tibzie
Lid-
Items
155 -
Registratiedatum
-
Laatst bezocht
Over tibzie
- Verjaardag 18-01-1990
tibzie's prestaties
-
[OPGELOST] wegvallen bureaublad
tibzie reageerde op hbauduin's topic in Archief Bestrijding malware & virussen
mijn manier was door register aanpassingen te maken zo het taakbeheer weer toehankelijk te maken en ipv explorer.exe op te starten heb ik er explorerer.exe van gemaakt (gewoon gekopieert) en nu door middel van dit pc-helpforum het virus er op een een gelijkaardige manier als u afgekregen. -
gaan naar energiebeheer via het configuratie scherm en normaal zal u daar wel ergens de acties die hij moet uitvoeren bij het toeklappen van het scherm e.d. te wijzigen (dit is toch op windows XP toepasselijk dus waarschijnlijk ook bij vista)
-
[OPGELOST] wegvallen bureaublad
tibzie reageerde op hbauduin's topic in Archief Bestrijding malware & virussen
zat/zit met het zelfde probleem ik heb het eerst op mijn manier opgelost en nu ben ik aan de hand van pc-helpforum de restanten aan het verwijderen. -
Malwarebytes heeft geen infecties gevonden dus is het ook onnodig om de log te posten (ik heb de log nagekeken en er was niks geinfecteerd en niks gevonden) DSS post: Deckard's System Scanner v20071014.68 Run by Tibbout on 2008-04-20 17:46:38 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 28: 2008-04-20 15:47:33 UTC - RP28 - Deckard's System Scanner Restore Point 27: 2008-04-20 07:03:20 UTC - RP27 - ComboFix created restore point 26: 2008-04-19 18:58:20 UTC - RP26 - Herstelbewerking 25: 2008-04-19 14:12:07 UTC - RP25 - Controlepunt van systeem 24: 2008-04-17 15:22:15 UTC - RP24 - Controlepunt van systeem -- First Restore Point -- 1: 2008-03-25 17:24:38 UTC - RP1 - Controlepunt van systeem Backed up registry hives. Performed disk cleanup. Total Physical Memory: 383 MiB (512 MiB recommended). -- HijackThis (run as Tibbout.exe) --------------------------------------------- Unable to find log (file not found); running clone. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-04-20 17:48:39 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\explorer.exe C:\Program Files\Grisoft\AVG7\avgamsvr.exe C:\Program Files\Grisoft\AVG7\avgupsvc.exe C:\Program Files\LogMeIn\x86\ramaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\Program Files\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Documents and Settings\Tibbout\Application Data\Opera\Opera\profile\cache4\temporary_download\dss.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Windows Live Help R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKCU\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\ramaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\system32\TuneUpDefragService.exe -- End of file - 5159 bytes -- HijackThis Fixed Entries (C:\DOCUME~1\Tibbout\MIJNDO~1\software\ANTI-V~1\HIJACK~1\backups\) -------------------------------------------------------------------------------- backup-20080123-165535-830 O4 - HKLM\..\Run: [DShutdown] "C:\DOCUME~1\Tibbout\LOCALS~1\Temp\Tijdelijke map 1 voor dshutdown.zip\DShutdown\DShutdown.exe" /SAVEONEXIT /IP:LocalHost /Shutdown /IP:ACER-10129A827F /Shutdown /IP:DELL /Shutdown backup-20080123-165535-976 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) backup-20080401-111038-651 O3 - Toolbar: (no name) - {FD621E34-BFCE-41D3-BF58-43FF97746AD7} - (no file) backup-20080401-111038-862 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Internet Doorzoeken :: DAEMON-Search.com backup-20080419-202159-114 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com backup-20080419-202159-156 O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE backup-20080419-202159-203 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k backup-20080419-202159-243 O4 - HKLM\..\Run: [LaunchApp] Alaunch backup-20080419-202159-249 O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent backup-20080419-202159-292 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search backup-20080419-202159-316 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe backup-20080419-202159-335 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com backup-20080419-202159-381 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://msnia.login.live.com/ppsecure/sha1auth.srf?lc=2067 backup-20080419-202159-398 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe backup-20080419-202159-418 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com backup-20080419-202159-466 O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe backup-20080419-202159-478 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search backup-20080419-202159-580 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen backup-20080419-202159-673 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background backup-20080419-202159-726 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" backup-20080419-202200-151 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll backup-20080419-202200-730 O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe backup-20080419-202201-255 O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll backup-20080419-202201-603 O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll backup-20080419-202201-806 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll backup-20080419-202202-162 O11 - Options group: [iNTERNATIONAL] International* backup-20080419-202202-502 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) backup-20080419-202202-608 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) backup-20080419-202202-810 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL backup-20080419-202203-283 O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab backup-20080419-202204-696 O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab backup-20080419-202204-762 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab backup-20080419-202205-338 O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll backup-20080419-202205-428 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL backup-20080419-202205-841 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL backup-20080419-204841-162 O2 - BHO: (no name) - {02540E51-1317-4A95-879D-DFA674857201} - C:\WINDOWS\system32\efcAQJyA.dll backup-20080419-204842-209 O2 - BHO: (no name) - {4020100D-29D7-4392-AFD5-5AD713FF4B88} - C:\WINDOWS\system32\iifdaYOg.dll backup-20080419-204843-250 O20 - Winlogon Notify: iifdaYOg - C:\WINDOWS\SYSTEM32\iifdaYOg.dll backup-20080419-204847-167 O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 UBHelper - c:\windows\system32\drivers\ubhelper.sys R2 osanbm - c:\windows\system32\drivers\osanbm.sys <Not Verified; Windows ® 2000 DDK provider; OSA int15 Driver> R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; > S3 int15.sys - c:\program files\acer\erecovery\int15.sys S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 anbmService (Notebook Manager Service) - c:\acer\emanager\anbmserv.exe <Not Verified; OSA Technologies Inc.; Acer eManager for Notebook> R2 UPHClean (User Profile Hive Cleanup) - c:\program files\uphclean\uphclean.exe <Not Verified; Microsoft Corporation; User Profile Hive Cleanup Service> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-04-09 13:03:54 274 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job 2008-04-09 13:03:50 396 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job 2008-04-04 19:20:40 398 --a------ C:\WINDOWS\Tasks\Easy Onderhoud.job -- Files created between 2008-03-20 and 2008-04-20 ----------------------------- 2008-04-20 12:44:49 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-04-20 11:41:49 0 d-------- C:\Documents and Settings\Gast\Application Data\Jasc Software Inc 2008-04-20 09:05:50 0 d-------- C:\cmdcons 2008-04-20 09:02:01 68096 --a------ C:\WINDOWS\zip.exe 2008-04-20 09:02:01 49152 --a------ C:\WINDOWS\VFind.exe 2008-04-20 09:02:01 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists> 2008-04-20 09:02:01 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller> 2008-04-20 09:02:01 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor> 2008-04-20 09:02:01 98816 --a------ C:\WINDOWS\sed.exe 2008-04-20 09:02:01 80412 --a------ C:\WINDOWS\grep.exe 2008-04-20 09:02:01 73728 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-04-20 08:53:09 0 d-------- C:\VundoFix Backups 2008-04-19 20:38:21 0 dr-h----- C:\Documents and Settings\Tibbout\Onlangs geopend 2008-04-19 20:24:03 0 dr-h----- C:\Documents and Settings\Cedric\Onlangs geopend 2008-04-19 19:54:54 0 dr-h----- C:\$VAULT$.AVG 2008-04-19 19:33:06 0 d-------- C:\Documents and Settings\All Users\Application Data\EarMaster 2008-04-18 18:37:54 0 d-------- C:\Documents and Settings\Cedric\Incomplete 2008-04-18 18:37:21 0 d-------- C:\Documents and Settings\Cedric\Application Data\FrostWire 2008-04-18 18:36:37 0 d-------- C:\Documents and Settings\Cedric\Application Data\Ipswitch 2008-04-13 14:37:15 0 d-------- C:\Documents and Settings\Gast\Application Data\Ipswitch 2008-04-10 17:33:28 0 d-------- C:\Restoration 2008-04-09 13:03:48 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Uniblue 2008-04-09 13:03:16 0 d-------- C:\Program Files\Uniblue 2008-04-06 12:35:30 0 d-------- C:\Program Files\Poke 2008-04-01 19:08:56 0 d-------- C:\Documents and Settings\Tibbout\Application Data\CoreFTP 2008-04-01 19:07:42 0 d-------- C:\Program Files\CoreFTP 2008-04-01 17:27:25 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Ipswitch 2008-04-01 17:26:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Ipswitch 2008-04-01 17:26:44 50688 --a------ C:\WINDOWS\system32\wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines> 2008-04-01 17:26:34 0 d-------- C:\Program Files\Ipswitch 2008-04-01 17:25:50 0 d-------- C:\Documents and Settings\Tibbout\Application Data\InstallShield 2008-04-01 11:11:13 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Malwarebytes 2008-04-01 11:11:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-04-01 11:06:56 0 d-------- C:\Documents and Settings\Tibbout\Application Data\uk.co.planetside 2008-04-01 10:26:33 0 d-------- C:\Program Files\Terragen 2008-04-01 10:15:26 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Dexpot 2008-04-01 10:00:27 73728 --a------ C:\WINDOWS\system32\GkSui18.EXE 2008-03-29 12:39:54 0 d-------- C:\Program Files\Rockstar Games 2008-03-22 23:21:53 0 d-------- C:\Program Files\InterActual 2008-03-22 22:39:03 5767168 --a------ C:\Documents and Settings\Tibbout\ntuser.dat 2008-03-22 21:11:41 0 d-------- C:\Program Files\BPK 2008-03-22 10:07:56 0 d-------- C:\Documents and Settings\Cedric\Application Data\AdobeUM -- Find3M Report --------------------------------------------------------------- 2008-04-20 13:41:05 0 d-------- C:\Documents and Settings\Tibbout\Application Data\AVG7 2008-04-20 08:39:06 0 d-------- C:\Program Files\LogMeIn 2008-04-14 19:04:48 0 d-------- C:\Documents and Settings\Tibbout\Application Data\FrostWire 2008-04-12 18:49:40 504482 --a------ C:\WINDOWS\system32\perfh013.dat 2008-04-12 18:49:40 88852 --a------ C:\WINDOWS\system32\perfc013.dat 2008-04-11 19:45:39 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-04-09 18:16:00 0 d-------- C:\Program Files\FrostWire 2008-04-09 13:46:12 0 d-------- C:\Program Files\AvRack 2008-04-04 14:58:02 0 d-------- C:\Program Files\Opera 2008-04-01 14:27:38 0 d-------- C:\Program Files\Java 2008-03-15 15:29:17 0 d-------- C:\Program Files\DAEMON Tools Lite 2008-03-15 15:15:09 0 d-------- C:\Documents and Settings\Tibbout\Application Data\DAEMON Tools 2008-03-15 14:21:21 0 d-------- C:\Program Files\2 Pic 2008-03-15 14:17:20 0 d-------- C:\Documents and Settings\Tibbout\Application Data\VSRevoGroup 2008-03-14 22:45:17 0 d-------- C:\Program Files\directx 2008-03-12 16:25:11 25992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe <Not Verified; Sysinternals - www.sysinternals.com; Page File Defragmenter> 2008-03-11 19:53:39 0 d-------- C:\Program Files\Auslogics 2008-03-11 19:28:30 0 d-------- C:\Program Files\IObit 2008-03-11 19:15:19 0 d-------- C:\Program Files\VS Revo Group 2008-03-11 18:44:08 0 d-------- C:\Program Files\YouTube Downloader 2008-03-11 18:40:56 0 d-------- C:\Documents and Settings\Tibbout\Application Data\NCH Swift Sound 2008-03-11 18:40:40 0 d-------- C:\Program Files\Telemeter 3.0 2008-03-11 18:40:24 0 d-------- C:\Program Files\NCH Swift Sound 2008-03-11 18:39:07 0 d-------- C:\Program Files\NCH Software 2008-03-11 18:38:23 0 d-------- C:\Program Files\Octoshape Streaming Services 2008-03-07 22:53:10 0 d-------- C:\Program Files\MessengerDiscovery 2 2008-03-03 19:39:26 0 d-------- C:\Program Files\CCleaner 2008-03-03 11:05:00 0 d-------- C:\Program Files\MSN Messenger 2008-03-02 09:54:49 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Auslogics 2008-02-26 21:09:58 0 d-------- C:\Program Files\Windows Live 2008-02-26 21:08:51 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2008-02-26 19:16:02 0 d-------- C:\Program Files\Windows Live Safety Center 2008-02-26 17:59:35 0 d-------- C:\Program Files\Common Files 2008-02-25 22:14:36 335 --a------ C:\WINDOWS\nsreg.dat 2008-02-25 22:14:36 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Mozilla 2008-02-25 22:13:07 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Easy Computing 2008-02-25 20:59:57 0 d-------- C:\Program Files\Easy Computing 2008-02-22 20:02:58 0 d-------- C:\Program Files\AviSynth 2.5 2008-02-21 20:25:38 0 d-------- C:\Program Files\Common Files\Adobe 2008-02-20 19:56:51 0 d-------- C:\Documents and Settings\Tibbout\Application Data\Adobe 2008-02-13 15:13:18 3309 --a------ C:\WINDOWS\system32\chordcomposer_en.dat 2008-02-10 17:12:42 262144 --a------ C:\WINDOWS\system32\default_user_class.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [17/04/2008 16:58] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 06:00] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=1 (0x1) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegedit"=0 (0x0) "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=1 (0x1) "HideStartupScripts"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoResolveSearch"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"=0 (0x0) "NoMovingBands"=0 (0x0) "NoCloseDragDropBands"=0 (0x0) "NoSetTaskbar"=0 (0x0) "NoToolbarsOnTaskbar"=0 (0x0) "LinkResolveIgnoreLinkInfo"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microtek Scanner Finder.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microtek Scanner Finder.lnk backup=C:\WINDOWS\pss\Microtek Scanner Finder.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Utility Tray.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Utility Tray.lnk backup=C:\WINDOWS\pss\Utility Tray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoostSpeed] "C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe" /Q [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableMouse] Rundll32.exe Mouse,Disable [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnableMouse] Rundll32.exe Mouse,Enable [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HideWin] C:\DOCUME~1\Tibbout\LOCALS~1\Temp\Tijdelijke map 3 voor hidewin.zip\hidewin.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] "C:\Program Files\Arcade\PCMService.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AVGEMS"=2 (0x2) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp -- End of Deckard's System Scanner: finished at 2008-04-20 17:50:01 ------------
-
Gisteren had ik een of ander bestand gedownload en dat bleek een virus te zijn. Ik kon taakbeheer niet meer openen (wat ik inmiddels al heb kunnen oplossen met een register edit). En explorer.exe viel altijd uit en aan, de pc was onhandelbaar maar dat heb ik inmiddels ook kunnen verhelpen door een kopie te nemen van explorer.exe en dat te hernoemen naar explorerer.exe en ipv van explorer.exe te laten opstarten heb ik explorerer.exe laten opstarten (ook dmv een register edit) maar nu zit ik nog altijd met die spyware/malware/virus op mijn pc. Ik heb ook al combofix en hijackthis en vundofix laten lopen maar vundofix heeft niks gevonden. ComboFix 08-04-18.3 - Tibbout 2008-04-20 9:06:44.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.104 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\Tibbout\Bureaublad\ComboFix.exe Command switches used :: C:\Documents and Settings\Tibbout\Bureaublad\WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\AyJQAcfe.ini C:\WINDOWS\system32\AyJQAcfe.ini2 C:\WINDOWS\system32\efcAQJyA.dll C:\WINDOWS\system32\iifdaYOg.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NWSAPAGENT -------\Service_NwSapAgent (((((((((((((((((((( Bestanden Gemaakt van 2008-03-20 to 2008-04-20 )))))))))))))))))))))))))))))) . 2008-04-20 08:53 . 2008-04-20 08:53 <DIR> d-------- C:\VundoFix Backups 2008-04-19 20:38 . 2008-04-19 20:38 <DIR> dr-h----- C:\Documents and Settings\Tibbout\Onlangs geopend 2008-04-19 20:26 . 2007-06-13 15:24 1,036,800 --a------ C:\WINDOWS\explorerer.exe 2008-04-19 20:24 . 2008-04-19 20:24 <DIR> dr-h----- C:\Documents and Settings\Cedric\Onlangs geopend 2008-04-19 19:54 . 2008-04-19 20:47 <DIR> dr-h----- C:\$VAULT$.AVG 2008-04-19 19:33 . 2008-04-19 19:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\EarMaster 2008-04-18 18:37 . 2008-04-18 18:37 <DIR> d-------- C:\Documents and Settings\Cedric\Incomplete 2008-04-18 18:37 . 2008-04-18 18:42 <DIR> d-------- C:\Documents and Settings\Cedric\Application Data\FrostWire 2008-04-18 18:36 . 2008-04-18 18:36 <DIR> d-------- C:\Documents and Settings\Cedric\Application Data\Ipswitch 2008-04-13 14:37 . 2008-04-13 14:37 <DIR> d-------- C:\Documents and Settings\Gast\Application Data\Ipswitch 2008-04-10 17:33 . 2008-04-10 17:33 <DIR> d-------- C:\Restoration 2008-04-09 13:03 . 2008-04-09 13:07 <DIR> d-------- C:\Program Files\Uniblue 2008-04-09 13:03 . 2008-04-09 13:07 <DIR> d-------- C:\Documents and Settings\Tibbout\Application Data\Uniblue 2008-04-06 12:35 . 2008-04-06 12:52 <DIR> d-------- C:\Program Files\Poke 2008-04-01 19:08 . 2008-04-01 19:10 <DIR> d-------- C:\Documents and Settings\Tibbout\Application Data\CoreFTP 2008-04-01 19:07 . 2008-04-01 19:07 <DIR> d-------- C:\Program Files\CoreFTP 2008-04-01 17:27 . 2008-04-01 17:27 <DIR> d-------- C:\Documents and Settings\Tibbout\Application Data\Ipswitch 2008-04-01 17:26 . 2008-04-01 17:26 <DIR> d-------- C:\Program Files\Ipswitch 2008-04-01 17:26 . 2008-04-01 17:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ipswitch 2008-04-01 17:26 . 2005-02-28 12:37 606,293 --a------ C:\WINDOWS\system32\wbocx.ocx 2008-04-01 17:26 . 2005-02-28 12:37 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll 2008-04-01 17:25 . 2008-04-01 17:25 <DIR> d-------- C:\Documents and Settings\Tibbout\Application Data\InstallShield 2008-04-01 11:11 . 2008-04-01 11:11 <DIR> d-------- C:\Documents and Settings\Tibbout\Application Data\Malwarebytes 2008-04-01 11:11 . 2008-04-01 11:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-04-01 11:06 . 2008-04-01 11:06 <DIR> d-------- C:\Documents and Settings\Tibbout\Application Data\uk.co.planetside 2008-04-01 10:26 . 2008-04-01 10:26 <DIR> d-------- C:\Program Files\Terragen 2008-04-01 10:15 . 2008-04-01 10:30 <DIR> d-------- C:\Documents and Settings\Tibbout\Application Data\Dexpot 2008-04-01 10:00 . 2002-04-19 00:50 73,728 --a------ C:\WINDOWS\system32\GkSui18.EXE 2008-03-29 12:39 . 2008-03-29 12:39 <DIR> d-------- C:\Program Files\Rockstar Games 2008-03-22 23:21 . 2008-03-22 23:22 <DIR> d-------- C:\Program Files\InterActual 2008-03-22 22:08 . 2008-03-22 21:42 165,939 --a------ C:\screenshot2.jpg 2008-03-22 22:06 . 2008-03-22 21:23 187,902 --a------ C:\screenshot.jpg 2008-03-22 21:11 . 2008-04-09 14:22 <DIR> d-------- C:\Program Files\BPK 2008-03-22 10:07 . 2008-03-22 10:07 <DIR> d-------- C:\Documents and Settings\Cedric\Application Data\AdobeUM . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-20 06:39 --------- d-----w C:\Program Files\LogMeIn 2008-04-19 18:32 --------- d-----w C:\Documents and Settings\Tibbout\Application Data\AVG7 2008-04-14 17:04 --------- d-----w C:\Documents and Settings\Tibbout\Application Data\FrostWire 2008-04-11 17:45 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-09 16:16 --------- d-----w C:\Program Files\FrostWire 2008-04-09 11:46 --------- d-----w C:\Program Files\AvRack 2008-04-04 12:58 --------- d-----w C:\Program Files\Opera 2008-04-01 12:27 --------- d-----w C:\Program Files\Java 2008-03-15 13:29 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-03-15 13:17 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-03-15 13:15 --------- d-----w C:\Documents and Settings\Tibbout\Application Data\DAEMON Tools 2008-03-15 12:21 --------- d-----w C:\Program Files\2 Pic 2008-03-15 12:17 --------- d-----w C:\Documents and Settings\Tibbout\Application Data\VSRevoGroup 2008-03-14 20:45 --------- d-----w C:\Program Files\directx 2008-03-11 17:53 --------- d-----w C:\Program Files\Auslogics 2008-03-11 17:28 --------- d-----w C:\Program Files\IObit 2008-03-11 17:15 --------- d-----w C:\Program Files\VS Revo Group 2008-03-11 16:44 --------- d-----w C:\Program Files\YouTube Downloader 2008-03-11 16:40 --------- d-----w C:\Program Files\Telemeter 3.0 2008-03-11 16:40 --------- d-----w C:\Program Files\NCH Swift Sound 2008-03-11 16:40 --------- d-----w C:\Documents and Settings\Tibbout\Application Data\NCH Swift Sound 2008-03-11 16:39 --------- d-----w C:\Program Files\NCH Software 2008-03-11 16:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound 2008-03-11 16:38 --------- d-----w C:\Program Files\Octoshape Streaming Services 2008-03-07 20:53 --------- d-----w C:\Program Files\MessengerDiscovery 2 2008-03-03 17:39 --------- d-----w C:\Program Files\CCleaner 2008-03-03 09:05 --------- d-----w C:\Program Files\MSN Messenger 2008-03-02 17:23 --------- d-----w C:\Documents and Settings\Gast\Application Data\AVG7 2008-03-02 16:47 --------- d-----w C:\Documents and Settings\Cedric\Application Data\AVG7 2008-03-02 07:54 --------- d-----w C:\Documents and Settings\Tibbout\Application Data\Auslogics 2008-02-26 19:09 --------- d-----w C:\Program Files\Windows Live 2008-02-26 19:08 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller 2008-02-26 19:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-26 17:16 --------- d-----w C:\Program Files\Windows Live Safety Center 2008-02-25 20:13 --------- d-----w C:\Documents and Settings\Tibbout\Application Data\Easy Computing 2008-02-25 18:59 --------- d-----w C:\Program Files\Easy Computing 2008-02-22 18:02 --------- d-----w C:\Program Files\AviSynth 2.5 2008-02-21 18:25 --------- d-----w C:\Program Files\Common Files\Adobe 2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll 2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll 2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 16:58 579584] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 06:00 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-05 11:17 219136] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegedit"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"= 0 (0x0) "NoMovingBands"= 0 (0x0) "NoCloseDragDropBands"= 0 (0x0) [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microtek Scanner Finder.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microtek Scanner Finder.lnk backup=C:\WINDOWS\pss\Microtek Scanner Finder.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Utility Tray.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Utility Tray.lnk backup=C:\WINDOWS\pss\Utility Tray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] --a------ 2004-10-07 20:50 88363 C:\WINDOWS\AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoostSpeed] --a------ 2008-01-19 16:39 1927168 C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableMouse] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnableMouse] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HideWin] C:\DOCUME~1\Tibbout\LOCALS~1\Temp\Tijdelijke map 3 voor hidewin.zip\hidewin.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] --a------ 2004-08-04 06:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager] --a------ 2005-03-28 13:30 315392 C:\Program Files\Launch Manager\QtZgAcer.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI] --a------ 2007-04-17 15:03 63048 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --a------ 2005-03-09 19:59 49152 C:\Program Files\Arcade\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] --a------ 2004-08-04 06:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] --a------ 2004-08-04 06:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-01-04 20:40 98304 C:\WINDOWS\system32\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] --a------ 2005-02-23 12:13 77824 C:\WINDOWS\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telemeter 3.0] C:\Program Files\Telemeter 3.0\telemeter3.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AVGEMS"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"= R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-04-17 15:00] R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2007-04-05 12:55] R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 16:57] R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-04 06:00] R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 02:43] S3 int15.sys;int15.sys;C:\Program Files\acer\eRecovery\int15.sys [2005-01-13 15:46] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-15 22:18] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map "2008-04-04 17:20:40 C:\WINDOWS\Tasks\Easy Onderhoud.job" - C:\Program Files\TuneUp Utilities 2008\OneClick.exe "2008-04-09 11:03:54 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job" - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe "2008-04-09 11:03:50 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job" - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-20 09:14:51 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 364 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Acer\eManager\anbmServ.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\LogMeIn\x86\ramaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\UPHClean\uphclean.exe C:\PROGRA~1\Grisoft\AVG7\avginet.exe . ************************************************************************** . Voltooingstijd: 2008-04-20 9:25:27 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-20 07:25:08 Pre-Run: 14,572,998,656 bytes beschikbaar Post-Run: 14,498,574,336 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=AllwaysOff C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons 216 --- E O F --- 2008-04-12 16:51:31 Logfile of HijackThis v1.99.1 Scan saved at 9:34:00, on 20/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\Tibbout\Mijn documenten\software\anti-virus\hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Windows Live Help R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKCU\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
-
en virtualdub is niet wat ik echt zoek de code?
-
nee ik heb dit probleem alleen bij gefilmde filmpjes van mijn sony camera maar het rare is dat nadat ik ze gemonteerd heb in pinnancle is het probleem weg maar als ik ze bv. monteer in premiere pro blijft het
-
Volgens mij ligt het aan je directx driver (ben niet zeker) als ik het goed voor heb zit je met directx 6 terwijl er al een versie negen of misschien zelfs versie tien uit ze google eens op directx en update dan je driver met de laatste versie.
-
Tho dat hangt er denk ik van af, als het een recovery cd is dan moet je het zeker niet proberen want dat zal toch niet baten en als het een windows cd is werkt het misschien maar waarschijnlijk kan je het maar op 1 pc tegelijk registreren. partities zijn delen van je harde schijf zoals je C: en D: hebt. Dat installatie scherm is het scherm dat je krijgt als je windows wilt installeren vanaf je cd (uiteraard als windows niet is opgestart).
-
Normaal gezien (dit was toch bij mij het geval) zal hij je volledige C schijf wissen als je daar windows op installeert en dan pas windows installeren, een bootmenu (een zwart scherm waar je je besturingssysteem op kan kiezen) krijg je alleen als er meerdere besturingssystemen geinstalleerd hebt en aangezien er maar 1 besturingssyteem per partitie kan zijn zal je dit niet voorhebben.
-
Dit is duidelijk een probleem voor kape.
-
de D schijf kan je gewoon in windows formateren aangezien deze geen belangrijke systeem bestanden bevat deze computer > rechtermuisknop > formatteren en de C schijf wordt automatisch volledig geformatteerd als je er windows XP opnieuw op installeert (PS: al je bestanden worden bij beide gewist)
-
gebruik soms ook super maar ik heb het gevoel dat er een kwaliteits verlies zit op super toch zeker bij het geluid klopt dit?
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!