Ga naar inhoud

Soekie

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    129

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Soekie

  1. Soekie
    Eindelijk een stap verder, door het in veilige modus en als admin uit te laten voeren. De drie verdachte items zijn nu ook verwijderd. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:19:55, on 11/03/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conime.exe C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Windows\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware2\mbamgui.exe /install /silent O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O8 - Extra context menu item: Download all links using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7495 bytes Helaas speelt het probleem nog steeds, zijnde dat er veel te veel CPU gebruikt wordt en dit door hardware fouten lijkt te zijn?? :-s
  2. Soekie
    Hoi! Ik kreeg MBAM niet meer geïnstalleerd, dan waren er problemen met updaten, bleek ik 'm weer opnieuw te moeten installeren enzo dus... Uiteindelijk is het gelukt. Dit zijn de resultaten: Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.03.11.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Anja :: MIJN_WITTEKE [administrator] 11/03/2012 15:09:20 mbam-log-2012-03-11 (15-09-20).txt Scantype: Volledige scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 397231 Verstreken tijd: 1 uur/uren, 46 minuut/minuten, 6 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Heel goed dus! ---------- Post toegevoegd om 17:05 ---------- Vorige post was om 17:03 ---------- Hijackthis is iets minder... ik krijg die drie bestanden maar niet weg... ze blijven erop staan. Het recentste logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:55:23, on 18/02/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\BitTorrent\BitTorrent.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Microsoft Office2000\Office\WINWORD.EXE C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Microsoft Office2000\Office\EXCEL.EXE C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\VideoLAN\VLC\vlc.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing) O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O8 - Extra context menu item: Download all links using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8262 bytes
  3. Soekie
    Oké, bedankt. Vreemd genoeg is mijn pc trouwens momenteel totaal crapuleus aan het werken en praktisch niet meer werkbaar. Hiervoor heb ik ook videobestanden afgespeeld... Er lijkt toch echt een connectie daarmee dus, maar ik voer eerst uit wat je me aanraadt.
  4. Soekie
    Bij deze Hijack this logje uitgevoerd als administrator: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:55:23, on 18/02/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\BitTorrent\BitTorrent.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Microsoft Office2000\Office\WINWORD.EXE C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Microsoft Office2000\Office\EXCEL.EXE C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\VideoLAN\VLC\vlc.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing) O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O8 - Extra context menu item: Download all links using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8262 bytes
  5. Soekie
    Sorry, ik had mijn pc even nodig om bepaalde hardware dingen op te doen, moest daarvoor ook heel veel software installeren ... software die mogelijk niet al te katholiek is. Nu heb ik hem de eerstkomende tijd niet direct nodig voor werk dus kan ik er weer vol voor gaan. Hoe zit het nu? Er is sinds mijn start-topic hier zeker een verbetering. De PC is niet meer zo traag en hangt niet meer om de twee tellen vast. Hij is nu eigenlijk bruikbaar zal ik zeggen, zonder al te veel ergernis, daar waar je er in het begin gewoon totaal niet mee kon werken... Het grootste probleem nu is het afspelen van video bestanden en ook krijg ik heel vaak foutmeldingen bij het downloaden of pogen te installeren van bepaalde programma's, wat er volgens mij op wijst dat er toch dingen fundamenteel fout zitten? Wanneer het grote probleem ontstaat bij het afspelen van video's, gaat het vooral om "hardware interrupts" volgens de procesexplorer... Ik heb echter geen idee waaraan het kan liggen. Ik zal een nieuwe log e.d. maken.
  6. Soekie
    Dat is het gekke: ik geraak niet ingelogd als administrator in dat programma... Die optie staat er gewoon niet bij als ik op de rechtermuisknop klikt. Ook geeft het altijd de foutmelding geen toegang te hebben tot de hosts files, ofzoiets. :-s
  7. Soekie
    Oeps dubbele post. Ik moet toegeven dat ik hem nog niet stofvrij heb gemaakt. :-s Ik weet echt niet hoe daaraan te beginnen... Het is een laptop ... een pc-bak zou ik nog wel durven opendraaien, maar dit ... Is er een andere manier om hem koeler te krijgen? MBAM is intussen klaar: Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Databaseversie: v2012.01.22.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 :: MIJN_WITTEKE [administrator] 22/01/2012 19:22:26 mbam-log-2012-01-22 (19-22-26).txt Scantype: Volledige scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 386615 Verstreken tijd: 2 uur/uren, 39 minuut/minuten, 25 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 (PUP.BundleInstaller.OI) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Ziet er nog redelijk uit dus. ---------- Post toegevoegd om 23:05 ---------- Vorige post was om 22:57 ---------- Het nieuwe hijack this logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:15:00, on 11/01/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Windows\System32\notepad.exe C:\Windows\system32\conime.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing) O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O8 - Extra context menu item: Download all links using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7029 bytes Ik krijg die drie files maar niet weg dus van die babylon toolbar... die is meegekomen met die quicktimeinstaller die ook kwaadaardig was. :-s Ik heb nochtans zoals aangegeven, alle explorer vensters gesloten...
  8. Soekie
    Edit: Even de hijack-this instructies al uitgevoerd. Hierbij het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:15:00, on 11/01/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Windows\System32\notepad.exe C:\Windows\system32\conime.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing) O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O8 - Extra context menu item: Download all links using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7029 bytes (Ook hijack this liep vast, en nog steeds kan hij niet schrijven naar de LOG files zegt hij). Wat betreft die vreemde bestanden in de process explorer die de naam van windows delen hebben maar die als je erop klinkt naar niks lijken te verwijzen maar een error weergeven, ... ik heb gehoord dat virussen tegenwoordig onder die namen verspreid worden en zefls telkens van naam veranderen? Veel van die processen kan ik ook niet sluiten.
  9. Soekie
    Hoi, Even geen tijd gehad wegens werk. De bovenvermelde stappen nog niet uitgevoerd. Het ging redelijk goed, maar sinds enkele dagen is het opnieuw niet meer doenbaar, problemen - traag gaan - zo traag gaan dat hij continu blijft hangen, dit zowat iedere twee minuten - Ik vermoed dat ik er recent malware heb opgehaald? :-s Kan niet anders bedenken... Procesexplorer geeft niet veel, behalve dan als firefox opstaat en ik wil een programma online kijken, ... loopt het altijd mis. Firefox neemt dan alle CPU in, samen met de "plugincontainer" van FF die dan na een tijdje de foutmelding aangeeft dat hij gecrasht is, enzoverder. Het resulteert er meestal in dat firefox moet afgesloten worden met control alt delete, en zelfs daarop kan je soms nog een kwartier wachten. (Ervoren = je muis een paar cm verschuiven = tien minuten wachten). Ondoenbaar dus. Ontspannen een filmpje ofzo kijken op deze pc is dus gewoon ondoenbaar, maar integendeel een bijzonder frustrerende bezigheid. ...
  10. Soekie
    Oké! Kreeg wel even de foutmelding dat PEV.exe niet meer werkte, maar hij is gewoon doorgegaan en het is gelukt. Die babylon kwam trouwens mee met quiktime wat ik moest installeren om iets werkgerelateerd te doen, maar de installatie van QT is dus nooit gelukt. :-/ ComboFix 12-01-09.03 - 11/01/2012 17:16:08.9.1 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2037.1020 [GMT 1:00] Gestart vanuit: c:\downloaded with mozilla\ComboFix.exe gebruikte Opdracht switches :: c:\users\\Desktop\CFScript.txt SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\BabylonToolbar c:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll c:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll c:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe c:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll c:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll c:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe c:\programdata\Babylon c:\users\\AppData\Local\Babylon c:\users\\AppData\Local\Babylon\Setup\bab033.tbinst.dat c:\users\\AppData\Local\Babylon\Setup\Babylon.dat c:\users\\AppData\Local\Babylon\Setup\BExternal.dll c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\cmbx.png c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\common.js c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\eula.html c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\lngs.png c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page1.css c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page1.html c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page1.js c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page1Lrg.css c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page2.css c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page2.html c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page2.js c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page2Lrg.css c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\page9.html c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\pBar.gif c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\title1.png c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\title2.png c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\toolBar.jpg c:\users\\AppData\Local\Babylon\Setup\HtmlScreens\vIcn.png c:\users\\AppData\Local\Babylon\Setup\IECookieLow.dll c:\users\\AppData\Local\Babylon\Setup\Setup-tbmntr903-9.0.3.33.zpb c:\users\\AppData\Local\Babylon\Setup\Setup.exe c:\users\\AppData\Local\Babylon\Setup\SetupStrings.dat c:\users\\AppData\Local\Babylon\Setup\sqlite3.dll c:\users\\AppData\Roaming\Babylon c:\users\\AppData\Roaming\Babylon\log_file.txt . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-11 to 2012-01-11 )))))))))))))))))))))))))))))) . . 2012-01-11 16:31 . 2012-01-11 16:31 -------- d-----w- c:\users\\AppData\Local\temp 2012-01-11 16:31 . 2012-01-11 16:31 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-01-11 16:31 . 2012-01-11 16:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-11 05:58 . 2012-01-11 05:58 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4BE671B2-5D57-4183-84D8-E91AF408907F}\offreg.dll 2012-01-10 07:30 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4BE671B2-5D57-4183-84D8-E91AF408907F}\mpengine.dll 2012-01-03 19:40 . 2012-01-03 19:40 -------- d-----w- c:\users\\AppData\Local\MPlayer 2012-01-03 19:26 . 2012-01-05 12:17 -------- d-----w- c:\users\\.smplayer 2012-01-03 19:22 . 2012-01-03 19:24 -------- d-----w- c:\program files\SMPlayer 2012-01-03 19:10 . 2012-01-03 19:18 -------- d-----w- c:\users\\AppData\Roaming\vlc 2012-01-03 19:06 . 2012-01-03 19:06 -------- d-----w- c:\program files\VideoLAN 2012-01-03 18:25 . 2012-01-03 18:25 -------- d-----w- c:\programdata\Apple Computer 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll 2012-01-03 18:25 . 2010-03-17 20:53 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-01-03 18:25 . 2010-03-17 20:53 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-01-03 18:25 . 2010-03-17 20:53 180224 ----a-w- c:\windows\system32\QTCF.dll 2012-01-03 18:25 . 2012-01-03 18:33 -------- d-----w- c:\program files\QuickTime Alternative 2012-01-03 17:03 . 2012-01-03 17:01 39401336 ----a-w- c:\windows\system32\QuickTimeInstaller.exe 2012-01-03 16:50 . 2012-01-03 16:50 237 ----a-w- C:\user.js 2012-01-02 21:27 . 2012-01-02 21:27 -------- d-----w- c:\windows\nl 2012-01-02 21:21 . 2012-01-02 21:21 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-01-02 21:20 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-01-02 21:20 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2012-01-02 21:20 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-01-02 21:19 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-01-02 15:04 . 2012-01-02 15:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-02 15:04 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-31 18:30 . 2011-12-31 18:30 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-12-31 18:29 . 2011-12-31 18:30 -------- d-----w- c:\program files\DAEMON Tools Pro 2011-12-31 16:51 . 2011-12-31 16:51 -------- d-----w- C:\superoneclick 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Root 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Exploits 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Devices 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Dependencies 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\ADB 2011-12-29 22:48 . 2011-12-29 22:48 -------- d-----w- c:\program files\MyFree Codec 2011-12-29 21:18 . 2011-12-29 21:18 -------- d-----w- C:\Temp 2011-12-29 21:16 . 2011-12-29 21:16 -------- d-----w- c:\users\\AppData\Local\Samsung 2011-12-29 21:15 . 2011-12-29 21:15 -------- d-----w- c:\users\\AppData\Roaming\Samsung 2011-12-29 21:11 . 2011-10-27 01:25 1416680 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll 2011-12-29 21:11 . 2011-10-27 01:25 1416680 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll 2011-12-29 21:11 . 2011-10-27 01:25 136808 ----a-w- c:\windows\system32\drivers\ssadmdm.sys 2011-12-29 21:11 . 2011-10-27 01:25 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys 2011-12-29 21:11 . 2011-10-27 01:25 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys 2011-12-29 21:11 . 2011-10-27 01:25 10472 ----a-w- c:\windows\system32\drivers\ssadcm.sys 2011-12-29 21:11 . 2011-10-27 01:25 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys 2011-12-29 21:11 . 2011-10-27 01:25 10344 ----a-w- c:\windows\system32\drivers\ssadwh.sys 2011-12-29 21:11 . 2011-10-27 01:25 30312 ----a-w- c:\windows\system32\drivers\ssadadb.sys 2011-12-29 21:11 . 2011-10-27 01:25 121064 ----a-w- c:\windows\system32\drivers\ssadbus.sys 2011-12-29 21:11 . 2011-10-27 01:25 114280 ----a-w- c:\windows\system32\drivers\ssadserd.sys 2011-12-29 16:08 . 2011-12-29 21:06 -------- d-----w- c:\programdata\Samsung 2011-12-29 16:03 . 2011-12-29 16:03 -------- d-----w- c:\users\\AppData\Local\Downloaded Installations 2011-12-29 15:17 . 2011-12-29 15:17 -------- d-----w- c:\program files\Microsoft.NET 2011-12-28 21:48 . 2011-12-28 21:49 -------- d-----w- c:\program files\Speccy 2011-12-28 16:24 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-12-27 15:10 . 2011-12-27 15:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-22 14:33 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-16 18:23 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-16 18:23 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-12-15 23:35 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-12-15 21:53 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-15 20:59 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-29 15:38 . 2011-11-29 15:38 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2011-11-29 15:38 . 2011-11-29 15:38 325552 ----a-w- c:\windows\MASetupCaller.dll 2011-11-29 15:38 . 2011-11-29 15:38 30568 ----a-w- c:\windows\MusiccityDownload.exe 2011-11-29 15:38 . 2011-11-29 15:38 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2011-11-29 15:38 . 2011-11-29 15:38 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2011-11-29 15:38 . 2011-11-29 15:38 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2011-11-29 15:38 . 2011-11-29 15:38 569344 ----a-w- c:\windows\system32\muzdecode.ax 2011-11-29 15:38 . 2011-11-29 15:38 491520 ----a-w- c:\windows\system32\muzapp.dll 2011-11-29 15:38 . 2011-11-29 15:38 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MAMACExtract.dll 2011-11-29 15:38 . 2011-11-29 15:38 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2011-11-29 15:38 . 2011-11-29 15:38 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2011-11-29 15:38 . 2011-11-29 15:38 245760 ----a-w- c:\windows\system32\MSCLib.dll 2011-11-29 15:38 . 2011-11-29 15:38 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2011-11-29 15:38 . 2011-11-29 15:38 200704 ----a-w- c:\windows\system32\muzwmts.dll 2011-11-29 15:38 . 2011-11-29 15:38 172032 ----a-w- c:\windows\system32\muzapp.exe 2011-11-29 15:38 . 2011-11-29 15:38 155648 ----a-w- c:\windows\system32\MSFLib.dll 2011-11-29 15:38 . 2011-11-29 15:38 143360 ----a-w- c:\windows\system32\3DAudio.ax 2011-11-29 15:38 . 2011-11-29 15:38 135168 ----a-w- c:\windows\system32\muzaf1.dll 2011-11-29 15:38 . 2011-11-29 15:38 131072 ----a-w- c:\windows\system32\muzmpgsp.ax 2011-11-29 15:38 . 2011-11-29 15:38 122880 ----a-w- c:\windows\system32\muzeffect.ax 2011-11-29 15:38 . 2011-11-29 15:38 118784 ----a-w- c:\windows\system32\MaDRM.dll 2011-11-29 15:38 . 2011-11-29 15:38 110592 ----a-w- c:\windows\system32\muzmp4sp.ax . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2008-02-15 405504] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk backup=c:\windows\pss\QuickSet.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Anja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk] path=c:\users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk backup=c:\windows\pss\OpenOffice.org 3.3 .lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-18 07:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2007-09-07 06:49 159744 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] 2011-08-17 07:29 4527424 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DELL Webcam Manager] 2007-07-27 15:43 118784 ------w- c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter] 2009-05-21 09:13 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] 2008-02-13 18:21 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter] 2008-01-18 11:40 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-03-21 12:00 174872 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] 2011-12-27 14:21 937360 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2011-12-27 14:21 21392 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2011-12-27 14:21 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM02Mon.exe] 2007-08-28 05:51 36864 ----a-w- c:\windows\OEM02Mon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2007-11-01 14:39 189736 ------w- c:\program files\Dell\MediaDirect\PCMService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] 2011-10-24 15:51 801792 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2008-04-19 12:39 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-11-12 73728] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 19:19] . 2012-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 19:19] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ig/dell?hl=nl&client=dell-row&channel=be&ibd=3080419 IE: Download all links using BitComet - j:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - j:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - j:\program files\BitComet\BitComet.exe/AddLink.htm TCP: DhcpNameServer = 134.58.126.3 134.58.127.1 FF - ProfilePath - c:\users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\5rhy1mfo.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-BabylonToolbar - c:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-11 17:31 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,1b,84,bd,9a,ae,bf,46,b0,7d,96,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,1b,84,bd,9a,ae,bf,46,b0,7d,96,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-01-11 17:39:45 ComboFix-quarantined-files.txt 2012-01-11 16:39 ComboFix2.txt 2012-01-10 19:07 ComboFix3.txt 2010-04-07 21:19 ComboFix4.txt 2008-06-12 16:15 ComboFix5.txt 2012-01-11 16:11 . Pre-Run: 20.401.086.464 bytes beschikbaar Post-Run: 20.280.868.864 bytes beschikbaar . - - End Of File - - 867925164A4FE5DB6580F5F76F4AC8CF ---------- Post toegevoegd om 18:15 ---------- Vorige post was om 18:14 ---------- En het HijackThis Logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:15:00, on 11/01/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Windows\System32\notepad.exe C:\Windows\system32\conime.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing) O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O8 - Extra context menu item: Download all links using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7029 bytes Thanks om het te controleren!
  11. Soekie
    Combofix gaf aanvankelijk wat vreemde problemen. Zo kreeg ik foutmeldingen e.d. Uiteindelijk is het dan toch gelukt. Hier het logbestand: (geanonimiseerd, op open plaatsen stond mijn naam ) ComboFix 12-01-09.03 - 10/01/2012 19:44:01.8.1 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2037.815 [GMT 1:00] Gestart vanuit: c:\downloaded with mozilla\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\program files\Tetris4000.exe c:\users\\aresregular209_installer.exe c:\users\\bitcomet_setup.exe c:\users\\Documents\~WRL0005.tmp c:\users\\Documents\~WRL0032.tmp c:\users\\Documents\~WRL0139.tmp c:\users\\Documents\~WRL0395.tmp c:\users\\Documents\~WRL0400.tmp c:\users\\Documents\~WRL0401.tmp c:\users\\Documents\~WRL0436.tmp c:\users\\Documents\~WRL0442.tmp c:\users\\Documents\~WRL0534.tmp c:\users\\Documents\~WRL0545.tmp c:\users\\Documents\~WRL0586.tmp c:\users\\Documents\~WRL0600.tmp c:\users\\Documents\~WRL0626.tmp c:\users\\Documents\~WRL0643.tmp c:\users\\Documents\~WRL0648.tmp c:\users\\Documents\~WRL0743.tmp c:\users\\Documents\~WRL0744.tmp c:\users\\Documents\~WRL0784.tmp c:\users\\Documents\~WRL0790.tmp c:\users\\Documents\~WRL0796.tmp c:\users\\Documents\~WRL0881.tmp c:\users\\Documents\~WRL0942.tmp c:\users\\Documents\~WRL1053.tmp c:\users\\Documents\~WRL1070.tmp c:\users\\Documents\~WRL1117.tmp c:\users\\Documents\~WRL1163.tmp c:\users\\Documents\~WRL1199.tmp c:\users\\Documents\~WRL1245.tmp c:\users\\Documents\~WRL1270.tmp c:\users\\Documents\~WRL1283.tmp c:\users\\Documents\~WRL1299.tmp c:\users\\Documents\~WRL1388.tmp c:\users\\Documents\~WRL1456.tmp c:\users\\Documents\~WRL1457.tmp c:\users\\Documents\~WRL1460.tmp c:\users\\Documents\~WRL1499.tmp c:\users\\Documents\~WRL1515.tmp c:\users\\Documents\~WRL1542.tmp c:\users\\Documents\~WRL1605.tmp c:\users\\Documents\~WRL1608.tmp c:\users\\Documents\~WRL1612.tmp c:\users\\Documents\~WRL1648.tmp c:\users\\Documents\~WRL1688.tmp c:\users\\Documents\~WRL1706.tmp c:\users\\Documents\~WRL1711.tmp c:\users\\Documents\~WRL1717.tmp c:\users\\Documents\~WRL1775.tmp c:\users\\Documents\~WRL1813.tmp c:\users\\Documents\~WRL1880.tmp c:\users\\Documents\~WRL1902.tmp c:\users\\Documents\~WRL1909.tmp c:\users\\Documents\~WRL1913.tmp c:\users\\Documents\~WRL1952.tmp c:\users\\Documents\~WRL2019.tmp c:\users\\Documents\~WRL2027.tmp c:\users\\Documents\~WRL2031.tmp c:\users\\Documents\~WRL2081.tmp c:\users\\Documents\~WRL2122.tmp c:\users\\Documents\~WRL2138.tmp c:\users\\Documents\~WRL2161.tmp c:\users\\Documents\~WRL2174.tmp c:\users\\Documents\~WRL2235.tmp c:\users\\Documents\~WRL2240.tmp c:\users\\Documents\~WRL2247.tmp c:\users\\Documents\~WRL2260.tmp c:\users\\Documents\~WRL2349.tmp c:\users\\Documents\~WRL2350.tmp c:\users\\Documents\~WRL2400.tmp c:\users\\Documents\~WRL2401.tmp c:\users\\Documents\~WRL2464.tmp c:\users\\Documents\~WRL2475.tmp c:\users\\Documents\~WRL2541.tmp c:\users\\Documents\~WRL2603.tmp c:\users\\Documents\~WRL2610.tmp c:\users\\Documents\~WRL2630.tmp c:\users\\Documents\~WRL2657.tmp c:\users\\Documents\~WRL2673.tmp c:\users\\Documents\~WRL2694.tmp c:\users\Documents\~WRL2699.tmp c:\users\\Documents\~WRL2710.tmp c:\users\\Documents\~WRL2746.tmp c:\users\\Documents\~WRL2786.tmp c:\users\\Documents\~WRL2849.tmp c:\users\\Documents\~WRL2891.tmp c:\users\\Documents\~WRL2922.tmp c:\users\\Documents\~WRL2949.tmp c:\users\\Documents\~WRL2960.tmp c:\users\\Documents\~WRL2981.tmp c:\users\\Documents\~WRL3007.tmp c:\users\Documents\~WRL3143.tmp c:\users\\Documents\~WRL3185.tmp c:\users\\Documents\~WRL3280.tmp c:\users\\Documents\~WRL3287.tmp c:\users\\Documents\~WRL3290.tmp c:\users\\Documents\~WRL3336.tmp c:\users\\Documents\~WRL3337.tmp c:\users\\Documents\~WRL3412.tmp c:\users\\Documents\~WRL3414.tmp c:\users\\Documents\~WRL3433.tmp c:\users\\Documents\~WRL3482.tmp c:\users\\Documents\~WRL3487.tmp c:\users\\Documents\~WRL3521.tmp c:\users\\Documents\~WRL3522.tmp c:\users\\Documents\~WRL3546.tmp c:\users\\Documents\~WRL3558.tmp c:\users\\Documents\~WRL3718.tmp c:\users\\Documents\~WRL3775.tmp c:\users\\Documents\~WRL3811.tmp c:\users\\Documents\~WRL3814.tmp c:\users\\Documents\~WRL3820.tmp c:\users\\Documents\~WRL3835.tmp c:\users\\Documents\~WRL3840.tmp c:\users\\Documents\~WRL3842.tmp c:\users\\Documents\~WRL3913.tmp c:\users\\Documents\~WRL3955.tmp c:\users\\Documents\~WRL3979.tmp c:\users\\Documents\~WRL4047.tmp c:\users\\Documents\~WRL4049.tmp c:\users\\Documents\~WRL4053.tmp c:\users\\Documents\~WRL4064.tmp c:\windows\system32\drivers\~GLH0014.TMP c:\windows\system32\system32 c:\windows\system32\system32\3DAudio.ax c:\windows\system32\system32\avrt.dll c:\windows\system32\system32\cis-2.4.dll c:\windows\system32\system32\issacapi_bs-2.3.dll c:\windows\system32\system32\issacapi_pe-2.3.dll c:\windows\system32\system32\issacapi_se-2.3.dll c:\windows\system32\system32\MACXMLProto.dll c:\windows\system32\system32\MaDRM.dll c:\windows\system32\system32\MaJGUILib.dll c:\windows\system32\system32\MAMACExtract.dll c:\windows\system32\system32\MASetupCleaner.exe c:\windows\system32\system32\MaXMLProto.dll c:\windows\system32\system32\mfplat.dll c:\windows\system32\system32\MK_Lyric.dll c:\windows\system32\system32\MSCLib.dll c:\windows\system32\system32\MSFLib.dll c:\windows\system32\system32\MSLUR71.dll c:\windows\system32\system32\msvcp60.dll c:\windows\system32\system32\MTTELECHIP.dll c:\windows\system32\system32\MTXSYNCICON.dll c:\windows\system32\system32\muzaf1.dll c:\windows\system32\system32\muzapp.dll c:\windows\system32\system32\muzapp.exe c:\windows\system32\system32\muzdecode.ax c:\windows\system32\system32\muzeffect.ax c:\windows\system32\system32\muzmp4sp.ax c:\windows\system32\system32\muzmpgsp.ax c:\windows\system32\system32\muzoggsp.ax c:\windows\system32\system32\muzwmts.dll c:\windows\system32\system32\psapi.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-10 to 2012-01-10 )))))))))))))))))))))))))))))) . . 2012-01-10 18:58 . 2012-01-10 18:58 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-01-10 18:58 . 2012-01-10 18:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-10 07:30 . 2012-01-10 07:30 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4BE671B2-5D57-4183-84D8-E91AF408907F}\offreg.dll 2012-01-10 07:30 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4BE671B2-5D57-4183-84D8-E91AF408907F}\mpengine.dll 2012-01-03 19:40 . 2012-01-03 19:40 -------- d-----w- c:\users\Anja\AppData\Local\MPlayer 2012-01-03 19:26 . 2012-01-05 12:17 -------- d-----w- c:\users\Anja\.smplayer 2012-01-03 19:22 . 2012-01-03 19:24 -------- d-----w- c:\program files\SMPlayer 2012-01-03 19:10 . 2012-01-03 19:18 -------- d-----w- c:\users\Anja\AppData\Roaming\vlc 2012-01-03 19:06 . 2012-01-03 19:06 -------- d-----w- c:\program files\VideoLAN 2012-01-03 18:25 . 2012-01-03 18:25 -------- d-----w- c:\programdata\Apple Computer 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll 2012-01-03 18:25 . 2010-04-16 17:00 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll 2012-01-03 18:25 . 2010-03-17 20:53 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-01-03 18:25 . 2010-03-17 20:53 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-01-03 18:25 . 2010-03-17 20:53 180224 ----a-w- c:\windows\system32\QTCF.dll 2012-01-03 18:25 . 2012-01-03 18:33 -------- d-----w- c:\program files\QuickTime Alternative 2012-01-03 17:03 . 2012-01-03 17:01 39401336 ----a-w- c:\windows\system32\QuickTimeInstaller.exe 2012-01-03 16:50 . 2012-01-03 16:50 237 ----a-w- C:\user.js 2012-01-03 16:50 . 2012-01-03 16:50 -------- d-----w- c:\program files\BabylonToolbar 2012-01-03 16:46 . 2012-01-03 16:46 -------- d-----w- c:\users\Anja\AppData\Local\Babylon 2012-01-03 16:46 . 2012-01-03 16:46 -------- d-----w- c:\programdata\Babylon 2012-01-03 16:46 . 2012-01-03 16:46 -------- d-----w- c:\users\Anja\AppData\Roaming\Babylon 2012-01-02 21:27 . 2012-01-02 21:27 -------- d-----w- c:\windows\nl 2012-01-02 21:21 . 2012-01-02 21:21 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-01-02 21:20 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-01-02 21:20 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2012-01-02 21:20 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-01-02 21:19 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-01-02 15:04 . 2012-01-02 15:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-02 15:04 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-31 18:30 . 2011-12-31 18:30 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-12-31 18:29 . 2011-12-31 18:30 -------- d-----w- c:\program files\DAEMON Tools Pro 2011-12-31 16:51 . 2011-12-31 16:51 -------- d-----w- C:\superoneclick 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Root 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Exploits 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Devices 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\Dependencies 2011-12-31 16:40 . 2011-12-31 16:40 -------- d-----w- C:\ADB 2011-12-29 22:48 . 2011-12-29 22:48 -------- d-----w- c:\program files\MyFree Codec 2011-12-29 21:18 . 2011-12-29 21:18 -------- d-----w- C:\Temp 2011-12-29 21:16 . 2011-12-29 21:16 -------- d-----w- c:\users\Anja\AppData\Local\Samsung 2011-12-29 21:15 . 2011-12-29 21:15 -------- d-----w- c:\users\Anja\AppData\Roaming\Samsung 2011-12-29 21:11 . 2011-10-27 01:25 1416680 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll 2011-12-29 21:11 . 2011-10-27 01:25 1416680 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll 2011-12-29 21:11 . 2011-10-27 01:25 136808 ----a-w- c:\windows\system32\drivers\ssadmdm.sys 2011-12-29 21:11 . 2011-10-27 01:25 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys 2011-12-29 21:11 . 2011-10-27 01:25 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys 2011-12-29 21:11 . 2011-10-27 01:25 10472 ----a-w- c:\windows\system32\drivers\ssadcm.sys 2011-12-29 21:11 . 2011-10-27 01:25 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys 2011-12-29 21:11 . 2011-10-27 01:25 10344 ----a-w- c:\windows\system32\drivers\ssadwh.sys 2011-12-29 21:11 . 2011-10-27 01:25 30312 ----a-w- c:\windows\system32\drivers\ssadadb.sys 2011-12-29 21:11 . 2011-10-27 01:25 121064 ----a-w- c:\windows\system32\drivers\ssadbus.sys 2011-12-29 21:11 . 2011-10-27 01:25 114280 ----a-w- c:\windows\system32\drivers\ssadserd.sys 2011-12-29 16:08 . 2011-12-29 21:06 -------- d-----w- c:\programdata\Samsung 2011-12-29 16:03 . 2011-12-29 16:03 -------- d-----w- c:\users\Anja\AppData\Local\Downloaded Installations 2011-12-29 15:17 . 2011-12-29 15:17 -------- d-----w- c:\program files\Microsoft.NET 2011-12-28 21:48 . 2011-12-28 21:49 -------- d-----w- c:\program files\Speccy 2011-12-28 16:24 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-12-27 15:10 . 2011-12-27 15:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-22 14:33 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-16 18:23 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-16 18:23 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-12-15 23:35 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-12-15 21:53 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-15 20:59 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-29 15:38 . 2011-11-29 15:38 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2011-11-29 15:38 . 2011-11-29 15:38 325552 ----a-w- c:\windows\MASetupCaller.dll 2011-11-29 15:38 . 2011-11-29 15:38 30568 ----a-w- c:\windows\MusiccityDownload.exe 2011-11-29 15:38 . 2011-11-29 15:38 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2011-11-29 15:38 . 2011-11-29 15:38 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2011-11-29 15:38 . 2011-11-29 15:38 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2011-11-29 15:38 . 2011-11-29 15:38 569344 ----a-w- c:\windows\system32\muzdecode.ax 2011-11-29 15:38 . 2011-11-29 15:38 491520 ----a-w- c:\windows\system32\muzapp.dll 2011-11-29 15:38 . 2011-11-29 15:38 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MAMACExtract.dll 2011-11-29 15:38 . 2011-11-29 15:38 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2011-11-29 15:38 . 2011-11-29 15:38 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2011-11-29 15:38 . 2011-11-29 15:38 245760 ----a-w- c:\windows\system32\MSCLib.dll 2011-11-29 15:38 . 2011-11-29 15:38 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2011-11-29 15:38 . 2011-11-29 15:38 200704 ----a-w- c:\windows\system32\muzwmts.dll 2011-11-29 15:38 . 2011-11-29 15:38 172032 ----a-w- c:\windows\system32\muzapp.exe 2011-11-29 15:38 . 2011-11-29 15:38 155648 ----a-w- c:\windows\system32\MSFLib.dll 2011-11-29 15:38 . 2011-11-29 15:38 143360 ----a-w- c:\windows\system32\3DAudio.ax 2011-11-29 15:38 . 2011-11-29 15:38 135168 ----a-w- c:\windows\system32\muzaf1.dll 2011-11-29 15:38 . 2011-11-29 15:38 131072 ----a-w- c:\windows\system32\muzmpgsp.ax 2011-11-29 15:38 . 2011-11-29 15:38 122880 ----a-w- c:\windows\system32\muzeffect.ax 2011-11-29 15:38 . 2011-11-29 15:38 118784 ----a-w- c:\windows\system32\MaDRM.dll 2011-11-29 15:38 . 2011-11-29 15:38 110592 ----a-w- c:\windows\system32\muzmp4sp.ax . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2008-02-15 405504] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk backup=c:\windows\pss\QuickSet.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Anja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk] path=c:\users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk backup=c:\windows\pss\OpenOffice.org 3.3 .lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-18 07:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2007-09-07 06:49 159744 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] 2011-08-17 07:29 4527424 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DELL Webcam Manager] 2007-07-27 15:43 118784 ------w- c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter] 2009-05-21 09:13 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] 2008-02-13 18:21 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter] 2008-01-18 11:40 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-03-21 12:00 174872 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] 2011-12-27 14:21 937360 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2011-12-27 14:21 21392 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2011-12-27 14:21 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM02Mon.exe] 2007-08-28 05:51 36864 ----a-w- c:\windows\OEM02Mon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2007-11-01 14:39 189736 ------w- c:\program files\Dell\MediaDirect\PCMService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] 2011-10-24 15:51 801792 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2008-04-19 12:39 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-11-12 73728] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 19:19] . 2012-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 19:19] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ig/dell?hl=nl&client=dell-row&channel=be&ibd=3080419 IE: Download all links using BitComet - j:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - j:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - j:\program files\BitComet\BitComet.exe/AddLink.htm TCP: DhcpNameServer = 134.58.126.3 134.58.127.1 FF - ProfilePath - c:\users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\5rhy1mfo.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_Prot FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: extensions.BabylonToolbar_i.id - 10f88a49000000000000001f3ac92810 FF - user.js: extensions.BabylonToolbar_i.hardId - 10f88a49000000000000001f3ac92810 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15342 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:49 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108973 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - std . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-10 19:58 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,1b,84,bd,9a,ae,bf,46,b0,7d,96,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,1b,84,bd,9a,ae,bf,46,b0,7d,96,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-01-10 20:07:20 ComboFix-quarantined-files.txt 2012-01-10 19:06 ComboFix2.txt 2010-04-07 21:19 ComboFix3.txt 2008-06-12 16:15 ComboFix4.txt 2008-06-12 16:02 ComboFix5.txt 2012-01-10 18:39 . Pre-Run: 12.300.365.824 bytes beschikbaar Post-Run: 19.984.629.760 bytes beschikbaar . - - End Of File - - B7084CCA7972CE00C9F437396503D40F ---------- Post toegevoegd om 20:16 ---------- Vorige post was om 20:14 ---------- Ik snap hier eerlijk gezegd niets van, maar het is een hele lijst ... Zijn dit werkelijk dingen die verwijderd zijn of malicious waren? Zo ja, mag ik nu verbetering verwachten neem ik aan?
  12. Soekie
    Hoi Bedankt voor je reactie!I k heb inmiddels nog steeds niet combofix kunnen uitvoeren wegens drukte op het werk waarvoor ik ook mijn privé-laptop nodig heb en me die tijd even niet kan veroorloven of permitteren dat er iets misgaat. Inmiddels is er niet heel veel veranderd. Ik heb wel kunnen opmerken dat de interrupts of DPC's de oorzaak van het kwaad zijn, met name wanneer er een video wordt gestart, hetzij in FF, hetzijn in explorer.Al s ik dan de browser sluit, zakt het CPU verbruik weer, alsook de interrupts.Ze lopen trouwens op van zo'n 60 tot 90 % van het CPU verbruik, dus echt wel hel veel. :-s H eb geen flauw idee wat dat te b etekenen heeft? Verder draaide mijn pc vrij goed maar van zodra ik dus iets serieuzer moet doen waarbij er wat meer internettraffiek kijken komt of videobestanden kjiken komen,loopt het mis. Ik merk ook dat ik heel veel programma's of onderdelen niet kn downloaden of installeren. Zo had ik laatst problemen met Quicktimeplayer terwijl ik het nodig had ivm het werk. Ik ben uiteindelijk op zoek moeten gaan naar een alternatief (SMplayer is het geworden). Maar heb er bijna drievierde dag aan verloren... Foutmeldingen die oa verschijnen zijn "file is corrupt" en "bronbestand is corrupt". Ik heb dus ook geen virusscanner nu. AVG installeren faalt op eze manier, en avira wil niet omdat zonealarm erop staat. Wat zou ik verkiezen? Alvast bedankt, de rest van je instructies zal ik zo snel mogelijk uitvoeren. Je weet inderdaad maar nooit of het zoden aan de dijk brengt! el veranderd.
  13. Soekie
    Ah oké, tiens. Geen idee hoe ik aan die oude log kom. :-s Ik had nochtans gewoon het logje gecopy paste dat er op kwam verschijnen dacht ik. Inmiddels heb ik, omdat ik de laptop toch niet nodig had, MBAM een volledige scan laten doen. Hopelijk is dat niet erg? Hij vond toen één kwaadaardig bestand. Ik heb het gewist en dan de pc opnieuw opgestart zoals aangegeven. Ik heb het logje gecopy paste om het hier te tonen maar ... op de één of andere manier ben ik daar niet toe gekomen (ik doe ook effectief veel dingen tegelijk als ik op de pc ben, misschien is dat al één ding ). Bovendien begon de pc heel moeilijk te doen. Ik was met een aantal dingen bezig met firefox, ik moest oa een groot bestand downloaden (professioneel). De PC werd plots weer ondraaglijk en onwerkbaar traag. De CPU was continu 100%. De diagnostische programma's brachten iets interessants aan het ligt: firefox zelf en een 'plugincontainer' voor firefox gebruikten zeer veel CPU. Soms kwam er ook een svchost proces heel veel CPU verbruiken. Ik kon werkelijk niets meer met de PC aanvangen, zeer frustrerend omdat ik werkgerelateerde dingen ben aan het doen, maar goed. Nadat het bestand gedownload was - ik hoop dat het gelukt is :-s moet eigenlijk nog checken - heb ik Firefox afgesloten om op de IE over te stappen (waar ik normaal nooit mee surf, maar de versie is pas vernieuwd dus). Toen kwam er een foutmelding dat de plugincontainer van FF was gecrasht? Alles staat inmiddels af en warempel: de CPU snelheid is weer normaal (tussen 5 en 25%) en de laptop is niet extreem traag ofzo! Ik ben dus nu eventjes gelukkig en heb volgens mij toch al heel wat kunnen goedmaken. Enfin, ik heb alvast het gevoel dat ik iets of wat vat op de machine krijg. Ik zou nu eerst wat voor het werk moeten doen, daarna misschien een extra back up maken van alles (?) en erna zal ik de dingen doen die je zegt. (P.S.: toevallig ook niet zo'n forum om een gsm te rooten met superoneclick. :-s ) ---------- Post toegevoegd om 17:03 ---------- Vorige post was om 17:02 ---------- Extra: wat nu trouwens tot de CPU pieken leidt of het meeste verbruikt zijn opnieuw "system idle processes", "interrupts" en die svchost.exe's. ---------- Post toegevoegd om 17:05 ---------- Vorige post was om 17:03 ---------- En mijn woorden waren nog niet koud en hij zit alweer aan 100% CPU verbruik ... me net afvragend of ik nu met IE moest blijven werken en FF gedoemd was. Ik heb hotmail geopend en toen schoot 'm weer naar omhoog... dit maal de IE zelf.
  14. Soekie
    Het laatste hijack this logje (heb nog eens opnieuw uitgevoerd om te kijken of het nu lukte, en dit logje lijkt weer anders dan het vorige :-s) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:04:15, on 3/01/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\DAEMON Tools Pro\DTAgent.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\taskeng.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\System32\calc.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Windows\system32\Taskmgr.exe C:\Microsoft Office2000\Office\WINWORD.EXE C:\Windows\MSAgent\agentsvr.exe C:\Users\Anja\AppData\Local\temp\Temp3_ProcessExplorer.zip\procexp.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun O8 - Extra context menu item: Download all links using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://J:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8032 bytes
  15. Soekie
    De MBAM log ziet er goed uit: Malwarebytes Anti-Malware 1.60.0.1800 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.01.02.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Anja :: MIJN_WITTEKE [administrator] 2/01/2012 16:30:39 mbam-log-2012-01-02 (16-30-39).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 170185 Verstreken tijd: 14 minuut/minuten, 44 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  16. Soekie
    Er is iets vreemds aan de hand Heel veel van de dingen die je vernoemt om te verwijderen via hijack this, krijg ik niet te zien als ik een scan doe. Als ik een scan doe en een logje maak, worden ze wel terug vermeld in de log. Maar ik kan ze dus niet aanvinken om te verwijderen, want ze staan simpelweg niet in die lijst ... Het is wel zo dat ik Hijackthis niet krijg opgestart als admin, maar hoe dan ook... het staat toch weer in het kladblokbericht achteraf. Kan iemand verklaren hoe dit komt? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:52:14, on 12/06/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Windows\system32\conime.exe C:\Windows\Explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Microsoft Office2000\Office\POWERPNT.EXE C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file) O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office2000\Office\OSA9.EXE O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O13 - Gopher Prefix: O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://pccheckup.dellfix.com/sdccommon/download/tgctlcm.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8852 bytes
  17. Soekie
    ------
  18. Soekie
    Oei oké, je het gelijk, hierbij een nieuw logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:52:14, on 12/06/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Windows\system32\conime.exe C:\Windows\Explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Microsoft Office2000\Office\POWERPNT.EXE C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file) O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office2000\Office\OSA9.EXE O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O13 - Gopher Prefix: O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://pccheckup.dellfix.com/sdccommon/download/tgctlcm.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8852 bytes ---------- Post toegevoegd om 17:23 ---------- Vorige post was om 17:11 ---------- De temperatuur deed me inderdaad ook schrikken! Ik weet niet rond welk niveau de temperatuur normaal ligt maar dat niveau lijkt me ook erg hoog? :? Ik dacht toen nog dat het zou kunnen komen omdat mijn pc de hele dag volop gewerkt was. Ik was immers al continu bezig geweest met overtollige gegevens en programma's verwijderen, programma's updaten, dingen downloaden, ... en back-ups maken van bestanden. Plus dan het opzoeken waar de fout kon zitten. Maar nu staat mijn pc net op na meer dan 24u stil te hebben gelegen. Ik heb direct Speccy aangezet om het te kunenn controleren. Opnieuw al meteen 60° voor moederbord en processor! :-/ Mijn laptop voelt nochtans niet warm aan (wat vroeger wel eens anders is geweest) ... kan het om een foute weergave van de temperatuur gaan, een kapotte thermometer dus? Kunnen problemen met de koeling de oorzaak zijn van mijn trage systeem met de hoge CPU? CPU gebruik was daarnet weer 100, vlak na het opstarten, met firefox aan die een programma downloadde, speccy, hijack this aan, de windows verkenner en msn messenger. Momenteel hangt het CPU verbruik rond de 50%, met pieken tot 100. Redelijk doenbaar dus. Toen het CPU verbruik heel hoog was, zag ik op die processorcheck vooral weer de "interrups" met als oorzaak "hardware interrups en DPC's, dat staat onder de map system en daar staat ook iets anders op: mms.exe, als je hierop de muis houdt om te zien wat het is zegt hij "error opening process". Er is ook een csrrs.exe, die ook bij meer informatie "error opening process" geeft en veel CPU verbruikt. Verder is er een "system idle process" dat heel veel gebruikt. (Is misschien het ganse systeem samen? :?) Er staan nog altijd heel veel svchost.exe'n in de lijst, maar dat is misschien normaal?? Als jullie een screenshotje willen van die processen ofzo, laat gerust iets weten. Al weet ik niet of jullie er veel mee zijn. Maar het lijkt me dus dat er toch veel fouten inzitten, zowel op hardware als software gebied misschien? ---------- Post toegevoegd om 17:27 ---------- Vorige post was om 17:23 ---------- Au_.exe, is ook weer één van die processen die bij meer informatie "error opening process" geeft. :? Normaal? Het gaat hier wel om windows vista ... ---------- Post toegevoegd om 17:31 ---------- Vorige post was om 17:27 ---------- Eerlijk gezegd weet ik niet wat die McAfee daar doet ... :-/ Ik wist dit niet ... tot jij het nu zei. Nu zag ik 'm zelf ook in mijn log staan. Verder heb ik hier nooit iets van mcafee gezien. Ik had AVG tot voor een dik jaar geleden, toen ik moest updaten, maar dit niet kon zonder heel veel foutmeldingen. Daarmee zat ik dus vast. Ik heb gisteren nog avir (die met dat parapluutje) proberen installeren maar ook dat gaf een foutmelding 'invalid file" ofzoiets, waarbij ik hem opnieuw moest downloaden, enzoverder ... De windows defender beweert dus ook dat er geen virusscanprogramma aanwezig is. Ik heb ook het pad gevolgd (program files, windows verkenner) waar mcafee zou moeten staan, eveneens mcafee gezocht in de windows verkenner via 'zoeken'. Niets gevonden ... Als dat er werkelijk is, en het draait op de één of andere manier op de achtergrond, zou dat alvast de vertragingen kunnen verklaren? Ook het opstarten gaat overigens heel traag dus ... Wat ad-aware betreft, die log had ik eigenlijk al zowat onmiddellijk na de vraag gemaakt en gepost hier ... dacht ik, dat bleek niet te zijn gelukt, dus heb ik 'm 's avonds opnieuw gepost. Daarom allicht? De nieuwe van nu is wel recent en up to date. ---------- Post toegevoegd om 17:34 ---------- Vorige post was om 17:31 ---------- Ahja Ares ... één van de eerste progs die ik ooit op deze pc heb gezet. Daarmee liep het al meteen goed mis. Windows begon al snel heel raar te doen en te vervormen. Achteraf bleek dat Ares niet compatibel was met windows vista en daardoor alle miserie werd veroorzaakt. Dat was toen overigens de reden waarom ik geen beroep deed op iemand van Dell, om naar mijn pc te komen kijken. Want in principe had ik die garantie... Nooit gebruik van gemaakt echter. Maar helaas kan ik ook niet zeggen dat ik er supercontent van ben geweest ooit ... Ares werkt nu al een tijdje niet meer, ttz: ik kan het aanzetten maar als ik liedjes ofzo opzoekt vindt het niks. Ik heb nochtans ook een turbo accelator en wat is het allemaal ervan gedownload maar dat leverde niets op. Kan ik misschien beter maar ineens verwijderen? Want ik moet bekennen: van die chat heb ik nog nooit niks gehoord. :-+ ---------- Post toegevoegd om 17:38 ---------- Vorige post was om 17:34 ---------- Verdachtheden in de processen lijst zijn nu dus: De path: "error opening process" als je er met je muis op staat: au_.exe csrrs.exe mss.exe lsm.exe jucheck.exe winlogon.exe (maar hieronder staat wel gewoon win. taakbeheer) Ik weet echter niet of dat iets wil zeggen? :s Verder de vele svchost.exe (indien dat abnormaal is) en de interrupts dus...
  19. Soekie
    Oké, hierbij de Speccy log: http://speccy.piriform.com/results/n4AKTpmOdq66XbMKrfRGRkr Bij HJ kreeg ik wel een foutmelding: hij kon niet aan de hosts ofzoiets van windows? Om toch al iets veiliger te zitten probeer ik intussen nog avira te installeren, die is mss wel comptaibel met zonealarm.
  20. Soekie
    Opnieuw een update, Na het verwijderen van die Ad-aware is er iets of wat verbetering merkbaar, bij momenten. Nu ben ik verdergegaan met die svchost.exe Uitgekomen bij een plaats via mijn computer, dan beheer en dan services en toepassingen en dan services, heb ik een overzicht gekregen van alle processen die op mijn pc draaien, automatisch, handmatig of uitgeschakeld. Ik heb niets in die instellingen durven veranderen omdat het te delicaat leek, maar er is in ieder geval heel veel bezig, zoveel werd duidelijk. Via een bepaalde command in msdos heb ik ook een overzicht kunnen krijgen van de processen achter die svchost.exe's, die ik dan zou hebben moeten koppelen aan die services om deze zo uit te schakelen of op handmatig te zetten, maar dat is niet gelukt eigenlijk. Veel te ingewikkeld en de risico's bij iets verkeerds en belangrijks aanpassen leken me groot? Ik ben nu wel windows aan het updaten, je weet nooit of het probleem daar niet zit ... Eens zien of dat iets oplevert, verder is er ook heel veel 'rommel' (overbodige programma's) van mijn pc afgegooid. Ohja, inmiddels zie ik die "interrups" niet meer bij die processen staan, maar wat nu het hoogste CPU verbruik heeft verandert continu, zo stond er al coregen.exe, en nu wisselt het installatieprogramma met die svchost.exe dus .... Of het nu toch zou gaan om een hardware conflict of niet?
  21. Soekie
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:52:14, on 12/06/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Windows\system32\conime.exe C:\Windows\Explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Microsoft Office2000\Office\POWERPNT.EXE C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file) O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office2000\Office\OSA9.EXE O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O13 - Gopher Prefix: O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://pccheckup.dellfix.com/sdccommon/download/tgctlcm.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8852 bytes
  22. Soekie
    Het is niet de eerste maal dat ik hierover mijn beklag kom doen, maar ... het probleem is helaas nog niet opgelost. Een korte situatieschets: Een laptop Dell Inspiron 1525, van zo'n vijf jaar oud gaat ongelofelijk, hemeltergend traag. Dit is reeds jaaaa-ren het geval, maar gezien niet enkel ik maar ook mijn vrienden opmerken dat ik er megaveel tijd door verlies, heb ik beslist er nu werkelijk iets aan te doen en niet meer los te laten tot ik de oplossing gevonden heb!! (Reeds jaren ben ik vanalles aan het proberen). Probleem: - gaat heel traag en blijft continu hangen, werkt enkel haperend - windows media player opstarten voor afspelen muziek of film: duurt uren - afspelen muziek of film: onmogelijk, wegens continu haperingen in film of muziek - youtube afspelen of alle andere bronnen om online iets af te spelen, al is het slechts muziek (bv radio luisteren) -> onmogelijk - mail, forumbericht of tekst typen -> tekst komt er pas uren later op, je moet continu wachten en pauzes nemen omdat de pc je niet kan volgen (want hangt continu vast), blijkt dan een deel van je getypte tekst verdwenen te zijn omdat de pc toen heel tilt lag, waardoor je zinnen niet meer kloppen, etc. - je wil back-ups maken en bestanden kopieren, maar duurt uren dus zinloos - ... -> Heden gebruik ik de laptop zonder enig franje, alles zeer basic ingesteld, zeer weinig programma's die mee opstarten ed, alles heel streng gecontroleerd, omdat het anders volledig ondoenbaar is, maar nu is het nog onmenselijk dus helaas :? Diagnostisch belangrijk: - HD totaal 120 gb, opgesplitst in één van 100 en één van 20, die van 100 nog voor 20gbvrij (na een opruimactie deze week :?) en die van 20 nog voor zo'n 10 gb vrij. - geheugen 2GB ram - CPU verbruik = continu 100% !!! (het is dus zo ver gekomen dat ik continu op ctrl alt del moet drukken bijna omdat ik denk dat hij vasthangt en er nieuw leven in wil blazen) - staat momenteel geen virusscanner op, had AVG maar die geeft continu foutmeldingen, ik moest hem nl updaten maar dit ging niet, heb dan een oude versie moeten wissen wat ook niet ging ... dit uiteindelijk gelukt, nieuwe pogen te installeren en deze vraagt nu of ik zonealarm wil wissen... - zonealarm/zonelabs is dus geïnstalleerd - nog diverse antispywareprogs zijn geïnstalleerd Recent gedownload, na wat opzoeken op internet: de Process Explorer, om te kijken wat mijn CPU-verbruik zo hoog maakt want dit lijkt het probleem te zijn, de resultaten: - Ad Aware, van lavasoft (procesnaam: aawservice.exe -> ik herken het logo), vebruikt heel veel -> dit is een antispyware prog wat me vroeger werd aangeraden, toen ik het jaren geleden nog eens wou gebruiken zoals vroeger, bleek het plots betalend te zijn. Ik heb de betaalversie niet gekocht, sindsdien foutmeldingen en ik krijg het niet meer gedeïnstalleerd. Ik probeer het nu dus te deïnstalleren via configuratiescherm. Maar dit lijkt niet te werken. Heb al geprobeerd het programma minder prioriteit te geven en dit systeem te sluiten -> onmogelijk, geeft steeds foutmelding - SVChost.exe , verbruikt ook veel CPU - nog verontrustender: iets met de naam "interrupts", beschrijving: hardware interrups & DPC, gebruikt ook veel CPU ... Verder firefox etc. Maar het rare is dus dat ik zelfs niet windows kan aanzetten en even snel een word-docje openen om iets af te printen, firefox aanzetten om gewoon even mails te checken of nieuws te lezen, alles duurt uren, en alles verbruikt dus al een enorme CPU. Al staat er ogenschijnlijk niets op ... Als iemand me kan helpen of kan doorverwijzen, please ... uw hulp is zeer welkom !!!! Zeer veel dank!! Een wanhopig pcgebruikstertje ---------- Post toegevoegd om 16:59 ---------- Vorige post was om 16:57 ---------- In mijn vorige post schreef ik dat Ad-aware het hoogste CPU verbruik had en ik deze niet kreeg gewist, door nog enkele dingen op te zoeken etc is dit inmiddels wel gelukt. Ad-aware is op elk niveau verdwenen van mijn pc, maar mijn CPU verbruik is nog steeds 100% en mijn laptop continu haperend: - Interrupts - SVChosts nemen nu het hoogste CPU gebruik voor hun rekening. :?
  23. Soekie
    Plots begint het te verergeren... :-/ Ik heb een nieuw hijack logje gemaakt, misschien scheelt er weer wat? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:03:23, on 21/12/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Windows\System32\notepad.exe C:\Windows\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files\Messenger_Plus_Live_Belgium\tbMess.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files\Messenger_Plus_Live_Belgium\tbMess.dll O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing) O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7422 bytes __________________________________________________________________________ Kan het overigens dat iemand malware op je pc 'brengt' terwijl je met hem of haar msnt? Of ik begin paranoia te worden.
  24. Soekie
    Oei, mijn bericht hier is niet doorgekomen zie ik. :? Intussen is het kuiswerk gedaan. Toch een hele zoo aan beestjes op mijn pc te vinden precies. Ik merk een verschil. Maar het is helaas niet zo groot. Hij doet het minder, maar hij durft nog altijd vasthangen/haperen/... waardoor ik veel tijd verlies en me vaak erger. Je kent dat, je wil snel snel de bus-, treinuren opzoeken, een mail beantwoorden, een verrichting doen, ... en je geeft het van ellende op omdat hij gewoon niet doordoet zoals het hoort. Zou het 'slijtage kunnen zijn dan?
  25. Soekie
    Oeps, mijn excuses. Dat was ik vergeten. Bij deze: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:06:03, on 10/12/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Windows\system32\wuauclt.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files\Messenger_Plus_Live_Belgium\tbMess.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files\Messenger_Plus_Live_Belgium\tbMess.dll O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - http://www.putfile.com/includes/ImageUploader4-5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ManageEngine Firewall Analyzer 5.0 (firewallanalyzer) - Unknown owner - C:\AdventNet\ME\Firewall\bin\wrapper.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing) O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7236 bytes Hartelijk dank voor het nakijkwerk!!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.