camel1980

Ik zie in het logje dat er wat regels verwijderd zijn, maar kwam zojuist opnieuw bij de funmoods zoekmachine terecht toen ik per ongeluk een niet bestaand webadres gebruikte....mhhhhh

# AdwCleaner v2.115 - Verslag gemaakt op 24/03/2013 om 13:45:07 # Geactualiseerd op 17/03/2013 door Xplode # Besturingssysteem : Windows 8 (64 bits) # Gebruiker : Dhr. van - WIN45245623643 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Dhr. van\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Crossrider Sleutel Verwijdert : HKCU\Software\Cr_Installer Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\Software\InstallCore ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16519 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyBtBtAyEzzyBzz0AyCtN0D0Tzu0CtAyCyEtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1368222412 --> hxxp://www.google.com -\\ Google Chrome v25.0.1364.172 File : C:\Users\Dhr. van\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.31] : search_url = "hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&ir=iron2&cd=2[...] Verwijdert [l.217] : homepage = "hxxp://searchfunmoods.com/?f=1&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyBt[...] Verwijdert [l.398] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=iron2&ir=iron2&cd=2XzuyEtN2Y[...] ************************* AdwCleaner[s1].txt - [1862 octets] - [24/03/2013 13:45:07] ########## EOF - C:\AdwCleaner[s1].txt - [1922 octets] ##########

Ie 10

Update: Heb nog steeds last van de Funmoods zoekpagina als ik bijv. een niet bestaand webadres probeer te bereiken.

Zoek.exe Version 4.0.0.2 Updated 23-03-2013 Tool run by Dhr. van on za 23-03-2013 at 21:51:46,09. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Windows\system32\dashost.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Windows Defender\MsMpEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\dwm.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe C:\Users\Dhr. van Kempen\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1221115360-33263869-4063845751-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== @C:\\Program Files (x86)\\Intel\\Intel® Management Engine Components\\Uninstall\\Setup.exe,-2018 @C:\\Program Files (x86)\\Intel\\Intel® Processor Graphics\\Uninstall\\Setup.exe,-1166 7-Zip 9.22beta Aangifte inkomstenbelasting 2012 Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) Compatibiliteitspakket voor het 2007 Microsoft Office system D3DX10 Google Chrome Google Update Helper GrabIt 1.7.2 Beta 6 (build 1008) HiJackThis HP Photo Creations HP Photosmart 5510 series Haelp HP Update ImgBurn Intel® Management Engine Components Intel® Processor Graphics Junk Mail filter update K-Lite Mega Codec Pack 9.6.5 Malwarebytes Anti-Malware versie 1.70.0.1100 Microsoft Office File Validation Add-In Microsoft Office Professional Editie 2003 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT MSVCRT_amd64 MSVCRT110 Online Plug-in Photo Common Spotnet Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Deleting Files \ Folders ====================== "C:\Users\Dhr. van \AppData\Roaming\Funmoods" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\DHR~1.VAN\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-03-13 16:01:57 0461F3304CFC36C43EB8DA200AF29414 14296064 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-03-13 16:01:51 267BC08CC0DB3B4EB5F76419EAC48743 13761536 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-03-13 16:01:50 F660F8118FAD722E1EE0831AE9D814C4 2877952 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-03-13 16:01:49 B5812F47756C3EDEA3F457CFBBBBD69A 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-03-13 16:01:49 5BFE8AE6FCA02D033DEE6FC4198F0C56 1128960 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-03-13 16:01:49 4FF6180429DA389E4154B10450E7C0B8 1766912 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-03-13 16:01:49 1DA292A4E07FEB13C736373E0FFA82F9 1658368 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-03-13 16:01:48 C5CA406965645D7401AB05A5F992B434 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-03-13 16:01:48 A10192ABCFCE84CCB9FA0E112BEABDDF 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll 2013-03-13 16:01:48 69A77F64DB6A5DDAE8399C56A674CEC0 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-03-13 16:01:47 FA3E4A2C5C215EA31512DE5F3FC99208 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-03-13 16:01:46 9B9A2936E7A9D84594FE236E0801CA99 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-03-13 16:01:46 911355052606F22549320419DBC43324 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll 2013-03-13 16:01:46 769147B74514CC8B8D4347F24DB648F5 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-03-13 16:01:46 51A33CC9310A7C02CCCBFA47F99E888A 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-03-13 16:01:44 B5085462DB640DEF281F91513064328A 8856576 ----a-w- C:\Windows\SysWOW64\twinui.dll 2013-03-13 16:01:42 3410BF41386F16445E5A360C0B6D8771 754176 ----a-w- C:\Windows\SysWOW64\actxprxy.dll 2013-03-13 16:01:42 2DC9FFCC0743E6995082EB4DAFB563EB 2033664 ----a-w- C:\Windows\SysWOW64\authui.dll 2013-03-13 16:01:41 27E06710FF3EDF8F893EC55D8D4FE487 361984 ----a-w- C:\Windows\SysWOW64\MFMediaEngine.dll 2013-03-13 16:01:38 8E0D281F19B654A95B4D05FA4799CFCF 10792448 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-03-13 16:01:35 FF5ACC9AA26A3FBDC2ECFDA51A735960 567808 ----a-w- C:\Windows\SysWOW64\duser.dll 2013-03-13 16:01:35 A20F5FF8F52137795990AACB9655BDC2 5090816 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2013-03-13 16:01:34 FAF5D49C4AB753F034CBB11EC4FA2A03 155136 ----a-w- C:\Windows\SysWOW64\XpsRasterService.dll 2013-03-13 16:01:34 E2CA40BC789F2DCEC08C25CDF3D7705D 370688 ----a-w- C:\Windows\SysWOW64\WWanAPI.dll 2013-03-13 16:01:34 47596B119D4FD13BF457B0E3C36F0FF5 197632 ----a-w- C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll 2013-03-13 16:01:33 FAF2FE558E26AB6677ED112F8C1EC0DF 157696 ----a-w- C:\Windows\SysWOW64\mbsmsapi.dll 2013-03-13 16:01:33 DA74DB6E019D7B27C7EA25155EE6DE34 55296 ----a-w- C:\Windows\SysWOW64\nlaapi.dll 2013-03-13 16:01:33 C7B50BDEBCAFB6B15C897E5CFE14A3E9 356352 ----a-w- C:\Windows\SysWOW64\SettingSync.dll 2013-03-13 16:01:33 BA4A9A39B776E0765505094FF231FC48 410624 ----a-w- C:\Windows\SysWOW64\wlroamextension.dll 2013-03-13 16:01:33 924601E7E477B3DB2E260EF5CA1CA5AE 15872 ----a-w- C:\Windows\SysWOW64\nlmproxy.dll 2013-03-13 16:01:33 622266A0B510A4826EA23BD153905ABA 80896 ----a-w- C:\Windows\SysWOW64\tasklist.exe 2013-03-13 16:01:33 52F8930115E1C5984732637BE8A52825 325632 ----a-w- C:\Windows\SysWOW64\schannel.dll 2013-03-13 16:01:33 473201A0FFA27C9B174D97A05D1AF791 79360 ----a-w- C:\Windows\SysWOW64\taskkill.exe 2013-03-13 16:01:33 27858FC8E51B128EE23B71AABD62F8B2 115712 ----a-w- C:\Windows\SysWOW64\netprofm.dll 2013-03-13 16:01:32 B3BA4E18594082F88D9013CC8C080855 18432 ----a-w- C:\Windows\SysWOW64\npmproxy.dll 2013-03-13 16:01:32 67E95205605338E5FA107724AC2B281F 12288 ----a-w- C:\Windows\SysWOW64\nlmsprep.dll 2013-03-13 16:01:31 4B38E4C990EF80D03BEF9586F273C149 1437184 ----a-w- C:\Windows\SysWOW64\GdiPlus.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-03-21 21:47:55 D83AAA138773A4A9929CA4DBA9629904 301288 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2013-03-13 16:02:03 1908E8DAA31BE90D84D72BCE09BDBC98 19205632 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-03-13 16:01:50 697162D11D92EF021DF2FB5192901BDD 15418368 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-03-13 16:01:49 EC88A7A0EF0066CB06384B1B623C0100 2166272 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-03-13 16:01:49 2769AF459DDA7140B73227C31DCE61BD 2246656 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-03-13 16:01:48 7AB98C4F08F56DE31E6344EA8C2FD203 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-03-13 16:01:48 78CED4AC4A7616F4A4DDCDE73C612ECF 1351680 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-03-13 16:01:47 E6BC22EA0159097A2D109DE16D2581A9 50688 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-03-13 16:01:47 B1F2A6E64804B4380481978CD671B2A4 907776 ----a-w- C:\Windows\Sysnative\uxtheme.dll 2013-03-13 16:01:47 81A408D09689023013111981898DE59F 3966464 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-03-13 16:01:47 7172DE36AF36F781A68F1F339822DE5C 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-03-13 16:01:47 1B7EE473E844D1F34C3732418D878885 854528 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-03-13 16:01:46 93C74BF63B0C35B7CBC669E5B94ED851 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-03-13 16:01:46 0456DB582CA453213A151B04E512E322 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll 2013-03-13 16:01:45 329EA53C58B16E109BA463C5866D19F9 4041728 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-03-13 16:01:44 78D9FEB0C4E2FD8DD846AC73AE668201 10115072 ----a-w- C:\Windows\Sysnative\twinui.dll 2013-03-13 16:01:43 250F989562287554CE50F1F88232B4A6 2302464 ----a-w- C:\Windows\Sysnative\authui.dll 2013-03-13 16:01:42 8494FE7C80B7B458DF5FC5D22FE3AF4B 2146816 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2013-03-13 16:01:41 F0D21E5961BAD38E26DA19D34EC7234B 468992 ----a-w- C:\Windows\Sysnative\MFMediaEngine.dll 2013-03-13 16:01:39 FFBF318B7912CECFADCCB0F2B3FE351E 13643264 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2013-03-13 16:01:37 30D213BB86EC4C8F9295D94F147D4BCF 5977600 ----a-w- C:\Windows\Sysnative\mstscax.dll 2013-03-13 16:01:35 910C8964A4F5212C50601BE31607A138 543232 ----a-w- C:\Windows\Sysnative\wlroamextension.dll 2013-03-13 16:01:35 0E0A4CDB1258FF435D96BA51AB329B7A 729600 ----a-w- C:\Windows\Sysnative\duser.dll 2013-03-13 16:01:34 91106E9FFD5A2F1D23266962C84BD00D 225280 ----a-w- C:\Windows\Sysnative\mbsmsapi.dll 2013-03-13 16:01:34 796BF29C0A610B182E3C832969506764 731648 ----a-w- C:\Windows\Sysnative\win32spl.dll 2013-03-13 16:01:34 6B48734D5856F32A8CACE40CD1AD9B33 385024 ----a-w- C:\Windows\Sysnative\ncsi.dll 2013-03-13 16:01:34 68B7715072982F4535DE90EEBBE19145 448512 ----a-w- C:\Windows\Sysnative\SettingSync.dll 2013-03-13 16:01:34 65486CEEC02392414ABBB0840D6C3551 260096 ----a-w- C:\Windows\Sysnative\hotspotauth.dll 2013-03-13 16:01:34 5FF52E13C72838D87DAF228EC9E92C89 467456 ----a-w- C:\Windows\Sysnative\netprofmsvc.dll 2013-03-13 16:01:34 39D8AB837F91B729D12D32ED81E2062F 105472 ----a-w- C:\Windows\Sysnative\wpdbusenum.dll 2013-03-13 16:01:34 29BCBB222ED7AE4B7F57AFF19A107BE5 228352 ----a-w- C:\Windows\Sysnative\XpsRasterService.dll 2013-03-13 16:01:34 1E833CECF75535A4229363C6EB051576 475136 ----a-w- C:\Windows\Sysnative\WWanAPI.dll 2013-03-13 16:01:34 1BAF176DEB4E51E3304B21E96C92C2EE 293376 ----a-w- C:\Windows\Sysnative\Windows.Networking.Connectivity.dll 2013-03-13 16:01:34 18EE8CBF1E7138A5D0B826678597B423 107520 ----a-w- C:\Windows\Sysnative\taskkill.exe 2013-03-13 16:01:33 D43C6EBB5CD9373D4E463BCD77A4CCF0 102400 ----a-w- C:\Windows\Sysnative\tasklist.exe 2013-03-13 16:01:33 5F70EBFC1F75B487DE79501E3CCBDB54 87552 ----a-w- C:\Windows\Sysnative\wersvc.dll 2013-03-13 16:01:33 56B47E621B2F06F20FBE7511E7B65096 416256 ----a-w- C:\Windows\Sysnative\schannel.dll 2013-03-13 16:01:33 4205D34C3332FCE30C2BC88A2F5A6AF4 611840 ----a-w- C:\Windows\Sysnative\wpd_ci.dll 2013-03-13 16:01:31 8542BEA78795403D705A21B83ABD589F 1690624 ----a-w- C:\Windows\Sysnative\GdiPlus.dll ====== C:\Windows\Sysnative\drivers ===== 2013-03-21 17:54:55 BDE6B6048E943717D0B5EED35A821150 20992 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys 2013-03-13 16:01:42 AECC24430301DBC6A76916E3029B6B83 69864 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys 2013-03-13 16:01:35 F4F78B7F39BD56BD0BFE4C4399398F6F 2226408 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-03-13 16:01:35 03CFE4108D1DE16D6C59455B5C73319C 993512 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2013-03-13 16:01:34 F17DEEAC7D51D44CF1BFF8DD4F0A2B6D 37632 ----a-w- C:\Windows\Sysnative\drivers\BthAvrcpTg.sys 2013-03-13 16:01:34 C5986337DE3BF63ABD9ED4D834D34B89 446184 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2013-03-13 16:01:34 ADBF89B8E0BB372FEFE2E4B84E1E20AE 496872 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2013-03-13 16:01:34 76929F4A69E425911A63B407E26C2589 1933544 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2013-03-13 16:01:34 36C27EA76685391BC5CAA1FA25E29FBF 297984 ----a-w- C:\Windows\Sysnative\drivers\ks.sys 2013-03-13 16:01:33 D1BC8FDE18E9CD81912CFDA2CCFC5531 82944 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-03-13 16:01:33 6B7979E7C1FFDCF917DD749EBCB2BD59 61672 ----a-w- C:\Windows\Sysnative\drivers\crashdmp.sys 2013-03-13 16:01:33 37F6A9AD5B45995FD1582C828F82D6FA 329960 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2013-03-13 16:01:32 FD8B4F201B681C555A4AF41922C52557 247808 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2013-03-13 16:01:32 9912FDF63EC78E1977083E20DEAE4889 622080 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2013-03-13 16:01:32 93179D48066918323628CB016D8C94DC 370688 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2013-03-13 16:01:32 5C7DD2E5759FFCCD2C7341C1B90F2B26 215552 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== 2013-03-23 15:32:30 -------- d-----w- C:\Program Files (x86)\Trend Micro ======= C: ===== ====== C:\Users\Dhr. van \AppData\Roaming ====== 2013-03-09 21:09:21 -------- d-----w- C:\users\Dhr. van \AppData\Roaming\WinRAR ====== C:\Users\Dhr. van ====== ====== C: exe-files == === C: other files == 2013-03-21 17:54:55 BDE6B6048E943717D0B5EED35A821150 20992 ----a-w- C:\Windows\System32\Drivers\usb8023.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMSS"="C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" "ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01-12-2012 22:20] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01-12-2012 22:20] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {405C961F-6876-D2AC-3B81-551399A58B9F} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dhr. van Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dhr. van Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\Dhr. van \AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\DHR~1.VAN\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied - - - Updated - - - Na de herstart kreeg ik de log te zien, maar ook een melding onder aan het scherm dat een onbekend programma de standaardzoekmachine wilde veranderen in www.google.com. Ik heb dit niet geaccepteerd. Mijn standaard zoekmachine is google.nl. Is dit nog van belang?

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:33:45, on 23-3-2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8201 bytes

Ik heb al een tijdje last van Funmoods. Vandaag de nieuwste Malwarebites Anti-Malware gedownload en een keer laten lopen. 11 regels laten verwijderen en daarna nog een keer het programma gedraaid. Toen waren er nog 4 regels. Ook deze verwijderd. Weer een scan gedaan en toen leek alles opgelost. Maar in m'n browser had ik er weer last van. Wat moet ik nu doen?

Nee, dat heb ik nog niet geprobeerd. Het is van een paar dagen geleden, dus herstel lukt nog wel. Zal ik doen. bedankt.

Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.09.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 bart:: PC_VAN_bart[administrator] 9-6-2012 22:09:54 mbam-log-2012-06-09 (22-09-54).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 216440 Verstreken tijd: 14 minuut/minuten, 25 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:26:49, on 9-6-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\system32\schtasks.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\bart\AppData\Local\Citrix\ICA Client\concentr.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Users\bart\AppData\Local\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\hp\kbd\kbd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Compaq | MSN O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Users\Kamiel\AppData\Local\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: Sign In O15 - Trusted Zone: Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O15 - Trusted Zone: http://www.passport.com O15 - Trusted Zone: http://*.windowslivehelp.com O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate1c98e85dd43d7c6) (gupdate1c98e85dd43d7c6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- End of file - 6608 bytes ---------- Post toegevoegd om 22:35 ---------- Vorige post was om 22:32 ---------- dit is raar: als ik de log maak, open in kladblok en de tekst plak in dit forum, zie ik de 015 sign in niet staan (dan heet het hotmail, maar verder heb ik wel vier keer een 015). Zodra ik de post bevestig, zie ik op dit forum ipv 015 hotmail staan 015 sign in. heeft dit iets te betekenen??

Mijn pc vertoont de laatste dagen kuren. Kort na het opstarten bevriest het bureaublad of enkele minuten nadat ik aan het werken ben springt het scherm op zwart. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:51:51, on 9-6-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\bart\AppData\Local\Citrix\ICA Client\concentr.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\schtasks.exe C:\Windows\ehome\ehmsas.exe C:\Users\Bart\AppData\Local\Citrix\ICA Client\wfcrun32.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\hp\kbd\kbd.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Compaq | MSN O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ConnectionCenter] "C:\Users\Kamiel\AppData\Local\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: Sign In O15 - Trusted Zone: Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O15 - Trusted Zone: http://www.passport.com O15 - Trusted Zone: http://*.windowslivehelp.com O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate1c98e85dd43d7c6) (gupdate1c98e85dd43d7c6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- End of file - 6657 bytes

Nee, ik heb in de tussentijd nog niets gevonden. Dus nog steeds extra klikken. Moet zeggen dat ik me er behorlijk aan stoor. Maar blijkbaar weet niemand nog een oplossing (is die er gewoon niet)

Hey Clarkie, wat jij beschrijft is precies waar ik tegenaan loop. Ben blij dat het "probleem" tenminste helder is. Bedankt voor je moeite. Ik vrees dat het niet mogelijk is, maar wie weet hebben we beiden nog iets over het hoofd gezien.

In outlook zit er ook een optie dat je NIET automatisch bij het volgende bericht uitkomt, maar in WLm kan ik die niet vinden. maar goed, geeft niet, je kunt ook niet in alles expert zijn ;-). misschien dat iemand anders het wel weet....

pcies, ik zou willen dat dat in WLM ook zo gebeurde.

Dat klopt Clarkie, dat bedoel ik. Dat zwarte kruisje is in WLM alleen vervangen door een groot rood kruis. Jammer dat je het niet zelf kunt testen.

Het laatste bericht dat ik daarvoor heb gehad.

Klopt, maar het gaat mij niet om het leesvenster, dat snap ik hoe je dat evt kunt weghalen. Als je dubbelklikt om een bericht te openen en daarna dat (dus geopende) bericht met het kruis verwijderd, wordt het volgende bericht in je lijst automatisch geopend. En dat wil ik dus juist niet. Misschien is mijn logica wel niet die van WLM dan. maar in Outlook kon het wel....

ja, maar soms is het irritant als daarmee dan meteen het volgende mailtje in de lijst ook geopend wordt. Bijv je krijgt 1 nieuw mailtje. Dat open je en wil je meteen weggooien. Dus klik je op het kruis. Dan wordt dat mailtje weggegooid, maar dan opent automatisch het volgende mailtje in je lijst (dat je al eerder hebt ontvangen en gelezen), dus dan moet je dat weer apart wegklikken. Zoals gezegd, in outlook zit er een optie waarmee je die automatische actie kunt uitschakelen, maar in WLM ben ik die niet tegengekomen.

Niemand een idee?

hallo, Als ik een email heb geopend in WLM en deze wil verwijderen (naar prullenbak verplaatsen), klik ik op het rode kruis "verwijderen". Daarna wordt echter automatisch de volgende email in de lijst geopend. Ik wil dat niet. Is dat in te stellen? Dus kun je instellen dat je dan niet automatisch naar de volgende email in de lijst gaat? In Outlook kon je dat wel instellen namelijk. Ik kan natuurlijk eerst de email sluiten en dan verwijderen, maar dat is ook weer een extra klik....

oke, ga ik doen, maar waarschijnlijk niet meer vandaag. ga zo meteen weg. Ik laat weten wat het oplevert.

Het vastlopen treedt niet elke keer op, dus het is lastig te zeggen of dat in de veilige modus ook is. Gisteren en vandaag weer een paar keer opgestart en dat ging telkens goed. Gisteren een keer veilige modus gedaan en dat ging goed.

Is er nog iets anders dat ik kan doen, of zou het nu allemaal goed moeten zijn?

alles is ok. geen damaged blocks.

Nee, is een reset is nodig (via aan/uit knop). Soms reset de PC zich ook vanzelf. Dan ben ik aan het werk en ineens gaat ie uit en weer aan.