Ga naar inhoud

SusyQ

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    9

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door SusyQ

  1. SusyQ
    Toch blijft mijn laptop erg langzaam qua het uploaden van filmpjes. Krijg steeds zo'n soort van zonnetje dat maar blijft draaien.. Is daar iets aan te doen? (ja ik weet dat ik een oud apparaat bezit maar miss is er nog iets aan te doen?) Met vriendelijke groet Susanne
  2. SusyQ
    Loopt een stuk sneller! Daar ben ik erg blij mee, hartelijk dank hiervoor! Zijn er zaken die ik in de gaten kan houden om hem op tempo te laten blijven, zo te zien was de laptop niet zwaar vervuild, hou m netjes met NOD32 en CCleaner bij maar toch gebeurt dit..
  3. SusyQ
    Zat even te moeilijk te denken. Is gelukt, voila: ComboFix 11-12-01.01 - Administrator 01-12-2011 16:44:07.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.269 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-01 to 2011-12-01 )))))))))))))))))))))))))))))) . . 2011-12-01 14:00 . 2011-12-01 14:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun 2011-12-01 13:55 . 2011-12-01 13:55 -------- d-----w- c:\windows\system32\wbem\snmp 2011-12-01 13:55 . 2011-12-01 13:55 -------- d-----w- c:\windows\system32\xircom 2011-12-01 13:55 . 2011-12-01 13:55 -------- d-----w- c:\program files\microsoft frontpage 2011-12-01 13:53 . 2011-12-01 13:53 -------- d-----w- c:\program files\Common Files\Java 2011-12-01 13:50 . 2011-12-01 13:50 611224 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-12-01 13:50 . 2011-12-01 13:50 128000 ----a-w- c:\windows\system32\javacpl.cpl 2011-12-01 13:50 . 2011-12-01 13:50 544656 ----a-w- c:\windows\system32\deployJava1.dll 2011-12-01 13:49 . 2011-12-01 13:49 -------- d-----w- c:\program files\Java 2011-12-01 11:18 . 2011-12-01 15:39 -------- d-sh--w- c:\documents and settings\Administrator\Onlangs geopend 2011-12-01 11:02 . 2011-12-01 11:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2011-12-01 11:02 . 2011-12-01 11:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-12-01 11:02 . 2011-12-01 11:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-12-01 11:02 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 09:34 . 2011-12-01 09:34 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-12-01 09:34 . 2011-12-01 09:34 -------- d-----w- c:\program files\Trend Micro 2011-11-23 12:49 . 2011-11-23 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia 2011-11-23 12:49 . 2011-11-23 12:52 -------- d-----w- C:\Zylom Games 2011-11-23 12:48 . 2011-11-23 12:52 -------- d-----w- c:\program files\RealArcade . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-26 15:27 . 2011-06-01 08:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-10 14:21 . 2010-08-20 21:01 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-28 07:06 . 2008-05-21 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 09:41 . 2008-05-21 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2007-12-31 00:56 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2008-05-21 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-06 14:08 . 2008-05-21 12:00 1868032 ----a-w- c:\windows\system32\win32k.sys 2011-11-09 21:49 . 2011-06-05 20:53 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-05-21 . 0667A612D847BD87667F3CB1FC4C0D6C . 979456 . . [6.00.2900.5512] . . c:\windows\explorer.exe . [-] 2008-05-21 . 84FEBA228C626DA702A065C6B86FCB41 . 230912 . . [5.1.2600.5512] . . c:\windows\regedit.exe . ((((((((((((((((((((((((((((( SnapShot@2011-12-01_13.25.59 ))))))))))))))))))))))))))))))))))))))))) . + 2011-12-01 13:55 . 2011-12-01 13:55 16384 c:\windows\temp\Perflib_Perfdata_540.dat + 2011-12-01 13:50 . 2011-12-01 13:50 214408 c:\windows\system32\javaws.exe + 2011-12-01 13:50 . 2011-12-01 13:50 173960 c:\windows\system32\javaw.exe + 2011-12-01 13:50 . 2011-12-01 13:50 173960 c:\windows\system32\java.exe + 2011-12-01 13:53 . 2011-12-01 13:53 176640 c:\windows\Installer\1079a1f.msi + 2011-12-01 13:50 . 2011-12-01 13:50 938496 c:\windows\Installer\1079a1a.msi . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-06-24 2202704] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-21 15360] "SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "PackNoVs"="c:\windows\BricoPacks\Vista Inspirat 2\pack-it.exe" [2007-04-22 98304] . c:\windows\system32\config\systemprofile\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "SetVisualStyle"= c:\windows\Resources\Themes\Inspirat2\Inspirat2.msstyles . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1 . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers] 2006-02-07 08:40 118784 ----a-w- c:\windows\system32\igfxpers.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2008-04-10 14:52 16861184 ----a-w- c:\windows\RTHDCPL.EXE . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20-8-2010 22:15 717296] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [28-4-2010 7:17 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [24-6-2010 8:27 95896] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [24-6-2010 8:27 810144] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [21-8-2011 17:55 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [21-8-2011 17:55 8576] S3 PAC7311;Trust WB-3300p Mini HiRes Webcam;c:\windows\system32\drivers\PA707UCM.SYS [18-10-2005 10:48 154752] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - uphcleanhlp . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}] 2011-08-17 21:23 124928 ----a-w- c:\windows\system32\advpack.dll . . ------- Bijkomende Scan ------- . uStart Page = Google uDefault_Search_URL = hxxp://www.google.nl uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a9a6tauc.default\ FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-12-01 16:51 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) "AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\" "DataDir"="ESET\\ESET NOD32 Antivirus\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\" "LanguageId"=dword:00000409 "PackageTag"=dword:6090e758 "ProductBase"=dword:00000000 "ProductCode"="{0791A9FF-ED33-4BC0-9D5C-8B615D65C619}" "ProductName"="ESET NOD32 Antivirus" "ProductType"="eav" "ProductVersion"="4.2.58.3" "UniqueId"="000558684C6F03C3" "ScannerBuild"=dword:00001cc4 "ScannerVersionId"=dword:0000146b "ScannerVersion"="Open window for status." "ei2"=hex(:53,b2,fc,28,99,8f,c7,73 "ei1"=hex(:00,16,6f,1a,6c,cd,00,00 "ei3"=hex(:e4,76,3d,4d,00,00,00,00 "ei4"=dword:00000002 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(748) c:\windows\system32\cscui.dll . - - - - - - - > 'explorer.exe'(1764) c:\windows\system32\SHDOCVW.dll c:\windows\system32\ntshrui.dll c:\windows\system32\msi.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll . Voltooingstijd: 2011-12-01 16:53:47 ComboFix-quarantined-files.txt 2011-12-01 15:53 ComboFix2.txt 2011-12-01 13:28 ComboFix3.txt 2011-12-01 10:52 . Pre-Run: 66.038.132.736 bytes beschikbaar Post-Run: 66.028.163.072 bytes beschikbaar . - - End Of File - - 739AB47A2320817B9122EC095F256E90 Heeft u hier iets aan??
  4. SusyQ
    Denk dat ik weet waar 'probleem'ligt. Heb deze bij verwijderen eruit gehaald na eerste scan Kan m dus bij software niet terugvinden en ktijg nu een foutmelding dat ie niet kan worden opgeslagen onder (1) Is er een andere manier om hem opnieuw te downloaden??
  5. SusyQ
    Heb m als CFScript in kladblok gezet op bureaublad Waar kan ik nu ComboFix.exe vinden? Via de link??
  6. SusyQ
    Had combofix er al over laten gaan, hier het verslag Via de linkjes van u gaf ie een foutmelding dus denk dat dit van de eerste keer is. ComboFix 11-12-01.01 - Administrator 01-12-2011 14:19:23.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.121 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-01 to 2011-12-01 )))))))))))))))))))))))))))))) . . 2011-12-01 11:18 . 2011-12-01 12:26 -------- d-sh--w- c:\documents and settings\Administrator\Onlangs geopend 2011-12-01 11:02 . 2011-12-01 11:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2011-12-01 11:02 . 2011-12-01 11:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-12-01 11:02 . 2011-12-01 11:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-12-01 11:02 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-01 09:34 . 2011-12-01 09:34 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-12-01 09:34 . 2011-12-01 09:34 -------- d-----w- c:\program files\Trend Micro 2011-11-23 12:49 . 2011-11-23 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia 2011-11-23 12:49 . 2011-11-23 12:52 -------- d-----w- C:\Zylom Games 2011-11-23 12:48 . 2011-11-23 12:52 -------- d-----w- c:\program files\RealArcade . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-26 15:27 . 2011-06-01 08:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-10 14:21 . 2010-08-20 21:01 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-28 07:06 . 2008-05-21 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 09:41 . 2008-05-21 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2007-12-31 00:56 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2008-05-21 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-06 14:08 . 2008-05-21 12:00 1868032 ----a-w- c:\windows\system32\win32k.sys 2011-11-09 21:49 . 2011-06-05 20:53 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-05-21 . 0667A612D847BD87667F3CB1FC4C0D6C . 979456 . . [6.00.2900.5512] . . c:\windows\explorer.exe . [-] 2008-05-21 . 84FEBA228C626DA702A065C6B86FCB41 . 230912 . . [5.1.2600.5512] . . c:\windows\regedit.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-06-24 2202704] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-21 15360] "SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "PackNoVs"="c:\windows\BricoPacks\Vista Inspirat 2\pack-it.exe" [2007-04-22 98304] . c:\windows\system32\config\systemprofile\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "SetVisualStyle"= c:\windows\Resources\Themes\Inspirat2\Inspirat2.msstyles . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1 . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 16:43 69632 ----a-w- c:\windows\ALCMTR.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers] 2006-02-07 08:40 118784 ----a-w- c:\windows\system32\igfxpers.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2008-04-10 14:52 16861184 ----a-w- c:\windows\RTHDCPL.EXE . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20-8-2010 22:15 717296] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [28-4-2010 7:17 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [24-6-2010 8:27 95896] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [24-6-2010 8:27 810144] R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [27-12-2007 14:39 51816] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [21-8-2011 17:55 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [21-8-2011 17:55 8576] S3 PAC7311;Trust WB-3300p Mini HiRes Webcam;c:\windows\system32\drivers\PA707UCM.SYS [18-10-2005 10:48 154752] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - uphcleanhlp . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}] 2011-08-17 21:23 124928 ----a-w- c:\windows\system32\advpack.dll . . ------- Bijkomende Scan ------- . uStart Page = Google uDefault_Search_URL = hxxp://www.google.nl uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: {{8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a9a6tauc.default\ FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-12-01 14:25 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) "AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\" "DataDir"="ESET\\ESET NOD32 Antivirus\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\" "LanguageId"=dword:00000409 "PackageTag"=dword:6090e758 "ProductBase"=dword:00000000 "ProductCode"="{0791A9FF-ED33-4BC0-9D5C-8B615D65C619}" "ProductName"="ESET NOD32 Antivirus" "ProductType"="eav" "ProductVersion"="4.2.58.3" "UniqueId"="000558684C6F03C3" "ScannerBuild"=dword:00001cc4 "ScannerVersionId"=dword:0000146b "ScannerVersion"="Open window for status." "ei2"=hex(:53,b2,fc,28,99,8f,c7,73 "ei1"=hex(:00,16,6f,1a,6c,cd,00,00 "ei3"=hex(:e4,76,3d,4d,00,00,00,00 "ei4"=dword:00000002 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\cscui.dll . - - - - - - - > 'explorer.exe'(3208) c:\windows\system32\SHDOCVW.dll c:\windows\system32\ntshrui.dll c:\windows\system32\msi.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll . Voltooingstijd: 2011-12-01 14:27:59 ComboFix-quarantined-files.txt 2011-12-01 13:27 ComboFix2.txt 2011-12-01 10:52 . Pre-Run: 66.171.125.760 bytes beschikbaar Post-Run: 66.161.233.920 bytes beschikbaar . - - End Of File - - 8A984C8ABE071890909329DCD1F85FE7 ---------- Post toegevoegd om 15:43 ---------- Vorige post was om 15:41 ---------- Moet ik combofix nu via uitvoeren weer verwijderen?
  7. SusyQ
    Hierbij de eerste waarom gevraagd werd: Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 8282 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 1-12-2011 15:15:40 mbam-log-2011-12-01 (15-15-40).txt Scantype: Snelle scan Objecten gescand: 151345 Verstreken tijd: 13 minuut/minuten, 57 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) En de tweede: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:18:22, on 1-12-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21306) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\VistaDrive\VistaDrive.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Desktop Tray Clock\DTClock.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'Default user') O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM') O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user') O4 - .DEFAULT User Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 5685 bytes Heb ik het zo goed gedaan??
  8. SusyQ
    Hartelijk dank!
  9. SusyQ
    Hallo, Ben aan het zoeken naar manieren om mijn laptop wat sneller te krijgen. Staan er in dit Hijack rapportje dingen die eruit zouden moeten worden gehaald?? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:26:35, on 1-12-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21306) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\VistaDrive\VistaDrive.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user') O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM') O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user') O4 - .DEFAULT User Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing) O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 5846 bytes Het is al een oude laptop (jaar of 5) maar gebruik m alleen voor Inet, mail en beetje surfen dus voldoet voor mijn manier v gebruik wel. Alleen merk ik dus dat hij trager wordt de laatste tijd Hoop dat iemand een tip kan geven! Groeten Suus
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.