Ga naar inhoud

Vincent4451

Lid
  • Items

    79
  • Registratiedatum

  • Laatst bezocht

Vincent4451's prestaties

Enthousiasteling

Enthousiasteling (6/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. Beste, Hierbij het gevraagde bestandje. Mvgr, V. DelFix.txt
  2. De pc werkt terug perfect. Bedankt voor uw excellente service!! Mvgr, Vincent
  3. Beste, Hierbij de 2 logjes Gegroet. AdwCleaner[C0].txt AdwCleaner[S0].txt
  4. Beste, Hierbij het tweede logje. Gegroet. zoek-results2.txt
  5. Beste, Hierbij het zoek-result logje. Ik merk na het maken van dit logje op dat internet via google chrome extreem vijandig reageert: in bijlage (word doc) enkele screens van de pagina's die automatisch geopend worden. Via internet explorer kon ik wel naar deze site terug komen en worden er (voorlopig) geen andere foute pagina's automatisch geladen. Gegroet. zoek-results.txt foutmeldingen sites.docx
  6. Beste, Bij het opstarten van internet browser of bij het starten van een nieuwe webpagina wordt er heel vaak automatisch een ongewenste pagina geopend (vb windows 10 pc reparatie met downloadlink, natuurlijk geen officiële pagina), heel vervelend. Daarom had ik graag eens een nazicht laten doen. Hierbij een eerste logje: Alvast bedankt. log.txt
  7. Beste, Er is idd geen virusscanner geïnstalleerd. Dit zal ik doen nadat alles opgeschoond is. Hierbij het logje van zoek.exe: Zoek.exe v5.0.0.0 Updated 21-09-2014 Tool run by vossaert on di 23/09/2014 at 12:46:17,65. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\7Z5DE3XX\zoek[1].exe [scan all users] [script inserted] ==== System Restore Info ====================== 23/09/2014 12:47:53 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KvKbd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\KvKbd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a1befe1b deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\a1befe1b deleted successfully ==== Deleting Files \ Folders ====================== c:\docume~1\alluse~1\applic~1\perfor~1 not found "C:\Documents and Settings\vossaert\Local Settings\Application Data\fnmtsby.exe" not found "C:\WINDOWS\system32\drivers\onhuo.sys" not found C:\kvara deleted C:\Documents and Settings\vossaert\AppData\LocalLow\{27453122-8812-1A84-CDF4-208C68A54470} deleted C:\Documents and Settings\vossaert\AppData\LocalLow\{66E50D22-07A9-A603-D337-BD4D88B0F640} deleted C:\Documents and Settings\vossaert\AppData\LocalLow\{CA52915E-73F6-DD37-D294-7D9E53BF9D94} deleted C:\Documents and Settings\vossaert\AppData\LocalLow\{CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC} deleted C:\Documents and Settings\vossaert\AppData\LocalLow\{EE9461B6-E1E1-34D1-5133-059CC84E6FE4} deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\e55ec0e8b26594ae deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\ddownLOaditkeep deleted C:\Program Files\ComPlus Applications deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Allmyapps deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Package Cache deleted C:\Documents and Settings\vossaert\Local Settings\Application Data\CrashRpt deleted C:\WINDOWS\002694_.tmp deleted C:\WINDOWS\SET3.tmp deleted C:\WINDOWS\SET4.tmp deleted C:\WINDOWS\SET8.tmp deleted C:\WINDOWS\System32\SET16E.tmp deleted "C:\Documents and Settings\vossaert\Menu Start\Programma's\Opstarten\fnmtsby.lnk" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\vossaert\LOCALS~1\Temp ==== 2014-09-17 14:13:16 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\vossaert\Local Settings\Temp\vcredist_x86.exe 2014-09-17 14:13:02 CD5E46297DE66DFF69EDC00499068EA8 5601864 ----a-w- C:\Documents and Settings\vossaert\Local Settings\Temp\OnlineBackup.exe ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-09-22 10:46:12 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Documents and Settings\vossaert\Application Data ====== ====== C:\Documents and Settings\vossaert ====== 2014-09-23 06:49:43 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\vossaert\Bureaublad\RSIT.exe 2014-09-23 06:02:43 1B151CCE618BE06C22B55FD4B502B75E 1373475 ----a-w- C:\Documents and Settings\vossaert\Bureaublad\adwcleaner_3.310.exe ====== C: exe-files == 2014-09-23 06:49:43 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\vossaert\Bureaublad\RSIT.exe 2014-09-23 06:19:27 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\RECYCLER\S-1-5-21-527237240-1757981266-682003330-1003\Dc4.exe 2014-09-23 06:19:21 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\75WPHGKI\mbam-setup-2.0.0.1000[1].exe 2014-09-23 06:02:43 1B151CCE618BE06C22B55FD4B502B75E 1373475 ----a-w- C:\Documents and Settings\vossaert\Bureaublad\adwcleaner_3.310.exe 2014-09-22 10:46:14 03E1957A2536E80317C65AD6B9D5CFA4 11264 ----a-w- C:\Program Files\trend micro\vossaert.exe 2014-09-22 10:45:41 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\7Z5DE3XX\RSIT[1].exe 2014-09-17 14:13:16 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\vossaert\Local Settings\Temp\vcredist_x86.exe 2014-09-17 14:13:02 CD5E46297DE66DFF69EDC00499068EA8 5601864 ----a-w- C:\Documents and Settings\vossaert\Local Settings\Temp\OnlineBackup.exe 2014-09-17 14:10:30 5333B712D4F8DB3968598111F7691478 3463520 ----a-w- C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\ZWEWNR9C\tamsp_170902073801583545[1].exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-527237240-1757981266-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" "UIUCU"="C:\DOCUME~1\vossaert\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" ==== Startup Folders ====================== 2006-05-11 06:53:39 892 ----a-w- C:\Documents and Settings\vossaert\Menu Start\Programma's\Opstarten\PanelMac.exe.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [12/05/2014 07:43] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="{searchTerms - Google Search}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\7Z5DE3XX will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=605 folders=38 64640120 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\vossaert\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\vossaert\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\7Z5DE3XX" not found ==== EOF on di 23/09/2014 at 13:09:44,43 ======================
  8. Hierbij het logje van malwarebytes: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 23/09/2014 Scan Time: 8:24:02 Logfile: log malwarebytes.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.09.23.02 Rootkit Database: v2014.09.19.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: vossaert Scan Type: Threat Scan Result: Completed Objects Scanned: 274662 Time Elapsed: 17 min, 19 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 1 PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\ddownLOaditkeep\oP.dll, Delete-on-Reboot, [e02e0fe247343df9abd78135b84929d7], Registry Keys: 10 PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{27453122-8812-1A84-CDF4-208C68A54470}, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{27453122-8812-1A84-CDF4-208C68A54470}, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\DownliOadItkeep.DownliOadItkeep, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\DownliOadItkeep.DownliOadItkeep.6.1, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKU\S-1-5-21-527237240-1757981266-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{27453122-8812-1A84-CDF4-208C68A54470}, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKU\S-1-5-21-527237240-1757981266-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{27453122-8812-1A84-CDF4-208C68A54470}, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{27453122-8812-1A84-CDF4-208C68A54470}, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{27453122-8812-1A84-CDF4-208C68A54470}\INPROCSERVER32, Quarantined, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568}, Quarantined, [8886c32ea8d3bc7ac12b802240c1b34d], Rootkit.TDSS, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vsfocevymyalll, Quarantined, [6aa4f4fd9fdc3ef89cc30ec68380e818], Registry Values: 0 (No malicious items detected) Registry Data: 3 PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify, 1, Good: (0), Bad: (1),Replaced,[2be3d8196516af8784bd36ce2dd84db3] PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify, 1, Good: (0), Bad: (1),Replaced,[e02e02efa0dbb77f1e24d23229dcf60a] PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Good: (0), Bad: (1),Replaced,[2fdffaf7700b0b2b3d0636cee91cab55] Folders: 0 (No malicious items detected) Files: 8 PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\ddownLOaditkeep\oP.dll, Delete-on-Reboot, [e02e0fe247343df9abd78135b84929d7], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\ddownLOaditkeep\oP.exe, Quarantined, [8886c32ea8d3bc7ac12b802240c1b34d], PUP.Optional.Melondrea.A, C:\Documents and Settings\vossaert\Local Settings\Temp\n6980\melondrea_0702-81cfb2ef.exe, Quarantined, [fc12da17afccc76f5cdf5e7129dbe020], PUP.Optional.PricePeep.A, C:\Documents and Settings\vossaert\Local Settings\Temp\n6980\pricepeep_EN_0303-a419cb8d.exe, Quarantined, [96782bc6b9c249ed50b1e66934cda55b], PUP.Optional.Babylon, C:\Documents and Settings\vossaert\Local Settings\Temp\n6980\systemspeedup_1203-72c8223c.exe, Quarantined, [8c82619088f348eeba89278d21e0a45c], Rootkit.TDSS, C:\WINDOWS\system32\vsfocenvxtljdm.dat, Quarantined, [64aada173e3d9b9b1ba7eea1a95aa25e], Rootkit.TDSS, C:\WINDOWS\system32\vsfocerxdkuaas.dll, Quarantined, [0b03688933489e98992a9cf3bb4819e7], Rootkit.TDSS, C:\WINDOWS\system32\vsfocexiqhesdj.dll, Quarantined, [4ac4c82965160234d6ede2aded16d32d], Physical Sectors: 0 (No malicious items detected) (end) - - - Updated - - - Hierbij een RSIT logje: Logfile of random's system information tool 1.10 (written by random/random) Run by vossaert at 2014-09-23 08:49:55 Microsoft Windows XP Professional Service Pack 3 System drive C: has 24 GB (62%) free of 38 GB Total RAM: 247 MB (9% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688] "UIUCU"=C:\DOCUME~1\vossaert\LOCALS~1\Temp\UIUCU.EXE [2004-09-21 561152] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware (cleanup)"=C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2014-05-12 54072] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] C:\Documents and Settings\vossaert\Menu Start\Programma's\Opstarten fnmtsby.lnk - C:\Documents and Settings\vossaert\Local Settings\Application Data\fnmtsby.exe PanelMac.exe.lnk - C:\Program Files\Scm Group\Xilog Plus\Bin\PanelMac.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Aclient\AClntUsr.EXE"="C:\Program Files\Aclient\AClntUsr.EXE:*:Enabled:AClntUsr - AClient Interactive User Service" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=serwvdrv.dll ======List of files/folders created in the last 1 month====== 2014-09-23 08:44:39 ----A---- C:\WINDOWS\system32\drivers\onhuo.sys 2014-09-23 08:04:47 ----D---- C:\AdwCleaner 2014-09-22 12:46:12 ----D---- C:\Program Files\trend micro 2014-09-22 12:46:07 ----D---- C:\rsit 2014-09-18 08:09:13 ----D---- C:\Documents and Settings\All Users\Application Data\Allmyapps ======List of files/folders modified in the last 1 month====== 2014-09-23 08:49:58 ----D---- C:\WINDOWS\Prefetch 2014-09-23 08:44:37 ----D---- C:\WINDOWS\system32 2014-09-23 08:23:12 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2014-09-23 08:23:05 ----D---- C:\WINDOWS\system32\drivers 2014-09-23 08:12:33 ----A---- C:\WINDOWS\SchedLgU.Txt 2014-09-23 07:38:52 ----D---- C:\WINDOWS\Temp 2014-09-23 07:38:36 ----SHD---- C:\WINDOWS\Installer 2014-09-22 12:46:12 ----D---- C:\Program Files 2014-09-18 08:22:22 ----SD---- C:\WINDOWS\Tasks 2014-09-18 08:21:54 ----D---- C:\Program Files\Common Files\Symantec Shared 2014-09-18 08:15:19 ----D---- C:\WINDOWS 2014-09-18 08:11:53 ----SHD---- C:\Config.Msi 2014-09-17 16:15:27 ----D---- C:\WINDOWS\WinSxS 2014-09-11 07:46:37 ----D---- C:\WINDOWS\system32\MRT 2014-09-11 07:40:38 ----A---- C:\WINDOWS\system32\MRT.exe 2014-08-28 07:35:37 ----A---- C:\Parsifal.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-05-28 17005] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [] R3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2008-04-13 63744] R3 mxser;MOXA Smartio/Industio Family Driver; C:\WINDOWS\system32\DRIVERS\mxser.sys [2005-09-21 19584] R3 mxsport;MOXA Smartio/Industio Multiport Board Port Driver; C:\WINDOWS\system32\DRIVERS\mxsport.sys [2005-09-21 89728] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S0 felcamf;felcamf; C:\WINDOWS\System32\drivers\onhuo.sys [2014-09-23 52440] S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-09-23 1094751] S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2004-04-20 24209] S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2004-04-20 57404] S3 GOLCARD;Golden Series Multiport Adapter Driver; C:\WINDOWS\system32\DRIVERS\golcard.sys [2007-05-17 16512] S3 GOLPORT;Golden Series Port Driver; C:\WINDOWS\system32\DRIVERS\golport.sys [2007-05-17 55040] S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS [] S3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] S3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 KvKbd;KvKbd; \??\C:\kvara\exe\KvKbd.sys [] S3 MODEMCSA;Unimodem Streaming-filterapparaat; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888] S3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248] S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752] S3 SNXPCARD;Sunix PCI Multi I/O Card Driver; C:\WINDOWS\system32\DRIVERS\snxpcard.sys [2001-03-07 20720] S3 usbser;Datalogic USB -> COM device (Virtual Port); C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2005-03-11 455632] S2 a1befe1b;Performancer; c:\docume~1\alluse~1\applic~1\perfor~1\PerformancerSvc.dll,service [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
  9. Hierbij het logje van ADWcleaner: # AdwCleaner v3.310 - Rapport aangemaakt 23/09/2014 op 08:11:51 # Laatste Update 12/09/2014 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruikersnaam : vossaert - MORBIDELLI444S # Gestart vanuit : C:\Documents and Settings\vossaert\Bureaublad\adwcleaner_3.310.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\Documents and Settings\All Users\Application Data\2308189059 [!] Map Verwijderd : C:\Documents and Settings\All Users\Application Data\Performancer Map Verwijderd : C:\Documents and Settings\All Users\Application Data\couuponpeak Map Verwijderd : C:\Documents and Settings\All Users\Application Data\saviingttoyou Map Verwijderd : C:\Documents and Settings\All Users\Application Data\SoftCoup Map Verwijderd : C:\Documents and Settings\All Users\Application Data\topudeal Map Verwijderd : C:\Program Files\System Speedup Map Verwijderd : C:\Documents and Settings\vossaert\Local Settings\Application Data\Genesis Map Verwijderd : C:\Documents and Settings\vossaert\Application Data\Systweak Map Verwijderd : C:\Documents and Settings\vossaert\Mijn documenten\Optimizer Pro Bestand Verwijderd : C:\WINDOWS\system32\roboot.exe Bestand Verwijderd : C:\Documents and Settings\vossaert\Local Settings\Application Data\fnmtsby.exe ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com Sleutel Verwijderd : HKLM\SOFTWARE\Classes\saViiNgitoyyou.saViiNgitoyyou Sleutel Verwijderd : HKLM\SOFTWARE\Classes\saViiNgitoyyou.saViiNgitoyyou.2.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SoftCoup.SoftCoup Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SoftCoup.SoftCoup.3.12 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\couuponpeak.couuponpeak Sleutel Verwijderd : HKLM\SOFTWARE\Classes\couuponpeak.couuponpeak.3.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\toPddeaal.toPddeaal Sleutel Verwijderd : HKLM\SOFTWARE\Classes\toPddeaal.toPddeaal.1.7 Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [fnmtsby] Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{a1befe1b} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66E50D22-07A9-A603-D337-BD4D88B0F640} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CA52915E-73F6-DD37-D294-7D9E53BF9D94} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EE9461B6-E1E1-34D1-5133-059CC84E6FE4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66E50D22-07A9-A603-D337-BD4D88B0F640} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA52915E-73F6-DD37-D294-7D9E53BF9D94} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE9461B6-E1E1-34D1-5133-059CC84E6FE4} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{16F059CB-3D3F-4ECC-B426-BAFA47233676} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{66E50D22-07A9-A603-D337-BD4D88B0F640} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA52915E-73F6-DD37-D294-7D9E53BF9D94} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE9461B6-E1E1-34D1-5133-059CC84E6FE4} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{16F059CB-3D3F-4ECC-B426-BAFA47233676} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66E50D22-07A9-A603-D337-BD4D88B0F640} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA52915E-73F6-DD37-D294-7D9E53BF9D94} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE9461B6-E1E1-34D1-5133-059CC84E6FE4} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{66E50D22-07A9-A603-D337-BD4D88B0F640} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA52915E-73F6-DD37-D294-7D9E53BF9D94} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EE9461B6-E1E1-34D1-5133-059CC84E6FE4} Sleutel Verwijderd : HKCU\Software\genesis Sleutel Verwijderd : HKCU\Software\systweak Sleutel Verwijderd : HKCU\Software\Tune Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Sleutel Verwijderd : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Sleutel Verwijderd : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Sleutel Verwijderd : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} Sleutel Verwijderd : HKLM\SOFTWARE\systweak Sleutel Verwijderd : HKLM\SOFTWARE\Tune Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\fnmtsby Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7540FDBD-7FDC-30AE-3778-815CB87DBE46} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7C28DF4D-53DB-2913-830C-A43B46EAC005} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B149088-3FB6-875E-C1A4-A25A6E9D278D} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2616871-3463-BCEE-5AFA-73773317A381} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\genesis Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\fnmtsby Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\System Speedup_is1 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7540FDBD-7FDC-30AE-3778-815CB87DBE46} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7C28DF4D-53DB-2913-830C-A43B46EAC005} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{9B149088-3FB6-875E-C1A4-A25A6E9D278D} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A2616871-3463-BCEE-5AFA-73773317A381} Gegevens Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\docume~1\alluse~1\applic~1\perfor~1\perfor~1.dll ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] ************************* AdwCleaner[R0].txt - [8120 octets] - [23/09/2014 08:04:59] AdwCleaner[s0].txt - [8087 octets] - [23/09/2014 08:11:51] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8147 octets] ##########
  10. Beste, Hierbij het logje: Logfile of random's system information tool 1.10 (written by random/random) Run by vossaert at 2014-09-22 12:46:08 Microsoft Windows XP Professional Service Pack 3 System drive C: has 24 GB (63%) free of 38 GB Total RAM: 247 MB (4% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:46:26, on 22/09/2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\documents and settings\vossaert\local settings\application data\fnmtsby.exe C:\Program Files\Scm Group\Xilog Plus\Bin\PanelMac.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Scm Group\Xilog Plus\Bin\KvServer.exe C:\Program Files\Scm Group\Xilog Plus\Bin\Parsifal.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\vossaert\Local Settings\Temporary Internet Files\Content.IE5\7Z5DE3XX\RSIT[1].exe C:\Program Files\trend micro\vossaert.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: ddownLOaditkeep - {27453122-8812-1A84-CDF4-208C68A54470} - C:\Documents and Settings\All Users\Application Data\ddownLOaditkeep\oP.dll O2 - BHO: saviingttoyou - {66E50D22-07A9-A603-D337-BD4D88B0F640} - C:\Documents and Settings\All Users\Application Data\saviingttoyou\rY5FBz7h0l.dll O2 - BHO: SoftCoup - {CA52915E-73F6-DD37-D294-7D9E53BF9D94} - C:\Documents and Settings\All Users\Application Data\SoftCoup\6Fd7.dll O2 - BHO: couuponpeak - {CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC} - C:\Documents and Settings\All Users\Application Data\couuponpeak\ASw3kPTl9.dll O2 - BHO: topudeal - {EE9461B6-E1E1-34D1-5133-059CC84E6FE4} - C:\Documents and Settings\All Users\Application Data\topudeal\NyAG7aLtTA.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [uIUCU] C:\DOCUME~1\vossaert\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [fnmtsby] "c:\documents and settings\vossaert\local settings\application data\fnmtsby.exe" /r O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: fnmtsby.lnk = C:\Documents and Settings\vossaert\Local Settings\Application Data\fnmtsby.exe O4 - Startup: PanelMac.exe.lnk = C:\Program Files\Scm Group\Xilog Plus\Bin\PanelMac.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\perfor~1\perfor~1.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 4944 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27453122-8812-1A84-CDF4-208C68A54470}] ddownLOaditkeep - C:\Documents and Settings\All Users\Application Data\ddownLOaditkeep\oP.dll [2014-08-18 332800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66E50D22-07A9-A603-D337-BD4D88B0F640}] saviingttoyou - C:\Documents and Settings\All Users\Application Data\saviingttoyou\rY5FBz7h0l.dll [2014-06-10 371200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA52915E-73F6-DD37-D294-7D9E53BF9D94}] SoftCoup - C:\Documents and Settings\All Users\Application Data\SoftCoup\6Fd7.dll [2014-06-19 371200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCDE8A4B-0491-1EAD-5471-1E62AB29D3DC}] couuponpeak - C:\Documents and Settings\All Users\Application Data\couuponpeak\ASw3kPTl9.dll [2014-07-07 371200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE9461B6-E1E1-34D1-5133-059CC84E6FE4}] topudeal - C:\Documents and Settings\All Users\Application Data\topudeal\NyAG7aLtTA.dll [2014-08-18 332800] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688] "UIUCU"=C:\DOCUME~1\vossaert\LOCALS~1\Temp\UIUCU.EXE [2004-09-21 561152] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "fnmtsby"=c:\documents and settings\vossaert\local settings\application data\fnmtsby.exe [2014-08-18 2338816] C:\Documents and Settings\vossaert\Menu Start\Programma's\Opstarten fnmtsby.lnk - C:\Documents and Settings\vossaert\Local Settings\Application Data\fnmtsby.exe PanelMac.exe.lnk - C:\Program Files\Scm Group\Xilog Plus\Bin\PanelMac.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" c:\docume~1\alluse~1\applic~1\perfor~1\perfor~1.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Aclient\AClntUsr.EXE"="C:\Program Files\Aclient\AClntUsr.EXE:*:Enabled:AClntUsr - AClient Interactive User Service" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=serwvdrv.dll ======List of files/folders created in the last 1 month====== 2014-09-22 12:46:12 ----D---- C:\Program Files\trend micro 2014-09-22 12:46:07 ----D---- C:\rsit 2014-09-18 08:09:13 ----D---- C:\Documents and Settings\All Users\Application Data\Allmyapps ======List of files/folders modified in the last 1 month====== 2014-09-22 12:46:12 ----D---- C:\Program Files 2014-09-22 12:46:04 ----D---- C:\WINDOWS\Prefetch 2014-09-22 07:37:12 ----D---- C:\WINDOWS\Temp 2014-09-22 07:36:12 ----SHD---- C:\WINDOWS\Installer 2014-09-19 15:01:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2014-09-18 08:23:12 ----D---- C:\Documents and Settings\vossaert\Application Data\systweak 2014-09-18 08:22:22 ----SD---- C:\WINDOWS\Tasks 2014-09-18 08:21:54 ----D---- C:\Program Files\Common Files\Symantec Shared 2014-09-18 08:15:19 ----D---- C:\WINDOWS 2014-09-18 08:11:53 ----SHD---- C:\Config.Msi 2014-09-18 08:07:37 ----D---- C:\WINDOWS\system32 2014-09-17 16:15:27 ----D---- C:\WINDOWS\WinSxS 2014-09-11 07:46:37 ----D---- C:\WINDOWS\system32\MRT 2014-09-11 07:40:38 ----A---- C:\WINDOWS\system32\MRT.exe 2014-08-28 07:35:37 ----A---- C:\Parsifal.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-05-28 17005] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332] R3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2008-04-13 63744] R3 mxser;MOXA Smartio/Industio Family Driver; C:\WINDOWS\system32\DRIVERS\mxser.sys [2005-09-21 19584] R3 mxsport;MOXA Smartio/Industio Multiport Board Port Driver; C:\WINDOWS\system32\DRIVERS\mxsport.sys [2005-09-21 89728] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-09-23 1094751] S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2004-04-20 24209] S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2004-04-20 57404] S3 GOLCARD;Golden Series Multiport Adapter Driver; C:\WINDOWS\system32\DRIVERS\golcard.sys [2007-05-17 16512] S3 GOLPORT;Golden Series Port Driver; C:\WINDOWS\system32\DRIVERS\golport.sys [2007-05-17 55040] S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS [] S3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] S3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 KvKbd;KvKbd; \??\C:\kvara\exe\KvKbd.sys [] S3 MODEMCSA;Unimodem Streaming-filterapparaat; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888] S3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248] S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752] S3 SNXPCARD;Sunix PCI Multi I/O Card Driver; C:\WINDOWS\system32\DRIVERS\snxpcard.sys [2001-03-07 20720] S3 usbser;Datalogic USB -> COM device (Virtual Port); C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a1befe1b;Performancer; c:\docume~1\alluse~1\applic~1\perfor~1\PerformancerSvc.dll [2014-06-05 186192] R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2005-03-11 455632] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  11. Beste, Graag wil ik m'n pc eens opschonen. Hierbij een HijackThislogje [ATTACH]35757[/ATTACH]: Kunnen jullie me verder helpen wat te doen. Alvast bedankt. Mvgr, Vincent hijackthis.log
  12. Dank Leroy voor uw reactie. Dus als ik het goed begrepen heb...Ik heb momenteel een King-abbo voor telefonie, etc. (15€ / maand), volgens mij zit hier 3G internet inbegrepen maar ik weet dit niet zeker (ik denk dit omdat ik werkelijk overal online kan met m'n goedkope oude gsm)? Dit zou ik ook willen kunnen na het aankopen van een tablet (gebruik enkel voor bekijken sites, mails) Als ik nu een tablet aankoop (vb. één die 3G ondersteund) kan ik dan (omdat ik King heb) onmiddellijk na aankoop overal op internet met de tablet (of moet er een chip- / sim-kaart aan Telenet gevraagd worden of moet er iets extra's bij Telenet aangekocht worden om naast de gsm op de tablet internet te genieten?). Groeten, Vincent
  13. Hallo, ik sta op het punt een tablet aan te kopen maar weet niet goed wat het verschil is tussen de 3G / 4 G en Wifi die men aanbiedt en of daar dan nog abonnementen voor moeten bijgekocht worden? Er is namelijk nogal een prijsverschil tussen deze. Even schetsen wat ik nu heb en wat ik graag zou willen... Momenteel zit ik voor m'n telefonie bij Telenet King, ik bezit nog zo'n oudere gsm (geen smartphone) waar ik zo goed als overal op internet mee kan (is dit dan via Wifi / 3G of 4G?). Voor m'n gsmabbo betaal ik slechts 15€ / maand... Graag wil ik buitenshuis ook online kunnen met de tablet, indien mogelijk zonder al te veel extra kosten 1. Wat neem ik dan best? 2. Moet er een abonnement aangekocht worden of geniet m'n tablet ook van het abbonement KING dat ik reeds heb? 3. Moet er in een tablet ook een SIM-kaart of dergelijke gestoken worden of moet m'n provider dit bezorgen? Hopelijk kan iemand hier wat meer advies / info geven. Alvast bedankt.
  14. Beste iEscape, Dit is voor USB connectie en enkel voor de types VP-D103 en VP-D105 maar ik heb een VP-D101 dus niet van toepassing voor dit model. Naar mijn weten zat er destijds ook geen software bij de camera. Zo'n 5 jaar geleden is het me nochtans gelukt om deze met de torenpc te verbinden (voor een trouwmontage te maken) maar na al die tijd geen idee meer hoe ik dit dan heb gedaan. Had alleszinds toen ook gebruik gemaakt van de driekleurige fiche...
  15. Beste iEscape, Ik had over je bericht gekeken, daarom hier antwoord...Het gaat om de camera Samsung VP-D101. De DVD die ik in m'n recorder stak voor opname was een DVD-R (1-16x speed 4,7GB). De screen die ik in het vorig bericht nam is van op m'n laptop Toshiba Satellite C670 (1 jaar oud) dus ik veronderstel dat die beide formaten van DVD kan afspelen (ook kan je zien dat na het insteken van het schijfje ook de drive erop komt in de verkenner, alleen staat er volgens verkenner niets op?) Op de torenpc heb ik het schijfje nog niet geprobeerd maar denk dat dit niets zal uithalen...ik wacht nog even af om die K-lite codec Pack te downloaden tot uw reactie... Als ik de camera aan de torenpc koppel (met zowel de S-video kabel als de kabel met 3kleurige fiches) gebeurt er niets, dus ik zie de camera ook niet terug in de Verkenner.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.