Archief - explorer.exe crashed continu(vista)

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

tinkly_manatee

Legacy Member
Wegens het downloaden van een verkeerd bestand(ik weet het foei) crashed explorer continu. Eerst kreeg ik pc enkel in safe mode opgestart. Na vele restart eindelijk terug in normale mode maar nu krijg ik continu waarschuwing van Host Process for windows has stopped working. En als ik cancel duw dan crashed explorer, kan deze restarten maar blijft het zelfde probleem geven, gelukkig kan ik blijven internetten met die waarschuwing. Hieronder vinden jullie mijn logje.
Al bedankt op voorhand
Matteo


EDIT: explorer chrashed al niet meer(niets gedaan) enkel continu die waarschuwing van host process. Merk ook dat internet een pak trager is.
EDIT2: nieuw probleem bij msn verschijnt HOT!HOT! TNT Big Dicks, Huge Dick Freak Sex, Big Black Monster Dicks!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:08:38, on 30/05/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16830)
Boot mode: Normal

Running processes:
C:\Windows\System32\3361\SVCHOST.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Users\Matteo Claeskens\Localdir\svchost.exe
C:\Windows\ld08.exe
C:\Windows\System32\reader_s.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Matteo Claeskens\reader_s.exe
C:\Program Files\ThunMail\testabd.exe
C:\Windows\System32\SYSDLL.exe
C:\Users\Matteo Claeskens\AppData\Roaming\ptidl\ptidl.exe
C:\Windows\System32\svohost.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matteo Claeskens\AppData\Roaming\Twain\Twain.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\WerFault.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\Matteo Claeskens\AppData\Roaming\Microsoft\Windows\tasfhp.exe
C:\Users\Matteo Claeskens\AppData\Roaming\digifast\digifast.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - C:\Program Files\Jcore\Jcore2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [svchost] C:\Users\Matteo Claeskens\Localdir\svchost.exe
O4 - HKLM\..\Run: [Microsoft Update Machine] svohost.exe
O4 - HKLM\..\Run: [sysldtray] c:\windows\ld08.exe
O4 - HKLM\..\Run: [reader_s] C:\Windows\System32\reader_s.exe
O4 - HKLM\..\Run: [svchost.exe] "C:\Windows\System32\3361\SVCHOST.exe"
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\hgGWopPi.dll,#1
O4 - HKLM\..\RunServices: [Microsoft Update Machine] svohost.exe
O4 - HKLM\..\RunOnce: [svchost.exe] "C:\Windows\System32\3361\SVCHOST.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Google Update] "C:\Users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [scheduler_monitor] C:\Program Files\ReaConverter 5.5 Pro\init_scheduler.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] svohost.exe
O4 - HKCU\..\Run: [reader_s] C:\Users\Matteo Claeskens\reader_s.exe
O4 - HKCU\..\Run: [svc] C:\Program Files\ThunMail\testabd.exe
O4 - HKCU\..\Run: [SYSDLL] SYSDLL
O4 - HKCU\..\Run: [ptidl] "C:\Users\Matteo Claeskens\AppData\Roaming\ptidl\ptidl.exe" 61A847B5BBF72813329B385772FF01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKCU\..\Run: [12ZFG94-F641-2SF-K31P-5N1ER6H6L2] C:\RECYCLER\S-1-5-21-6873170102-7585038804-806087872-8280\service.exe
O4 - HKCU\..\Run: [12CFG515-K641-55SF-N66P] C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe
O4 - HKCU\..\Run: [Twain] C:\Users\Matteo Claeskens\AppData\Roaming\Twain\Twain.exe
O4 - HKCU\..\Run: [DigiFast] C:\Users\Matteo Claeskens\AppData\Roaming\digifast\digifast.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~1\ThunMail\testabd.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Unknown owner - C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ReaConverter scheduler service (rcp_service) - ReaSoft - C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe

--
End of file - 9126 bytes

tinkly_manatee

Legacy Member
Nieuw logje NA scan van avg en wat verwijdert te hebben via AVG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:15:17, on 30/05/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16830)
Boot mode: Normal

Running processes:
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ld08.exe
C:\Windows\System32\reader_s.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\SYSDLL.exe
C:\Users\Matteo Claeskens\AppData\Roaming\ptidl\ptidl.exe
C:\Windows\System32\svohost.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matteo Claeskens\AppData\Roaming\Twain\Twain.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [svchost] C:\Users\Matteo Claeskens\Localdir\svchost.exe
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\hgGWopPi.dll,#1
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [svchost.exe] "C:\Windows\System32\3361\SVCHOST.exe"
O4 - HKLM\..\RunOnce: [svchost.exe] "C:\Windows\System32\3361\SVCHOST.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Google Update] "C:\Users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [scheduler_monitor] C:\Program Files\ReaConverter 5.5 Pro\init_scheduler.exe
O4 - HKCU\..\Run: [Twain] C:\Users\Matteo Claeskens\AppData\Roaming\Twain\Twain.exe
O4 - HKCU\..\Run: [SfKg6wIPuSpdc] C:\Users\Matteo Claeskens\AppData\Roaming\Microsoft\Windows\tasfhp.exe
O4 - HKCU\..\Run: [reader_s] C:\Users\Matteo Claeskens\reader_s.exe
O4 - HKCU\..\Run: [svc] C:\Program Files\ThunMail\testabd.exe
O4 - HKCU\..\Run: [DigiFast] C:\Users\Matteo Claeskens\AppData\Roaming\DigiFast\digifast.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: c:\progra~1\ThunMail\testabd.dll,avgrsstx.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Unknown owner - C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ReaConverter scheduler service (rcp_service) - ReaSoft - C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe

--
End of file - 8132 bytes

maximvdb

Legacy Member
Jurgenv1 zei:
* Download Malwarebytes' Anti-Malware via hier of hier.

Dubbelklik mbam-setup.exe om het programma te installeren.
  • Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Launch Malwarebytes' Anti-Malware, Klik daarna op "finish".
  • Indien een update gevonden werd, zal het die downloaden en de laatste versie installeren.
  • Wanneer het programma volledig up to date is, selecteer "Perform Quick Scan", daarna klik Scan.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik OK, daarna "Show Results" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik: Remove Selected.
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie extra nota onderaan)
  • De log wordt automatisch bewaard door MBAM die je kan zien door de "Logs" tab te klikken in MBAM.
  • Kopieer en plak de resultaten van de log in je volgend antwoord, samen met een nieuw HijackThislog.
Extra Nota:
Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plaats ook een nieuwe hijackthislog ;)

tinkly_manatee

Legacy Member
Zal nog even duren. Nu wil het internet niet meer starten. Heb de taken gedaan die je voeg maar ben via iPhone op internet. Het rare is wel dat msn en andere onlibe app weken buiten internet zelf dus ie en chrome. Krijg ook waarschuwing van dll cannot found ...

tinkly_manatee

Legacy Member
Zo heb een system restore gedaan naar 27 mei, want internet bleef niet werken.Nu is internet en alles terug heel snel, geen meldingen meer. effe hijackthis opnieuw gedownload en dit is dan het resultaat:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:20:42, on 30/05/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16830)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matteo Claeskens\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Google Update] "C:\Users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [scheduler_monitor] C:\Program Files\ReaConverter 5.5 Pro\init_scheduler.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Unknown owner - C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ReaConverter scheduler service (rcp_service) - ReaSoft - C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe

--
End of file - 6522 bytes

Juisterr

Legacy Member
Mag ik nu ?

Laat uw log bekijken door kenners.

Download Combofix naar je Bureaublad en gebruik het volgens deze handleiding.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
  • Dubbelklik op Combofix.exe om het te starten.
  • Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  • Klik op OK in het "NirCmd" venstertje.
  • Klik na afloop terug op Ja om het scannen op malware te starten.
  • Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  • Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.
Post dit logje in je volgende antwoord

tinkly_manatee

Legacy Member
alstublieft(momenteel zijn er wel geen problemen meer door recovery maar ge weet maar nooit)

ComboFix 09-05-31.02 - Matteo Claeskens 31/05/2009 21:55.1 - NTFSx86
Microsoft® Windows Vista&#8482; Ultimate 6.0.6000.0.1252.32.1033.18.3070.1898 [GMT 2:00]
Gestart vanuit: c:\users\Matteo Claeskens\Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\temp\1cb
c:\temp\1cb\syscheck.log
c:\users\Matteo Claeskens\AppData\Local\Microsoft\Windows\Temporary Internet Files\bestwiner.stt
c:\users\Matteo Claeskens\AppData\Local\Microsoft\Windows\Temporary Internet Files\fbk.sts
c:\users\Matteo Claeskens\Localdir
c:\windows\KBPK090530.log
c:\windows\system32\R1

.
(((((((((((((((((((( Bestanden Gemaakt van 2009-04-28 to 2009-05-31 ))))))))))))))))))))))))))))))
.

2009-05-31 19:58 . 2009-05-31 19:58 -------- d-----w- c:\users\Matteo Claeskens\AppData\Local\temp
2009-05-30 21:25 . 2009-05-30 21:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-30 21:25 . 2009-05-30 21:25 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-30 21:25 . 2009-05-30 21:25 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-30 21:25 . 2009-05-31 08:01 -------- d-----w- c:\windows\system32\drivers\Avg
2009-05-30 21:25 . 2009-05-30 21:25 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-30 20:28 . 2009-05-30 20:28 -------- d-----w- c:\users\Matteo Claeskens\AppData\Roaming\Malwarebytes
2009-05-30 20:28 . 2009-05-30 20:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-30 20:28 . 2009-05-30 20:28 -------- d-----w- c:\programdata\Malwarebytes
2009-05-30 19:27 . 2009-05-31 08:49 -------- d--h--w- C:\$AVG8.VAULT$
2009-05-30 19:26 . 2009-05-31 19:46 -------- d-----w- c:\programdata\avg8
2009-05-30 19:26 . 2009-05-30 19:26 -------- d-----w- c:\program files\AVG
2009-05-30 19:07 . 2009-05-30 19:07 -------- d-----w- c:\program files\Trend Micro
2009-05-30 18:36 . 2009-05-30 19:55 -------- d-----w- c:\windows\dhcp
2009-05-30 18:35 . 2009-05-31 19:55 -------- d-----w- C:\Temp
2009-05-30 18:35 . 2009-05-30 20:00 -------- d-----w- c:\windows\system32\oSN13
2009-05-30 18:35 . 2009-05-30 18:35 -------- d-----w- c:\temp\btmp2
2009-05-02 08:12 . 2009-05-02 08:12 -------- d-----w- c:\users\Matteo Claeskens\AppData\Local\tcbackup
2009-05-02 08:10 . 2009-05-30 21:10 -------- d-----w- c:\program files\Wide Angle Software
2009-05-02 07:45 . 2009-05-02 07:45 683801 ----a-w- c:\programdata\Last.fm\Client\UninstWMP\unins000.exe
2009-05-02 07:45 . 2009-05-30 21:11 -------- d-----w- c:\programdata\Last.fm
2009-05-02 07:45 . 2009-05-02 07:45 108 ----a-w- c:\programdata\Last.fm\Client\uninst2.bat
2009-05-02 07:45 . 2009-05-02 07:45 683801 ----a-w- c:\programdata\Last.fm\Client\UninstITW\unins000.exe
2009-05-02 07:45 . 2009-05-29 15:45 -------- d-----w- c:\users\Matteo Claeskens\AppData\Local\Last.fm
2009-05-02 07:45 . 2009-05-30 21:11 -------- d-----w- c:\program files\Last.fm

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-30 21:16 . 2009-01-25 09:40 -------- d-----w- c:\program files\Bonjour
2009-05-30 21:10 . 2009-02-09 16:58 -------- d-----w- c:\program files\VirtualDJ
2009-05-30 21:10 . 2009-02-18 17:15 -------- d-----w- c:\program files\Integre
2009-05-30 21:10 . 2009-02-15 09:32 -------- d-----w- c:\program files\iPhone Tunnel Suite
2009-05-30 21:10 . 2009-02-06 16:51 -------- d-----w- c:\program files\DVDVideoSoft
2009-05-30 21:10 . 2009-02-06 16:51 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-05-30 21:10 . 2009-02-06 16:42 -------- d-----w- c:\users\Matteo Claeskens\AppData\Roaming\FrostWire
2009-05-30 21:10 . 2009-01-23 18:56 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-30 21:10 . 2009-01-23 18:55 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-30 21:10 . 2009-01-23 18:42 -------- d-----w- c:\program files\Microsoft
2009-05-30 21:10 . 2009-01-23 18:42 -------- d-----w- c:\program files\Windows Live
2009-05-14 14:26 . 2009-01-25 15:17 -------- d-----w- c:\programdata\Microsoft Help
2009-05-12 05:12 . 2009-04-30 17:44 -------- d-----w- c:\program files\vghd
2009-05-11 17:48 . 2009-04-30 17:44 -------- d-----w- c:\users\Matteo Claeskens\AppData\Roaming\vghd
2009-04-30 17:44 . 2009-04-30 17:44 7 ----a-w- c:\windows\sbacknt.bin
2009-04-30 17:44 . 2009-04-30 17:44 152904 ----a-w- c:\windows\system32\vghd.scr
2009-04-26 15:12 . 2009-04-26 15:12 -------- d-----w- c:\programdata\Advanced Chemistry Development
2009-04-20 20:18 . 2009-04-20 17:45 -------- d-----w- c:\program files\Graphmatica
2009-04-14 08:34 . 2009-04-14 08:29 -------- d-----w- c:\program files\PeerGuardian2
2009-04-12 10:56 . 2009-04-12 10:55 -------- d-----w- c:\program files\Windows Live Safety Center
2009-04-11 09:07 . 2009-04-11 09:07 232075 ----a-w- c:\windows\Burn4Free_Toolbar_Uninstaller_4669.exe
2009-04-11 09:07 . 2009-04-11 09:07 -------- d-----w- c:\program files\Burn4Free Toolbar
2009-04-09 18:17 . 2009-04-09 18:17 -------- d-----w- c:\program files\Easy Cover Print
2009-04-08 12:21 . 2009-04-08 12:21 -------- d-----w- c:\program files\SubSync
2009-04-08 12:21 . 2009-04-08 12:21 249856 ------w- c:\windows\Setup1.exe
2009-04-08 12:21 . 2009-04-08 12:21 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-04-07 20:51 . 2009-04-07 20:51 -------- d-----w- c:\users\Matteo Claeskens\AppData\Roaming\BSplayer Pro
2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-03-17 03:16 . 2009-04-15 07:31 14848 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:16 . 2009-04-15 07:31 25600 ----a-w- c:\windows\system32\amxread.dll
2009-03-09 19:29 . 2009-01-24 02:25 7512 ----a-w- c:\users\Matteo Claeskens\AppData\Local\d3d9caps.dat
2009-03-03 04:24 . 2009-04-15 07:31 3503584 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:24 . 2009-04-15 07:31 3469280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-03-03 04:20 . 2009-04-15 07:31 501760 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-03-03 04:20 . 2009-04-15 07:31 130560 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-03-03 04:20 . 2009-04-15 07:31 826368 ----a-w- c:\windows\system32\wininet.dll
2009-03-03 04:19 . 2009-04-15 07:31 158720 ----a-w- c:\windows\system32\sdohlp.dll
2009-03-03 04:19 . 2009-04-15 07:31 549888 ----a-w- c:\windows\system32\rpcss.dll
2009-03-03 04:19 . 2009-04-15 07:31 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:16 . 2009-04-15 07:31 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-03-03 04:16 . 2009-04-15 07:31 97280 ----a-w- c:\windows\system32\iasrecst.dll
2009-03-03 04:16 . 2009-04-15 07:31 53248 ----a-w- c:\windows\system32\iasads.dll
2009-03-03 04:16 . 2009-04-15 07:31 37888 ----a-w- c:\windows\system32\iasdatastore.dll
2009-03-03 04:16 . 2009-04-15 07:31 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-03-03 04:16 . 2009-04-15 07:31 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-03-03 04:15 . 2009-04-15 07:31 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-03 02:40 . 2009-04-15 07:31 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:08 . 2009-04-15 07:31 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-03-03 01:59 . 2009-04-15 07:31 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-03-03 00:44 . 2009-04-15 07:31 48128 ----a-w- c:\windows\system32\mshtmler.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-01-23 1232896]
"Google Update"="c:\users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-01-23 133104]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"scheduler_monitor"="c:\program files\ReaConverter 5.5 Pro\init_scheduler.exe" [2007-06-15 27136]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2006-11-02 2159104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"Hercules DJ Series"="c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe" [2008-12-08 484648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-28 136600]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-30 1947928]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{BD844CDE-F1B4-45D8-9300-3BE68F95295B}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{DDBE0A75-B4CF-432A-86D9-79A21BB095EE}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{E7FFA345-8B50-4C0B-9290-49816484E5A4}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{C76783DD-D84F-49A9-9FEE-4B21B701C752}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{220F10DB-576E-46F0-81DD-00D11963398D}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{C49F50A5-17B3-46A3-B40C-80DD63CF4546}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{6F7CC550-4792-46A4-9BF6-5C55872F3CE9}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{CD3C20F4-4E68-4035-A388-8D3521036F85}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DEFAED06-A2B6-4DEF-87D5-83FE35FA1D48}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{4A786085-7622-4FEF-A038-2CC7BAC5CA8F}c:\\users\\matteo claeskens\\appdata\\local\\google\\chrome\\application\\chrome.exe"= UDP:c:\users\matteo claeskens\appdata\local\google\chrome\application\chrome.exe:chrome.exe
"UDP Query User{4199BCAF-FF48-4841-B7CA-EA24F7693091}c:\\users\\matteo claeskens\\appdata\\local\\google\\chrome\\application\\chrome.exe"= TCP:c:\users\matteo claeskens\appdata\local\google\chrome\application\chrome.exe:chrome.exe
"TCP Query User{26DB7BFD-838E-43DD-964C-2A1D8A89840A}c:\\program files\\frostwire\\frostwire.exe"= UDP:c:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{E94BEFE1-0CB6-47AF-97C7-CF724E57DBE7}c:\\program files\\frostwire\\frostwire.exe"= TCP:c:\program files\frostwire\frostwire.exe:FrostWire
"TCP Query User{BADC8CD8-CF5E-414B-B54E-4E9D3A4F0E18}c:\\program files\\iphone tunnel suite\\itunnel\\itunnel.exe"= UDP:c:\program files\iphone tunnel suite\itunnel\itunnel.exe:iTunnel
"UDP Query User{718E52BA-4B8D-4688-A54B-3798D0EEB467}c:\\program files\\iphone tunnel suite\\itunnel\\itunnel.exe"= TCP:c:\program files\iphone tunnel suite\itunnel\itunnel.exe:iTunnel
"{08823276-139B-41F1-93F2-1DF1127BEB01}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{EF0F3DA7-6DE8-47E6-9FC0-3DDC3617A287}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [30/05/2009 23:25 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [30/05/2009 23:25 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [30/05/2009 23:25 298776]
R2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [23/01/2009 20:36 17408]
R3 Bulk;HDJBulk;c:\windows\System32\drivers\HDJBulk.sys [23/01/2009 20:36 82432]
R3 HDJAsioK;HDJAsioK;c:\windows\System32\drivers\HDJAsioK.sys [23/01/2009 20:36 132096]
R3 HDJMidi;Hercules DJ Console MIDI;c:\windows\System32\drivers\HDJMidi.sys [23/01/2009 20:36 96768]
S3 rcp_service;ReaConverter scheduler service;c:\program files\ReaConverter 5.5 Pro\rcp_scheduler.exe [30/11/2007 11:27 558592]
.
Inhoud van de 'Gedeelde Taken' map

2009-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436685972-1513055181-258085454-1000.job
- c:\users\Matteo Claeskens\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-23 18:10]
.
- - - - ORPHANS VERWIJDERD - - - -

BHO-{D187A56B-A33F-4CBE-9D77-459FC0BAE012} - c:\program files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
SafeBoot-procexp90.Sys


.
------- Bijkomende Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-05-31 21:58
Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-436685972-1513055181-258085454-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{23448157-A29B-F757-8F9D-D45F22C60B30}*]
"dadpmlpg"=hex:64,62,65,62,6c,66,66,70,6a,63,70,6e,61,66,68,6f,66,66,6d,68,6f,
63,70,70,65,66,63,6c,66,6c,63,6e,66,6e,6e,6f,6f,6f,6a,70,00,00
"iaacccgpafldhpkaan"=hex:6a,61,6d,6b,69,63,6c,61,6e,6a,6f,6d,66,62,68,61,62,63,
6f,66,00,00
"hacblhejinknmapg"=hex:6a,61,6d,6b,69,63,6c,61,6e,6a,6f,6d,66,62,68,61,62,63,
6f,66,00,00
.
Voltooingstijd: 2009-05-31 21:59
ComboFix-quarantined-files.txt 2009-05-31 19:59

Pre-Run: 165.071.593.472 bytes free
Post-Run: 165.302.124.544 bytes free

189 --- E O F --- 2009-05-30 21:24

tinkly_manatee

Legacy Member
Alles gaat goed, snel internet, geen chrashes meer, alles loopt perfect

bedankt voor alle hulp!!
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan