virus?

Anoniem2 · 7 juni 2009

hoi, denk vraag het hier maar es,\r\n\r\nsinds enige tijd is mijn computer erg instabiel, soms blijft ie ineens vast staan, en meestal gebeurd dat wanneer ik op internet op bv hyves een afbeelding slecteer vanuit mijn afbeeldingen, loopt dat direct vast.\r\nheb hem al gescant met adaware en dat soort programma\'\'s maar ik kom er niet uit.\r\nik zal een hyjack this logje bij plaatsen.\r\n\r\nbedankt Ellen.:)\r\n\r\nLogfile of Trend Micro HijackThis v2.0.2\r\nScan saved at 21:16:27, on 7-6-2009\r\nPlatform: Windows XP SP3 (WinNT 5.01.2600)\r\nMSIE: Internet Explorer v7.00 (7.00.6000.16827)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\WINDOWS\\System32\\smss.exe\r\nC:\\WINDOWS\\system32\\winlogon.exe\r\nC:\\WINDOWS\\system32\\services.exe\r\nC:\\WINDOWS\\system32\\lsass.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe\r\nC:\\WINDOWS\\system32\\spoolsv.exe\r\nC:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACService.exe\r\nC:\\Program Files\\Adobe\\Photoshop Elements 5.0\\PhotoshopElementsFileAgent.exe\r\nC:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nC:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nC:\\WINDOWS\\eHome\\ehRecvr.exe\r\nC:\\WINDOWS\\eHome\\ehSched.exe\r\nC:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaantmon.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nC:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nC:\\Program Files\\Eset\\nod32krn.exe\r\nC:\\WINDOWS\\system32\\nvsvc32.exe\r\nC:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\Program Files\\Intel\\IntelDH\\Intel(R) Quick Resume Technology Drivers\\Elservice.exe\r\nC:\\WINDOWS\\Explorer.EXE\r\nC:\\WINDOWS\\system32\\dllhost.exe\r\nC:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\r\nC:\\Program Files\\SSC Service Utility\\ssc_serv.exe\r\nC:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\r\nC:\\WINDOWS\\RTHDCPL.EXE\r\nC:\\WINDOWS\\ehome\\ehtray.exe\r\nC:\\Program Files\\HP DigitalMedia Archive\\DMAScheduler.exe\r\nC:\\WINDOWS\\system32\\ctfmon.exe\r\nC:\\WINDOWS\\eHome\\ehmsas.exe\r\nC:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\r\nC:\\WINDOWS\\system32\\rundll32.exe\r\nC:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe\r\nC:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexStoreSvr.exe\r\nc:\\windows\\system\\hpsysdrv.exe\r\nC:\\Program Files\\Messenger\\msmsgs.exe\r\nC:\\Program Files\\Lavasoft\\Ad-Aware\\AAWTray.exe\r\nC:\\Program Files\\Nero\\Nero 7\\Nero StartSmart\\NeroStartSmart.exe\r\nC:\\Program Files\\Nero\\Nero 7\\Core\\nero.exe\r\nC:\\Program Files\\FTDv3.8\\KoalaFTDSearch.exe\r\nC:\\Program Files\\FTDv3.8\\ftdv3.exe\r\nC:\\Program Files\\AltBinz\\altbinz.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe\r\n\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.google.nl/[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = [url]http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=64&bd=PAVILION&pf=desktop[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = \r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyServer = 130.37.198.244:80\r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nR3 - URLSearchHook: (no name) - - (no file)\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre6\\bin\\ssv.dll\r\nO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\\Program Files\\Adobe\\Acrobat 6.0\\Acrobat\\AcroIEFavClient.dll\r\nO2 - BHO: (no name) - {33AD81BE-EF03-4285-990F-D33957183303} - (no file)\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugin.dll\r\nO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\\Program Files\\Adobe\\Acrobat 6.0\\Acrobat\\AcroIEFavClient.dll\r\nO4 - HKLM\\..\\Run: [IAAnotif] C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\r\nO4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup\r\nO4 - HKLM\\..\\Run: [Recguard] C:\\WINDOWS\\SMINST\\RECGUARD.EXE\r\nO4 - HKLM\\..\\Run: [HPBootOp] \"C:\\Program Files\\Hewlett-Packard\\HP Boot Optimizer\\HPBootOp.exe\" /run\r\nO4 - HKLM\\..\\Run: [nod32kui] \"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE\r\nO4 - HKLM\\..\\Run: [SSC Service Utility] C:\\Program Files\\SSC Service Utility\\ssc_serv.exe /s\r\nO4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\r\nO4 - HKLM\\..\\Run: [RTHDCPL] RTHDCPL.EXE\r\nO4 - HKLM\\..\\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect\r\nO4 - HKLM\\..\\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode\r\nO4 - HKLM\\..\\Run: [ehTray] C:\\WINDOWS\\ehome\\ehtray.exe\r\nO4 - HKLM\\..\\Run: [DMAScheduler] \"c:\\Program Files\\HP DigitalMedia Archive\\DMAScheduler.exe\"\r\nO4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe\r\nO4 - HKCU\\..\\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] \"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"\r\nO4 - .DEFAULT User Startup: Pin.lnk = C:\\hp\\bin\\CLOAKER.EXE (User \'Default user\')\r\nO4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\\hp\\bin\\cloaker.exe (User \'Default user\')\r\nO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\\WINDOWS\\system32\\shdocvw.dll\r\nO9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\OFFICE11\\REFIEBAR.DLL\r\nO9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Vendors\\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\\IEButton\\support.htm\r\nO9 - Extra \'Tools\' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Vendors\\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\\IEButton\\support.htm\r\nO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - [url]http://esupport.epson-europe.com/selftest/nl/Prg/ESTPTest.cab[/url]\r\nO17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{982E5A97-5AB8-4882-B56A-A1E5D71E7B1F}: NameServer = 195.121.1.34,195.121.1.66\r\nO20 - Winlogon Notify: !SASWinLogon - C:\\Program Files\\SUPERAntiSpyware\\SASWINLO.DLL\r\nO23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACService.exe\r\nO23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\\Program Files\\Adobe\\Photoshop Elements 5.0\\PhotoshopElementsFileAgent.exe\r\nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nO23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nO23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\\Program Files\\Intel\\IntelDH\\Intel(R) Quick Resume Technology Drivers\\Elservice.exe\r\nO23 - Service: FLEXnet Licensing Service - Unknown owner - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe (file missing)\r\nO23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe (file missing)\r\nO23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaantmon.exe\r\nO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe\r\nO23 - Service: iPod-service (iPod Service) - Unknown owner - C:\\Program Files\\iPod\\bin\\iPodService.exe (file missing)\r\nO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nO23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe\r\nO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nO23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe\r\nO23 - Service: NMIndexingService - Nero AG - C:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe\r\nO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\\Program Files\\Eset\\nod32krn.exe\r\nO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe\r\nO23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\Common Files\\PCSuite\\Services\\ServiceLayer.exe\r\nO23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe\r\n\r\n--\r\nEnd of file - 9290 bytes

Anoniem2 · 7 juni 2009

Ik ken niks van het lezen van deze logjes.\nDe problemen die je bestrijdt kunnen duiden op een warmte probleem.\nDownload eens Speedfan.

Anoniem2 · 7 juni 2009

Hallo Eklen,\r\n\r\nstart HijackThis en kies voor [B]Scan only[/B], na een vinkje te hebben gezet voor de met de onderstaand corresponderende regels, klik je op de knop [B]Fix checked[/B]:\r\n\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = [url]http://ie.redirect.hp.com/svs/rdr?TY...ION&pf=desktop[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Int ernet Settings,ProxyOverride = *.local\r\nR3 - URLSearchHook: (no name) - - (no file)\r\nO2 - BHO: (no name) - {33AD81BE-EF03-4285-990F-D33957183303} - (no file)\r\n\r\n\r\nDoe daarna de volgende stappen:\r\n\r\n1) download, installeer en blijf [B]MBAM[/B] gebruiken.\r\nAl meteen na de installatie wil [B]MBAM[/B] zijn database opwaarderen – toestaan dus.\r\nOok bij herhaald gebruik: eerst de tab [B]Update[/B] aandoen!\r\n\r\n[url=http://www.idealsoftware.nl/MBAM/][B]Download MBAM[/B][/url]\r\n\r\nStart [B]MBAM[/B] en kies voor [B]Snelle Scan[/B]\r\n \r\n\r\n[COLOR=\"Red\"][B]N.B.: Vistagebruikers starten MBAM via rechtsklikken en kiezen voor [COLOR=\"Blue\"]Als Admistrator uitvoeren[/COLOR]![/B][/COLOR]\r\n\r\nHet scannen kan een tijdje duren, dus wees geduldig. \r\nWanneer de scan voltooid is, klik dan op de knop [B]OK[/B] , daarna op de knop [B]Bekijk Resultaten[/B] om de resultaten te zien. \r\nZorg ervoor dat daar alles aangevinkt is, daarna klikken op: [B]Verwijder geselecteerde[/B] . \r\nNa het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.\r\n\r\nHet log wordt automatisch bewaard door [B]MBAM[/B] en dat kan je terugvinden door op de tab [B]Logs[/B] te klikken in [B]MBAM[/B] . \r\n\r\nIndien [B]MBAM[/B] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [B]OK[/B] klikken! \r\nDaarna zal [B]MBAM[/B] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.\r\n\r\n2) [COLOR=\"Navy\"][B]Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het eerste scanresultaat van MBAM posten[/B].[/COLOR]

Anoniem2 · 9 juni 2009

allereerst bedankt voor de snelle reacties,\r\n\r\nhier mijn log bestanden na de scan enz,\r\n\r\nLogfile of Trend Micro HijackThis v2.0.2\r\nScan saved at 22:32:56, on 9-6-2009\r\nPlatform: Windows XP SP3 (WinNT 5.01.2600)\r\nMSIE: Internet Explorer v7.00 (7.00.6000.16827)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\WINDOWS\\System32\\smss.exe\r\nC:\\WINDOWS\\system32\\winlogon.exe\r\nC:\\WINDOWS\\system32\\services.exe\r\nC:\\WINDOWS\\system32\\lsass.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe\r\nC:\\WINDOWS\\system32\\spoolsv.exe\r\nC:\\WINDOWS\\Explorer.EXE\r\nC:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACService.exe\r\nC:\\Program Files\\Adobe\\Photoshop Elements 5.0\\PhotoshopElementsFileAgent.exe\r\nC:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nC:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nC:\\WINDOWS\\eHome\\ehRecvr.exe\r\nC:\\WINDOWS\\eHome\\ehSched.exe\r\nC:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaantmon.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nC:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\r\nC:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nC:\\Program Files\\Eset\\nod32krn.exe\r\nC:\\WINDOWS\\system32\\nvsvc32.exe\r\nC:\\Program Files\\Eset\\nod32kui.exe\r\nC:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\Program Files\\SSC Service Utility\\ssc_serv.exe\r\nC:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\r\nC:\\WINDOWS\\RTHDCPL.EXE\r\nC:\\Program Files\\Intel\\IntelDH\\Intel(R) Quick Resume Technology Drivers\\Elservice.exe\r\nC:\\WINDOWS\\ehome\\ehtray.exe\r\nC:\\Program Files\\HP DigitalMedia Archive\\DMAScheduler.exe\r\nC:\\WINDOWS\\system32\\ctfmon.exe\r\nC:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\r\nC:\\WINDOWS\\system32\\rundll32.exe\r\nc:\\windows\\system\\hpsysdrv.exe\r\nC:\\WINDOWS\\system32\\wuauclt.exe\r\nC:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe\r\nC:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexStoreSvr.exe\r\nC:\\Program Files\\Lavasoft\\Ad-Aware\\AAWTray.exe\r\nC:\\WINDOWS\\eHome\\ehmsas.exe\r\nC:\\WINDOWS\\system32\\dllhost.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe\r\n\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.google.nl/[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = \r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyServer = 130.37.198.244:80\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre6\\bin\\ssv.dll\r\nO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\\Program Files\\Adobe\\Acrobat 6.0\\Acrobat\\AcroIEFavClient.dll\r\nO2 - BHO: (no name) - {33AD81BE-EF03-4285-990F-D33957183303} - (no file)\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugin.dll\r\nO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\\Program Files\\Adobe\\Acrobat 6.0\\Acrobat\\AcroIEFavClient.dll\r\nO4 - HKLM\\..\\Run: [IAAnotif] C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\r\nO4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup\r\nO4 - HKLM\\..\\Run: [Recguard] C:\\WINDOWS\\SMINST\\RECGUARD.EXE\r\nO4 - HKLM\\..\\Run: [HPBootOp] \"C:\\Program Files\\Hewlett-Packard\\HP Boot Optimizer\\HPBootOp.exe\" /run\r\nO4 - HKLM\\..\\Run: [nod32kui] \"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE\r\nO4 - HKLM\\..\\Run: [SSC Service Utility] C:\\Program Files\\SSC Service Utility\\ssc_serv.exe /s\r\nO4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\r\nO4 - HKLM\\..\\Run: [RTHDCPL] RTHDCPL.EXE\r\nO4 - HKLM\\..\\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect\r\nO4 - HKLM\\..\\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode\r\nO4 - HKLM\\..\\Run: [ehTray] C:\\WINDOWS\\ehome\\ehtray.exe\r\nO4 - HKLM\\..\\Run: [DMAScheduler] \"c:\\Program Files\\HP DigitalMedia Archive\\DMAScheduler.exe\"\r\nO4 - HKLM\\..\\Run: [AppleSyncNotifier] C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleSyncNotifier.exe\r\nO4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime\r\nO4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe\r\nO4 - HKCU\\..\\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] \"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"\r\nO4 - .DEFAULT User Startup: Pin.lnk = C:\\hp\\bin\\CLOAKER.EXE (User \'Default user\')\r\nO4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\\hp\\bin\\cloaker.exe (User \'Default user\')\r\nO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\\WINDOWS\\system32\\shdocvw.dll\r\nO9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\OFFICE11\\REFIEBAR.DLL\r\nO9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Vendors\\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\\IEButton\\support.htm\r\nO9 - Extra \'Tools\' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Vendors\\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\\IEButton\\support.htm\r\nO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - [url]http://esupport.epson-europe.com/selftest/nl/Prg/ESTPTest.cab[/url]\r\nO17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{982E5A97-5AB8-4882-B56A-A1E5D71E7B1F}: NameServer = 195.121.1.34,195.121.1.66\r\nO20 - Winlogon Notify: !SASWinLogon - C:\\Program Files\\SUPERAntiSpyware\\SASWINLO.DLL\r\nO23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACService.exe\r\nO23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\\Program Files\\Adobe\\Photoshop Elements 5.0\\PhotoshopElementsFileAgent.exe\r\nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nO23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nO23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\\Program Files\\Intel\\IntelDH\\Intel(R) Quick Resume Technology Drivers\\Elservice.exe\r\nO23 - Service: FLEXnet Licensing Service - Unknown owner - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe (file missing)\r\nO23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe (file missing)\r\nO23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaantmon.exe\r\nO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe\r\nO23 - Service: iPod-service (iPod Service) - Unknown owner - C:\\Program Files\\iPod\\bin\\iPodService.exe (file missing)\r\nO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nO23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe\r\nO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nO23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe\r\nO23 - Service: NMIndexingService - Nero AG - C:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe\r\nO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\\Program Files\\Eset\\nod32krn.exe\r\nO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe\r\nO23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\Common Files\\PCSuite\\Services\\ServiceLayer.exe\r\nO23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe\r\n\r\n--\r\nEnd of file - 9002 bytes

Anoniem2 · 9 juni 2009

Malwarebytes\' Anti-Malware 1.37\r\nDatabase versie: 2255\r\nWindows 5.1.2600 Service Pack 3\r\n\r\n9-6-2009 22:11:27\r\nmbam-log-2009-06-09 (22-11-27).txt\r\n\r\nScan type: Snelle Scan\r\nObjecten gescand: 102936\r\nVerstreken tijd: 13 minute(s), 34 second(s)\r\n\r\nGeheugenprocessen geïnfecteerd: 0\r\nGeheugenmodulen geïnfecteerd: 0\r\nRegistersleutels geïnfecteerd: 2\r\nRegisterwaarden geïnfecteerd: 0\r\nRegisterdata bestanden geïnfecteerd: 0\r\nMappen geïnfecteerd: 0\r\nBestanden geïnfecteerd: 0\r\n\r\nGeheugenprocessen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nGeheugenmodulen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegistersleutels geïnfecteerd:\r\nHKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\affri (Malware.Trace) -> Quarantined and deleted successfully.\r\nHKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\affri (Malware.Trace) -> Quarantined and deleted successfully.\r\n\r\nRegisterwaarden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nRegisterdata bestanden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nMappen geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\nBestanden geïnfecteerd:\r\n(Geen kwaadaardige items gevonden)\r\n\r\n\r\ngroet Ellen

Anoniem2 · 10 juni 2009

[QUOTE=Swisi;469011]Ik ken niks van het lezen van deze logjes.\r\nDe problemen die je bestrijdt kunnen duiden op een warmte probleem.\r\nDownload eens Speedfan.[/QUOTE]\r\n\r\nHoi,\r\n\r\nen wat moet ik doen met dit programma?:|\r\nben niet zo\'n hele grote computerdeskundige....8-|

Anoniem2 · 10 juni 2009

Hallo Ellen, start HijackThis en kies voor [B]Scan only[/B], na een vinkje te hebben gezet voor de met de onderstaand corresponderende regels, klik je op de knop [B]Fix checked[/B]:\r\n\r\nO2 - BHO: (no name) - {33AD81BE-EF03-4285-990F-D33957183303} - (no file)\r\n\r\n\r\nVerder raad ik jou aan, dat je [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][B]Combofix laat scannen[/B][/url] (download het bestand naar je bureaublad).\r\n\r\n[B]Om Combofix te kunnen gebruiken geldt het volgende:[/B]\r\n\r\n[COLOR=\"Red\"][B]- er mogen geen webbrowsers openstaan\r\n- antivirus moet geheel gedeaktiveerd zijn\r\n- actieve mal- en spywarescanners moeten gedeaktiveerd zijn.[/B][/COLOR]\r\n\r\nNiet in het actieve Combofixvnster klikken – dit zal Combofix doen bevriezen!\r\n\r\nCombofix sluit de internet verbinding – probeer deze tussentijds niet te herstellen!\r\n\r\n[COLOR=\"Blue\"][B]Indien de Recovery Console niet geïnstalleerd is, \r\ndan wordt je gevraagd om dit alsnog te doen door op \'JA\' te klikken in het \"Query - Recovery Console\" venster. \r\nKlik daarom op \'OK\' en \'Ja\' om automatisch de Recovery Console te laten installeren. \r\nKlik na afloop hiervan wederom op \'Ja\', om het scannen op malware te starten.\r\n\r\n\r\nDe recovery Console maakt het makkelijker problemen op te lossen, indien Windows om de een of andere reden opstartproblemen heeft![/B][/COLOR]\r\n\r\n\r\n[COLOR=\"Red\"][B]Hier vindt je gegevens hoe antivirus te deaktiveren [/B][/COLOR]http://www.bleepingcomputer.com/forums/topic114351.html\r\n\r\n\r\nPost het Combofix-log.

Anoniem2 · 10 juni 2009

hoi,\r\n\r\nnou ik kan niks meer opslaan vanaf internet, dus kan ik combofix niet draaien...:(\r\n\r\nfijn dat je me helpt trouwens...:)

Anoniem2 · 10 juni 2009

Kan je via een andere computer Combofix downloaden?\r\n\r\nHernoem Combofix.exe dan bijvoorbeeld naar [B]Hallohallo.exe[/B] en middels USB-stick zet je dan het bestand in de stukkende computer! En start het dan op!

Anoniem2 · 10 juni 2009

ComboFix 09-06-09.06 - HP_Administrator 10-06-2009 20:42.14 - NTFSx86\r\nMicrosoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1022.538 [GMT 2:00]\r\nGestart vanuit: c:\\documents and settings\\HP_Administrator\\Bureaublad\\hallohallo.exe\r\nFW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}\r\n.\r\n\r\n(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))\r\n.\r\n\r\nc:\\windows\\kb913800.exe\r\n\r\n.\r\n(((((((((((((((((((( Bestanden Gemaakt van 2009-05-10 to 2009-06-10 ))))))))))))))))))))))))))))))\r\n.\r\n\r\n2009-06-10 14:16 . 2009-06-10 14:16 -------- d-----w- c:\\documents and settings\\HP_Administrator\\Tracing\r\n2009-06-10 13:57 . 2009-06-10 13:57 -------- d-----w- c:\\program files\\Microsoft\r\n2009-06-10 13:55 . 2009-06-10 13:55 -------- d-----w- c:\\program files\\Common Files\\Windows Live\r\n2009-06-10 07:16 . 2008-06-19 15:24 28544 ----a-w- c:\\windows\\system32\\drivers\\pavboot.sys\r\n2009-06-10 07:16 . 2009-06-10 07:16 -------- d-----w- c:\\program files\\Panda Security\r\n2009-06-09 19:56 . 2009-06-09 19:56 -------- d-----w- c:\\documents and settings\\HP_Administrator\\Application Data\\Malwarebytes\r\n2009-06-09 19:56 . 2009-05-26 11:20 40160 ----a-w- c:\\windows\\system32\\drivers\\mbamswissarmy.sys\r\n2009-06-09 19:56 . 2009-06-09 19:56 -------- d-----w- c:\\program files\\Malwarebytes\' Anti-Malware\r\n2009-06-09 19:56 . 2009-06-09 19:56 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\Malwarebytes\r\n2009-06-09 19:56 . 2009-05-26 11:19 19096 ----a-w- c:\\windows\\system32\\drivers\\mbam.sys\r\n2009-06-05 13:19 . 2009-06-05 13:19 -------- d-----w- c:\\windows\\system32\\wbem\\Repository\r\n2009-05-27 07:13 . 2009-05-27 07:13 -------- d-----w- c:\\program files\\FLV Player\r\n2009-05-19 18:59 . 2009-05-19 18:59 -------- d-----w- c:\\program files\\Ashampoo\r\n2009-05-12 22:14 . 2009-05-12 22:14 64160 ----a-w- c:\\documents and settings\\All Users\\Application Data\\Lavasoft\\Ad-Aware\\Update\\Drivers\\32\\lbd.sys\r\n\r\n.\r\n((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))\r\n.\r\n2009-06-10 18:31 . 2007-03-23 21:18 12 ----a-w- c:\\windows\\bthservsdp.dat\r\n2009-06-10 17:46 . 2009-06-10 17:46 3584 ----a-r- c:\\documents and settings\\HP_Administrator\\Application Data\\Microsoft\\Installer\\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\\Icon386ED4E3.exe\r\n2009-06-10 17:46 . 2009-06-10 17:46 -------- d-----w- c:\\program files\\Windows Installer Clean Up\r\n2009-06-10 17:45 . 2009-06-10 17:45 -------- d-----w- c:\\program files\\MSECACHE\r\n2009-06-10 13:57 . 2007-03-08 13:38 66016 ----a-w- c:\\documents and settings\\HP_Administrator\\Local Settings\\Application Data\\GDIPFONTCACHEV1.DAT\r\n2009-06-05 09:42 . 2009-03-28 16:52 2060288 ----a-w- c:\\windows\\system32\\usbaaplrc.dll\r\n2009-06-05 09:42 . 2007-09-18 14:45 39424 ----a-w- c:\\windows\\system32\\drivers\\usbaapl.sys\r\n2009-06-04 20:46 . 2007-08-29 07:35 -------- d-----w- c:\\program files\\Common Files\\Apple\r\n2009-05-26 17:20 . 2007-03-27 18:42 -------- d-----w- c:\\documents and settings\\HP_Administrator\\Application Data\\Azureus\r\n2009-05-19 19:00 . 2007-05-18 21:55 -------- d-----w- c:\\documents and settings\\HP_Administrator\\Application Data\\Ashampoo\r\n2009-05-19 17:59 . 2009-01-06 18:23 -------- d-----w- c:\\program files\\Vuze\r\n2009-05-14 07:26 . 2006-01-27 03:38 92172 ----a-w- c:\\windows\\system32\\perfc013.dat\r\n2009-05-14 07:26 . 2006-01-27 03:38 511286 ----a-w- c:\\windows\\system32\\perfh013.dat\r\n2009-05-12 22:14 . 2009-03-22 14:40 64160 ----a-w- c:\\windows\\system32\\drivers\\Lbd.sys\r\n2009-04-22 18:27 . 2009-04-22 16:56 -------- d-----w- c:\\program files\\imeem Uploader\r\n2009-04-22 16:57 . 2009-04-22 16:57 -------- d-----w- c:\\documents and settings\\HP_Administrator\\Application Data\\com.imeem.DesktopUploader.6C3F108F466C0F04F30B58747CAA4DF34281133B.1\r\n2009-04-22 16:56 . 2009-04-22 16:56 -------- d-----w- c:\\program files\\Common Files\\Adobe AIR\r\n2009-04-21 07:37 . 2009-04-21 07:37 -------- d-----w- c:\\documents and settings\\HP_Administrator\\Application Data\\SharePod\r\n2009-04-15 08:44 . 2007-05-16 16:13 -------- d-----w- c:\\documents and settings\\HP_Administrator\\Application Data\\Vso\r\n2009-04-15 07:25 . 2007-03-27 07:46 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\SlySoft\r\n2009-04-15 07:18 . 2009-04-15 07:18 -------- d-----w- c:\\program files\\SlySoft\r\n2009-04-01 21:22 . 2009-04-01 21:22 152576 ----a-w- c:\\documents and settings\\HP_Administrator\\Application Data\\Sun\\Java\\jre1.6.0_13\\lzma.dll\r\n2009-03-22 14:39 . 2009-03-22 14:39 69664 ----a-w- c:\\documents and settings\\All Users\\Application Data\\Lavasoft\\Ad-Aware\\Update\\Drivers\\64\\lbd.sys\r\n2009-03-22 14:39 . 2009-03-22 14:39 274792 ----a-w- c:\\documents and settings\\All Users\\Application Data\\Lavasoft\\Ad-Aware\\Update\\Drivers\\64\\AAWDriverTool.exe\r\n2009-03-22 14:39 . 2009-03-22 14:39 73064 ----a-w- c:\\documents and settings\\All Users\\Application Data\\Lavasoft\\Ad-Aware\\Update\\Drivers\\32\\AAWDriverTool.exe\r\n2006-08-25 23:00 . 2007-03-18 13:15 15502705 ----a-r- c:\\program files\\Sims2SP2.exe\r\n2007-03-08 13:07 . 2007-03-08 13:07 22 --sha-w- c:\\windows\\SMINST\\HPCD.sys\r\n.\r\n\r\n((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))\r\n.

Anoniem2 · 10 juni 2009

.\r\n*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond \r\nREGEDIT4\r\n\r\n[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]\r\n\"ctfmon.exe\"=\"c:\\windows\\system32\\ctfmon.exe\" [2008-04-14 15360]\r\n\"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\"=\"c:\\program files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\" [2007-06-27 152872]\r\n\r\n[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]\r\n\"IAAnotif\"=\"c:\\program files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\" [2006-07-06 151552]\r\n\"NvCplDaemon\"=\"c:\\windows\\system32\\NvCpl.dll\" [2006-10-31 7634944]\r\n\"Recguard\"=\"c:\\windows\\SMINST\\RECGUARD.EXE\" [2005-07-22 237568]\r\n\"HPBootOp\"=\"c:\\program files\\Hewlett-Packard\\HP Boot Optimizer\\HPBootOp.exe\" [2006-02-15 249856]\r\n\"SSC Service Utility\"=\"c:\\program files\\SSC Service Utility\\ssc_serv.exe\" [2006-10-16 490496]\r\n\"HP Software Update\"=\"c:\\program files\\Hp\\HP Software Update\\HPWuSchd2.exe\" [2007-05-08 54840]\r\n\"ehTray\"=\"c:\\windows\\ehome\\ehtray.exe\" [2005-08-17 64512]\r\n\"DMAScheduler\"=\"c:\\program files\\HP DigitalMedia Archive\\DMAScheduler.exe\" [2006-04-13 90112]\r\n\"AppleSyncNotifier\"=\"c:\\program files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleSyncNotifier.exe\" [2009-05-13 177472]\r\n\"RTHDCPL\"=\"RTHDCPL.EXE\" - c:\\windows\\RTHDCPL.EXE [2006-07-21 16261632]\r\n\"nwiz\"=\"nwiz.exe\" - c:\\windows\\system32\\nwiz.exe [2006-10-31 1622016]\r\n\"ftutil2\"=\"ftutil2.dll\" - c:\\windows\\system32\\ftutil2.dll [2004-06-07 106496]\r\n\r\n[hkey_local_machine\\software\\microsoft\\windows\\currentversion\\explorer\\ShellExecuteHooks]\r\n\"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\"= \"c:\\program files\\SUPERAntiSpyware\\SASSEH.DLL\" [2008-05-13 77824]\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\winlogon\\notify\\!SASWinLogon]\r\n2009-01-03 16:28 356352 ----a-w- c:\\program files\\SUPERAntiSpyware\\SASWINLO.DLL\r\n\r\n[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\control\\session manager]\r\nBootExecute REG_MULTI_SZ autocheck autochk /r \\??\\l:\\[u]0[/u]autocheck autochk *\\[u]0[/u]SsiEfr.e\\[u]0[/u]lsdelete\r\n\r\n[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\Lavasoft Ad-Aware Service]\r\n@=\"Service\"\r\n\r\n[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\Wdf01000.sys]\r\n@=\"Driver\"\r\n\r\n[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programma\'s^Opstarten^AutoPost - Auto Update.lnk]\r\npath=c:\\documents and settings\\All Users\\Menu Start\\Programma\'s\\Opstarten\\AutoPost - Auto Update.lnk\r\nbackup=c:\\windows\\pss\\AutoPost - Auto Update.lnkCommon Startup\r\n\r\n[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programma\'s^Opstarten^NkbMonitor.exe.lnk]\r\npath=c:\\documents and settings\\All Users\\Menu Start\\Programma\'s\\Opstarten\\NkbMonitor.exe.lnk\r\nbackup=c:\\windows\\pss\\NkbMonitor.exe.lnkCommon Startup\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center]\r\n\"AntiVirusOverride\"=dword:00000001\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\SymantecFirewall]\r\n\"DisableMonitoring\"=dword:00000001\r\n\r\n[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]\r\n\"c:\\\\Program Files\\\\LimeWire\\\\LimeWire.exe\"=\r\n\"c:\\\\Program Files\\\\Adobe\\\\Photoshop Elements 5.0\\\\AdobePhotoshopElementsMediaServer.exe\"=\r\n\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=\r\n\"%windir%\\\\system32\\\\sessmgr.exe\"=\r\n\"c:\\\\Program Files\\\\Common Files\\\\Nokia\\\\Service Layer\\\\A\\\\nsl_host_process.exe\"=\r\n\"c:\\\\Program Files\\\\Nokia\\\\Nokia Software Updater\\\\nsu_ui_client.exe\"=\r\n\"c:\\\\Program Files\\\\Vuze\\\\Azureus.exe\"=\r\n\r\n[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List]\r\n\"119:TCP\"= 119:TCP:newsleecher\r\n\"119:UDP\"= 119:UDP:newsleecher\r\n\"35195:TCP\"= 35195:TCP:Vuze\r\n\"35195:UDP\"= 35195:UDP:Vuze\r\n\r\nR0 Lbd;Lbd;c:\\windows\\system32\\drivers\\Lbd.sys [22-3-2009 16:40 64160]\r\nR0 pavboot;pavboot;c:\\windows\\system32\\drivers\\pavboot.sys [10-6-2009 9:16 28544]\r\nR1 SASDIFSV;SASDIFSV;c:\\program files\\SUPERAntiSpyware\\sasdifsv.sys [19-8-2008 23:34 8944]\r\nR1 SASKUTIL;SASKUTIL;c:\\program files\\SUPERAntiSpyware\\SASKUTIL.SYS [19-8-2008 23:34 55024]\r\nR2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\\program files\\Lavasoft\\Ad-Aware\\AAWService.exe [18-1-2009 23:34 1005904]\r\nR3 3xHybrid;3xHybrid service;c:\\windows\\system32\\drivers\\3xHybrid.sys [20-9-2006 15:55 2829696]\r\nS3 m4301a;Linksys Wireless-B USB Network Adapter v4.0 Driver;c:\\windows\\system32\\drivers\\m4301A.sys [15-3-2007 22:06 83552]\r\nS3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\\windows\\system32\\drivers\\nmwcdnsu.sys [20-2-2009 0:23 138112]\r\nS3 nmwcdnsuc;Nokia USB Flashing Generic;c:\\windows\\system32\\drivers\\nmwcdnsuc.sys [20-2-2009 0:23 8320]\r\nS3 PIXMC10;JVC Communication PIX-MC10 Driver;c:\\windows\\system32\\drivers\\pixmc10c.sys [3-4-2007 16:06 31232]\r\nS3 PIXMC10A;JVC PIX-MC10 Audio Capture;c:\\windows\\system32\\drivers\\pixmc10a.sys [3-4-2007 16:05 28060]\r\nS3 PIXMC10V;JVC PIX-MC10 Video Capture;c:\\windows\\system32\\drivers\\pixmc10v.sys [3-4-2007 16:07 22652]\r\nS3 SASENUM;SASENUM;c:\\program files\\SUPERAntiSpyware\\SASENUM.SYS [19-8-2008 23:34 7408]\r\nS3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\\windows\\system32\\drivers\\wn5301.sys [20-9-2006 15:55 468768]\r\n.\r\nInhoud van de \'Gedeelde Taken\' map\r\n\r\n2009-03-22 c:\\windows\\Tasks\\Ad-Aware Update (Weekly).job\r\n- c:\\program files\\Lavasoft\\Ad-Aware\\Ad-AwareAdmin.exe [2009-01-18 17:35]\r\n.\r\n- - - - ORPHANS VERWIJDERD - - - -\r\n\r\nBHO-{33AD81BE-EF03-4285-990F-D33957183303} - (no file)\r\nHKLM-Run-QuickTime Task - c:\\program files\\QuickTime\\QTTask.exe\r\n\r\n\r\n.\r\n------- Bijkomende Scan -------\r\n.\r\nuStart Page = hxxp://www.google.nl/\r\nuInternet Settings,ProxyServer = 130.37.198.244:80\r\nTCP: {982E5A97-5AB8-4882-B56A-A1E5D71E7B1F} = 195.121.1.34,195.121.1.66\r\n.\r\n\r\n**************************************************************************\r\n\r\ncatchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]\r\nRootkit scan 2009-06-10 20:49\r\nWindows 5.1.2600 Service Pack 3 NTFS\r\n\r\nscannen van verborgen processen ... \r\n\r\nscannen van verborgen autostart items ... \r\n\r\nscannen van verborgen bestanden ... \r\n\r\nScan succesvol afgerond\r\nverborgen bestanden: 0

Anoniem2 · 10 juni 2009

**************************************************************************\r\n.\r\n--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------\r\n\r\n[HKEY_USERS\\S-1-5-21-1789605329-118215931-1571430971-1007\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\{A0A6651F-B5EE-E3D8-2DBC-CB6B564E91B3}*]\r\n@Allowed: (Read) (RestrictedCode)\r\n@Allowed: (Read) (RestrictedCode)\r\n\"oamcijcfopjfnagkekolcllimifddn\"=hex:64,61,6c,6d,64,62,61,6c,00,e0\r\n\"oaacinbjgbchbkjldllnmejoclgbpm\"=hex:6b,61,6c,6d,65,62,64,6b,64,65,6e,6f,62,6b,\r\n 68,67,6e,65,67,6b,6f,64,00,00\r\n\"nagbgiohlgkgjbjdagmiendjoall\"=hex:6b,61,6c,6d,6f,61,6e,6a,67,6b,68,67,66,66,\r\n 70,62,6a,64,6d,6b,62,6d,00,00\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{47629D4B-2AD3-4e50-B716-A66C15C63153}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"cd042efbbd7f7af1647644e76e06692b\"=hex:c8,28,51,af,b0,29,a3,98,46,3f,57,4b,00,\r\n 8a,f6,f7,e2,63,26,f1,3f,c8,ff,68,29,55,ba,8b,06,a6,40,e5,e2,63,26,f1,3f,c8,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"bca643cdc5c2726b20d2ecedcc62c59b\"=hex:46,47,15,b0,92,4b,c7,ef,16,76,02,17,b9,\r\n 5c,9f,60,6a,9c,d6,61,af,45,84,18,57,3d,19,00,44,45,b0,50,6a,9c,d6,61,af,45,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{684373FB-9CD8-4e47-B990-5A4466C16034}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"2c81e34222e8052573023a60d06dd016\"=hex:25,da,ec,7e,55,20,c9,26,8a,8e,bb,f5,c2,\r\n a5,e5,6e,ff,7c,85,e0,43,d4,0e,fe,4a,64,08,df,7d,de,a4,6e,ff,7c,85,e0,43,d4,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"2582ae41fb52324423be06337561aa48\"=hex:3e,1e,9e,e0,57,5a,93,61,e3,bd,f5,bb,2d,\r\n 91,95,89,86,8c,21,01,be,91,eb,e7,70,96,f1,db,66,e2,2e,2c,86,8c,21,01,be,91,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{7EB537F9-A916-4339-B91B-DED8E83632C0}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"caaeda5fd7a9ed7697d9686d4b818472\"=hex:cd,44,cd,b9,a6,33,6c,cd,bd,bf,97,4b,eb,\r\n f0,cd,b7,f5,1d,4d,73,a8,13,5c,05,0b,14,19,f1,2a,40,ec,73,f5,1d,4d,73,a8,13,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{948395E8-7A56-4fb1-843B-3E52D94DB145}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"a4a1bcf2cc2b8bc3716b74b2b4522f5d\"=hex:df,20,58,62,78,6b,cf,c8,38,70,ea,01,1e,\r\n 4a,77,ac,df,20,58,62,78,6b,cf,c8,c3,35,79,09,d4,32,fc,2d,df,20,58,62,78,6b,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"4d370831d2c43cd13623e232fed27b7b\"=hex:fb,a7,78,e6,12,2f,9a,ea,60,2c,c9,2e,06,\r\n ef,ea,7e,fb,a7,78,e6,12,2f,9a,ea,1a,ef,1c,3e,bb,04,c4,22,fb,a7,78,e6,12,2f,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{DE5654CA-EB84-4df9-915B-37E957082D6D}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"1d68fe701cdea33e477eb204b76f993d\"=hex:83,6c,56,8b,a0,85,96,ab,70,1f,ba,83,6f,\r\n 2e,cd,86,01,3a,48,fc,e8,04,4a,f1,d8,06,b7,31,4d,b6,67,20,01,3a,48,fc,e8,04,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"1fac81b91d8e3c5aa4b0a51804d844a3\"=hex:f6,0f,4e,58,98,5b,89,c9,c5,ef,5d,51,94,\r\n f2,22,3c,f6,0f,4e,58,98,5b,89,c9,d3,8a,63,59,55,1d,c7,a4,f6,0f,4e,58,98,5b,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"f5f62a6129303efb32fbe080bb27835b\"=hex:b1,cd,45,5a,a8,c4,f8,b9,d3,95,21,cf,46,\r\n 9c,dc,31,3d,ce,ea,26,2d,45,aa,78,4d,79,62,17,93,ab,98,20,3d,ce,ea,26,2d,45,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"fd4e2e1a3940b94dceb5a6a021f2e3c6\"=hex:e3,0e,66,d5,eb,bc,2f,6b,f8,7d,ae,97,68,\r\n 11,0e,2f,2a,b7,cc,b5,b9,7f,41,e7,b5,f9,f7,ea,b5,bd,4e,47,2a,b7,cc,b5,b9,7f,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\\InprocServer32*]\r\n\"ThreadingModel\"=\"Apartment\"\r\n@=\"c:\\\\WINDOWS\\\\system32\\\\OLE32.DLL\"\r\n\"8a8aec57dd6508a385616fbc86791ec2\"=hex:fa,ea,66,7f,d4,3b,6b,70,7f,80,35,b7,31,\r\n ee,22,1d,6c,43,2d,1e,aa,22,2f,9c,2b,99,bc,c8,1a,cf,f5,9e,6c,43,2d,1e,aa,22,\\\r\n\r\n[HKEY_LOCAL_MACHINE\\software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\LocalSystem\\Components\\Ø•€|ÿÿÿÿ•€|ù•9~*]\r\n\"AB141C35E9F4BF344B9FC010BB17F68A\"=\"02:\\\\Software\\\\Adobe\\\\FeatureSubscriptions\\\\DVAAdobeDocMeta\\\\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\\\\Registered\"\r\n.\r\n--------------------- DLLs Geladen Onder Lopende Processen ---------------------\r\n\r\n- - - - - - - > \'winlogon.exe\'(900)\r\nc:\\program files\\SUPERAntiSpyware\\SASWINLO.DLL\r\n.\r\nVoltooingstijd: 2009-06-10 20:55\r\nComboFix-quarantined-files.txt 2009-06-10 18:54\r\nComboFix2.txt 2009-06-04 15:22\r\n\r\nPre-Run: 24.456.085.504 bytes beschikbaar\r\nPost-Run: 24.459.419.648 bytes beschikbaar\r\n\r\n231 --- E O F --- 2009-05-13 01:02

Anoniem2 · 10 juni 2009

Hallo Ellen, hoe is nu de stand van zaken betreffende jouw Windows.\r\nDoet Windows weer dat wat jij wil, of heb je nog steeds klachten?

Anoniem2 · 11 juni 2009

nee nog steeds hetzelfde eigenlijk...\r\nals ik iets vanaf internet wil opslaan blijft ie hangen...\r\nen andersom als ik bv op hyves een afbeelding wil invoegen vanaf mijn computer blijft ie ook hangen....

Anoniem2 · 11 juni 2009

Ik raad je ten eerste aan Internet Explorer 7 op te waarderen naar Internet Explorer 8,\r\ndeze is sneller, kan meer en is veiliger!\r\n\r\n[url]http://www.microsoft.com/downloads/details.aspx?FamilyID=341c2ad5-8c3d-4347-8c03-08cdecd8852b&displaylang=nl[/url]\r\n\r\n\r\nNadat je IE8 hebt geïnstalleerd, ga dan naar de volgende site: [url]http://www.compucated.be/vista/sneller-surfen-met-internet-explorer-8/[/url]\r\n\r\nVoer dan beide opdrachten (deldomains.inf en via CMD regsvr32 actxprxy.dll) uit.\r\n\r\nHou er rekening mee, dat het surfen via een proxyserver altijd langzamer is met mogelijk verlies van bepaalde akties!

Anoniem2 · 11 juni 2009

:( nou ik weet het niet meer hoor..\r\nheb alles al geprobeerd, op de site van microsoft ook nog gekeken, dacht misschien komt het omdat ik alleen bitmap zie als ik iets opsla, aanwijzingen gevolgd...maar geen resultaat!\r\n:cry:\r\n\r\n[url]http://support.microsoft.com/kb/810978/nl[/url]\r\n\r\nmaar bij mij blijft IE vastlopen zodra ik wat opsla óf wil gebruiken....:mad:

Anoniem2 · 11 juni 2009

Wil je een nieuw HJT-log posten?

Anoniem2 · 11 juni 2009

Logfile of Trend Micro HijackThis v2.0.2\r\nScan saved at 22:51:16, on 11-6-2009\r\nPlatform: Windows XP SP3 (WinNT 5.01.2600)\r\nMSIE: Internet Explorer v8.00 (8.00.6001.18702)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\WINDOWS\\System32\\smss.exe\r\nC:\\WINDOWS\\system32\\winlogon.exe\r\nC:\\WINDOWS\\system32\\services.exe\r\nC:\\WINDOWS\\system32\\lsass.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe\r\nC:\\WINDOWS\\system32\\spoolsv.exe\r\nC:\\WINDOWS\\Explorer.EXE\r\nC:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACService.exe\r\nC:\\Program Files\\Adobe\\Photoshop Elements 5.0\\PhotoshopElementsFileAgent.exe\r\nC:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nC:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nC:\\WINDOWS\\eHome\\ehRecvr.exe\r\nC:\\WINDOWS\\eHome\\ehSched.exe\r\nC:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaantmon.exe\r\nC:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nC:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nC:\\WINDOWS\\system32\\nvsvc32.exe\r\nC:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\Program Files\\Intel\\IntelDH\\Intel(R) Quick Resume Technology Drivers\\Elservice.exe\r\nC:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\r\nC:\\Program Files\\SSC Service Utility\\ssc_serv.exe\r\nC:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\r\nC:\\WINDOWS\\RTHDCPL.EXE\r\nC:\\WINDOWS\\ehome\\ehtray.exe\r\nC:\\Program Files\\HP DigitalMedia Archive\\DMAScheduler.exe\r\nC:\\WINDOWS\\system32\\rundll32.exe\r\nC:\\Program Files\\iTunes\\iTunesHelper.exe\r\nC:\\WINDOWS\\system32\\ctfmon.exe\r\nC:\\WINDOWS\\eHome\\ehmsas.exe\r\nC:\\WINDOWS\\system32\\dllhost.exe\r\nC:\\Program Files\\iPod\\bin\\iPodService.exe\r\nC:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe\r\nC:\\Program Files\\Lavasoft\\Ad-Aware\\AAWTray.exe\r\nc:\\windows\\system\\hpsysdrv.exe\r\nC:\\Program Files\\Messenger\\msmsgs.exe\r\nC:\\Program Files\\Avira\\AntiVir Desktop\\avguard.exe\r\nC:\\Program Files\\Avira\\AntiVir Desktop\\sched.exe\r\nC:\\Program Files\\Avira\\AntiVir Desktop\\avgnt.exe\r\nC:\\Program Files\\WinRAR\\WinRAR.exe\r\nC:\\Program Files\\Nero\\Nero 7\\Nero StartSmart\\NeroStartSmart.exe\r\nC:\\Program Files\\Nero\\Nero 7\\Core\\nero.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Internet Explorer\\iexplore.exe\r\nC:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe\r\n\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://www.google.nl/[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyServer = 130.37.198.244:80\r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Koppelingen\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre6\\bin\\ssv.dll\r\nO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\r\nO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\\Program Files\\Adobe\\Acrobat 6.0\\Acrobat\\AcroIEFavClient.dll\r\nO2 - BHO: (no name) - {33AD81BE-EF03-4285-990F-D33957183303} - (no file)\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugin.dll\r\nO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\\Program Files\\Adobe\\Acrobat 6.0\\Acrobat\\AcroIEFavClient.dll\r\nO4 - HKLM\\..\\Run: [IAAnotif] C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\r\nO4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup\r\nO4 - HKLM\\..\\Run: [Recguard] C:\\WINDOWS\\SMINST\\RECGUARD.EXE\r\nO4 - HKLM\\..\\Run: [HPBootOp] \"C:\\Program Files\\Hewlett-Packard\\HP Boot Optimizer\\HPBootOp.exe\" /run\r\nO4 - HKLM\\..\\Run: [SSC Service Utility] C:\\Program Files\\SSC Service Utility\\ssc_serv.exe /s\r\nO4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\r\nO4 - HKLM\\..\\Run: [RTHDCPL] RTHDCPL.EXE\r\nO4 - HKLM\\..\\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect\r\nO4 - HKLM\\..\\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode\r\nO4 - HKLM\\..\\Run: [ehTray] C:\\WINDOWS\\ehome\\ehtray.exe\r\nO4 - HKLM\\..\\Run: [DMAScheduler] \"c:\\Program Files\\HP DigitalMedia Archive\\DMAScheduler.exe\"\r\nO4 - HKLM\\..\\Run: [AppleSyncNotifier] C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleSyncNotifier.exe\r\nO4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime\r\nO4 - HKLM\\..\\Run: [iTunesHelper] \"C:\\Program Files\\iTunes\\iTunesHelper.exe\"\r\nO4 - HKLM\\..\\Run: [avgnt] \"C:\\Program Files\\Avira\\AntiVir Desktop\\avgnt.exe\" /min\r\nO4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe\r\nO4 - HKCU\\..\\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] \"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"\r\nO4 - .DEFAULT User Startup: Pin.lnk = C:\\hp\\bin\\CLOAKER.EXE (User \'Default user\')\r\nO4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\\hp\\bin\\cloaker.exe (User \'Default user\')\r\nO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\\WINDOWS\\system32\\shdocvw.dll\r\nO9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\OFFICE11\\REFIEBAR.DLL\r\nO9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Vendors\\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\\IEButton\\support.htm\r\nO9 - Extra \'Tools\' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Vendors\\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\\IEButton\\support.htm\r\nO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{982E5A97-5AB8-4882-B56A-A1E5D71E7B1F}: NameServer = 195.121.1.34,195.121.1.66\r\nO20 - Winlogon Notify: !SASWinLogon - C:\\Program Files\\SUPERAntiSpyware\\SASWINLO.DLL\r\nO23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACService.exe\r\nO23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\\Program Files\\Adobe\\Photoshop Elements 5.0\\PhotoshopElementsFileAgent.exe\r\nO23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\\Program Files\\Avira\\AntiVir Desktop\\sched.exe\r\nO23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\\Program Files\\Avira\\AntiVir Desktop\\avguard.exe\r\nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe\r\nO23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe\r\nO23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\\Program Files\\Intel\\IntelDH\\Intel(R) Quick Resume Technology Drivers\\Elservice.exe\r\nO23 - Service: FLEXnet Licensing Service - Unknown owner - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe (file missing)\r\nO23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe (file missing)\r\nO23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaantmon.exe\r\nO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe\r\nO23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe\r\nO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\Program Files\\Java\\jre6\\bin\\jqs.exe\r\nO23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe\r\nO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe\r\nO23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe\r\nO23 - Service: NMIndexingService - Nero AG - C:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe\r\nO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe\r\nO23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\Common Files\\PCSuite\\Services\\ServiceLayer.exe\r\nO23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\\Program Files\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe\r\n\r\n--\r\nEnd of file - 9623 bytes

Anoniem2 · 11 juni 2009

Ik heb de volgende vraag aan je: surf je via een proxyserver of niet?

Anoniem2 · 11 juni 2009

Uh weet ik niet eigenlijk....\r\nhoe moet ik dat zien?

virus?

Aanbevolen berichten

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Populaire leden

Leden

Recente topics