Ga naar inhoud

djiemmie

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    111

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door djiemmie

  1. djiemmie
    Als ik opstart in "veilige modus", en Qoobox probeer te verwijderen, krijg ik dezelfde melding; "Toegang tot doelmap geweigerd" en "U bent niet gemachtigd om deze bewerking uit te voeren". De cd speler doet het nog steeds niet, en alle andere verschijnselen blijven hetzelfde na een nieuwe opstart....
  2. djiemmie
    Wanneer ik de map C:\Qoobox wil verwijderen, verschijnt er dit: "U bent niet gemachtigd om deze bewerking uit te voeren". alle andere stappen heb ik doorlopen, nog steeds zelfde probleem. ik heb er zelfs een paar bij: het bureaublad is gewoon zwart, en als ik bij de verkenner een map open, verschijnt er geen afbeelding bij veel pictogrammen , waar normaal een afbeelding van een mapje, een foto,... verschijnt
  3. djiemmie
    nee, het cd-speler probleem is nog steeds hetzelfde...
  4. djiemmie
    hallo kape, hierbij het logje ComboFix 12-03-06.01 - tim 08/03/2012 12:47:02.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.859 [GMT 1:00] Gestart vanuit: c:\users\tim\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\tim\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\programdata\tmp" . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-08 to 2012-03-08 )))))))))))))))))))))))))))))) . . 2012-03-08 11:57 . 2012-03-08 11:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-06 16:06 . 2012-03-06 16:06 -------- d-----w- c:\users\tim\AppData\Roaming\Malwarebytes 2012-03-06 16:05 . 2012-03-06 16:05 -------- d-----w- c:\programdata\Malwarebytes 2012-03-06 16:05 . 2012-03-06 16:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-06 16:05 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-06 10:24 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A74F703-5D8E-4681-B6B8-C7FFCFA53EE0}\mpengine.dll 2012-03-05 17:35 . 2012-03-05 17:35 388096 ----a-r- c:\users\tim\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-05 17:35 . 2012-03-05 17:35 -------- d-----w- c:\program files\Trend Micro 2012-03-05 16:12 . 2012-03-05 16:12 -------- d-----w- c:\users\tim\AppData\Local\ElevatedDiagnostics 2012-02-28 10:43 . 2012-02-28 14:00 -------- d-----w- c:\programdata\tmp 2012-02-28 10:40 . 2012-02-28 10:40 -------- d-----w- c:\program files\Pixum 2012-02-20 17:51 . 2012-02-20 17:51 -------- d-----w- c:\program files\Common Files\Java 2012-02-20 17:49 . 2012-02-20 17:49 -------- d-----w- c:\program files\Java 2012-02-20 17:46 . 2012-02-20 17:46 -------- d-----w- c:\windows\Sun . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-07 00:15 . 2010-09-08 15:33 41184 ----a-w- c:\windows\avastSS.scr 2012-03-07 00:15 . 2010-09-08 15:33 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-07 00:03 . 2011-02-28 16:49 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-07 00:03 . 2010-09-08 15:34 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-07 00:02 . 2010-09-08 15:34 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-03-07 00:01 . 2010-09-08 15:34 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-07 00:01 . 2010-09-08 15:34 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-07 00:01 . 2010-09-08 15:34 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-02-23 08:18 . 2010-09-06 14:43 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-20 17:49 . 2011-02-04 10:09 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-20 17:44 . 2011-05-15 17:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-20 17:42 . 2011-11-27 11:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "Akamai NetSession Interface"="c:\users\tim\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824] "Acer Tour Reminder"="" [bU] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-17 845360] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-08-15 772616] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 206952] "Skytel"="Skytel.exe" [2007-06-15 1826816] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-25 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-25 8433664] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-25 81920] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-11-03 738944] "ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-12-18 73360] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552] . c:\users\tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] reminder-ScanSoft Product Registration.lnk - c:\program files\Caere\OmniPagePro90\EREG\REMIND32.EXE [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-27 535336] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache Akamai REG_MULTI_SZ Akamai . Inhoud van de 'Gedeelde Taken' map . 2012-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-02-08 12:59] . 2012-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-02-08 12:59] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1211186286&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855 uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://nl.intl.acer.yahoo.com uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 FF - ProfilePath - c:\users\tim\AppData\Roaming\Mozilla\Firefox\Profiles\nvqnh3l4.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-03-08 12:57 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_7de0ed9.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'lsass.exe'(768) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'Explorer.exe'(3292) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . Voltooingstijd: 2012-03-08 13:01:23 ComboFix-quarantined-files.txt 2012-03-08 12:01 ComboFix2.txt 2012-03-07 13:05 . Pre-Run: 11.162.386.432 bytes beschikbaar Post-Run: 11.481.911.296 bytes beschikbaar . - - End Of File - - 6EC02D3ABDCDB5D4B1768D648ABCDE3E
  5. djiemmie
    Hallo kape, Toen ik deze middag mijn laptop opstartte, was mijn bureaublad gewoon zwart, en kon ik geen foto meer plaatsen... na installatie van combofix, en toen combofix begon te lopen verscheen het opeens weer wel...?... toen combofix klaar was en het logje verscheen, kon ik even niet veel meer doen, zelfs niet op internet of avast opnieuw starten (om het opnieuw in te schakelen) . Bij alles wat ik aanklikte verscheen "Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering". Na opnieuw opstarten, lukte dit alles gelukkig weer wel, dus hierbij het logje van combofix ComboFix 12-03-06.01 - tim 07/03/2012 13:35:55.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.919 [GMT 1:00] Gestart vanuit: c:\users\tim\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4 .lnk . Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\combofix\HarddiskVolumeShadowCopy3_!Windows!System32!userinit.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-07 to 2012-03-07 )))))))))))))))))))))))))))))) . . 2012-03-07 12:47 . 2012-03-07 12:47 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-06 16:06 . 2012-03-06 16:06 -------- d-----w- c:\users\tim\AppData\Roaming\Malwarebytes 2012-03-06 16:05 . 2012-03-06 16:05 -------- d-----w- c:\programdata\Malwarebytes 2012-03-06 16:05 . 2012-03-06 16:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-06 16:05 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-06 10:24 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A74F703-5D8E-4681-B6B8-C7FFCFA53EE0}\mpengine.dll 2012-03-05 17:35 . 2012-03-05 17:35 388096 ----a-r- c:\users\tim\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-05 17:35 . 2012-03-05 17:35 -------- d-----w- c:\program files\Trend Micro 2012-03-05 16:12 . 2012-03-05 16:12 -------- d-----w- c:\users\tim\AppData\Local\ElevatedDiagnostics 2012-02-28 10:43 . 2012-02-28 14:00 -------- d-----w- c:\programdata\tmp 2012-02-28 10:40 . 2012-02-28 10:40 -------- d-----w- c:\program files\Pixum 2012-02-20 17:51 . 2012-02-20 17:51 -------- d-----w- c:\program files\Common Files\Java 2012-02-20 17:49 . 2012-02-20 17:49 -------- d-----w- c:\program files\Java 2012-02-20 17:46 . 2012-02-20 17:46 -------- d-----w- c:\windows\Sun 2012-02-17 09:43 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-02-17 09:43 . 2011-12-15 06:17 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2012-02-17 09:43 . 2011-12-15 06:21 129536 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2012-02-17 09:43 . 2011-12-15 06:17 247808 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2012-02-17 09:43 . 2011-12-15 06:22 638240 ----a-w- c:\program files\Internet Explorer\iexplore.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-07 00:15 . 2010-09-08 15:33 41184 ----a-w- c:\windows\avastSS.scr 2012-03-07 00:15 . 2010-09-08 15:33 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-07 00:03 . 2011-02-28 16:49 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-07 00:03 . 2010-09-08 15:34 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-07 00:02 . 2010-09-08 15:34 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-03-07 00:01 . 2010-09-08 15:34 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-07 00:01 . 2010-09-08 15:34 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-07 00:01 . 2010-09-08 15:34 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-02-23 08:18 . 2010-09-06 14:43 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-20 17:49 . 2011-02-04 10:09 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-20 17:44 . 2011-05-15 17:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-12 19:52 . 2012-02-17 09:42 2044416 ----a-w- c:\windows\system32\win32k.sys 2011-12-15 06:22 . 2012-02-17 09:43 916992 ----a-w- c:\windows\system32\wininet.dll 2012-02-20 17:42 . 2011-11-27 11:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "Akamai NetSession Interface"="c:\users\tim\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-17 845360] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-08-15 772616] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 206952] "Skytel"="Skytel.exe" [2007-06-15 1826816] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-25 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-25 8433664] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-25 81920] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-11-03 738944] "ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-12-18 73360] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552] . c:\users\tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] reminder-ScanSoft Product Registration.lnk - c:\program files\Caere\OmniPagePro90\EREG\REMIND32.EXE [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-27 535336] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache Akamai REG_MULTI_SZ Akamai . Inhoud van de 'Gedeelde Taken' map . 2012-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-02-08 12:59] . 2012-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-02-08 12:59] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1211186286&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855 uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://nl.intl.acer.yahoo.com uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.130 195.130.130.2 FF - ProfilePath - c:\users\tim\AppData\Roaming\Mozilla\Firefox\Profiles\nvqnh3l4.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100482 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 78e77161000000000000001b386f4c15 FF - user.js: extensions.BabylonToolbar_i.hardId - 78e77161000000000000001b386f4c15 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15356 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:18 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-Acer Tour Reminder - (no file) HKCU-Run-AdobeBridge - (no file) HKLM-Run-Acer Tour - (no file) HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd HKLM-Run-eRecoveryService - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-03-07 13:52 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . . C:\avast! sandbox . Scan succesvol afgerond verborgen bestanden: 1 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_7de0ed9.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'lsass.exe'(752) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'Explorer.exe'(4448) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\CheckPoint\ZAForceField\IswSvc.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Microsoft Application Virtualization Client\sftvsa.exe c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Microsoft Application Virtualization Client\sftlist.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\program files\Spybot - Search & Destroy\SDWinSec.exe c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE c:\windows\system32\conime.exe c:\windows\RtHDVCpl.exe c:\program files\Launch Manager\LManager.exe c:\windows\System32\rundll32.exe c:\windows\System32\rundll32.exe c:\windows\ehome\ehmsas.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE c:\windows\ehome\mcupdate.EXE c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Voltooingstijd: 2012-03-07 14:05:14 - machine werd herstart ComboFix-quarantined-files.txt 2012-03-07 13:04 . Pre-Run: 11.180.621.824 bytes beschikbaar Post-Run: 11.120.398.336 bytes beschikbaar . - - End Of File - - E6617407A406D809CA0A3DA72B208E95
  6. djiemmie
    ...blijkbaar dan toch geen malware (of toch geen die MBAM detecteert), want het cd station doet nog steeds niks
  7. djiemmie
    Hallo kape, na de scan van MBAM diende ik dit te doen; "Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien. Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde. Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)." Er verscheen enkel "De scan is voltooid. Er zijn geen kwaadaardige objecten gedetecteerd." Ook op de tab "Quarantainelijst" staat er: "0 objecten". Hij vroeg ook niet om de computer opnieuw op te starten. Nog even dit vraagje; doet MBAM hetzelfde als het programma "Spybot - Search and Destroy"? Zoja, welk programma is het beste? Of blijft MBAM niet gratis? Spybot gebruikte ik tot nu toe voor malware. Hieronder het logje van MBAM; Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.03.06.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19190 tim :: ONZEPC [administrator] 6/03/2012 17:07:44 mbam-log-2012-03-06 (17-07-44).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 177558 Verstreken tijd: 9 minuut/minuten, 35 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) En het nieuwe logje van HijackThis; Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:38:43, on 6/03/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19190) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\CheckPoint\ZAForceField\ForceField.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Users\tim\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\System32\rundll32.exe C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Users\tim\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Users\tim\AppData\Local\Akamai\netsession_win.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! UK R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\tim\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: ePower Service (WMIService) - Unknown owner - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10887 bytes
  8. djiemmie
    hierbij het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:40:36, on 5/03/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19190) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\CheckPoint\ZAForceField\ForceField.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Users\tim\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Users\tim\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Users\tim\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! UK R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file) O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\tim\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: OpenOffice.org 2.4 .lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Zoek op het web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: ePower Service (WMIService) - Unknown owner - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11326 bytes
  9. djiemmie
    Hallo clarkie, begonnen met deze fix it Your CD drive or DVD drive is missing or is not recognized by Windows or other programs , toen deze niets opleverde een volgende, maar weet niet meer precies welke, wel met gelijkaardige probleemstelling het topic wat ik bedoelde was deze: http://www.pc-helpforum.be/f111/cd-dvd-station-plots-verdwenen-41326/ Alvast bedankt!
  10. djiemmie
    Beste lezer, Als ik een cd in de cd speler doe maakt hij wel geluid, maar er gebeurt vervolgens niks. Bij 'deze computer' staat ook geen cd/dvd station aangegeven. Bij apparaatbeheer is de cd/dvd speler ook niet terug te vinden. Wanneer ik in de windows media player "rippen" aanklik, verschijnt er "voor het rippen van muziek van cd's is een cd-station vereist" We hebben onze laptop - Acer Aspire 5520 - al een vijftal jaar, steeds cd's en dvd's zonder problemen kunnen afspelen/branden. Via de site van microsoft heb ik al een aantal "fix it"s doorlopen, maar het probleem wordt niet hersteld. Ik las een post op deze site voor een gelijkaardig probleem, maar vraag me af of ik ook zomaar de stappen daarin vermeld mag doorlopen? Dank voor uw antwoord! Mvg, djiemmie
  11. djiemmie
    hallo sinds enkele dagen surf ik automatisch op internet via de buren als ik mijn laptop inschakel en mijn internetkabel zit niet in de laptop, dan kiest hij verbinding via een draadloos netwerk als ik dan naar het netwerk icoontje rechtsonder op de taakbalk ga, verschijnt er: "Verbonden met: bbox2-9988 Toegang: Lokaal en internet" als ik de laptop inschakel met de internetkabel erin, verschijnt er bij het netwerk icoon dit; Netwerk 2 Toegang: Lokaal en internet bbox2-9988 Toegang: alleen lokaal als ik dan mijn internetkabel uit mn laptop haal, blijft de internetverbinding behouden via de bbox2 en is de "Toegang: Lokaal en internet" ik ben dan wel verbonden, maar via een "onbeveiligd netwerk". kan het ook zijn dat dan iemand op mijn laptop kan via deze draadloze verbinding? want als ik verbonden ben via de bbox, verschijnt er ook een icoon van een printer die ik voordien nooit gezien heb. ik haal mijn internetkabel uit mijn laptop omdat ik gehoord had dat als de verbinding "open" blijft staan, zelfs al staat de laptop uit, deze kwetsbaarder is voor virussen en dergelijke dank u voor uw hulp!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.