hel22
-
Items
88 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door hel22
-
Het heet nochtans anti malware . Ik heb eens probeerd anvir te installeren en de pc werd helemaal gek dus daarom dat ik het vroeg...
-
Zal het niet conflicten met ashampoo?
-
Ik liet de shampoo antimalware de hele nacht lopen en de volgende morgen was het scherm zwart en bevroren en moest ik de pc herstarten.... Betekent dat, dat het probleem toch wel bij de computer zit? Ik moet broodnodig een backup maken...
-
Ok heb het probeerd met een derde programma, ook vastgelopen maar nu als het nog niet op c schijf was, maar op hp recovery. Iemand nog een idee? Wat ik raar vind is dat mijn ashampoo anti malware ook vast loopt?
-
ja, heb ik net gedaan en computer bevroor na 4 minuten... Ik probeer nu nog 1 programma en dan zou ik denken dat het de harddisk zelf is, nee?
-
OK, de probleem deed zich voor bij 12%, nu was ik tevreden te zien dat het bij 13% houd, maar spijtig genoeg bevroor de computer zich nog eens... Hoe kan men testen of het probleem zich bij de harddisk bevind? Ik zou het vreemd vinden omdat hij nieuw is?
-
Ik heb gekopieerd en toen ging het wel, het was dus wel die spatie mijn computer start nog altijd heeel traag op pfff. ik deed een antivirus scan (ashampoo) eerst om te zien om 'm weer staan blijft bij skype en na 93 min zag ik opeens het blue screen of death... ik weet niet wat er eigenlijk met de computer aan de hand is, kan het zijn dat het gewoon de ouderdom is? (nochtans maar 3 jaar) Ik zal de backup laten werken de hele nacht en we zullen zien of dat wel lukt...
-
mijn startmenu is in het Engels, wat is uitvoeren? run? deed ik maar hij vind niet. En als ik op de linkermuis druk op het combofix icon op mijn bureaublad, zie ik geen uninstall? ik zie niet hoe ik een post kan deleten. Het is gelukt
-
ik heb het nog niet probeerd, dat ik nu weer een backup doe? En is er een speciaal programma dat ik gebruik of is de windows backup ook ok? En Ashampoo vond vroeger een geinfecteerd bestand en de naam was firefox, was dat een vals alarm voor combifix? Of is er een probleem met firefox? Hij is ook niet zo stabiel, crasht veel enz... En... laatste vraag: Is alles nu ok met mijn computer? (log?)
-
ComboFix 11-09-19.01 - Rivky 19/09/2011 15:24:56.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3069.1733 [GMT 2:00] Running from: c:\users\Rivky\Desktop\ComboFix_2.exe Command switches used :: c:\users\Rivky\Desktop\CFScript.txt..txt AV: Ashampoo Anti-Malware *Disabled/Updated* {1586225C-B0F7-7A3E-FBB7-F15B3A4D2579} SP: Ashampoo Anti-Malware *Disabled/Updated* {AEE7C3B8-96CD-75B0-C107-CA2941CA6FC4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2011-08-19 to 2011-09-19 ))))))))))))))))))))))))))))))) . . 2011-09-19 13:37 . 2011-09-19 13:37 -------- d-----w- c:\users\Guest\AppData\Local\temp 2011-09-19 13:37 . 2011-09-19 13:37 -------- d-----w- c:\users\Gershey\AppData\Local\temp 2011-09-19 13:37 . 2011-09-19 13:37 -------- d-----w- c:\users\gasten\AppData\Local\temp 2011-09-19 13:37 . 2011-09-19 13:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-16 13:00 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{533FC25A-887C-4B45-A490-8D5174F3FE08}\mpengine.dll 2011-09-04 19:19 . 2011-09-04 19:19 -------- d-----w- c:\programdata\Playrix Entertainment 2011-09-04 10:30 . 2011-09-04 10:30 -------- d-----w- c:\program files\Playrix Entertainment 2011-09-01 09:22 . 2011-09-01 09:22 -------- d-----w- c:\program files\iPod 2011-08-31 16:10 . 2011-08-31 16:10 -------- d-----w- c:\users\Rivky\AppData\Roaming\Intel 2011-08-31 16:08 . 2011-08-31 16:08 -------- d-----w- c:\program files\Cisco 2011-08-31 16:08 . 2011-08-31 20:55 -------- d-----w- c:\program files\Common Files\Intel 2011-08-31 16:08 . 2011-08-31 16:08 -------- d-----w- c:\programdata\Intel 2011-08-30 20:54 . 2011-08-30 20:56 -------- d-----w- c:\programdata\Logishrd 2011-08-30 20:54 . 2011-08-30 20:55 -------- d-----w- c:\program files\Logitech 2011-08-30 20:51 . 2011-08-31 20:53 -------- d-----w- c:\program files\Common Files\LogiShrd 2011-08-30 20:51 . 2011-08-30 20:56 -------- d-----w- c:\users\Rivky\AppData\Roaming\Logitech 2011-08-30 20:51 . 2011-08-30 20:51 -------- d-----w- c:\users\Rivky\AppData\Roaming\Logishrd 2011-08-30 14:51 . 2011-08-31 20:53 -------- d-----w- c:\users\UpdatusUser 2011-08-30 14:48 . 2011-08-30 14:48 -------- d-----w- c:\programdata\NVIDIA Corporation 2011-08-30 14:42 . 2011-08-31 20:53 -------- d-----w- c:\program files\NVIDIA Corporation 2011-08-30 14:41 . 2011-08-30 14:41 -------- d-----w- C:\NVIDIA 2011-08-30 13:50 . 2011-08-30 13:50 -------- d-----w- c:\program files\Addition 2011-08-30 10:33 . 2011-08-30 10:36 -------- d-----w- C:\Drivers Backup 2011-08-30 10:30 . 2011-02-08 12:58 1882104 ----a-w- c:\windows\system32\Codejock.Controls.v15.0.1.ocx 2011-08-30 10:30 . 2005-01-12 09:19 456536 ----a-w- c:\windows\system32\XCEEDZIP.DLL 2011-08-30 10:30 . 2004-09-28 09:13 526184 ----a-w- c:\windows\system32\XceedCry.dll 2011-08-30 10:30 . 2004-08-11 13:55 110602 ----a-w- c:\windows\system32\xcdsfx32.bin 2011-08-30 10:30 . 2011-08-30 10:33 -------- d-----w- c:\program files\Driver Magician 2011-08-25 14:41 . 2011-07-09 04:30 2048 ----a-w- c:\windows\system32\tzres.dll 2011-08-23 21:26 . 2011-08-23 21:26 -------- d-----w- c:\program files\Hofmann 2011-08-23 21:11 . 2011-08-23 21:30 -------- d-----w- c:\users\Rivky\FOTO_com 2011-08-22 21:23 . 2011-08-22 21:23 -------- d-----w- C:\temp_petan 2011-08-22 17:21 . 2011-08-31 17:57 -------- d-----w- c:\users\Rivky\AppData\Roaming\petanDrive 2011-08-22 17:20 . 2011-08-22 17:21 -------- d-----w- c:\program files\PetanDrive . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-22 17:04 . 2011-05-20 07:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-26 10:22 . 2011-05-19 22:32 60528 ----a-w- c:\users\Rivky\AppData\Roaming\mdbu.bin 2011-07-22 02:54 . 2011-08-14 13:33 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-07-22 02:48 . 2011-08-14 13:33 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 02:44 . 2011-08-14 13:33 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-19 06:32 . 2011-07-19 06:32 95744 ----a-w- c:\windows\system32\drivers\dokan.sys 2011-07-19 06:32 . 2011-07-19 06:32 35840 ----a-w- c:\windows\system32\dokan.dll 2011-07-17 16:50 . 2011-07-17 16:50 388096 ----a-r- c:\users\Rivky\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-07-16 04:37 . 2011-08-13 23:06 169984 ----a-w- c:\windows\system32\winsrv.dll 2011-07-16 04:34 . 2011-08-13 23:06 290816 ----a-w- c:\windows\system32\KernelBase.dll 2011-07-16 04:31 . 2011-08-13 23:06 271360 ----a-w- c:\windows\system32\conhost.exe 2011-07-16 04:19 . 2011-08-13 23:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll 2011-07-09 02:26 . 2011-08-13 23:02 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-06-23 04:38 . 2011-08-13 23:03 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-06-23 04:38 . 2011-08-13 23:03 3902336 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-14 16:57 . 2011-07-22 07:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-03-02 16:23 68216 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-14 221184] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-03-17 3278232] "StartMenu7"="c:\program files\Start Menu 7\StartMenu7.exe" [2010-04-19 2919288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Ashampoo Anti-Malware Guard"="c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe" [2010-08-26 3314176] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32 . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk] backup=c:\windows\pss\HotSync Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Rivky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Rivky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk] path=c:\users\Rivky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk backup=c:\windows\pss\PdaNet Desktop.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastFoxUninstall] rmdir [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopIconToy] 2009-04-06 15:37 450560 ----a-w- c:\program files\Desktop Icon Toy\DesktopIconToy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] 2004-01-14 01:10 409600 ----a-w- c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2008-11-12 21:30 133104 ----atw- c:\users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-08-18 23:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaCie Backup] 2007-12-03 09:31 2600960 ----a-w- c:\program files\LaCie\Backup Software\LacieBackup.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay] 2007-11-01 16:42 554288 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "QlbCtrl.exe"=c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-12-01 717296] R2 AAMW_WSC_Service_Vista;Ashampoo Anti-Malware WSC Service;c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe [2010-03-02 52616] R2 DokanMounter;DokanMounter;c:\program files\PetanDrive\dokan\mounter.exe [2011-07-19 14848] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 20992] R3 a2acc;a2acc;c:\program files\MAMUTU\a2accx86.sys [x] R3 BCASPROT;Advanced System Protector;c:\program files\Systweak\Advanced System Protector\sasprot32.sys [x] R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480] R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys [2010-08-27 105344] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-21 1343400] S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592] S0 RVSDISK;RVSDISK;c:\windows\system32\Drivers\RVSDISK.sys [2008-12-30 11904] S0 RVSYSTEM;RVSYSTEM;c:\windows\system32\Drivers\RVSYSTEM.sys [2008-12-30 38272] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\QuickPlay\000.fcl [2008-04-23 39408] S2 AAMWService;Ashampoo Anti-Malware Service;c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [2011-08-17 1313184] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_08f19d3e5efcf526\aestsrv.exe [2008-02-12 73728] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2011-07-19 95744] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-03-17 86280] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2011-08-10 94880] S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [2011-03-16 32672] S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-03-26 341328] S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652] S3 AAMWRegFilter;AAMWRegFilter;c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_Regfilter32.sys [2010-01-20 18584] S3 ASW3Scan;ASW3Scan;c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_IFS32.sys [2010-06-16 17816] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-24 52736] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-08-06 44576] S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - AAMWREGFILTER . Contents of the 'Scheduled Tasks' folder . 2011-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169181582-1379610226-3118248491-1001Core.job - c:\users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-12 21:30] . 2011-09-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169181582-1379610226-3118248491-1001UA.job - c:\users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-12 21:30] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyServer = 127.0.0.1:8080 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Rivky\AppData\Roaming\Mozilla\Firefox\Profiles\nvl7tg9i.default\ FF - prefs.js: browser.search.selectedEngine - Secure Search FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - %profile%\extensions\mozilla_cc@internetdownloadmanager.com FF - Ext: Fierr: {2E481B23-66AC-313F-D6A8-A81DDDF26249} - %profile%\extensions\{2E481B23-66AC-313F-D6A8-A81DDDF26249} FF - Ext: Dr.Web anti-virus link checker: {6614d11d-d21d-b211-ae23-815234e1ebb5} - %profile%\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} FF - Ext: PlainOldFavorites: {7E7165E2-0767-448c-852F-5FA8714F2C37} - %profile%\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37} FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\Rivky\AppData\Roaming\IDM\idmmzcc3 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}] "ImagePath"="\??\c:\program files\HP\QuickPlay\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{16368eef-0022-4a81-a797-d5c597da3015}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000006a "Therad"=dword:00000018 . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):2f,41,ef,87,9b,37,82,a0,70,a7,cb,22,47,a9,99,8f,67,7f,dc,da,85, 67,57,eb,0f,0a,5e,aa,d4,4c,ef,d3,97,bf,af,50,98,42,74,49,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):23,ca,66,8f,9c,1c,5d,30,fe,6a,7a,18,a1,e5,b3,f6,04,16,2a,6e,41, 86,30,ba,23,6f,5c,42,cd,5b,40,bc,43,61,35,8b,0b,90,e0,79,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{d74196dd-2f44-458d-bb22-0afd0698ea17}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000016c "Therad"=dword:0000000f "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(4808) c:\program files\Start Menu 7\VistaStartMenu.dll c:\windows\system32\BsLangInDepRes.dll c:\windows\system32\Bs2Res.dll . Completion time: 2011-09-19 15:45:13 ComboFix-quarantined-files.txt 2011-09-19 13:45 ComboFix2.txt 2011-09-18 18:36 . Pre-Run: 32.869.945.344 bytes free Post-Run: 34.397.433.856 bytes free . - - End Of File - - B5CDCCBD9E9301E74E03514354C84833
-
Ik ben bezig het bovenvermelde te doen en ashampoo antimalware stopt het en zegt: Toegang gedetecteerd to een geinfecteerd bestand.Het geinfecteerd bestand word momenteel gekopieerd of in het geheugen geladen. Bestand:C:/32788R22FWJFW/explore.exe is geinfecteerd door: Heuristic.Dialer;Ras!A2 en vraagt wat ik wil doen? Ik laat het even zo en wacht op je antwoord? Bedankt
-
Wat is dat? Firefox? Wat moet ik nu juist doen?
-
Cc cleaner heeft nu nog restjes gevonden. Bij c/ program files heb ik de Skype map verwijdert. Hoe ziet het logje eruit?
-
ComboFix 11-09-18.01 - Rivky 18/09/2011 20:08:47.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3069.1415 [GMT 2:00] Running from: c:\users\Rivky\Documents\Downloads\Programs\ComboFix.exe AV: Ashampoo Anti-Malware *Disabled/Updated* {1586225C-B0F7-7A3E-FBB7-F15B3A4D2579} SP: Ashampoo Anti-Malware *Disabled/Updated* {AEE7C3B8-96CD-75B0-C107-CA2941CA6FC4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\apps c:\apps\wwpc\Free Sat TV.url c:\apps\wwpc\Get Google Pack.url c:\apps\wwpc\license.txt c:\apps\wwpc\Movie Downloads.url c:\apps\wwpc\Privacy Policy.url c:\apps\wwpc\readme.txt c:\apps\wwpc\unins000.dat c:\apps\wwpc\unins000.exe c:\apps\wwpc\Uninstall Instructions.txt c:\apps\wwpc\weight loss.url c:\apps\wwpc\WWPointsCalc.exe c:\program files\rnamfler c:\program files\rnamfler\naomf.exe c:\program files\rnamfler\radprlib.dll c:\users\Rivky\AppData\Local\ApplicationHistory c:\users\Rivky\AppData\Local\ApplicationHistory\LacieBackup.exe.c88ccb81.ini.inuse c:\users\Rivky\AppData\Roaming\.# c:\users\Rivky\AppData\Roaming\inst.exe c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf c:\windows\iun6002.exe D:\install.exe . . ((((((((((((((((((((((((( Files Created from 2011-08-18 to 2011-09-18 ))))))))))))))))))))))))))))))) . . 2011-09-18 18:32 . 2011-09-18 18:32 -------- d-----w- c:\users\Guest\AppData\Local\temp 2011-09-18 17:37 . 2011-09-18 17:37 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS 2011-09-16 13:00 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{533FC25A-887C-4B45-A490-8D5174F3FE08}\mpengine.dll 2011-09-04 19:19 . 2011-09-04 19:19 -------- d-----w- c:\programdata\Playrix Entertainment 2011-09-04 10:30 . 2011-09-04 10:30 -------- d-----w- c:\program files\Playrix Entertainment 2011-09-01 09:22 . 2011-09-01 09:22 -------- d-----w- c:\program files\iPod 2011-08-31 16:10 . 2011-08-31 16:10 -------- d-----w- c:\users\Rivky\AppData\Roaming\Intel 2011-08-31 16:08 . 2011-08-31 16:08 -------- d-----w- c:\program files\Cisco 2011-08-31 16:08 . 2011-08-31 20:55 -------- d-----w- c:\program files\Common Files\Intel 2011-08-31 16:08 . 2011-08-31 16:08 -------- d-----w- c:\programdata\Intel 2011-08-30 20:54 . 2011-08-30 20:56 -------- d-----w- c:\programdata\Logishrd 2011-08-30 20:54 . 2011-08-30 20:55 -------- d-----w- c:\program files\Logitech 2011-08-30 20:51 . 2011-08-31 20:53 -------- d-----w- c:\program files\Common Files\LogiShrd 2011-08-30 20:51 . 2011-08-30 20:56 -------- d-----w- c:\users\Rivky\AppData\Roaming\Logitech 2011-08-30 20:51 . 2011-08-30 20:51 -------- d-----w- c:\users\Rivky\AppData\Roaming\Logishrd 2011-08-30 14:51 . 2011-08-31 20:53 -------- d-----w- c:\users\UpdatusUser 2011-08-30 14:48 . 2011-08-30 14:48 -------- d-----w- c:\programdata\NVIDIA Corporation 2011-08-30 14:42 . 2011-08-31 20:53 -------- d-----w- c:\program files\NVIDIA Corporation 2011-08-30 14:41 . 2011-08-30 14:41 -------- d-----w- C:\NVIDIA 2011-08-30 13:50 . 2011-08-30 13:50 -------- d-----w- c:\program files\Addition 2011-08-30 10:33 . 2011-08-30 10:36 -------- d-----w- C:\Drivers Backup 2011-08-30 10:30 . 2011-02-08 12:58 1882104 ----a-w- c:\windows\system32\Codejock.Controls.v15.0.1.ocx 2011-08-30 10:30 . 2005-01-12 09:19 456536 ----a-w- c:\windows\system32\XCEEDZIP.DLL 2011-08-30 10:30 . 2004-09-28 09:13 526184 ----a-w- c:\windows\system32\XceedCry.dll 2011-08-30 10:30 . 2004-08-11 13:55 110602 ----a-w- c:\windows\system32\xcdsfx32.bin 2011-08-30 10:30 . 2011-08-30 10:33 -------- d-----w- c:\program files\Driver Magician 2011-08-25 14:41 . 2011-07-09 04:30 2048 ----a-w- c:\windows\system32\tzres.dll 2011-08-23 21:26 . 2011-08-23 21:26 -------- d-----w- c:\program files\Hofmann 2011-08-23 21:11 . 2011-08-23 21:30 -------- d-----w- c:\users\Rivky\FOTO_com 2011-08-22 21:23 . 2011-08-22 21:23 -------- d-----w- C:\temp_petan 2011-08-22 17:21 . 2011-08-31 17:57 -------- d-----w- c:\users\Rivky\AppData\Roaming\petanDrive 2011-08-22 17:20 . 2011-08-22 17:21 -------- d-----w- c:\program files\PetanDrive . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-22 17:04 . 2011-05-20 07:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-26 10:22 . 2011-05-19 22:32 60528 ----a-w- c:\users\Rivky\AppData\Roaming\mdbu.bin 2011-07-22 02:54 . 2011-08-14 13:33 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-07-22 02:48 . 2011-08-14 13:33 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 02:44 . 2011-08-14 13:33 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-19 06:32 . 2011-07-19 06:32 95744 ----a-w- c:\windows\system32\drivers\dokan.sys 2011-07-19 06:32 . 2011-07-19 06:32 35840 ----a-w- c:\windows\system32\dokan.dll 2011-07-17 16:50 . 2011-07-17 16:50 388096 ----a-r- c:\users\Rivky\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-07-16 04:37 . 2011-08-13 23:06 169984 ----a-w- c:\windows\system32\winsrv.dll 2011-07-16 04:34 . 2011-08-13 23:06 290816 ----a-w- c:\windows\system32\KernelBase.dll 2011-07-16 04:31 . 2011-08-13 23:06 271360 ----a-w- c:\windows\system32\conhost.exe 2011-07-16 04:19 . 2011-08-13 23:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 04:19 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 02:21 . 2011-08-13 23:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll 2011-07-09 02:26 . 2011-08-13 23:02 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-06-23 04:38 . 2011-08-13 23:03 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-06-23 04:38 . 2011-08-13 23:03 3902336 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-06-21 05:39 . 2011-08-13 23:02 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-04-14 16:57 . 2011-07-22 07:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-03-02 16:23 68216 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-14 221184] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-03-17 3278232] "StartMenu7"="c:\program files\Start Menu 7\StartMenu7.exe" [2010-04-19 2919288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Ashampoo Anti-Malware Guard"="c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe" [2010-08-26 3314176] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32 . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk] backup=c:\windows\pss\HotSync Manager.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Rivky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Rivky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk] path=c:\users\Rivky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk backup=c:\windows\pss\PdaNet Desktop.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastFoxUninstall] rmdir [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastFoxUninstall2] rmdir [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastFoxUninstall3] rmdir [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastFoxUninstall4] rmdir [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastFoxUninstall5] rmdir [X] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeechInk Transcription Alerter . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopIconToy] 2009-04-06 15:37 450560 ----a-w- c:\program files\Desktop Icon Toy\DesktopIconToy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] 2004-01-14 01:10 409600 ----a-w- c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2008-11-12 21:30 133104 ----atw- c:\users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-08-18 23:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaCie Backup] 2007-12-03 09:31 2600960 ----a-w- c:\program files\LaCie\Backup Software\LacieBackup.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay] 2007-11-01 16:42 554288 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "QlbCtrl.exe"=c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-12-01 717296] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 20992] R3 a2acc;a2acc;c:\program files\MAMUTU\a2accx86.sys [x] R3 BCASPROT;Advanced System Protector;c:\program files\Systweak\Advanced System Protector\sasprot32.sys [x] R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480] R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys [2010-08-27 105344] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-21 1343400] S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592] S0 RVSDISK;RVSDISK;c:\windows\system32\Drivers\RVSDISK.sys [2008-12-30 11904] S0 RVSYSTEM;RVSYSTEM;c:\windows\system32\Drivers\RVSYSTEM.sys [2008-12-30 38272] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\QuickPlay\000.fcl [2008-04-23 39408] S2 AAMW_WSC_Service_Vista;Ashampoo Anti-Malware WSC Service;c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe [2010-03-02 52616] S2 AAMWService;Ashampoo Anti-Malware Service;c:\program files\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [2011-08-17 1313184] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_08f19d3e5efcf526\aestsrv.exe [2008-02-12 73728] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2011-07-19 95744] S2 DokanMounter;DokanMounter;c:\program files\PetanDrive\dokan\mounter.exe [2011-07-19 14848] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-03-17 86280] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2011-08-10 94880] S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [2011-03-16 32672] S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-03-26 341328] S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-24 52736] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-08-06 44576] S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Other Services/Drivers In Memory --- . *Deregistered* - AAMWRegFilter . Contents of the 'Scheduled Tasks' folder . 2011-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169181582-1379610226-3118248491-1001Core.job - c:\users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-12 21:30] . 2011-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169181582-1379610226-3118248491-1001UA.job - c:\users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-12 21:30] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyServer = 127.0.0.1:8080 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Rivky\AppData\Roaming\Mozilla\Firefox\Profiles\nvl7tg9i.default\ FF - prefs.js: browser.search.selectedEngine - Secure Search FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - %profile%\extensions\mozilla_cc@internetdownloadmanager.com FF - Ext: Fierr: {2E481B23-66AC-313F-D6A8-A81DDDF26249} - %profile%\extensions\{2E481B23-66AC-313F-D6A8-A81DDDF26249} FF - Ext: Dr.Web anti-virus link checker: {6614d11d-d21d-b211-ae23-815234e1ebb5} - %profile%\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} FF - Ext: PlainOldFavorites: {7E7165E2-0767-448c-852F-5FA8714F2C37} - %profile%\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37} FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\Rivky\AppData\Roaming\IDM\idmmzcc3 . - - - - ORPHANS REMOVED - - - - . MSConfigStartUp-HotSync - c:\program files\PalmSource\Desktop\HotSync.exe AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe AddRemove-MostFun.com Games - Lex Venture: a Crossword Caper - c:\program files\MostFun\LexVentureaCrossword\Uninstall.exe AddRemove-Weight Watchers Points Calculator_is1 - c:\apps\wwpc\unins000.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}] "ImagePath"="\??\c:\program files\HP\QuickPlay\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{16368eef-0022-4a81-a797-d5c597da3015}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000006a "Therad"=dword:00000018 . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):2f,41,ef,87,9b,37,82,a0,70,a7,cb,22,47,a9,99,8f,67,7f,dc,da,85, 67,57,eb,0f,0a,5e,aa,d4,4c,ef,d3,97,bf,af,50,98,42,74,49,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):23,ca,66,8f,9c,1c,5d,30,fe,6a,7a,18,a1,e5,b3,f6,04,16,2a,6e,41, 86,30,ba,23,6f,5c,42,cd,5b,40,bc,43,61,35,8b,0b,90,e0,79,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-1169181582-1379610226-3118248491-1001_Classes\CLSID\{d74196dd-2f44-458d-bb22-0afd0698ea17}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000016c "Therad"=dword:0000000f "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-09-18 20:36:33 ComboFix-quarantined-files.txt 2011-09-18 18:36 . Pre-Run: 32.705.253.376 bytes free Post-Run: 32.634.490.880 bytes free . - - End Of File - - 8A76C9BAD82598324A7D6657B909F6F1 Het startte automatisch op nadat ik het geinstalleerd had... hopelijk is het in orde... (net daarvoor deed ik een anti virus scan en het vond 1 hoge risico maar toen bleef het haperen bij c://users/rivky/skype/mijn.naam/main.db (of zoiets) en skype is allang verwijderd uit mijn computer. Wat kan dat zijn? Dat lijkt het probleem te zijn, ook bij het backup maken.)
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:19:36, on 18/09/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Start Menu 7\StartMenu7.exe C:\Program Files\PetanDrive\petanDrive.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Rivky\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - België | Computers, laptops, servers, printers en meer R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - België | Computers, laptops, servers, printers en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Ashampoo Anti-Malware Guard] "C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [Google Update] "C:\Users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [startMenu7] "C:\Program Files\Start Menu 7\StartMenu7.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: PetanDrive.lnk = C:\Program Files\PetanDrive\petanDrive.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-il.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: Ashampoo Anti-Malware Service (AAMWService) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe O23 - Service: Ashampoo Anti-Malware WSC Service (AAMW_WSC_Service_Vista) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_08f19d3e5efcf526\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: DokanMounter - Unknown owner - C:\Program Files\PetanDrive\dokan\mounter.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 11427 bytes
-
Niemand??
-
Ok, hetzelfde probleem, na een tijdje vriest de Computer... De externe harde schijf is splinternieuw. Wat kan het probleem zijn? Ik heb een paar GB aan Video's op de harde schijf gezet zonder een probleem. Enig idee?
-
Bedankt, ik probeer het nu, hopelijk werkt het. Nu even een vraagje, als ik mijn Computer restore van deze backup, is dat inclusief al mijn programma's, videos en foto's enz? En ik heb een cd van Windows 7, is het genoeg of moet ik een nieuwe recovery cd aanmaken?
-
Ik heb net een nieuwe harddisk gekocht van Western digital. Ik wil een backup maken Van mijn computer want hij staat op sterven. Nu heb ik enkele malen geprobeerd en de computer loopt vast bij 12 percent bij Skype. Dus heb ik Skype verwijdert en de restjes verwijdert met cc cleaner. Dan nogeens probeerd en hij zit vast op: Skype/mijn.naam/main.db wat is dat? Hoe zit dat nog op de computer als ik alles van Skype heb verwijderd? En hoe weet ik of het probleem aan de harddisk zelf is of aan de computer?? Bedankt voor alle hulp die ik kan krijgen!
-
Neen, IE gaat beter, maar ik wil zeker beter firefox gebruiken wegens verschillende redenen. het automatisch opstarten bij aansluiting Iphone is aangevinkt bij Itunes en nog altijd gaat het niet (probleem zit misschien bij itunes?)
-
bedankt! Mozilla firefox start meestal heel langzaam op en itunes start niet meer automatisch op, zou dat nu moeten beteren? Had dat iets te doen met de fouten in het logje?
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:56:10, on 19/07/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - België | Computers, laptops, servers, printers en meer R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP - België | Computers, laptops, servers, printers en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Mamutu Guard] "C:\PROGRAM FILES\MAMUTU\mamutu.exe" /silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [startMenu7] "C:\Program Files\Start Menu 7\StartMenu7.exe" O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Google Update] "C:\Users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for iPhone\PdaNetPC.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-il.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_08f19d3e5efcf526\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mamutu Service (Mamutu) - Emsi Software GmbH - C:\Program Files\Mamutu\a2service.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 10263 bytes Ik denk dat er 2 dingen waren die nog altijd niet verwijderd zijn, maar het ging niet. Hopelijk is nu alles in orde...
-
huh? ik heb het nochtans aangevinkt en fix checked gedrukt?? en sorry, hoe doe ik dat in veilige modus en administrator?
-
Malwarebytes' Anti-Malware 1.51.1.1800 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Database version: 7190 Windows 6.1.7600 Internet Explorer 9.0.8112.16421 18/07/2011 16:13:07 mbam-log-2011-07-18 (16-13-07).txt Scan type: Quick scan Objects scanned: 228176 Time elapsed: 5 minute(s), 55 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) niets gevonden dus. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:22:47, on 18/07/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Mamutu\mamutu.exe C:\Program Files\Start Menu 7\StartMenu7.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\PdaNet for iPhone\PdaNetPC.exe C:\Windows\system32\taskhost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10q_ActiveX.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Rivky\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files\Alawar\Froggys Adventures\Froggy.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_be&c=83&bd=Pavilion&pf=cnnb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_be&c=83&bd=Pavilion&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: (no name) - Disabled:{3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file) O2 - BHO: (no name) - Disabled:{5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - Disabled:{893e8c4f-0fdd-4166-82d7-74801772cf6e} - (no file) O2 - BHO: (no name) - Disabled:{9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file) O2 - BHO: (no name) - Disabled:{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file) O2 - BHO: (no name) - Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O2 - BHO: (no name) - Disabled:{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: (no name) - {120A8821-2BEE-4C29-BCDA-62C577781992} - (no file) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Mamutu Guard] "C:\PROGRAM FILES\MAMUTU\mamutu.exe" /silent O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [startMenu7] "C:\Program Files\Start Menu 7\StartMenu7.exe" O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Google Update] "C:\Users\Rivky\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for iPhone\PdaNetPC.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-il.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_08f19d3e5efcf526\aestsrv.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mamutu Service (Mamutu) - Emsi Software GmbH - C:\Program Files\Mamutu\a2service.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 12000 bytes Is alles in orde nu?
-
mijn computer staat in het Engels, uitvoeren is RUN?
