heavy_danger
-
Items
5 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door heavy_danger
-
windows bevriest pc loopt vast
heavy_danger reageerde op heavyrijn's topic in Archief Windows Algemeen
bij deze de logfile: ComboFix 09-11-13.04 - Ronald 13-11-2009 13:44.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.1240 [GMT 1:00] Gestart vanuit: c:\users\Ronald\Desktop\ComboFix.exe SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-4060813364-1588525921-3965868854-1000 c:\windows\patchw32.dll c:\windows\pw32a.dll c:\windows\system32\dumphive.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe G:\autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_OREANS32 -------\Service_oreans32 (((((((((((((((((((( Bestanden Gemaakt van 2009-10-13 to 2009-11-13 )))))))))))))))))))))))))))))) . 2009-11-13 12:52 . 2009-11-13 12:57 -------- d-----w- c:\users\Ronald\AppData\Local\temp 2009-11-13 10:29 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-13 10:29 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-13 10:29 . 2009-11-13 10:29 4045528 ----a-w- C:\mbam-setup.exe 2009-11-13 08:40 . 2009-11-09 17:41 4026136 ----a-w- c:\programdata\avg9\update\backup\avgui.exe 2009-11-13 08:40 . 2009-11-09 17:41 2016536 ----a-w- c:\programdata\avg9\update\backup\avgtray.exe 2009-11-13 08:40 . 2009-11-09 17:41 1257240 ----a-w- c:\programdata\avg9\update\backup\avgfrw.exe 2009-11-13 08:40 . 2009-11-04 15:37 600344 ----a-w- c:\programdata\avg9\update\backup\avgnsx.exe 2009-11-13 08:40 . 2009-11-09 17:41 3963672 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll 2009-11-13 08:40 . 2009-11-04 15:37 496920 ----a-w- c:\programdata\avg9\update\backup\avgchjwx.dll 2009-11-11 20:05 . 2009-11-11 20:05 -------- d-----w- c:\program files\NVIDIA Corporation 2009-11-11 19:54 . 2009-11-11 19:54 -------- d-----w- c:\users\Ronald\{afab2d04-2215-42cf-b4ca-94d3f2f312fe} 2009-11-11 19:44 . 2009-11-11 19:44 490088 ----a-w- c:\windows\system32\nvudisp.exe 2009-11-11 19:27 . 2009-11-11 19:27 -------- d-----w- c:\program files\SystemRequirementsLab 2009-11-11 17:54 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys 2009-11-11 17:52 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll 2009-11-09 17:41 . 2009-11-04 15:37 360584 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys 2009-11-09 17:40 . 2009-11-04 15:37 610072 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe 2009-11-09 17:40 . 2009-11-04 15:37 1657112 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll 2009-11-09 16:20 . 2009-11-13 12:56 4096 d-----w- c:\programdata\NVIDIA 2009-11-09 16:16 . 2009-11-11 20:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-11-09 16:13 . 2009-09-24 08:24 490088 ----a-w- c:\windows\system32\NVUNINST.EXE 2009-11-09 16:12 . 2009-11-11 19:43 -------- d-----w- C:\NVIDIA 2009-11-07 13:43 . 2009-11-07 13:43 -------- d-----w- c:\programdata\WindowsSearch 2009-11-04 15:37 . 2009-11-06 19:44 -------- d-----w- C:\$AVG 2009-11-04 15:37 . 2009-11-04 15:37 4096 d-----w- c:\programdata\avg9 2009-11-01 15:55 . 2009-11-01 18:34 -------- d-----w- C:\Top 40 week 44 2009-10-29 13:44 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-29 13:44 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-29 13:44 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-29 13:44 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-29 13:44 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-29 13:44 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-29 13:44 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-29 13:44 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-29 13:44 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-10-28 16:42 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe 2009-10-28 16:42 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-10-26 19:52 . 2009-03-27 00:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys 2009-10-26 19:52 . 2009-10-26 19:52 -------- d-----w- c:\program files\CPUID 2009-10-23 18:24 . 1996-08-23 18:11 384512 ----a-w- c:\windows\system32\MFCO40.DLL 2009-10-23 18:24 . 1995-05-22 04:37 151040 ----a-w- c:\windows\system32\MFCO30.DLL 2009-10-23 18:24 . 1995-05-22 04:37 358400 ----a-w- c:\windows\system32\MFC30.DLL 2009-10-23 18:24 . 1999-08-24 08:12 40960 ----a-w- c:\windows\photo express 3.scr 2009-10-23 18:24 . 2009-10-23 18:24 -------- d-----w- c:\program files\Ulead Systems 2009-10-23 18:24 . 1998-11-13 11:08 308224 ----a-w- c:\windows\IsUn0413.exe 2009-10-22 18:48 . 2009-10-22 19:01 4096 d-----w- c:\program files\Microsoft Visual Studio 8 2009-10-22 17:13 . 2009-10-22 17:13 -------- d-----w- C:\office '07 blue-edition Luna 2009-10-18 09:13 . 2009-10-18 09:13 942840 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-10-15 17:50 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-10-15 17:49 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-10-15 17:49 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-10-15 17:44 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll 2009-10-15 17:44 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2009-10-15 17:43 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-13 12:56 . 2009-11-12 02:18 52910 ----a-w- c:\programdata\nvModes.dat 2009-11-13 12:53 . 2009-01-24 19:25 12 ----a-w- c:\windows\bthservsdp.dat 2009-11-13 12:38 . 2008-04-28 12:14 16384 d-----w- c:\users\Ronald\AppData\Roaming\uTorrent 2009-11-13 10:29 . 2008-07-04 11:40 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-12 19:19 . 2006-11-02 16:11 667114 ----a-w- c:\windows\system32\perfh013.dat 2009-11-12 19:19 . 2006-11-02 16:11 126648 ----a-w- c:\windows\system32\perfc013.dat 2009-11-12 02:15 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-11 20:02 . 2008-04-24 23:08 12288 d-----w- c:\program files\AGEIA Technologies 2009-11-11 19:52 . 2007-05-06 08:38 24576 d-----w- c:\programdata\Microsoft Help 2009-11-09 17:41 . 2009-08-12 18:17 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-11-09 16:06 . 2008-04-24 23:03 2032 ----a-w- c:\users\Ronald\AppData\Local\d3d9caps.dat 2009-11-07 18:05 . 2008-11-15 16:53 4096 d-----w- c:\program files\Common Files\AVSMedia 2009-11-07 18:05 . 2009-04-14 16:46 -------- d-----w- c:\program files\AVS4YOU 2009-11-04 15:37 . 2008-11-03 20:17 -------- d-----w- c:\program files\AVG 2009-11-04 15:37 . 2009-08-12 18:17 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-11-04 15:37 . 2009-08-12 18:16 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-11-04 15:37 . 2009-08-12 18:16 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-10-24 12:16 . 2008-04-24 23:07 137480 ----a-w- c:\users\Ronald\AppData\Local\GDIPFONTCACHEV1.DAT 2009-10-24 12:15 . 2008-12-01 15:48 4096 d-----w- c:\programdata\FLEXnet 2009-10-24 12:01 . 2009-06-04 14:32 4096 d-----w- c:\program files\Common Files\PX Storage Engine 2009-10-24 11:51 . 2007-05-06 08:42 8192 d-----w- c:\program files\Common Files\Adobe 2009-10-22 18:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild 2009-10-17 11:20 . 2008-11-25 20:01 -------- d-----w- c:\program files\Java 2009-10-16 09:46 . 2007-05-06 08:39 40960 d-----w- c:\program files\Microsoft Works 2009-10-01 08:29 . 2009-10-03 12:11 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-09-29 18:48 . 2009-09-24 18:50 -------- d-----w- c:\program files\Microsoft 2009-09-29 18:48 . 2009-09-29 18:48 -------- d-----w- c:\program files\Windows Live 2009-09-29 18:48 . 2009-09-29 18:48 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-09-29 18:46 . 2009-09-29 18:46 -------- d-----w- c:\program files\Common Files\Windows Live 2009-09-27 16:46 . 2009-09-27 16:46 4942440 ----a-w- c:\windows\system32\nvdisps.dll 2009-09-27 16:46 . 2009-09-27 16:46 13949544 ----a-w- c:\windows\system32\nvcpl.dll 2009-09-27 15:12 . 2009-09-27 15:12 9509832 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2009-09-27 15:12 . 2009-09-27 15:12 3310184 ----a-w- c:\windows\system32\nvwgf2um.dll 2009-09-27 15:12 . 2009-09-27 15:12 2169448 ----a-w- c:\windows\system32\nvcuvid.dll 2009-09-27 15:12 . 2009-09-27 15:12 1997416 ----a-w- c:\windows\system32\nvcuda.dll 2009-09-27 15:12 . 2009-09-27 15:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcod167.dll 2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcod.dll 2009-09-27 15:12 . 2009-09-27 15:12 11197032 ----a-w- c:\windows\system32\nvoglv32.dll 2009-09-27 15:12 . 2009-09-27 15:12 10984 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2009-09-27 15:12 . 2009-02-09 12:18 7614056 ----a-w- c:\windows\system32\nvd3dum.dll 2009-09-27 15:12 . 2009-02-09 12:18 1074280 ----a-w- c:\windows\system32\nvapi.dll 2009-09-25 11:43 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-09-25 11:43 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar 2009-09-25 11:43 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration 2009-09-25 11:43 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal 2009-09-25 11:43 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery 2009-09-25 11:43 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender 2009-09-25 11:40 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-09-25 07:55 . 2009-09-25 07:55 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-09-06 03:48 . 2009-09-06 03:48 1586528 ----a-w- c:\programdata\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\flashplayer\windows\SAFlashPlayer.exe 2009-09-06 03:48 . 2009-09-06 03:48 83296 ----a-w- c:\programdata\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\AuthSWF.exe 2009-08-29 00:27 . 2009-09-03 05:48 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-29 00:14 . 2009-09-03 05:48 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-08-27 05:22 . 2009-10-15 17:46 916480 ----a-w- c:\windows\system32\wininet.dll 2009-08-27 05:17 . 2009-10-15 17:46 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-08-27 05:17 . 2009-10-15 17:46 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-08-27 03:42 . 2009-10-15 17:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL 2008-10-29 09:10 . 2008-10-24 11:01 14094 ----a-w- c:\program files\browser.exe 2008-10-29 08:43 . 2008-10-29 08:44 13926 ----a-w- c:\program files\openurl.exe 2008-10-24 09:56 . 2008-10-24 09:53 64 ----a-w- c:\program files\desktop.url 2008-10-24 09:35 . 2008-10-24 09:50 8478 ----a-w- c:\program files\spelpunt.ico 2008-10-23 14:14 . 2008-10-23 14:43 16307608 ----a-w- c:\program files\java.exe 2008-07-22 01:51 . 2009-03-01 14:30 258190 ----a-w- c:\program files\eia-setup.jpg 2002-07-31 17:55 . 2009-08-04 13:02 106 --sh--w- c:\windows\WSYS049.SYS . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168] "Norton Ghost 14.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2008-12-11 2245992] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-11-13 2020120] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-23 4423680] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552] c:\users\Ronald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-5-6 528384] PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-6 200812] Ulead Photo Express 3.0 SE Calendar Checker.lnk - c:\program files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe [2009-10-23 61440] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Snelle start.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Snelle start.lnk backup=c:\windows\pss\Adobe Reader Snelle start.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:53,75,08,2b,0d,3e,ca,01 R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [12-8-2009 19:16 333192] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [12-8-2009 19:17 360584] R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [6-5-2007 9:52 266343] R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [6-9-2009 5:06 169312] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [4-11-2009 16:37 285392] R2 cpuz132;cpuz132;c:\windows\System32\drivers\cpuz132_x32.sys [26-10-2009 20:52 12672] R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [18-5-2009 16:07 233472] R2 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [6-11-2007 21:22 34064] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [27-9-2009 16:48 240232] R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\System32\dllhost.exe [2-11-2006 9:50 7168] R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30-3-2009 15:28 1533808] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [18-5-2009 16:07 36608] R3 SymSnapService;SymSnapService;c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [20-12-2007 16:13 1558000] S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?] S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [26-6-2008 2:29 21504] S3 physX32;physX32;c:\windows\System32\drivers\physX32.sys [26-6-2007 10:15 117888] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ getPlusHelper REG_MULTI_SZ getPlusHelper . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ig uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: ziggo.nl\thuishelp TCP: {92664CB2-0E87-434F-A18A-0AFAB11CE4E4} = 83.80.1.236 DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab . - - - - ORPHANS VERWIJDERD - - - - SafeBoot-TDSSmbcb.sys ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(4400) c:\windows\system32\MsnChatHook.dll c:\windows\system32\ShowErrMsg.dll c:\windows\system32\sysenv.dll c:\windows\system32\BatchCrypto.dll c:\windows\system32\CryptoAPI.dll c:\windows\system32\keyManager.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe c:\acer\Empowering Technology\ePerformance\MemCheck.exe c:\program files\Bonjour\mDNSResponder.exe c:\acer\Empowering Technology\eDataSecurity\eDSService.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Norton Ghost\Agent\VProSvc.exe c:\program files\AVG\AVG9\avgtray.exe c:\windows\ehome\ehmsas.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\System32\msdtc.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Voltooingstijd: 2009-11-13 14:09 - machine werd herstart ComboFix-quarantined-files.txt 2009-11-13 13:08 Pre-Run: 121.846.292.480 bytes beschikbaar Post-Run: 121.760.985.088 bytes beschikbaar - - End Of File - - DB46B9FBE2EC6E4EF20CF40FA3A7F2A6 -
windows bevriest pc loopt vast
heavy_danger reageerde op heavyrijn's topic in Archief Windows Algemeen
Beide bedankt voor de tips ik heb ze allemaal gevolgd en ben benieuwd of jullie wijzer worden: eerst de nieuwe hijack file: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:44:58, on 13-11-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Norton Ghost\Agent\VProTray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{92664CB2-0E87-434F-A18A-0AFAB11CE4E4}: NameServer = 83.80.1.236 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe Dan de MBAM file: Malwarebytes' Anti-Malware 1.41 Database versie: 3159 Windows 6.0.6002 Service Pack 2 13-11-2009 11:38:30 mbam-log-2009-11-13 (11-38-30).txt Scan type: Snelle Scan Objecten gescand: 97511 Verstreken tijd: 6 minute(s), 16 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 10 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 6 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\firstbho.helloworldbho (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\firstbho.helloworldbho.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{eaa3f1ff-f1cc-46bf-85fa-197eebf3b524} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{07d3626d-10c6-4d84-820c-2f4fdcafab02} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b1892f58-1116-4dec-92aa-577872ec3d3d} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e9b1fb08-ba8c-4cda-af62-54ff3baf941d} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{B5BB60EE-125B-40AB-AAA5-A4E194973C95} (Spyware.OnlineGames) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\FirstBHO.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Bind (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: C:\Windows\System32\drivers\oreans32.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\TDSSfopt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Windows\System32\TDSSqycx.dll (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Windows\System32\TDSSrfpp.dll (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Windows\System32\TDSSsbxq.log (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Windows\System32\TDSStmei.dll (Rootkit.TDSS) -> Quarantined and deleted successfully. En als laatste heb ik gekeken aan de hand van de tip van acidburn, ik kan zien dat mijn syssteem vannacht om 3:55:59 is vastgelopen met de volgende melding: -Provider[ Name] EventLog -EventID6008[ Qualifiers] 32768 Level2Task0Keywords0x80000000000000-TimeCreated[ SystemTime] 2009-11-13T07:25:55.000Z EventRecordID143830ChannelSystemSecurity-EventData 3:55:5913-11-200927915D9070B0005000D00030037003B006C01D9070B0005000D00020037003B006C013C0000003Corden 0000: 000B07D9 000D0005 00370003 016C003B 0008: 000B07D9 000D0005 00370002 016C003B 0010: 0000003C 0000003C 00000000 00000000 0018: 00000000 00000000 00000001 00000000 In bytes 0000: D9 07 0B 00 05 00 0D 00 Ù....... 0008: 03 00 37 00 3B 00 6C 01 ..7.;.l. 0010: D9 07 0B 00 05 00 0D 00 Ù....... 0018: 02 00 37 00 3B 00 6C 01 ..7.;.l. 0020: 3C 00 00 00 3C 00 00 00 <...<... 0028: 00 00 00 00 00 00 00 00 ........ 0030: 00 00 00 00 00 00 00 00 ........ 0038: 01 00 00 00 00 00 00 00 ........ Alvast bedankt -
Template doet niet wat ik wil
heavy_danger reageerde op heavy_danger's topic in Archief Website Hulp & Scripts
Maar als ik het als voorbeeld bekijk staat alles wel goed
-
Template doet niet wat ik wil
heavy_danger reageerde op heavy_danger's topic in Archief Website Hulp & Scripts
zo komt het dus te staan in dreamweaver niet echt handig dus
-
Dag iedereen. Ik heb een probleem (uiteraard ) Ik heb een template gekocht die ik wil omvormen tot mij eigen website. Als ik de template bekijk in b.v. dreamweaver (ook frontpage) zie ik alles onder elkaar staan. Als ik de pagina als voorbeeld open in explorer (in beide programma's dreamweaver en frontpage) zie ik wel alle frames netjes naast elkaar staan. Ik kan dus heel lastig werken omdat alles onder elkaar staat aan de linker kant van mijn scherm en ik niet goed zie wat ik doe, daarnaast staat sommige tekst zelfs dwars door sommige foto's. maar ook dat verdwijnt als ik het voorbeeld open in explorer, maar het is geen werken. iemand enig idee hoe ik alles gewoon netjs naast en onder elkaar krijg zodat ik er mee kan werken in dreamweaver? Alvast bedankt.
