Ga naar inhoud

jacob wisse

Lid
  • Items

    9
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door jacob wisse

  1. Beste Kape, de volgende foutmelding helpt misschien: Zie het einde vandit bericht voor meer informatie over het aanroepen vanJIT-foutopsporing (Just In Time) in plaats van dit dialoogvenster. **************Tekst van uitzondering ************** System.ArgumentException:Besturingselementen die zijn gemaakt voor de ene thread kunnen niet hetbovenliggende item zijn van een besturingselement op een andere thread. bijSystem.Windows.Forms.Control.ControlCollection.Add(Control value) bijWDSmartWare.Panels.HomePanel1.AddWdDevice(WDDevice device) bijWDSmartWare.Panels.HomePanel1.AddWdDevices() bijWDSmartWare.Panels.HomePanel1.CreateEcosystem() bijWDSmartWare.Panels.HomePanel1.OnShown() bijWDSmartWare.TabbedForm.OnShown(Object sender, EventArgs e) bijSystem.Windows.Forms.Form.OnShown(EventArgs e) bijSystem.Windows.Forms.Form.CallShownEvent() bijSystem.Windows.Forms.Control.InvokeMarshaledCallbackDo(ThreadMethodEntry tme) bijSystem.Windows.Forms.Control.InvokeMarshaledCallbackHelper(Object obj) bijSystem.Threading.ExecutionContext.runTryCode(Object userData) bijSystem.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCodecode, CleanupCode backoutCode, Object userData) bijSystem.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext,ContextCallback callback, Object state) bijSystem.Threading.ExecutionContext.Run(ExecutionContext executionContext,ContextCallback callback, Object state) bijSystem.Windows.Forms.Control.InvokeMarshaledCallback(ThreadMethodEntry tme) bijSystem.Windows.Forms.Control.InvokeMarshaledCallbacks() ************** Geladen assembly's ************** mscorlib Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4234 (VistaSP2GDR.050727-4200) CodeBase:file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll ---------------------------------------- WDSmartWare Assembly-versie:1.2.0.8 Win32-versie:1.2.0.8 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/WDSmartWare.exe ---------------------------------------- System.Windows.Forms Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4228(VistaSP2GDR.050727-4200) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll ---------------------------------------- System Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4234(VistaSP2GDR.050727-4200) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll ---------------------------------------- System.Drawing Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4230(VistaSP2GDR.050727-4200) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll ---------------------------------------- mscorlib.resources Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4234 (VistaSP2GDR.050727-4200) CodeBase:file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll ---------------------------------------- System.Drawing.resources Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System.Drawing.resources/2.0.0.0_nl_b03f5f7f11d50a3a/System.Drawing.resources.dll ---------------------------------------- Tanagra.DataClad Assembly-versie:2.0.0.1 Win32-versie:2.0.0.1 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/Tanagra.DataClad.DLL ---------------------------------------- System.Xml Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll ---------------------------------------- Tanagra.Utility Assembly-versie:2.0.0.0 Win32-versie:2.0.0.0 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/Tanagra.Utility.DLL ---------------------------------------- System.Configuration Assembly-versie: 2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll ---------------------------------------- Memeo.API Assembly-versie:1.0.0.0 Win32-versie:1.0.0.0 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/Memeo.API.DLL ---------------------------------------- XMLSettings Assembly-versie:1.0.0.0 Win32-versie:1.0.0.0 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/XMLSettings.DLL ---------------------------------------- Microsoft.VisualBasic Assembly-versie: 8.0.0.0 Win32-versie: 8.0.50727.4016(NetFxQFE.050727-4000) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualBasic/8.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll ---------------------------------------- System.Management Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System.Management/2.0.0.0__b03f5f7f11d50a3a/System.Management.dll ---------------------------------------- Tanagra.DataClad.DataAccess Assembly-versie:2.0.0.1 Win32-versie:2.0.0.1 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/Tanagra.DataClad.DataAccess.DLL ---------------------------------------- System.Data Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase:file:///C:/Windows/assembly/GAC_32/System.Data/2.0.0.0__b77a5c561934e089/System.Data.dll ---------------------------------------- System.Runtime.Remoting Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase:file:///C:/Windows/assembly/GAC_MSIL/System.Runtime.Remoting/2.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll ---------------------------------------- Tanagra.BMU Assembly-versie: 2.0.0.0 Win32-versie: 2.0.0.0 CodeBase: file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/Tanagra.BMU.DLL ---------------------------------------- System.ServiceProcess Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.ServiceProcess/2.0.0.0__b03f5f7f11d50a3a/System.ServiceProcess.dll ---------------------------------------- Tanagra.Interop Assembly-versie: 2.0.0.0 Win32-versie: 2.0.0.0 CodeBase: file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/Tanagra.Interop.DLL ---------------------------------------- SQLite.NET Assembly-versie:0.22.0.0 Win32-versie:0.22.0.0 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/SQLite.NET.DLL ---------------------------------------- Tanagra.BMU.Providers.HardDiskBackupProvider Assembly-versie:2.0.0.0 Win32-versie:2.0.0.0 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/providers/Tanagra.BMU.Providers.HardDiskBackupProvider.dll ---------------------------------------- Tanagra.BMU.Providers.FileCopyBackupProvider Assembly-versie:2.0.0.0 Win32-versie:2.0.0.0 CodeBase:file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/providers/Tanagra.BMU.Providers.FileCopyBackupProvider.DLL ---------------------------------------- Tanagra.Third-party.Security Assembly-versie:2.0.0.0 Win32-versie:2.0.0.0 CodeBase: file:///C:/Program%20Files/Western%20Digital/WD%20SmartWare/Front%20Parlor/Tanagra.Third-party.Security.DLL ---------------------------------------- System.Web Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4223(VistaSP2GDR.050727-4200) CodeBase:file:///C:/Windows/assembly/GAC_32/System.Web/2.0.0.0__b03f5f7f11d50a3a/System.Web.dll ---------------------------------------- zw5auya0 Assembly-versie: 1.2.0.8 Win32-versie: 2.0.50727.4234(VistaSP2GDR.050727-4200) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll ---------------------------------------- System.Windows.Forms.resources Assembly-versie:2.0.0.0 Win32-versie:2.0.50727.4016 (NetFxQFE.050727-4000) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms.resources/2.0.0.0_nl_b77a5c561934e089/System.Windows.Forms.resources.dll ---------------------------------------- **************JIT-foutopsporing ************** Als uJIT-foutopsporing wilt inschakelen, moet in het configuratiebestand voor deze toepassing ofcomputer (machine.config) de waarde jitDebugging inhet gedeelte system.windows.forms zijn ingesteld. De toepassingmoet ook zijn gecompileerd terwijl foutopsporing was ingeschakeld. Bijvoorbeeld: <configuration> <system.windows.formsjitDebugging="true" /> </configuration> WanneerJIT-foutopsporing is ingeschakeld, worden onverwerkte uitzonderingen naar hetJIT-foutopsporingsprogramma gestuurd dat op de computer is geregistreerd
  2. Beste Kape, Hartelijk dank voor je advies van 16 december. - Enkele malen wildede PC niet opstarten en werd startup repair uitgevoerd. - Op waren eronverwachte afsluitingen Nog steeds verschijnt “rundll32 werkt niet meer. - Het onderdeelNerovision van Nero 12 start nu in eens wel op; Nero express kan nu geen CDbranden. Vragen: - Het lukt niet defiles (78 kB) op jullie website te plaatsen. Steeds gooit jullie server : mijer af: het duurt te lang; ik heb het op een HP laptop geprobeerd, die meldde “ wiltU doorgaan met deze script? De browser wordt hierdoor zeer langzaam of sluit”.Ook op een andere PC duurde het te lang voor jullie server. Voor de tekst vande files, zie je mail aan mij van 12/23/2012/ 0900 pm. - Zal ik mijn PCopnieuw programmeren? Dan ben ik toch alle infecties kwijt? - Welke antivirusscanners zal ik dan installeren? Norton heeft nu een besmetting doorgelaten. Logs: de logs in de mail zijn van: - Crash op 16-12 - Onverwachteafsluiting - Bij het verzendenvan deze reactie is de verbinding slecht - Combofix metCFScript op 16-12 - Scan met malware dd16-12 - Combofix metCFScript op 19-12 - Details bij rundll32werkt niet Metvriendelijke groet JacobWisse
  3. Ik heb het volgende bericht geprobeerd op te sturen maar de browsr hikte. Nogmaals: Bij het afspelen van een vidoe omet windows media player krijg ik toch weer het bericht "windows host proces rundll32 werkt niet "! De details:Probleemhandtekening: Gebeurtenisnaamvan probleem: APPCRASH Naam van detoepassing: RunDLL32.exe Versie vantoepassing: 6.0.6000.16386 Tijdstempel vantoepassing: 4549b0e1 Naam vanfoutmodule: StackHash_1703 Versie vanfoutmodule: 0.0.0.0 Tijdstempel vanfoutmodule: 00000000 Uitzonderingscode: c0000005 Uitzonderingsmarge: 00e1a8ed Versie vanbesturingssysteem: 6.0.6002.2.2.0.768.3 Landinstelling-id: 1033 Aanvullendeinformatie 1: 1703 Aanvullendeinformatie 2: 2264db07e74365624c50317d7b856ae9 Aanvullendeinformatie 3: 1344 Aanvullendeinformatie 4: 875fa2ef9d2bdca96466e8af55d1ae6e We zijn er dus nog niet! Jacob
  4. Beste KweezieWabbit, Hartelijk dankvoor je advies. Ik heb Combofix 12 gedownload en de besmetting is weg! Hetbericht ““Windows-hostproces (Rundell32)werkt niet meer” verschijnt niet meer. Het lijkt er opdat het Windows-vista programma een beetje is beschadigd. Zo af en toe blijfter wat hangen. Zo was het gisteren lastig Word op te starten, vandaag wilde dePC niet starten en er draaide automatisch een Windows reparatie programma. Hetberichtte: “Root cause found: Unspecified changes to system configuration mighthave caused problem”. Vervolgenswerd Norton antivirus uitgeschakeld en verscheen het bericht “reparatie invoortgang. Alles schijnt weer te werken. Mijn Norton 360 premier edition geeftblijkbaar niet afdoende bescherming. Is het verstandig om elk weekend CCleanerte draaien? Elke keer verwijderd deze circa 1,8 Mb. Hartelijk dankMet vriendelijkegroet, Jacob Hier volgt de logfile: ComboFix 12-11-28.02 - Jacob 11/28/2012 17:10:51.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1791.937 [GMT1:00] Gestart vanuit:c:\users\Jacob\Desktop\Desktop\ComboFix.exe AV: Norton 360 Premier Edition *Disabled/Updated*{63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 Premier Edition *Disabled*{5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 Premier Edition *Disabled/Updated*{D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated*{D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\BrowserCompanion c:\program files\BrowserCompanion\blabbers-ch.crx c:\program files\BrowserCompanion\blabbers-ff-full.xpi c:\program files\BrowserCompanion\jsloader.dll c:\program files\BrowserCompanion\logo.ico c:\program files\BrowserCompanion\tdataprotocol.dll c:\program files\BrowserCompanion\terms.lnk.url c:\program files\BrowserCompanion\toolbar.dll c:\program files\BrowserCompanion\uninstall.exe c:\program files\BrowserCompanion\updatebhoWin32.dll c:\program files\BrowserCompanion\updater.ini c:\program files\BrowserCompanion\widgetserv.exe c:\program files\CiscoConnect.E1000.1.3.11069.2.exe c:\programdata\ntuser.dat c:\windows\IsUn0413.exe c:\windows\system32\AutoRun.inf c:\windows\system32\roboot.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-28 to 2012-11-28 )))))))))))))))))))))))))))))) . . 2012-11-28 18:09 . 2012-11-28 18:18 -------- d-----w- c:\users\Jacob\AppData\Local\temp 2012-11-28 18:09 . 2012-11-28 18:09 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2012-11-28 18:09 . 2012-11-28 18:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-28 13:02 . 2012-11-28 13:02 -------- d-----w- c:\program files\Conduit 2012-11-28 13:02 . 2012-11-28 13:02 -------- d-----w- c:\users\Jacob\AppData\Local\Conduit 2012-11-28 13:02 . 2012-11-28 13:02 -------- d-----w- c:\program files\FileConverter_1.4 2012-11-27 08:45 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\WindowsDefender\Definition Updates\{3734B289-A279-4D38-B082-26C6AD1ADB3C}\mpengine.dll 2012-11-26 16:02 . 2012-11-26 16:02 -------- d-----w- c:\programdata\HEMA Fotoservice 2012-11-24 16:02 . 2012-11-24 16:02 -------- d-----w- c:\program files\CCleaner 2012-11-24 16:01 . 2012-11-28 15:58 -------- d-----w- c:\users\Jacob\AppData\Roaming\BrowserCompanion 2012-11-24 15:59 . 2012-11-24 15:59 -------- d-----w- c:\program files\Vittalia 2012-11-23 18:39 . 2012-11-23 18:39 -------- d-----w- c:\program files\Microsoft Silverlight 2012-11-20 10:18 . 2012-11-20 10:18 -------- d-----w- c:\users\Jacob\AppData\Roaming\Malwarebytes 2012-11-20 10:17 . 2012-11-20 10:17 -------- d-----w- c:\programdata\Malwarebytes 2012-11-20 10:17 . 2012-11-20 10:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-20 10:17 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-19 20:35 . 2012-11-19 20:35 388096 ----a-r- c:\users\Jacob\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-11-19 20:35 . 2012-11-19 20:35 -------- d-----w- c:\program files\Trend Micro 2012-11-18 13:22 . 2012-11-26 19:15 -------- d-----w- c:\program files\Nero 2012-11-16 12:16 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll 2012-11-16 12:15 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-11-13 18:14 . 2012-11-14 00:49 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2012-11-12 12:04 . 2012-11-12 12:04 -------- d-----w- c:\users\Jacob\AppData\Roaming\PC Cleaners 2012-11-12 12:04 . 2012-11-12 12:03 4588344 ----a-w- c:\windows\uninst.exe 2012-11-12 12:04 . 2012-11-14 18:48 -------- d-----w- c:\users\Jacob\AppData\Roaming\PCPro 2012-11-12 12:04 . 2012-11-12 12:04 -------- d-----w- c:\programdata\PC1Data 2012-11-10 10:03 . 2012-11-13 18:17 -------- d-----w- c:\users\Jacob\AppData\Roaming\TuneUp Software 2012-11-10 10:01 . 2012-11-13 18:17 -------- d-----w- c:\programdata\TuneUp Software 2012-11-10 10:00 . 2012-11-14 00:49 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-11-09 17:22 . 2012-11-22 10:12 -------- d-----w- c:\users\Jacob\AppData\Roaming\Systweak 2012-11-09 13:24 . 2012-11-09 13:24 -------- d-----w- c:\users\Jacob\AppData\Roaming\DriverCure 2012-11-09 13:23 . 2012-11-09 13:23 -------- d-----w- c:\users\Jacob\AppData\Roaming\PC UnleashedOnline 2012-11-09 13:23 . 2012-11-12 11:29 -------- d-----w- c:\programdata\PC Unleashed Online 2012-11-09 11:24 . 2012-11-09 11:24 -------- d-----w- c:\users\Jacob\AppData\Local\ElevatedDiagnostics 2012-11-08 13:04 . 2012-11-08 13:04 -------- d-----w- c:\program files\USB_video_device 2012-11-08 13:04 . 2011-03-10 01:06 1038080 ----a-w- c:\windows\system32\drivers\emOEM.sys 2012-11-08 13:04 . 2011-03-10 01:05 608128 ----a-w- c:\windows\system32\drivers\emBDA.sys 2012-11-08 13:04 . 2011-03-06 18:37 81920 ----a-w- c:\windows\emMON.exe 2012-11-08 13:04 . 2011-03-06 18:19 114176 ----a-w- c:\windows\system32\emPRP.ax 2012-11-08 09:08 . 2012-05-31 11:25 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-11-07 17:11 . 2012-11-08 15:16 -------- d-----w- c:\users\Public\CyberLink . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-09 14:02 . 2012-04-12 09:14 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-09 14:02 . 2011-06-19 08:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-09 17:05 . 2012-10-09 17:05 9575864 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2012-09-13 13:28 . 2012-10-10 10:41 2048 ----a-w- c:\windows\system32\tzres.dll 2011-06-25 19:19 . 2011-06-25 19:22 22860592 ----a-w- c:\program files\CommonFiles\CiscoConnect.E1000.1.3.11069.2.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* legeverwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\URLSearchHooks] "{296aa17d-c89e-4242-a5a4-44bfe76914a2}"="c:\program files\FileConverter_1.4\prxtbFile.dll" [2011-05-09176936] . [HKEY_CLASSES_ROOT\clsid\{296aa17d-c89e-4242-a5a4-44bfe76914a2}] . [HKEY_LOCAL_MACHINE\~\Browser HelperObjects\{296aa17d-c89e-4242-a5a4-44bfe76914a2}] 2011-05-09 08:49 176936 ----a-w- c:\programfiles\FileConverter_1.4\prxtbFile.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InternetExplorer\Toolbar] "{296aa17d-c89e-4242-a5a4-44bfe76914a2}"="c:\program files\FileConverter_1.4\prxtbFile.dll" [2011-05-09176936] . [HKEY_CLASSES_ROOT\clsid\{296aa17d-c89e-4242-a5a4-44bfe76914a2}] . [HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Toolbar\Webbrowser] "{296AA17D-C89E-4242-A5A4-44BFE76914A2}"="c:\program files\FileConverter_1.4\prxtbFile.dll" [2011-05-09176936] . [HKEY_CLASSES_ROOT\clsid\{296aa17d-c89e-4242-a5a4-44bfe76914a2}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe"[2008-01-19 125952] "Device Detection"="c:\program files\HEMAFotoservice\dd.exe" [2012-10-26 801424] "WMPNSCFG"="c:\program files\Windows MediaPlayer\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware AbstractionLayer"="KHALMNPR.EXE "[X] "RtHDVCpl"="RtHDVCpl.exe" [2007-06-204493312] "IntelliPoint"="c:\program files\MicrosoftIntelliPoint\ipoint.exe" [2009-11-05 1468256] "EMET Notifier"="c:\programfiles\EMET\EMET_notifier.exe" [2012-05-09 152152] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe"[2001-07-09 155648] . c:\users\Jacob\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup\ tcbhn.lnk -c:\users\Jacob\AppData\Roaming\BrowserCompanion\tcbhn.exe [2012-6-28 695448] . c:\programdata\Microsoft\Windows\StartMenu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\DigitalImaging\bin\hpqtra08.exe [2007-3-11 210520] Logitech SetPoint.lnk - c:\programfiles\Logitech\SetPoint\SetPoint.exe [2012-3-1 692224] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windowsnt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\PDFCON~1\24897~1.175\{16CDF~1\apmmngr.dll "LoadAppInit_DLLs"=1 (0x1) . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^StartMenu^Programs^Startup^Empowering Technology Launcher.lnk] path=c:\programdata\Microsoft\Windows\StartMenu\Programs\Startup\Empowering Technology Launcher.lnk backup=c:\windows\pss\Empowering TechnologyLauncher.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^StartMenu^Programs^Startup^HP Setup.lnk] path=c:\programdata\Microsoft\Windows\StartMenu\Programs\Startup\HP Setup.lnk backup=c:\windows\pss\HP Setup.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Acer Empowering Technology Monitor] 2007-07-31 14:25 326176 ----a-w- c:\acer\EmpoweringTechnology\SysMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\eDataSecurity Loader] 2007-04-25 14:33 457216 ----a-w- c:\acer\EmpoweringTechnology\eDataSecurity\eDSLoader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\PCMMediaSharing] 2007-06-21 16:33 204908 ----a-w- c:\programfiles\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\RtHDVCpl] 2007-06-20 08:56 4493312 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Sidebar] 2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 10:35 90112 ----a-w- c:\programfiles\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Symantec PIF AlertEng] 2008-01-29 16:38 583048 ----a-w- c:\programfiles\Common Files\SymantecShared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\WarReg_PopUp] 2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\Windows Defender] 2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\sharedtools\msconfig\startupreg\WMPNSCFG] 2008-01-19 07:33 202240 ----a-w- c:\programfiles\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HP Software Update"=c:\program files\HP\HPSoftware Update\HPWuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\securitycenter\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\securitycenter\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . S2 Acer HomeMedia Connect Service;Acer HomeMedia ConnectService;c:\program files\Acer Arcade Live\Acer HomeMediaConnect\Kernel\DMS\CLMSServer.exe [x] S2 Acer TV Share Service;Acer TV Share Service;c:\programfiles\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windowsnt\currentversion\svchost] HPZ12 REG_MULTI_SZ PmlDriver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de'Gedeelde Taken' map . 2012-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe[2012-04-12 14:02] . . ------- Bijkomende Scan ------- . uStart Page =hxxp://search.conduit.com?SearchSource=10&ctid=CT3241951 uSearchMigratedDefaultURL =hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyServer = 88.159.60.32:80 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver -c:\windows\system32\GPhotos.scr/200 IE:E&xporteren naar Microsoft Excel -c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP:DhcpNameServer = 88.159.1.200 88.159.1.201 . - - - - ORPHANSVERWIJDERD - - - - . Toolbar-10 - (no file) HKU-Default-Run-Acer Tour Reminder -c:\acer\AcerTour\Reminder.exe MSConfigStartUp-Acer Tour Reminder -c:\acer\AcerTour\Reminder.exe MSConfigStartUp-Adobe Reader Speed Launcher - c:\programfiles\Adobe\Reader 8.0\Reader\Reader_sl.exe MSConfigStartUp-Apanel - c:\acersw\config\SetApanel.cmd MSConfigStartUp-ccApp - c:\program files\CommonFiles\Symantec Shared\ccApp.exe MSConfigStartUp-HP CD-DVD - c:\program files\HPCD-DVD\Umbrella\hpcdtray.exe MSConfigStartUp-osCheck - c:\program files\Norton InternetSecurity\osCheck.exe AddRemove-BrowserCompanion - c:\programfiles\BrowserCompanion\uninstall.exe AddRemove-KramersDeinstallKey - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malwaredetector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-11-28 19:17 Windows 6.0.6002 Service Pack 2 NTFS . scannen vanverborgen processen ... . scannen vanverborgen autostart items ... . scannen vanverborgen bestanden ... . Scan succesvolafgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m\"c:\program files\Norton 360 PremierEdition\Engine\6.4.0.9\diMaster.dll\" /prefetch:1" . ---------------------VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2)(LocalSystem) "Progid"="ACDSee 9.0.032" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.ani" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.bay" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.bmp" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.bw" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.cr2" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.crw" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.cs1" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.cur" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.dcr" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.dcx" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.dib" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.djv" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.djvu" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.dng" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.emf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.eps" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.erf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.fff" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.fpx" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.gif" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.icl" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.icn" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.ico" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.iff" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.ilbm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.int" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.inta" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.iw4" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.j2c" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.j2k" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.jfif" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.jif" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.jp2" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.jpc" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2)(LocalSystem) @Denied: (2)(S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee9.0.jpe" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2)(LocalSystem) @Denied: (2)(S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee9.0.jpeg" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2)(S-1-5-21-428641130-2558392838-3062593855-1000) @Denied: (2)(LocalSystem) "Progid"="ACDSee9.0.jpg" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.jpk" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.jpx" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.lbm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.mos" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.mrw" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.nef" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.orf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pbm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pcd" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pct" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pcx" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.pef" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pgm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pic" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pict" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.pix" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.png" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.ppm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.psd" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.psp" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.raf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.ras" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.raw" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.rgb" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.rgba" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.rle" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.rsb" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.sgi" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.sr2" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.srf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.tga" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.thm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.tif" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-428641130-2558392838-3062593855-1000) "Progid"="ACDSee 9.0.tiff" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.ttc" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.ttf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9o\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.v9o" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9p\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.v9p" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9pf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.v9pf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.wbm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.wbmp" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.wmf" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.xbm" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.xif" . [HKEY_USERS\S-1-5-21-428641130-2558392838-3062593855-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee 9.0.xpm" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Voltooingstijd: 2012-11-28 20:49:25 ComboFix-quarantined-files.txt 2012-11-28 19:47 . Pre-Run: 128,915,255,296bytes beschikbaar Post-Run:128,550,039,552 bytes beschikbaar . - - End Of File - - A5EF2E1ACC7F4793CB052BED62A90D79
  5. Beste KweezieWabbit, · Ikheb CCleaner een paar maal uitgevoerd. Ruim 450 Mb is verwijderd. · Bijhet register, “scan naar problemen” verschijnt steeds Probleem: TypeLibReferentie Data:IBackupLocationsShellFolderImpl{00020424-0000-0000-C000-000000000046} RegistersleutelHKCR\Interface\{FOE3A5D7-80C7-4228-9OFE-61DF01C417A5}Dit wordt niet verwijderd · Nero12 heb ik opnieuw geïnstalleerd. Het mocht niet baten · Devideo problemen blijven echter. Zolas al vermeld · Demelding “Windows-hostproces (Rundell32)werkt niet meer” heb ik al tijden.Steeds heb ik het weggetikt en de CD-functies bleven bestaan Met vriendelijkegroet, Jacob
  6. Beste Kweezie Wabbit, ü Je vorige bericht begon met een berichtvan Reg Clean Pro, Xplore: Ik heb deze reclame, die met http://www.pc-helpforum.be/f163/rundll32-werkt-niet-53726-new/ naar binnen is geslopen, aangezien voororigineel. Mijn Norton-antivirus 360 premier edition werkt dus niet goed. Zalik die vervangen door Malwarebytes? ü Ik heb Retg Clean Pro verwijderd en ik vondook nog (restanten?) van een oudere versie dd 11/09/2012. ü Systeem herstel geeft het bericht “er istijdens systeemherstel een onbekende fout opgetreden”. Dit heeft zich 3 xherhaald. ü Ik ben niet duidelijk geweest over mijnprobleem. Mijn excuses hiervoor. Het volgende loopt mis op mijn PC, Acer L5100,aangeschaft voorjaar 2008 Ik ben gestart met hetdigitaliseren van mijn VHS-banden m.b.v. Video 2PC. Bijgeleverde software:cyber link power director, geïnstalleerd op 8 november 2012. Het digitaliserenging goed. Ik kan de video echter niet branden, noch met windows media player,noch met Nero 6, waarmee ik steeds CD’s heb gebrand. Uiteindelijk heb ik Nero12 gekocht. Nog steeds krijg ik het bericht “Windows-hostproces (Rundell32)werkt niet meer” bij het openen van windows media player voor het afspelen vanvideo, en bij het openen van Nero Express, bovendien wil Nero vision nietstarten. Na veel gestumper ben ik lid geworden van PChelp. Verdere klachten? De laatste weken duurt hetopstarten van de PC hinderlijk lang. Vandaag was het 1min 40 sec voor dat ikeen programma kon openen. De scans hebben het vast al wat verbeterd. Irritantis dat de ontvanger voor wifi zwak is. Een HP notebook is veel beter. Met eenversterker red ik het wel. Verder ben ik heel tevreden. Het is dus alleen het video-probleem dat ik zou willen oplossen. Met vriendelijke groet, Jacob
  7. BesteKweezie Wabbit, Ikheb adwarecleaner gebruikt. De logfile staat hier onder. Daarna zag ik dat je adviseerdeeerst REg Clean Pro te draaien. Na 3x draaien gaf hij nul fouten aan. Daarnaheb ik voor de tweede keer adware cleaner gedraaid, de log staat hier onder. Ikzou denken dat mijn PC nu toch wel “schoon” moet zijn. Demankementen in de videofuncties zijn dezelfde gebleven, maar nu geeft windowsmedia player bij de video’s wel geluid, maar geen beeld meer. Metvriendelijke groet, JacobWisse Eerste logfile # AdwCleaner v2.008 - Verslag gemaakt op21/11/2012 om 21:35:52 # Geactualiseerd op 17/11/2012 door Xplode # Besturingssysteem : Windows Vista HomePremium Service Pack 2 (32 bits) #Gebruiker : Jacob - PC_VAN_JACOB #Opstarten Modus : Normale modus #Gelanceerd vanaf : C:\Users\Jacob\Desktop\Desktop\adwcleaner.exe #Optie [Verwijderen] *****[Diensten] ***** *****[Files / Mappen] ***** File Verwijdert :C:\Users\Jacob\AppData\Local\funmoods-speeddial.crx Map Verwijdert : C:\Program Files\Complitly Map Verwijdert : C:\Program Files\Conduit Map Verwijdert : C:\Program Files\DealPly Map Verwijdert : C:\ProgramFiles\FileConverter_1.4 MapVerwijdert : C:\ProgramData\Babylon MapVerwijdert : C:\Users\Jacob\AppData\Local\AskToolbar Map Verwijdert : C:\Users\Jacob\AppData\Local\Conduit Map Verwijdert :C:\Users\Jacob\AppData\LocalLow\AskToolbar Map Verwijdert :C:\Users\Jacob\AppData\LocalLow\BabylonToolbar Map Verwijdert :C:\Users\Jacob\AppData\LocalLow\Conduit Map Verwijdert :C:\Users\Jacob\AppData\LocalLow\FileConverter_1.4 Map Verwijdert :C:\Users\Jacob\AppData\LocalLow\Ironsource Map Verwijdert :C:\Users\Jacob\AppData\LocalLow\PriceGong Map Verwijdert :C:\Users\Jacob\AppData\Roaming\Babylon Map Verwijdert : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} *****[Register] ***** SleutelVerwijdert : HKCU\Software\APN SleutelVerwijdert : HKCU\Software\AppDataLow\Software\AskToolbar SleutelVerwijdert : HKCU\Software\AppDataLow\Software\Conduit SleutelVerwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes SleutelVerwijdert : HKCU\Software\AppDataLow\Software\Crossrider SleutelVerwijdert : HKCU\Software\AppDataLow\Software\FileConverter_1.4 SleutelVerwijdert : HKCU\Software\AppDataLow\Software\PriceGong SleutelVerwijdert : HKCU\Software\AppDataLow\Software\SmartBar SleutelVerwijdert : HKCU\Software\AppDataLow\Software\Toolbar SleutelVerwijdert : HKCU\Software\AppDataLow\Toolbar SleutelVerwijdert : HKCU\Software\Ask.com SleutelVerwijdert : HKCU\Software\AskToolbar SleutelVerwijdert : HKCU\Software\Complitly SleutelVerwijdert : HKCU\Software\DataMngr SleutelVerwijdert : HKCU\Software\DataMngr_Toolbar SleutelVerwijdert :HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj SleutelVerwijdert :HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki SleutelVerwijdert : HKCU\Software\IGearSettings SleutelVerwijdert : HKCU\Software\Microsoft\Internet Explorer\LowRights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} SleutelVerwijdert : HKCU\Software\Microsoft\InternetExplorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} SleutelVerwijdert : HKCU\Software\Microsoft\InternetExplorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} SleutelVerwijdert : HKCU\Software\Microsoft\InternetExplorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} SleutelVerwijdert : HKCU\Software\Microsoft\InternetExplorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} SleutelVerwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\AppManagement\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} SleutelVerwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\AppManagement\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} SleutelVerwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\AppManagement\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} SleutelVerwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\AppManagement\ARPCache\FileConverter_1.4 Toolbar SleutelVerwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\AppManagement\ARPCache\Updater Service SleutelVerwijdert :HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings SleutelVerwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{296AA17D-C89E-4242-A5A4-44BFE76914A2} SleutelVerwijdert :HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{988ABD7F-C363-4605-A81F-5751A690548E} SleutelVerwijdert :HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} SleutelVerwijdert :HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} SleutelVerwijdert : HKCU\Software\Softonic SleutelVerwijdert : HKLM\Software\APN SleutelVerwijdert : HKLM\Software\AskToolbar SleutelVerwijdert : HKLM\Software\Babylon SleutelVerwijdert : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF} SleutelVerwijdert : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} SleutelVerwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} SleutelVerwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} SleutelVerwijdert : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL SleutelVerwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} SleutelVerwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} SleutelVerwijdert : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} SleutelVerwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} SleutelVerwijdert : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd SleutelVerwijdert :HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF SleutelVerwijdert : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF SleutelVerwijdert :HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 SleutelVerwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} SleutelVerwijdert : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} SleutelVerwijdert : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} SleutelVerwijdert : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Sleutel Verwijdert :HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijdert :HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Sleutel Verwijdert :HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijdert :HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} SleutelVerwijdert : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Sleutel Verwijdert :HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Sleutel Verwijdert :HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} SleutelVerwijdert :HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2} SleutelVerwijdert : HKLM\SOFTWARE\Classes\Prod.cap SleutelVerwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3241951 SleutelVerwijdert : HKLM\Software\Conduit SleutelVerwijdert : HKLM\Software\DataMngr SleutelVerwijdert : HKLM\Software\FileConverter_1.4 SleutelVerwijdert :HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj SleutelVerwijdert :HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph SleutelVerwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\LowRights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} SleutelVerwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\LowRights\ElevationPolicy\{21111111-1111-1111-1111-110011501160} Sleutel Verwijdert :HKLM\SOFTWARE\Microsoft\Internet Explorer\LowRights\ElevationPolicy\{9FB81D4F-2C6C-4E58-A09D-127F302E12E7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\InternetExplorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijdert :HKLM\SOFTWARE\Microsoft\Internet Explorer\LowRights\ElevationPolicy\{CE29DF92-09A9-43F1-94AA-2DCAE85908CE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\InternetExplorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Sleutel Verwijdert :HKLM\SOFTWARE\Microsoft\InternetExplorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} SleutelVerwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} SleutelVerwijdert : HKLM\SOFTWARE\Microsoft\InternetExplorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{988ABD7F-C363-4605-A81F-5751A690548E} SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 SleutelVerwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED SleutelVerwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 SleutelVerwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} SleutelVerwijdert :HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileConverter_1.4Toolbar WaardeVerwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes[bProtectorDefaultScope] WaardeVerwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser[{296AA17D-C89E-4242-A5A4-44BFE76914A2}] WaardeVerwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser[{D4027C7F-154A-4066-A1AD-4243D8127440}] WaardeVerwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser[{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] WaardeVerwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar[{98889811-442D-49DD-99D7-DC866BE87DBC}] Waarde Verwijdert :HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks[{296AA17D-C89E-4242-A5A4-44BFE76914A2}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Verwijdert : [HKCU\Software\Microsoft\InternetExplorer\Main - Backup.Old.Start Page] ************************* AdwCleaner[s1].txt - [11662 octets] -[21/11/2012 21:35:52] ########## EOF - C:\AdwCleaner[s1].txt - [11723octets] ########## Tweede logfile #AdwCleaner v2.008 - Verslag gemaakt op 22/11/2012 om 10:18:54 # Geactualiseerd op 17/11/2012 door Xplode # Besturingssysteem : Windows Vista HomePremium Service Pack 2 (32 bits) #Gebruiker : Jacob - PC_VAN_JACOB #Opstarten Modus : Normale modus #Gelanceerd vanaf : C:\Users\Jacob\AppData\Local\Microsoft\Windows\TemporaryInternet Files\Content.IE5\UNX45PZ1\adwcleaner.exe #Optie [Verwijderen] *****[Diensten] ***** *****[Files / Mappen] ***** *****[Register] ***** SleutelVerwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings WaardeVerwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes[bProtectorDefaultScope] WaardeVerwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar[{98889811-442D-49DD-99D7-DC866BE87DBC}] *****[browsers] ***** -\\Internet Explorer v9.0.8112.16421 [OK]Het register bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [11793 octets] -[21/11/2012 21:35:52] AdwCleaner[s2].txt - [1028 octets] - [22/11/201210:18:54] ########## EOF - C:\AdwCleaner[s2].txt - [1088octets] ##########
  8. Beste KweezieWabbit, ü Hartelijk dank voor je snelle antwoord opmijn vraag. Ik heb je advies kunnen uitvoeren. De fout is helaas nietverholpen. Nog steeds krijg ik het bericht “Windows-hostproces (Rundell32)werkt niet meer” bij het openen van windows media player voor het afspelen vanvideo, en bij het openen van Nero Express, bovendien wil Nero vision nietstarten. ü Ik kon alle items kunnen aanvinken behalveO3 - Toolbar: (no name) -{D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file). Die kwam niet in de lijst voor. Malwarebytes Anti-Malware(-evaluatieversie-) 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.11.20.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Jacob :: PC_VAN_JACOB [administrator] Realtime bescherming:Ingeschakeld 11/20/2012 11:25:11 AM mbam-log-2012-11-20(11-25-11).txt Scantype: Snelle scan Ingeschakelde scanopties:Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra |Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties:P2P Objecten gescand: 224604 Verstreken tijd: 5minuut/minuten, 49 seconde(n) Geheugenprocessengedetecteerd: 1 C:\ProgramData\IBUpdaterService\ibsvc.exe(PUP.InstallBrain) -> 588 -> Zal worden verwijderd tijdens hetherstarten. Geheugenmodulengedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Registersleutelsgedetecteerd: 2 HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService(PUP.InstallBrain) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki(PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaardengedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Mappen gedetecteerd: 1 C:\ProgramData\IBUpdaterService(PUP.InstallBrain) -> Zal worden verwijderd tijdens het herstarten. Bestanden gedetecteerd: 5 C:\Users\Jacob\Downloads\WindowsLive Mail.exe (PUP.AdBundler) -> Succesvol in quarantaine geplaatst enverwijderd. C:\Users\Jacob\AppData\Local\funmoods.crx(PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Jacob\LocalSettings\Application Data\funmoods.crx (PUP.Funmoods) -> Succesvol inquarantaine geplaatst en verwijderd. C:\ProgramData\IBUpdaterService\ibsvc.exe(PUP.InstallBrain) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\IBUpdaterService\repository.xml(PUP.InstallBrain) -> Succesvol in quarantaine geplaatst en verwijderd.(einde) 2012/11/20 11:19:15 +0100 PC_VAN_JACOB Jacob MESSAGE Executing scheduled update: Daily 2012/11/20 11:19:27 +0100 PC_VAN_JACOB Jacob MESSAGE Starting protection 2012/11/20 11:19:27 +0100 PC_VAN_JACOB Jacob MESSAGE Protection started successfully 2012/11/20 11:19:27 +0100 PC_VAN_JACOB Jacob MESSAGE Starting IP protection 2012/11/20 11:19:31 +0100 PC_VAN_JACOB Jacob ERROR StartServiceCtrlDispatcher failed with error code 1063 2012/11/20 11:19:34 +0100 PC_VAN_JACOB Jacob MESSAGE IP Protection started successfully 2012/11/20 11:20:17 +0100 PC_VAN_JACOB Jacob MESSAGE Starting database refresh 2012/11/20 11:20:17 +0100 PC_VAN_JACOB Jacob MESSAGE Stopping IP protection 2012/11/20 11:20:17 +0100 PC_VAN_JACOB Jacob MESSAGE IP Protection stopped successfully 2012/11/20 11:20:21 +0100 PC_VAN_JACOB Jacob MESSAGE Database refreshed successfully 2012/11/20 11:20:21 +0100 PC_VAN_JACOB Jacob MESSAGE Starting IP protection 2012/11/20 11:20:28 +0100 PC_VAN_JACOB Jacob MESSAGE IP Protection started successfully 2012/11/20 11:38:14 +0100 PC_VAN_JACOB Jacob MESSAGE Starting protection 2012/11/20 11:38:14 +0100 PC_VAN_JACOB Jacob MESSAGE Protection started successfully 2012/11/20 11:38:14 +0100 PC_VAN_JACOB Jacob MESSAGE Starting IP protection 2012/11/20 11:38:20 +0100 PC_VAN_JACOB Jacob MESSAGE IP Protection started successfully ü C:\Windows\System32is gemaakt Thursday, ‎November ‎02, ‎2006, ‏‎12:18:36 PM ü De snellescan van MBAM heeft 6 worms verwijderd. De volledige scan heb ik daarnagedraaid en heeft nog 2 infecties verwijderd: Databaseversie:v2012.11.20.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Jacob :: PC_VAN_JACOB [administrator] Realtime bescherming:Ingeschakeld 11/20/2012 8:45:05 PM mbam-log-2012-11-20(22-22-59).txt Scantype: Volledige scan(C:\|D:\|) Ingeschakelde scanopties:Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra |Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 445447 Verstreken tijd: 1 uur/uren,30 minuut/minuten, 37 seconde(n) Geheugenprocessengedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Geheugenmodulengedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Registersleutelsgedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxTabMusic Converter (Adware.Agent) -> Geen actie ondernomen. Registerwaardengedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objectengedetecteerd) Bestanden gedetecteerd: 1 C:\ProgramFiles\FoxTabMusicConverter\Uninstall\Uninstall.exe (Adware.Agent) -> Geenactie ondernomen. (einde) ü Ik heb vanmorgen nog eenmaal Hijackthis enMbam gedraaid. O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (nofile) was er nu wel. O20 -AppInit_DLLs: c:\progra~2\pdfcon~1\24897~1.175\{16cdf~1\apmmngr.dll stond nogop de lijst. Deze 2 heb ik aangevinkt en nogmaals fix checked gedraaid. Hier zijn de logs: Hijack: Logfile of Trend MicroHijackThis v2.0.4 Scan saved at 10:10:59 AM,on 11/21/2012 Platform: Windows Vista SP2(WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\ProgramData\PDF ConverterManager\2.4.897.175\{16cdff19-861d-48e3-a751-d99a27784753}\apmmngr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\EMET\EMET_notifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\HEMA Fotoservice\dd.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://nl.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL= Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\InternetSettings,ProxyServer = 88.159.60.32:80 O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection -{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 PremierEdition\Engine\6.4.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection -{6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 PremierEdition\Engine\6.4.0.9\IPS\IPSBHO.DLL O2 - BHO: Windows Live ID Sign-in Helper -{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\MicrosoftShared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper -{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\ProgramFiles\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management -{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\coIEPlg.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (nofile) O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\MicrosoftIntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer]KHALMNPR.EXE O4 - HKLM\..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Device Detection] C:\Program Files\HEMAFotoservice\dd.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows MediaPlayer\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\WindowsSidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exeoobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\WindowsSidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder]C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder]C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\ProgramFiles\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver -res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel -res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote -{2670000A-7350-4f3c-8081-5663EE0C6C49} -C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote -{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs:c:\progra~2\pdfcon~1\24897~1.175\{16cdf~1\apmmngr.dll O22 - SharedTaskScheduler: Component Categories cache daemon -{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\ProgramFiles\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: Acer TV Share Service - CyberLink - C:\ProgramFiles\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) -Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe Flash Player Update Service(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. -C:\Windows\system32\Ati2evxx.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT -C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. -C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\ProgramFiles\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - MacrovisionCorporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service(LightScribeService) - Hewlett-Packard Company - C:\Program Files\CommonFiles\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation -C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service - Symantec Corporation -C:\Program Files\Common Files\SymantecShared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\ProgramFiles\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\ProgramFiles\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\ProgramFiles\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate)- Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: PDF Converter Manager - Unknown owner - C:\ProgramData\PDFConverterManager\2.4.897.175\{16cdff19-861d-48e3-a751-d99a27784753}\apmmngr.exe O23 - Service: Planner voor Automatische LiveUpdate - SymantecCorporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Realtek11nSU - Realtek - C:\Program Files\SITECOM\300NUSB Wireless LAN Utility\RtlService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknownowner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental)(rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 8336 bytes ü De snelle scan van MBAM levert nu: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Ik hoop dat je de videofuncties kuntrepareren Met vriendelijke groet, Jacob Wisse
  9. rundll32 werkt niet; log met HijackThis. Asltublieft advies Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:00:42 PM, on 11/19/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe C:\ProgramData\PDF Converter Manager\2.4.897.175\{16cdff19-861d-48e3-a751-d99a27784753}\apmmngr.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\EMET\EMET_notifier.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Windows\system32\taskeng.exe C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com Search Engine - Better Web Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=gru...C&cr=346958910 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 88.159.60.32:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {c55f5517-246e-4426-b745-ee25b08eb8b4} - (no file) R3 - URLSearchHook: (no name) - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - (no file) R3 - URLSearchHook: (no name) - {e84cc2c1-b722-48fc-a39c-edb8b525c777} - (no file) R3 - URLSearchHook: FileConverter 1.4 Toolbar - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - C:\Program Files\FileConverter_1.4\prxtbFile.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: FileConverter 1.4 - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - C:\Program Files\FileConverter_1.4\prxtbFile.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\IPS\IPSBHO.DLL O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: MyHeritage New Tab - {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\coIEPlg.dll O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file) O3 - Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file) O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: FileConverter 1.4 Toolbar - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - C:\Program Files\FileConverter_1.4\prxtbFile.dll O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe O4 - HKLM\..\Run: [PC Cleaners] "C:\Program Files\PC Cleaners\PCCleaners.exe" /minimize O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/sof...iveXPlugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - (no file) O20 - AppInit_DLLs: c:\progra~2\pdfcon~1\24897~1.175\{16cdf~1\apmmngr.dll c:\progra~2\pdfcon~1\23811~1.154\{16cdf~1\apmmngr.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: Acer TV Share Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: PDF Converter Manager - Unknown owner - C:\ProgramData\PDF Converter Manager\2.4.897.175\{16cdff19-861d-48e3-a751-d99a27784753}\apmmngr.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Realtek11nSU - Realtek - C:\Program Files\SITECOM\300N USB Wireless LAN Utility\RtlService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- End of file - 10524 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.