Myriad01
-
Items
69 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Myriad01
-
HJT'tje ('t beestje is weer traag...)
Myriad01 reageerde op Myriad01's topic in Archief Bestrijding malware & virussen
Doe ik. Bedankt voor je geduld hé Kape -
HJT'tje ('t beestje is weer traag...)
Myriad01 reageerde op Myriad01's topic in Archief Bestrijding malware & virussen
Dag kape, Ik word gestoord van die Kaspersky. Dat duurt uuuuuren en ondertussen werkt er niets anders meer. Ik doe het er zo wel mee. Nog een vraagje over video content op de BBC. Die filmpjes laden niet (verder geen problemen met filmpjes op andere sites, alleen de BBC doet het niet). Enig idee? En moet ik hier een nieuwe thread voor openen? -
HJT'tje ('t beestje is weer traag...)
Myriad01 reageerde op Myriad01's topic in Archief Bestrijding malware & virussen
Hier het ccleaner logje kape. Misschien ben ik gewoon te snel ipv dat ding hier te traag... En 't wordt er niet beter op (iets typen = vaak 8 sec. wachten tot het verschijnt). Enig idee wat het probleem zou kunnen zijn met de filmpjes van de BBC die maar blijven laden en niet afspelen? Dat vind ik als nieuwsjunk nl. nog veel erger (lijkt site-gebonden...) Bedankt overigens voor je snelle reactie! M. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Windows.Forms.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Drawing.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.EnterpriseServices.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscorlib.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscoree.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.JScript.tlb"=dword:00001000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls] "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.tlb"=dword:00001000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.Trashes] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.Trashes\OpenWithList] [HKEY_CLASSES_ROOT\acrobat\DefaultIcon] @"="C:\\Program Files\\Adobe\\Reader 9.0\\Acrobat\\AcroRd32.exe" [HKEY_CLASSES_ROOT\CLSID\{5C4C8078-24CF-4c71-B05E-8B1D935DB5AC}] @"="" [HKEY_CLASSES_ROOT\CLSID\{5C4C8078-24CF-4c71-B05E-8B1D935DB5AC}\LocalServer32] @"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\"" [HKEY_CLASSES_ROOT\CLSID\{762DAFB9-15BD-4b41-B919-F3D5023D1E78}] @"="" [HKEY_CLASSES_ROOT\CLSID\{762DAFB9-15BD-4b41-B919-F3D5023D1E78}\LocalServer32] @"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\"" [HKEY_CLASSES_ROOT\CLSID\{A3E84F97-4A68-4e42-9976-DA8DF946B571}] @"="" [HKEY_CLASSES_ROOT\CLSID\{A3E84F97-4A68-4e42-9976-DA8DF946B571}\LocalServer32] @"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\"" [HKEY_CLASSES_ROOT\CLSID\{AB1D8565-40E9-4616-984D-98465687E82C}] @"="" [HKEY_CLASSES_ROOT\CLSID\{AB1D8565-40E9-4616-984D-98465687E82C}\InProcServer32] @"="C:\\Program Files\\Messenger\\msgsc.dll" "ThreadingModel"="Apartment" [HKEY_CLASSES_ROOT\CLSID\{AB1D8565-40E9-4616-984D-98465687E82C}\LocalServer32] @"="\"C:\\Program Files\\Messenger\\msmsgs.exe\"" [HKEY_CLASSES_ROOT\CLSID\{AB1D8565-40E9-4616-984D-98465687E82C}\ProgID] @"="MessengerPrivate.MessengerPriv.1" [HKEY_CLASSES_ROOT\CLSID\{AB1D8565-40E9-4616-984D-98465687E82C}\Programmable] @"="" [HKEY_CLASSES_ROOT\CLSID\{AB1D8565-40E9-4616-984D-98465687E82C}\TypeLib] @"="{53CED51D-432B-45B2-A3E0-0CE2C24235D4}" [HKEY_CLASSES_ROOT\CLSID\{AB1D8565-40E9-4616-984D-98465687E82C}\Version] @"="1.0" [HKEY_CLASSES_ROOT\CLSID\{B69003B3-C55E-4b48-836C-BC5946FC3B28}] @"="" [HKEY_CLASSES_ROOT\CLSID\{B69003B3-C55E-4b48-836C-BC5946FC3B28}\InProcServer32] @"="C:\\Program Files\\Messenger\\msgsc.dll" "ThreadingModel"="Apartment" [HKEY_CLASSES_ROOT\CLSID\{B69003B3-C55E-4b48-836C-BC5946FC3B28}\LocalServer32] @"="\"C:\\Program Files\\Messenger\\msmsgs.exe\"" [HKEY_CLASSES_ROOT\CLSID\{B69003B3-C55E-4b48-836C-BC5946FC3B28}\ProgID] @"="Messenger.UIAutomation.1" [HKEY_CLASSES_ROOT\CLSID\{B69003B3-C55E-4b48-836C-BC5946FC3B28}\Programmable] @"="" [HKEY_CLASSES_ROOT\CLSID\{B69003B3-C55E-4b48-836C-BC5946FC3B28}\TypeLib] @"="{E02AD29E-80F5-46C6-B416-9B3EBDDF057E}" [HKEY_CLASSES_ROOT\CLSID\{B69003B3-C55E-4b48-836C-BC5946FC3B28}\Version] @"="1.0" [HKEY_CLASSES_ROOT\CLSID\{FB7199AB-79BF-11d2-8D94-0000F875C541}] @"="" [HKEY_CLASSES_ROOT\CLSID\{FB7199AB-79BF-11d2-8D94-0000F875C541}\InProcServer32] @"="C:\\Program Files\\Messenger\\msgsc.dll" "ThreadingModel"="Apartment" [HKEY_CLASSES_ROOT\CLSID\{FB7199AB-79BF-11d2-8D94-0000F875C541}\LocalServer32] @"="\"C:\\Program Files\\Messenger\\msmsgs.exe\"" [HKEY_CLASSES_ROOT\CLSID\{FB7199AB-79BF-11d2-8D94-0000F875C541}\ProgID] @"="Messenger.MessengerApp.1" [HKEY_CLASSES_ROOT\CLSID\{FB7199AB-79BF-11d2-8D94-0000F875C541}\Programmable] @"="" [HKEY_CLASSES_ROOT\CLSID\{FB7199AB-79BF-11d2-8D94-0000F875C541}\Version] @"="1.0" [HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}] @"="ISearch" [HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}\ProxyStubClsid] @"="{00020424-0000-0000-C000-000000000046}" [HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}\ProxyStubClsid32] @"="{00020424-0000-0000-C000-000000000046}" [HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}\TypeLib] @"="{47A7A4B0-2723-41BA-865E-EBBB7081A602}" "Version"="1.0" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\WORDPAD.EXE] @"=hex(2):22,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,\ 00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,\ 4e,00,54,00,5c,00,41,00,63,00,63,00,65,00,73,00,73,00,6f,00,72,00,69,00,65,\ 00,73,00,5c,00,57,00,4f,00,52,00,44,00,50,00,41,00,44,00,2e,00,45,00,58,00,\ 45,00,22,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\fr\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\it\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\de\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\es\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\zh-Hans\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\zh-Hant\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\ja\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files\\Microsoft Silverlight\\3.0.50106.0\\ko\\"="" [HKEY_CURRENT_USER\Software\Wget] [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\DOCUME~1\\Kris\\LOCALS~1\\Temp\\A~NSISu_.exe"="A~NSISu_" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\Documents and Settings\\Kris\\Bureau\\ComboFix.exe"="ComboFix" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\32788R22FWJFW\\iexplore.exe"="NirCmd" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\32788R22FWJFW\\hidec.exe"="hidec" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\32788R22FWJFW\\n.pif"="NirCmd" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\32788R22FWJFW\\nircmd.cfxxe"="NirCmd" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\WINDOWS\\NIRCMD.exe"="NirCmd" -
HJT'tje ('t beestje is weer traag...)
Myriad01 reageerde op Myriad01's topic in Archief Bestrijding malware & virussen
bedankt eendje. Heb de kit gedownload. In één van de linkjes van Wabbit wordt er aan dezelfde kit gerefereerd. Ziet er goed uit! Heb inmiddels ook een web developer toolbar (hoewel het vooralsnog chinees is) :-D Morgen echt aan de slag! Dank voor jullie input! M. -
HJT'tje ('t beestje is weer traag...)
Myriad01 reageerde op Myriad01's topic in Archief Bestrijding malware & virussen
Hey kape, Hier is 'ie. ComboFix 10-08-14.02 - Kris 15/08/2010 15:26:15.3.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.32.1036.18.1014.325 [GMT 2:00] Gestart vanuit: c:\documents and settings\Kris\Bureau\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Sygate Personal Firewall *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-15 to 2010-08-15 )))))))))))))))))))))))))))))) . 2010-08-13 09:31 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-13 09:31 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-13 09:31 . 2010-08-13 09:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-13 08:19 . 2010-08-13 08:19 -------- d-----w- c:\program files\ConvertHelper 2010-08-12 12:10 . 2010-08-11 23:52 85464 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll 2010-08-12 12:10 . 2010-08-11 23:52 38872 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINCE\components\WeaveCrypto.dll 2010-08-10 18:26 . 2010-08-10 20:02 -------- d-----w- c:\documents and settings\Kris\Application Data\vlc 2010-08-07 14:40 . 2010-08-07 14:40 9251928 ----a-w- c:\program files\Firefox Setup 3.6.8.exe 2010-08-07 11:40 . 2010-08-02 17:44 225416 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\optout@dubfire.net\lib\WINNT\ff3\AbineComponent.dll 2010-07-19 15:50 . 2010-07-19 15:50 -------- d-----w- c:\program files\Defraggler 2010-07-19 14:43 . 2010-07-19 14:43 -------- d-----w- c:\program files\CodeStuff 2010-07-19 14:39 . 2010-07-19 14:39 680340 ----a-w- c:\program files\StarterSetup.zip . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-15 13:31 . 2009-04-22 17:20 -------- d-----w- c:\documents and settings\Kris\Application Data\Skype 2010-08-15 13:19 . 2010-07-14 11:21 -------- d-----w- c:\documents and settings\Kris\Application Data\Abine 2010-08-15 09:19 . 2009-04-22 17:24 -------- d-----w- c:\documents and settings\Kris\Application Data\skypePM 2010-08-13 08:36 . 2009-06-22 13:59 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-08-12 16:37 . 2009-04-26 12:57 -------- d-----w- c:\program files\pdf995 2010-08-11 03:05 . 2009-02-12 19:30 80810 ----a-w- c:\windows\system32\perfc00C.dat 2010-08-11 03:05 . 2009-02-12 19:30 500746 ----a-w- c:\windows\system32\perfh00C.dat 2010-08-07 18:33 . 2009-05-05 11:31 -------- d-----w- c:\program files\Windows Live 2010-08-06 14:26 . 2010-01-10 11:52 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-07-25 09:37 . 2010-01-23 14:40 -------- d-----w- c:\program files\AquaforumUploader 2010-07-24 10:44 . 2009-04-23 10:38 -------- d-----w- c:\program files\Microsoft Silverlight 2010-07-19 15:22 . 2009-08-29 12:45 -------- d-----w- c:\program files\CCleaner 2010-07-15 22:20 . 2010-07-15 22:20 -------- d-----w- c:\program files\Fichiers communs\Skype 2010-07-15 11:06 . 2009-07-22 17:08 -------- d-----w- c:\program files\Alwil Software 2010-07-15 11:04 . 2010-07-15 11:04 -------- dc----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-07-14 17:21 . 2010-07-14 17:21 388096 ----a-r- c:\documents and settings\Kris\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-06-30 12:32 . 2009-02-12 19:30 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-28 20:57 . 2010-07-15 11:04 38848 ----a-w- c:\windows\avastSS.scr 2010-06-28 20:57 . 2009-07-22 17:08 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-06-28 20:37 . 2009-07-22 17:10 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-06-28 20:37 . 2009-07-22 17:10 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-06-28 20:33 . 2009-07-22 17:10 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-06-28 20:32 . 2009-07-22 17:10 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-06-28 20:32 . 2009-07-22 17:10 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-06-28 20:32 . 2009-07-22 17:10 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-06-28 20:32 . 2009-07-22 17:10 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-06-24 12:25 . 2009-02-12 19:30 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2009-02-12 19:30 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2009-02-12 19:30 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2009-02-12 19:30 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2009-02-12 11:49 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 10:08 . 2010-07-14 11:21 545280 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2010-06-14 10:08 . 2010-07-14 11:21 4687360 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\cooliris192.dll 2010-06-14 10:08 . 2010-07-14 11:21 103424 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2010-06-14 10:08 . 2010-07-14 11:21 425984 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2010-06-14 10:08 . 2010-07-14 11:21 152064 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2010-06-14 10:08 . 2010-07-14 11:21 57856 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\components\coolirisstub.dll 2010-06-14 10:08 . 2010-07-14 11:21 4687872 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\cooliris190.dll 2010-06-14 07:42 . 2009-02-12 19:30 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-11 14:51 . 2010-06-11 14:51 3055600 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll 2010-06-11 14:36 . 2010-06-11 14:36 275952 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\plugins\npgoogletalk.dll 2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr 2010-01-23 14:38 . 2010-01-23 14:38 3848169 ----a-w- c:\program files\setupAquaforumUpload.exe 2010-01-19 14:24 . 2010-01-19 14:24 513115 ----a-w- c:\program files\FindyKill.exe 2009-06-28 12:39 . 2009-06-28 12:39 8513560 ----a-w- c:\program files\Easy_Display_Manager2.2.10.1.zip . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-21 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-20 659456] "BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-10-20 2768896] "DMHotKey"="c:\program files\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944] "SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Documents and Settings\\Kris\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\Kris\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22/07/2009 19:10 165456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/07/2009 19:10 17744] R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [12/02/2009 13:55 4300] R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [14/01/2008 20:01 30208] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14/01/2010 17:44 135664] S2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [12/02/2009 21:30 14336] S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [01/08/2006 16:57 19840] S3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\Drivers\VMC326.sys --> c:\windows\system32\Drivers\VMC326.sys [?] . Inhoud van de 'Gedeelde Taken' map 2010-08-15 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 18:56] 2010-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 15:36] 2010-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 15:36] 2010-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2104426745-3539394545-3420655605-1005Core.job - c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-14 09:30] 2010-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2104426745-3539394545-3420655605-1005UA.job - c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-14 09:30] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be FF - prefs.js: network.proxy.type - 2 FF - component: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll FF - component: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\optout@dubfire.net\lib\WINNT\ff3\AbineComponent.dll FF - component: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - plugin: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\documents and settings\Kris\Application Data\Mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\Kris\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-15 15:31 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant] "ImagePath"="" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(740) c:\windows\system32\igfxdev.dll - - - - - - - > 'explorer.exe'(2964) c:\windows\system32\mshtml.dll c:\windows\system32\msls31.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-08-15 15:34:19 ComboFix-quarantined-files.txt 2010-08-15 13:34 ComboFix2.txt 2010-07-19 09:15 Pre-Run: 59 004 526 592 octets libres Post-Run: 59 087 421 440 octets libres - - End Of File - - BBAADD20E7C397058EF549D164F25A78 ---------- Post toegevoegd om 15:42 ---------- Vorige post was om 15:39 ---------- Hey Wabbit, Ze smijten ermee naar je kop, ik weet het. Vandaar mijn vraag naar een GOEDE cursus (als leek kan ik de kwaliteit van die cursussen nl. niet beoordelen). Bedankt voor de linkjes! ---------- Post toegevoegd om 15:44 ---------- Vorige post was om 15:42 ---------- Hey you, Bedankt voor de link. Ben momenteel in een cursus van de VDAB bezig maar dat is plain text. Zelf wat prutsen lijkt me wel een goed plan! Cheers, M. -
HJT'tje ('t beestje is weer traag...)
Myriad01 reageerde op Myriad01's topic in Archief Bestrijding malware & virussen
Deze stond niet meer in de hjt: O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) In de mbam geen "bekijk resultaten" knopje gezien. Ook niks aan te vinken en niks te herstarten :-/ Hier is het logje: Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 4424 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 13/08/2010 11:50:35 mbam-log-2010-08-13 (11-50-35).txt Scantype: Snelle scan Objecten gescand: 137828 Verstreken tijd: 9 minuut/minuten, 18 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Nieuwe hjt log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:55:27, on 15/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240481136234 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 7479 bytes Ik weet niet of je hier iets mee kan. Filmpjes van de BBC stoppen niet met laden (kan dus niets bekijken) maar die van youtube doen het dan weer wel. Iemand een idee?? Groet, Myriad. -
HJT'tje ('t beestje is weer traag...)
Myriad01 plaatste een topic in Archief Bestrijding malware & virussen
Hallo, Kan er nog iemand even kijken aub? P.S. Ben tevens ook op zoek naar een goed boek om html te leren (from scratch). Iemand een suggestie? Groeten, M. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:43:35, on 07/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Startup: CodeStuff Starter O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240481136234 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 7361 bytes -
Bedankt kape, Hij doet het stukken beter nu! M.
-
Hier het ComboFix logje: ComboFix 10-07-16.02 - Kris 19/07/2010 11:06:02.2.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.32.1036.18.1014.360 [GMT 2:00] Gestart vanuit: c:\documents and settings\Kris\Bureau\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Sygate Personal Firewall *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\SEC c:\windows\SEC\DelMt.cmd c:\windows\SEC\JRE150.exe c:\windows\SEC\Marker.exe c:\windows\SEC\MEMIO.sys c:\windows\SEC\MEMIO.vxd c:\windows\SEC\MP10FRN.exe c:\windows\SEC\SECINSTALL.EXE c:\windows\SEC\SECINSTALL.INI c:\windows\SEC\StartMem.exe . (((((((((((((((((((( Bestanden Gemaakt van 2010-06-19 to 2010-07-19 )))))))))))))))))))))))))))))) . 2010-07-18 20:10 . 2010-07-15 19:26 85464 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll 2010-07-18 20:10 . 2010-07-15 19:26 38872 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINCE\components\WeaveCrypto.dll 2010-07-15 22:20 . 2010-07-15 22:20 -------- d-----w- c:\program files\Fichiers communs\Skype 2010-07-15 11:04 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr 2010-07-15 11:04 . 2010-07-15 11:04 -------- dc----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-07-14 17:21 . 2010-07-14 17:21 388096 ----a-r- c:\documents and settings\Kris\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-07-14 17:05 . 2010-07-14 17:05 9264008 ----a-w- c:\program files\Firefox Setup 3.6.6.exe 2010-07-14 16:41 . 2010-07-14 17:23 -------- dc----w- C:\HJT 2010-07-14 11:41 . 2010-07-14 11:41 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2010-07-14 11:41 . 2010-07-14 11:41 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache 2010-07-14 11:21 . 2010-07-19 09:11 -------- d-----w- c:\documents and settings\Kris\Application Data\Abine 2010-07-14 11:21 . 2010-06-18 14:48 535176 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\optout@dubfire.net\lib\WINNT\ff3\AbineComponent.dll 2010-07-14 11:21 . 2010-06-14 10:08 545280 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2010-07-14 11:21 . 2010-06-14 10:08 4687360 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\cooliris192.dll 2010-07-14 11:21 . 2010-06-14 10:08 103424 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2010-07-14 11:21 . 2010-06-14 10:08 57856 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\components\coolirisstub.dll 2010-07-14 11:21 . 2010-06-14 10:08 4687872 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\cooliris190.dll 2010-07-14 11:21 . 2010-06-14 10:08 425984 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2010-07-14 11:21 . 2010-06-14 10:08 152064 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2010-07-14 11:15 . 2010-05-06 10:33 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-07-14 11:11 . 2010-07-14 11:15 49513448 ----a-w- c:\program files\setup_av_free_fre.exe 2010-07-14 11:09 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-19 08:51 . 2009-04-22 17:20 -------- d-----w- c:\documents and settings\Kris\Application Data\Skype 2010-07-19 08:17 . 2009-04-22 17:24 -------- d-----w- c:\documents and settings\Kris\Application Data\skypePM 2010-07-15 11:06 . 2009-07-22 17:08 -------- d-----w- c:\program files\Alwil Software 2010-07-14 12:23 . 2009-02-12 19:30 80810 ----a-w- c:\windows\system32\perfc00C.dat 2010-07-14 12:23 . 2009-02-12 19:30 500746 ----a-w- c:\windows\system32\perfh00C.dat 2010-06-28 20:57 . 2009-07-22 17:08 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-06-28 20:37 . 2009-07-22 17:10 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-06-28 20:37 . 2009-07-22 17:10 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-06-28 20:33 . 2009-07-22 17:10 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-06-28 20:32 . 2009-07-22 17:10 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-06-28 20:32 . 2009-07-22 17:10 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-06-28 20:32 . 2009-07-22 17:10 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-06-28 20:32 . 2009-07-22 17:10 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-06-14 14:31 . 2009-02-12 11:49 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-05-06 10:33 . 2009-02-12 19:30 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 08:08 . 2009-02-12 19:30 1851392 ----a-w- c:\windows\system32\win32k.sys 2010-01-25 23:26 . 2010-01-25 23:25 9001872 ----a-w- c:\program files\Firefox Setup 3.6.exe 2010-01-23 14:38 . 2010-01-23 14:38 3848169 ----a-w- c:\program files\setupAquaforumUpload.exe 2010-01-19 14:24 . 2010-01-19 14:24 513115 ----a-w- c:\program files\FindyKill.exe 2009-07-27 10:37 . 2009-07-27 10:37 66188 ----a-w- c:\program files\Firewalls - MozillaZine Knowledge Base.htm 2009-06-28 12:39 . 2009-06-28 12:39 8513560 ----a-w- c:\program files\Easy_Display_Manager2.2.10.1.zip . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-14 133104] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-21 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456] "EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-20 659456] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480] "BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-10-20 2768896] "DMHotKey"="c:\program files\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944] "SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-01-17 122880] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Documents and Settings\\Kris\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\Kris\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22/07/2009 19:10 165456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/07/2009 19:10 17744] R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [12/02/2009 13:55 4300] R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [14/01/2008 20:01 30208] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14/01/2010 17:44 135664] S2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [12/02/2009 21:30 14336] S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [01/08/2006 16:57 19840] S3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\Drivers\VMC326.sys --> c:\windows\system32\Drivers\VMC326.sys [?] . Inhoud van de 'Gedeelde Taken' map 2010-07-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 18:56] 2010-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 15:36] 2010-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 15:36] 2010-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2104426745-3539394545-3420655605-1005Core.job - c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-14 09:30] 2010-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2104426745-3539394545-3420655605-1005UA.job - c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-14 09:30] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/|Ecosia FF - prefs.js: network.proxy.type - 2 FF - component: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll FF - component: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\optout@dubfire.net\lib\WINNT\ff3\AbineComponent.dll FF - component: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - plugin: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\documents and settings\Kris\Application Data\Mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant] "ImagePath"="" . Voltooingstijd: 2010-07-19 11:15:29 ComboFix-quarantined-files.txt 2010-07-19 09:15 ComboFix2.txt 2010-01-17 12:43 Pre-Run: 63 289 470 976 octets libres Post-Run: 63 393 529 856 octets libres - - End Of File - - C65859DBD72F1EFECD1B7552E3D4ACC2
-
Dag Kape, Hij is nogal ondernemend. 't Zit in de familie Bedankt voor het nakijken! Kan ik nog iets doen aan de trage opstart en het traag laden van afbeeldingen?
-
Hallo, Mijn laptop is 3,5 maand op reis geweest en net terug. Ik zou graag weten in welke staat hij verkeert Is het mogelijk de HJT-log even na te kijken aub? Erg bedankt! Myriad. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:23:53, on 14/07/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Pagina niet gevonden | Facebook O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240481136234 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 8208 bytes
-
nieuwe laptop aankopen, graag advies
Myriad01 reageerde op Myriad01's topic in Archief Aan- en verkoopadvies
Dank voor de suggesties stegi. Ik bekijk ze allemaal eens op 't gemak. -
nieuwe laptop aankopen, graag advies
Myriad01 reageerde op Myriad01's topic in Archief Aan- en verkoopadvies
Ik betwijfel of ik via het werk aan een laptop kan geraken maar ik zal het zeker navragen. Ik zoek de Dell even op en vergelijk met de Asus van stegisoft. Bedankt voor de suggestie! ---------- Post toegevoegd om 12:10 ---------- Vorige post was om 12:03 ---------- Weet je een laptop die +/- dezelfde dingen aankan, kwalitatief even goed is maar kleiner? De sprong van 26cm. naar 42cm. is wel enorm (hoewel ik weet dat je daar erg snel aan went). Ik heb mijn netbook gekocht omdat ik regelmatig op stap ben met de rugzak en dit een droomformaat (26 X 19) is om overal mee te nemen. Laptop thuis laten is natuurlijk ook een optie -
nieuwe laptop aankopen, graag advies
Myriad01 reageerde op Myriad01's topic in Archief Aan- en verkoopadvies
Heb een beperkt budget (momenteel valt nog niet exact te zeggen hoeveel) dus laten we zeggen ergens bij de betaalbaren onder de degelijke laptops. Ik weet dat ik vaag ben maar kan er geen bedrag op plakken voorlopig (hangt van m'n loon af - wat ik niet weet want 't is een nieuwe job). Er is mogelijk wel wat speelruimte dus je mag iets voorstellen in verschillende prijscategorieën als je wil (dan kan ik op het einde van de maand zien wat kan en wat niet). Ik heb nu een 10 inch dus een 15 inch lijkt me prima. Klavier inderdaad graag geïntegreerd. Muchos gracias! -
Hallo, Naar 't schijnt kan ik hier terecht voor advies betr. aankoop van een nieuwe laptop. Momenteel heb ik een Samsung netbook (NC10) waar ik redelijk veel problemen mee heb. Ben het allemaal een beetje beu dus ipv hem binnen te doen voor herstelling wil ik een nieuw machientje kopen en dit keer een laptop. Hier dingen die ik wil (kunnen doen): - DVD's kijken (geen fims downloaden) - intensief surfen (scherm of 8 open) - muziek downloaden (geen massa's) - 3 USB-poorten - geïntegreerde webcam (voor zover dat al niet standaard is) - skypen zonder probleem - youtube ea. filmpjes kijken zonder probleem - niet te groot want wil hem makkelijk kunnen meenemen - goede prijs kwaliteit verhouding Ben een leek dus lijstje ziet er misschien wat raar uit maar indien iemand iets kan adviseren hoor ik het graag!
-
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Aflossing van de wacht zie ik Het is een netbook en de XP zat er gewoon op... Heb niet van in het begin problemen. De eerste 7 maanden ging het prima. Het enige wat ik ermee doe is intensief surfen (en skypen). Verder niks. Geen muziek of films downloaden ed. Ik denk wel iets anders te kopen. (als je iets kan aanraden wat betaalbaar is mag je me altijd pm'en) Bedankt voor alle moeite, jullie 2. Ik zal het topic sluiten dan. -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Heb opgeruimd maar helaas ook update over mijn initieel probleem... Mijn netbook heeft zich 2à3 dagen (redelijk) keurig gedragen maar loopt inmiddels weer regelmatig vast (= meerdere keren op een avond). Weet niet hoe of wat. In ieder geval went het wel (net als alle andere eigenaardigheden van 't beestje). Ik weet niet of je nog iets kan bedenken. Als je 't beu bent of te druk hebt is 't ook goed want heb hier een vervang-laptop staan voor in geval het te erg uit de hand zou lopen. (ik zou zo graag op dat 'opgelost' knopje klikken - vooral voor jou dan - maar ik wacht nog heel even) :-D -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Hey kape, Het ziet er goed uit! Is maar één keer vastgelopen sinds je interventie Wel erg traag bij momenten (typen en de lettertjes pas later zien verschijnen) maar misschien stond er teveel open tegelijkertijd. -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Ik hou je op de hoogte. Was niet veel online (en morgen ook niet). Wordt vervolgd -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Eerst dit: Récupération Active Desktop Microsoft Windows a rencontré une erreur inattendue. Par précaution, votre Active Desktop a été désactivé. Pour restaurer Active Desktop, utilisez les conseils de résolutions de problèmes suivants : Votre navigateur s'est-il arrêté de fonctionner, ou avez-vous redémarré votre ordinateur sans l'avoir d'abord éteint ? Si c'est le cas, cliquez sur : restore active desktop Avez-vous récemment changé votre arrière-plan à votre page Web ? Si c'est le cas : 1. Cliquez avec le bouton droit de la souris sur le Bureau, puis cliquez sur Propriétés. 2. Sur l'onglet Bureau, sous Arrière-plan, cliquez sur l'arrière-plan que vous voulez. Avez-vous récemment ajouté un nouvel élément à votre Active Desktop ? Si c'est le cas : 1. Cliquez avec le bouton droit de la souris sur le Bureau puis cliquez sur Propriétés. 2. Sur l'onglet Bureau, cliquez sur Personnaliser le Bureau. 3. Sur l'onglet Web, effacer la case à cocher de l'élément qui a été ajouté en dernier. Voulez-vous désactiver votre Active Desktop ? Dans ce cas : 1. Cliquez avec le bouton droit de la souris sur le Bureau puis sélectionnez Propriétés. 2. Sur le Bureau tab, cliquez sur Personnaliser le Bureau. 3. Sous Pages Web du Bureau, cliquez pour effacer toutes les cases à cocher. Als ik hier op 'restore active desktop' klik krijg ik een foutmelding: objet doesn't support this action Verder het logje: ----------------- FindyKill V4.005 ------------------ * User : Kris - KRIS * Emplacement : C:\Program Files\FindyKill * Outils Mis a jours le 17/10/08 par Chiquitine29 * Suppression effectuée à 19:26:42 le 19/01/2010 * Windows XP - Internet Explorer 8.0.6001.18702 ((((((((((((((( *** Suppression *** )))))))))))))))))) --------------- [ Processus actifs ] ---------------- C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\userinit.exe --------------- [ Fichiers/Dossiers infectieux ] ---------------- »»»» Suppression des fichiers dans C: »»»» Suppression des fichiers dans C:\WINDOWS »»»» Suppression des fichiers dans C:\WINDOWS\Prefetch Supprimé ! - C:\WINDOWS\Prefetch\WINTEMS.EXE-33744186.pf Supprimé ! - C:\WINDOWS\Prefetch\MDELK.EXE-086F0B56.pf »»»» Suppression des fichiers dans C:\WINDOWS\system32 »»»» Suppression des fichiers dans C:\WINDOWS\system32\drivers »»»» Suppression des fichiers dans C:\Documents and Settings\Kris\Application Data »»»» Suppression des fichiers dans C:\DOCUME~1\Kris\LOCALS~1\Temp --------------- [ Registre / Clés infectieuses ] ---------------- Supprimé ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA -> Certaines clés ont été supprimées au premier reboot ... --------------- [ Etat / Redémarage des services ] ---------------- +- Mode sans echec restauré ! +- Services : [ Auto=2 Demande=3 Désactivé=4 ] Ndisuio - Type de démarrage = 2 EapHost - Type de démarrage = 2 Wlansvc - Type de démarrage = 2 Ip6Fw - Type de démarrage = 2 SharedAccess - Type de démarrage = 2 wuauserv - Type de démarrage = 2 wscsvc - Type de démarrage = 2 --------------- [ Nettoyage des supports amovibles ] ---------------- +- Informations : C: - Lecteur fixe D: - Lecteur fixe +- Suppression des fichiers : --------------- [ Registre / Moutpoint2 ] ---------------- -> Recherche négative. --------------- [ Recherche Cracks / Keygen ] ---------------- ---------------- ! Fin du rapport ! ------------------ -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Volgens mij zit er een alien in Met optie 1 heb ik geen problemen omdat dat geen herstart vereist. Optie 2 is twee keer blindemannetje spelen en als ik dan mijn account-icoon niet vind op de tast dan zit ik in de problemen maar ik doe zodadelijk een 2de poging... -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Hey Kape, Het is misgegaan. Hieronder zo kort, bondig en verstaanbaar mogelijk: Mijn netbook heeft een slecht contact met als resultaat een wit scherm (ook geen cursor) bij opstart en tussendoor (tijdens het surfen) valt mijn beeld ook regelmatig weg (altijd ambiance hier!). Optie 2 waarvan je het logje wou zien vereist 2 nieuwe opstarts en bij de eerste kon ik blind mijn account icoon vinden (op wit scherm zonder zichtbare cursor dus) maar de 2de keer ging het fout en heb ik de netbook af moeten zetten met de on/off (waarschijnlijk right in de middle van een proces). Bij heropstarten na lang trial and error het account-ioontje 'gevonden' en hier ben ik dus weer. Heb door deze toestand dus geen logje en heb geen flauw idee waar en wat ik heb afgebroken door het manueel uitzetten... Als je het inmiddels spuugzat zou zijn, zeg het dan (ik na 2 maanden gekloot anders al wel), dan gooi ik dat nog geen jaar oud onding op 't stort en koop iets fatsoenlijks. Ik hoor het wel. -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Voilà ----------------- FindyKill V4.005 ------------------ * User : Kris - KRIS * Emplacement : C:\Program Files\FindyKill * Outils Mis a jours le 17/10/08 par Chiquitine29 * Recherche effectuée à 15:28:13 le 19/01/2010 * Windows XP - Internet Explorer 8.0.6001.18702 ((((((((((((((((( *** Recherche *** )))))))))))))))))) --------------- [ Processus actifs ] ---------------- C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe --------------- [ Fichiers/Dossiers infectieux ] ---------------- »»»» Presence des fichiers dans C: »»»» Presence des fichiers dans C:\WINDOWS »»»» Presence des fichiers dans C:\WINDOWS\Prefetch Present ! - C:\WINDOWS\prefetch\MDELK.EXE-086F0B56.pf »»»» Presence des fichiers dans C:\WINDOWS\system32 »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers »»»» Presence des fichiers dans C:\Documents and Settings\Kris\Application Data »»»» Presence des fichiers dans C:\DOCUME~1\Kris\LOCALS~1\Temp --------------- [ Registre / Startup ] ---------------- ! REG.EXE VERSION 3.0 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run RTHDCPL REG_SZ RTHDCPL.EXE EDS REG_SZ C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe BatteryManager REG_SZ C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe DMHotKey REG_SZ C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe SmcService REG_SZ C:\PROGRA~1\Sygate\SPF\smc.exe -startgui Google Quick Search Box REG_SZ "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents ! REG.EXE VERSION 3.0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Google Update REG_SZ "C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c Skype REG_SZ "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" --------------- [ Registre / Clés infectieuses ] ---------------- --------------- [ Etat / Services ] ---------------- +- Services : [ Auto=2 Demande=3 Désactivé=4 ] Ndisuio - Type de démarrage = 3 EapHost - Type de démarrage = 3 Ip6Fw - Type de démarrage = 3 SharedAccess - Type de démarrage = 2 wuauserv - Type de démarrage = 2 wscsvc - Type de démarrage = 2 --------------- [ Recherche dans supports amovibles] ---------------- +- Informations : C: - Lecteur fixe D: - Lecteur fixe +- presence des fichiers : --------------- [ Registre / Moutpoint2 ] ---------------- -> Recherche négative. ------------------- ! Fin du rapport ! -------------------- -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
De overtreffende trap van blond Kape; spierwit! (kan niet goed gaan hé) :-D Probleem is niet opgelost btw. Neem je tijd hé, 'k weet dat het druk is. -
Firefox loopt vast (dagelijks paar keer)
Myriad01 reageerde op Myriad01's topic in Archief Internet & Netwerk
Sorry Kape! Dat was een érg blond moment (of toch zeker één van opperste verwarring) ) Bedankt voor 't kijken. Ik hou het in de gaten en als 't is opgelost kom ik op het knopje klikken en je een officiële dikke dankuwel sturen, goed?
