-07-29 12:21 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-07-29 12:21 . 2013-07-31 05:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ad-Aware Antivirus
2013-07-29 06:33 . 2013-08-23 08:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Deployment
2013-07-29 06:32 . 2013-07-29 06:32 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2013-07-29 06:31 . 2013-07-29 06:31 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-26 11:24 . 2013-07-26 11:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-26 11:24 . 2013-07-26 11:24 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-26 11:24 . 2013-07-25 17:01 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-26 11:24 . 2013-07-26 11:24 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-26 02:49 . 2008-05-21 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:48 . 2008-05-21 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-07-26 02:48 . 2008-05-21 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-25 18:05 . 2013-07-25 18:05 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-25 18:05 . 2013-07-25 18:05 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-07-25 18:05 . 2013-07-25 18:05 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-25 17:26 . 2013-07-25 17:26 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2013-07-25 17:03 . 2013-07-25 17:03 55533 ----a-w- c:\windows\BricoPackUninst.cmd
2013-07-25 17:03 . 2013-07-25 17:02 6120 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2013-07-25 17:03 . 2008-05-21 12:00 219136 ----a-w- c:\windows\system32\uxtheme.dll
2013-07-25 17:01 . 2013-07-25 17:01 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-07-25 16:57 . 2013-07-25 17:06 86 ----a-w- c:\documents and settings\Administrator\DelDAF.bat
2013-07-25 16:57 . 2013-07-25 17:03 86 ----a-w- c:\windows\system32\config\systemprofile\DelDAF.bat
2013-07-25 16:57 . 2013-07-25 16:57 86 ----a-w- c:\documents and settings\Default User\DelDAF.bat
2013-07-25 15:58 . 2008-05-21 12:00 385024 ------w- c:\windows\system32\html.iec
2013-07-10 10:37 . 2008-05-21 12:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:33 . 2008-05-21 12:00 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33 . 2008-05-11 12:51 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-05 09:08 . 2008-05-21 12:00 1876864 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:22 . 2008-05-21 12:00 563200 ----a-w- c:\windows\system32\qedit.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-21 . 0667A612D847BD87667F3CB1FC4C0D6C . 979456 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-05-21 . 84FEBA228C626DA702A065C6B86FCB41 . 230912 . . [5.1.2600.5512] . . c:\windows\regedit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-09-24 7626752]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-09-24 86016]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-21 15360]
"VisualTaskTips"="c:\program files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 36352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"PackNoVs"="c:\windows\BricoPacks\Vista Inspirat 2\pack-it.exe" [2007-04-22 98304]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"SetVisualStyle"= c:\windows\Resources\Themes\Inspirat2\Inspirat2.msstyles
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkinClock]
2007-10-22 13:49 563519 ----a-w- c:\program files\Desktop Tray Clock\DTClock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 20:28 577536 ----a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips]
2007-09-05 09:20 36352 ----a-w- c:\program files\Utilities\VisualTaskTips\VisualTaskTips.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [25/07/2013 20:05 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [25/07/2013 20:05 175176]
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [29/07/2013 14:21 13560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25/07/2013 19:01 717296]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [26/07/2013 9:15 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25/07/2013 20:05 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25/07/2013 20:05 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/07/2013 20:05 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [25/07/2013 20:05 66336]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13/06/2011 22:09 267568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-23 08:17 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-30 06:11]
.
2013-08-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-07-25 08:58]
.
2013-08-27 c:\windows\Tasks\ConfigExec.job
- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]
.
2013-08-27 c:\windows\Tasks\DataUpload.job
- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 20:09]
.
2013-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-23 08:16]
.
2013-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-23 08:16]
.
.
------- Bijkomende Scan -------
.
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - Microsoft Support
TCP: DhcpNameServer = 195.130.131.4 195.130.130.132
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-Sidebar - c:\program files\Windows Sidebar\sidebar.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2013-08-27 17:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-776561741-1972579041-1606980848-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,52,6d,11,1b,e9,56,4c,be,8e,cc,\
.
Voltooingstijd: 2013-08-27 17:55:52
ComboFix-quarantined-files.txt 2013-08-27 15:55
.
Pre-Run: 72.163.799.040 bytes beschikbaar
Post-Run: 72.157.196.288 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - FE988590D860D40C51EF343FD8B418D7
3051207086651214E435112E51817DC5
combofix uitgevoerd
ik heb t probleem op zowel google chrome als internet explorer
-
ging weer vijf minuten goed , kon zelfs twee paginas opendoen maar na paar min was t weer raak
paginas die ni reageren shockwave player crash
-
oke kan al twee pagina s tegelijk opendoen nu maar na enkele min krijg ik alweer de melding dat shockwave player niet reageert of crasht
-
zal dit ook nog eens proberen , zelf gebruik ik google chrome
-
# AdwCleaner v3.001 - Report created 27/08/2013 at 08:49:58
# Updated 24/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - GOT2BE-1E926757
# Running from : C:\Documents and Settings\Administrator\Mijn documenten\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found C:\Documents and Settings\Administrator\Application Data\DefaultTab
Folder Found C:\Documents and Settings\Administrator\IECompatCache
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Softonic
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v
[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\Nstavc2y.Default\prefs.js ]
-\\ Google Chrome v29.0.1547.57
[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Found : homepage
*************************
AdwCleaner[R0].txt - [1180 octets] - [27/08/2013 08:49:58]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1240 octets] ##########
-
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download
Databaseversie: v2013.08.26.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: GOT2BE-1E926757 [administrator]
26/08/2013 18:02:49
mbam-log-2013-08-26 (18-02-49).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 196862
Verstreken tijd: 5 minuut/minuten, 17 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Data: 1 -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 1
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
alles gedaan , dacht even ja t gaat beter maar pagina s lopen gewoon continue vast
malware vond nog wel twee dingen die heb ik verwijderd
zal nog nieuw logje plaatsen
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:13:46, on 26/08/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\Desktop Tray Clock\DTClock.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Mijn documenten\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'Default user')
O4 - Global Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1374821167390
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5537 bytes
-
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:28:16, on 26/08/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\Desktop Tray Clock\DTClock.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Mijn documenten\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Global Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - Microsoft Support (file missing)
O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - Microsoft Support (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1374821167390
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5696 bytes
-
hallo
mijn internet werkt zo traag
pagina s willen niet laden of doen dit heel traag
shockwave player crasht
enz
gek word ik hier van
internet pagina s laden traag telenet
in Archief Internet & Netwerk
Geplaatst:
pc ondertussen vervangen hartstikke bedankt voor jullie hulp