Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Probeer eerst dit voor je internetverbinding :

Ga naar start -> uitvoeren

typ cmd druk op enter

typ ipconfig /flushdns en klik enter

Herstart de computer.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

C:\found.001

C:\found.000

Driver::

aswSP

aswFsBlk

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

En laat meteen ook eens weten hoe het dan met alle problemen staat ?

  • Reacties 27
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Geplaatst:

Goedemorgen geachte heer Kape,

ik heb gedaan wat u schreef, de pc loopt als een zonnetje, ik kan alles doen en hij LOOPT NIET MEER VAST!!!!!!!!!!!!!!!!!!!!!!!!!

ÉÉN PROBLEEM NOG STEEDS;

INTERNET DOET HET NOG STEEDS NIET en dat krijg ik maar niet gefixed, nu moet ik wel zeggen dat ik alles heb uitgezet voor de combofix scan: alles is:

avast antivirus

spybot search and destroy resident en teatimer

windowsfirewall

defender kreeg ik niet uit dus heb ik hem alles laten negeren zodat hij er zich niet mee ging bemoeien. Verder is alles helemaal goed!

hartstikke bedankt alweer, zouden jullie mij wel willen blijven begeleiden tot ik weer op internet kan, dat zou ik erg waarderen.

oh ja, de pc zegt dat ik verbonden ben met het netwerk maar met beperkte toegang, maar ik ben niet verbonden en kan het ook niet herstellen, onderaan bij de klok geeft de pc dat aan met een vet kruis over dat verbindingsicoontje

groeten, inge goris

hiervolgen de logs van combofix en hijackthis

ComboFix 10-04-21.01 - Daan Room 26-04-2010 9:59.4.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.1961 [GMT 2:00]

Gestart vanuit: c:\users\Daan Room\Desktop\scan.exe

gebruikte Opdracht switches :: c:\users\Daan Room\Desktop\CFScript.txt

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_ASWFSBLK

-------\Legacy_ASWSP

-------\Service_aswFsBlk

-------\Service_aswSP

(((((((((((((((((((( Bestanden Gemaakt van 2010-03-26 to 2010-04-26 ))))))))))))))))))))))))))))))

.

2010-04-26 08:04 . 2010-04-26 08:04 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-04-26 08:04 . 2010-04-26 08:04 -------- d-----w- c:\users\Gast\AppData\Local\temp

2010-04-26 08:04 . 2010-04-26 08:04 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-04-25 14:37 . 2010-04-25 14:44 -------- d-----w- C:\scan5567s

2010-04-25 13:52 . 2010-04-25 13:59 -------- d-----w- C:\scan

2010-04-23 11:54 . 2010-04-23 11:54 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys

2010-04-23 07:20 . 2010-04-23 07:20 -------- d-----w- c:\users\Daan Room\AppData\Roaming\Malwarebytes

2010-04-23 07:20 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-04-23 07:20 . 2010-04-23 07:20 -------- d-----w- c:\programdata\Malwarebytes

2010-04-23 07:20 . 2010-04-23 07:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-04-23 07:20 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-04-22 08:31 . 2010-04-22 08:31 -------- d-----w- C:\found.001

2010-04-21 15:54 . 2010-04-21 15:54 -------- d-----w- c:\program files\Trend Micro

2010-04-19 14:47 . 2010-04-19 14:47 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-04-19 12:58 . 2010-04-19 12:58 -------- d-----w- C:\found.000

2010-04-15 09:41 . 2010-04-15 09:41 -------- d-----w- c:\programdata\Alwil Software

2010-04-01 18:17 . 2010-02-23 06:33 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-04-01 18:17 . 2010-02-23 06:33 71680 ----a-w- c:\windows\system32\iesetup.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-04-26 08:04 . 2009-08-13 18:03 12 ----a-w- c:\windows\bthservsdp.dat

2010-04-26 07:54 . 2008-01-21 06:47 667352 ----a-w- c:\windows\system32\perfh013.dat

2010-04-26 07:54 . 2008-01-21 06:47 126854 ----a-w- c:\windows\system32\perfc013.dat

2010-04-21 15:54 . 2010-04-21 15:54 388096 ----a-r- c:\users\Daan Room\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-04-21 13:18 . 2009-05-04 14:44 1356 ----a-w- c:\users\Daan Room\AppData\Local\d3d9caps.dat

2010-04-19 23:13 . 2009-01-16 23:24 -------- d-----w- c:\program files\Windows Live Safety Center

2010-04-19 23:13 . 2009-01-16 21:25 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2010-04-19 14:48 . 2008-07-01 14:24 -------- d-----w- c:\program files\Common Files\Java

2010-04-19 14:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games

2010-04-19 12:59 . 2010-04-19 12:59 255472 ----a-w- c:\users\Daan Room\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

2010-04-16 12:35 . 2008-07-01 14:36 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-04-16 12:33 . 2010-02-09 11:00 -------- d-----w- c:\programdata\WinZip

2010-04-16 12:25 . 2008-07-01 15:08 -------- d-----w- c:\program files\Common Files\Adobe

2010-04-15 18:15 . 2008-07-01 15:14 -------- d-----w- c:\programdata\Microsoft Help

2010-04-15 10:06 . 2009-01-16 15:49 -------- d-----w- c:\users\Daan Room\AppData\Roaming\Toshiba

2010-04-15 09:45 . 2009-01-16 19:03 -------- d-----w- c:\program files\Alwil Software

2010-04-14 16:47 . 2009-01-16 19:03 38848 ----a-w- c:\windows\system32\avastSS.scr

2010-04-14 16:47 . 2009-01-16 19:03 153184 ----a-w- c:\windows\system32\aswBoot.exe

2010-04-14 16:35 . 2009-01-16 19:03 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-04-14 16:35 . 2009-01-16 19:03 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-04-14 16:31 . 2009-01-16 19:03 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-04-14 16:31 . 2009-01-16 19:03 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2010-04-14 16:31 . 2009-01-16 19:03 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-04-12 17:57 . 2009-09-02 15:09 75 ----a-w- c:\users\Daan Room\jagex_runescape_preferences2.dat

2010-04-12 17:57 . 2009-01-21 14:42 41 ----a-w- c:\users\Daan Room\jagex_runescape_preferences.dat

2010-04-08 13:49 . 2010-04-08 13:49 0 ----a-w- c:\users\Gast\AppData\Roaming\wklnhst.dat

2010-04-08 13:48 . 2009-01-16 22:39 121840 ----a-w- c:\users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT

2010-03-25 15:56 . 2009-01-16 11:35 121840 ----a-w- c:\users\Daan Room\AppData\Local\GDIPFONTCACHEV1.DAT

2010-03-25 13:19 . 2010-03-25 13:19 -------- d-----w- c:\programdata\Adobe Systems

2010-03-25 13:19 . 2010-03-25 13:19 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared

2010-03-24 18:00 . 2010-03-24 18:00 0 ----a-w- c:\users\Daan Room\jagex__preferences3.dat

2010-03-23 06:36 . 2010-02-13 06:16 680 ----a-w- c:\users\Gast\AppData\Local\d3d9caps.dat

2010-03-12 02:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-03-10 19:11 . 2010-03-10 19:11 -------- d-----w- c:\program files\LEGO Media

2010-03-10 17:22 . 2009-03-14 19:18 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2010-03-10 17:22 . 2009-03-14 19:18 103736 ----a-w- c:\windows\system32\PnkBstrB.exe

2010-03-04 09:11 . 2010-03-04 09:04 -------- d-----w- c:\users\Daan Room\AppData\Roaming\PDF reDirect

2010-03-04 09:04 . 2010-03-04 09:04 -------- d-----w- c:\program files\PDF reDirect

2010-02-24 09:16 . 2009-10-03 10:40 181632 ------w- c:\windows\system32\MpSigStub.exe

2010-02-23 06:39 . 2010-04-02 12:21 916480 ----a-w- c:\windows\system32\wininet.dll

2010-02-23 04:55 . 2010-04-02 12:21 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-02-20 23:06 . 2010-03-12 02:00 24064 ----a-w- c:\windows\system32\nshhttp.dll

2010-02-20 23:05 . 2010-03-12 02:00 30720 ----a-w- c:\windows\system32\httpapi.dll

2010-02-20 20:53 . 2010-03-12 02:00 411648 ----a-w- c:\windows\system32\drivers\http.sys

2010-02-12 17:49 . 2010-02-09 09:30 1 ----a-w- c:\users\Daan Room\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2010-02-12 10:32 . 2010-03-16 10:05 293376 ----a-w- c:\windows\system32\browserchoice.exe

2010-02-08 14:45 . 2009-01-16 20:57 184 ----a-w- c:\users\Daan Room\AppData\Roaming\wklnhst.dat

2010-01-31 12:11 . 2010-01-31 12:11 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb2AB9.tmp.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-01 68856]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe" [2009-06-05 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]

"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]

"NDSTray.exe"="NDSTray.exe" [bU]

"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-10-23 30192]

"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]

"Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-11-06 103824]

"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]

"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]

"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]

"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]

"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

c:\users\Daan Room\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Monitor.lnk - c:\program files\daan's camera\MCC Monitor.exe [2009-5-13 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(B):04,ff,5b,ac,95,4a,ca,01

R0 AVGIDSErHrvtx;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSvx.sys [x]

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [x]

R1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-04-23 24856]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [x]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [x]

R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [x]

R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [x]

R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]

R3 AVGIDSDrivervtx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys [x]

R3 AVGIDSFiltervtx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys [x]

R3 AVGIDSShimvtx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys [x]

R3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-10-23 30192]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-03-29 38224]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-04-14 51792]

S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPRO\TempoSVC.exe [2008-11-06 99720]

S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]

S3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]

S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

2010-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 12:12]

2010-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 12:12]

2010-04-26 c:\windows\Tasks\User_Feed_Synchronization-{405422C6-76B5-4AE9-A62A-4B856000E54C}.job

- c:\windows\system32\msfeedssync.exe [2010-04-02 04:54]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html

IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL

IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - [ame]http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home[/ame]

DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

.

**************************************************************************

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????????*???P?y?x?y???y???y??

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden:

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(4840)

c:\program files\daan's camera\ArcSoft\PhotoImpression 5\share\pihook.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\windows\system32\agrsmsvc.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

c:\windows\system32\TODDSrv.exe

c:\program files\Toshiba\Power Saver\TosCoSrv.exe

c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

c:\windows\system32\conime.exe

c:\program files\Toshiba\ConfigFree\NDSTray.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\RtHDVCpl.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\windows\ehome\ehmsas.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe

c:\program files\Toshiba\ConfigFree\CFSwMgr.exe

c:\program files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

.

**************************************************************************

.

Voltooingstijd: 2010-04-26 10:13:01 - machine werd herstart

ComboFix-quarantined-files.txt 2010-04-26 08:12

ComboFix2.txt 2010-04-25 14:44

ComboFix3.txt 2010-04-25 13:59

Pre-Run: 74.489.880.576 bytes beschikbaar

Post-Run: 74.075.983.872 bytes beschikbaar

- - End Of File - - B242361D640E4340093126D3B2505491

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:29:52, on 26-4-2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe

C:\Program Files\Toshiba\ConfigFree\NDSTray.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe

C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\daan's camera\MCC Monitor.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe

C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe

C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe

C:\Windows\Explorer.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA

O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start

O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe

O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6.4; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"FFX Runner - Gratis 5000 online spelletjes spele."

O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Monitor.lnk = C:\Program Files\daan's camera\MCC Monitor.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL (file missing)

O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - [ame]http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home[/ame] (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: AVG WatchDog (avg9wd) - Unknown owner - C:\Program Files\AVG\AVG9\avgwdsvc.exe (file missing)

O23 - Service: AVG Firewall (avgfws9) - Unknown owner - C:\Program Files\AVG\AVG9\avgfws9.exe (file missing)

O23 - Service: AVG9IDSAgent (AVGIDSAgent) - Unknown owner - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing)

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--

End of file - 10813 bytes

---------- Post toegevoegd om 10:51 ---------- Vorige post was om 10:45 ----------

heer Kape,

nog iets raars, ik dacht dat ik die dingen die u had gezegd over de 1ste hijackthislog had gedeleted, maar blijkbaar is dat niet gelukt, raar toch wel

---------- Post toegevoegd om 11:04 ---------- Vorige post was om 10:51 ----------

ik heb nu nog iets geprobeerd: met configfree heb ik een verbinding proberen te maken, de radar geeft een melding dat het apparaat is uitgeschakeld

dat was WEL zo tijdens de irritante toestand, toen had ik het knopje aan de voorkant van de pc constant uit omdat ik natuurlijk even niet wilde dat de pc contact zou maken met internet, maar nu heb ik die knop weer aangezet, alle antivirus dingen en firewall zijn ook weer aan inmiddels, dus dan weet u dat

Geplaatst: (aangepast)

nog iets:

in afwachting van uw antwoord heb ik spybot scan en avast volledige scan uitgevoerd

spybot search and destroy heeft niets kunnen vinden, maar was ook niet upgedated,

avast,niet geupdated,wel 1 infected file gevonden en nu is de pc toch weer vastgelopen op de scan, 74%

C:\Users\Gast\AppData\Roaming\Thinstall\wlm\1000000800002i\svchost.exe

moved to chest, action successful, threat; Win32:malware-gen

aangepast door inge goris
naam van de file bijgevoegd
Geplaatst:

Hallo geachte heer Kape,

ik heb heel eigenwijs nog een avastscan gedaan, nu heeft de pc hem wel helemaal uitgevoerd zonder vastlopen, hij heeft geen infectie gevonden, wel een bestand die het opgegeven apparaat niet kon lezen:

c:\Window\winsxs\x86_microsoft_iis_sharedlibraries_31bf385ad364e35-6.0.6000.17022_none_0eef72aeb7ba5ba2\iisres.dll

Dit was dan alles, nu alleen internet nog, dat krijg ik echt niet meer goed, ik hoop hierover nog gemailed te worden, alvast hartstikke bedankt, groeten, inge

Geplaatst:

Zou je nu eerst de gemelde aanpassing aan je log van HijackThis nog eens willen herhalen, maar doe het dit keer in "veilige modus". Dan kunnen we bekijken of het fixen van de probleemgevallen daar wél mee lukt. Post daarna een actueel logje van HijackThis in je volgende bericht.

Geplaatst:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:16:01, on 27-4-2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Safe mode

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\system32\wbem\unsecapp.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA

O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start

O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe

O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Monitor.lnk = C:\Program Files\daan's camera\MCC Monitor.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: AVG WatchDog (avg9wd) - Unknown owner - C:\Program Files\AVG\AVG9\avgwdsvc.exe (file missing)

O23 - Service: AVG Firewall (avgfws9) - Unknown owner - C:\Program Files\AVG\AVG9\avgfws9.exe (file missing)

O23 - Service: AVG9IDSAgent (AVGIDSAgent) - Unknown owner - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing)

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--

End of file - 9169 bytes

Goedemorgen heer Kape, zo te zien zijn de items nu wel gelukt, wat ik wel raar vind is dat avg9 ergens op staat. Dit had ik, voor zover ik weet niet geinstalleerd. zou dat ruzie kunnen maken met iets zodat ik daardoor niet op internet kan? Of moet ik even niet ongeduldig zeuren en gewoon uw antwoord afwachten?

groeten inge, en bedankt alweer zover, jullie zijn echt geweldig!

Geplaatst:

Op een kleinigheidje na, is je HJT-logje nu wel prima in orde. Er staan inderdaad sporen van AVG in dit log, terwijl ook die andere virusscanner Avast actief is. Twee programma's van dezelfde soort zijn niet echt aan te bevelen, dus zullen we eerst die AVG volledig verwijderen van de PC.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop AVGIDSAgent

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete AVGIDSAgent

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop avgfws9

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete avgfws9

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop avg9wd

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete avg9wd

Druk op Enter.

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

En om de volledige AVG en alle resten ervan (indien nog aanwezig) te verwijderen, gebruik je best de AVG Removal Tool.

Zet daarna maar een nieuw actueel logje van HijackThis om te controleren of ditmaal alles gelukt is.

Geplaatst: (aangepast)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:49:55, on 27-4-2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Safe mode

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA

O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start

O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe

O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Monitor.lnk = C:\Program Files\daan's camera\MCC Monitor.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--

End of file - 8495 bytes

Geachte heer Kape, ik kan je wel zoenen!

internet icoon geeft nu aan dat hij verbonden is met internet, zonder beperkte toegang dus.

Echter, toen ik avast wilde aanpassen omdat hij niet meer automatisch meer mee opstart met het systeem liep de pc weer vast, ik ga het nu nog een keer proberen en ik ga proberen alles te updaten, maar eerst zal ik eens kijken of ik de browser weer normaal kan starten.

hijackthis kon ik niet als administrator uitvoeren, dus heb ik dat weer in de veilige modus uitgevoerd, zie boven het resultaat,

hartstikke bedankt alweer tot zover, dan ga ik nu die dingen proberen, u hoort van mij of ik hoor van u, groeten, inge

aiaiai, internet explorer start niet op en pc is toch weer vastgelopen, ik zal uw antwoord wel afwachten voor ik schade toebreng aan het apparaat, groeten, inge

oh ja, avast heeft zichzelf wel geupdated

aangepast door inge goris
weer iets vergeten
Geplaatst:

Als je ondertussen al iets kan downloaden, haal dan eens een andere browser binnen (Firefox, Opera, Chrome, o.i.d.) en bekijk eens of die perfect werkt. Zo kunnen we te weten komen of de fout niet bij je Internet Explorer zit ?

Geplaatst:

hallo Kape, nee ik kan niets downloaden, het spul draait gewoon vast, vreemd dat avast zich dan wel kon bijwerken, defender lukt het niet, die wil constant zijn definities bijwerken, maar dat werkt dus niet

wel geprobeerd om office document te maken, dat lukte

geprobeerd om spider solitaire te spelen, dat lukte ook tot ik de internet knop vooraan de pc weer inschakelde, toen liep de boel weer vast

windows moest zich nu herstellen, heeft hij gedaan, pc nu toch maar weer uitgezet


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.