damo

hopelijk lukt dit : AppLog.txt SysLog.txt

Hallo, nadat het probleem enkele dagen niet meer voorkwam heb ik vadaag al 3 keer moeten herstarten. Hopelijk hebben jullie nog wat inspiratie om een oplossing te vinden (google chrome herinstalleren ?), alvast een Hijack logje : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:19:17, on 21/01/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe D:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\explorer.exe D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE D:\Program Files\hijackthis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - D:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [Advanced SystemCare 6] "d:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-21-1409082233-113007714-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Xxxx Xxxx.XXXX\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 6230 bytes

't Is Bing en staat niet tussen de extensies

Conclusie blijkt helaas voorbarig : probleem uitschakeling deed zich net opnieuw voor. Ook het opstarten duurt lang en ik merk dat bij opstart Google Chrome een tweede tabblad met een (mij onbekende) zoekmachine opent. nieuwe log HijackThis : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:46:17, on 17/01/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE d:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe d:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe C:\WINDOWS\system32\svchost.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\RunDLL32.exe D:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe D:\Program Files\hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - D:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKCU\..\Run: [Advanced SystemCare 6] "d:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1409082233-113007714-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Xxxxx Xxxx.XXXXX\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 7120 bytesLogfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:46:17, on 17/01/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE d:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe d:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe C:\WINDOWS\system32\svchost.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\RunDLL32.exe D:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe D:\Program Files\hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - D:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKCU\..\Run: [Advanced SystemCare 6] "d:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1409082233-113007714-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Xxxxx Xxxx.XXXXX\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 7120 bytes

Probleem lijkt inderdaad opgelost, hartelijk dank daarvoor Kape !

Alles verwijderd. Vandaag geen uitval meer gehad noch met IE, noch met Chrome. Hopelijk blijft het zo maar in ieder geval hartelijk bedankt !

log Combofix : ComboFix 13-01-15.02 - Xxxxx Xxxx 15/01/2013 20:08:36.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1918.1063 [GMT 1:00] Gestart vanuit: c:\documents and settings\Xxxxx Xxxx.XXXXX\Bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users.WINDOWS\Application Data\TEMP c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PCFix c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PCFix\log.dat c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PCFix\unresolvederrors.dat c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\1.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\a.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\b.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\c.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\d.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\e.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\f.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\g.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\h.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\i.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\j.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\k.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\l.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\m.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\n.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\o.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\p.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\q.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\r.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\s.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\t.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\u.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\v.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\w.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\wlu.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\x.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\y.txt c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\PriceGong\Data\z.txt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-12-15 to 2013-01-15 )))))))))))))))))))))))))))))) . . 2013-01-15 18:50 . 2013-01-15 18:50 -------- d--h--r- c:\documents and settings\Xxxxx Xxxx.XXXXX\Onlangs geopend 2013-01-14 17:56 . 2013-01-14 17:56 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\Malwarebytes 2013-01-14 17:55 . 2013-01-14 17:55 -------- dc----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes 2013-01-14 17:55 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-12 15:21 . 2013-01-13 20:30 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Local Settings\Application Data\nuke_downloads_NL 2013-01-12 15:21 . 2013-01-12 15:21 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Local Settings\Application Data\Conduit 2013-01-12 15:21 . 2013-01-12 15:21 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Local Settings\Application Data\CRE 2013-01-11 20:17 . 2013-01-11 20:17 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\ProgSense 2013-01-11 20:15 . 2013-01-12 14:02 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\Orbit 2013-01-11 20:15 . 2013-01-12 14:01 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\Funmoods 2013-01-10 20:02 . 2013-01-10 20:02 -------- dc----w- c:\documents and settings\All Users.WINDOWS\Application Data\nView_Profiles 2013-01-06 17:23 . 2012-05-08 17:35 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe 2013-01-06 17:23 . 2010-11-26 17:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys 2013-01-06 14:50 . 2013-01-06 14:50 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\Apple Computer 2012-12-27 14:48 . 2012-12-27 14:48 -------- dc----w- c:\documents and settings\All Users.WINDOWS\Application Data\NVIDIA 2012-12-27 14:48 . 2013-01-13 17:28 -------- dc----w- c:\documents and settings\UpdatusUser 2012-12-23 19:46 . 2012-12-23 19:49 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\YouTubeFreeDownloader 2012-12-21 17:37 . 2012-12-21 17:37 -------- d-----w- c:\program files\Research In Motion Limited 2012-12-21 17:37 . 2012-12-21 17:37 -------- d-----w- c:\program files\Common Files\Research In Motion 2012-12-21 08:57 . 2012-12-21 08:57 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\R-TT 2012-12-21 08:23 . 2012-12-21 08:40 -------- dcsh--w- c:\documents and settings\All Users.WINDOWS\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2012-12-20 18:49 . 2013-01-12 15:20 -------- d-----w- c:\documents and settings\Xxxxx Xxxx.XXXXX\Downloads . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-16 12:23 . 2003-04-08 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-12-06 12:40 . 2012-12-06 12:40 22784 ----a-w- c:\windows\system32\drivers\RimUsb.sys 2012-11-13 11:55 . 2003-04-08 12:00 1866496 ----a-w- c:\windows\system32\win32k.sys 2012-11-06 02:00 . 2011-01-04 20:07 1371648 ------w- c:\windows\system32\msxml6.dll 2012-11-02 02:03 . 2003-04-08 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll 2012-11-01 12:12 . 2003-04-08 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-11-01 12:12 . 2003-04-08 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-11-01 12:12 . 2003-04-08 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35 . 2004-08-04 07:55 385024 ----a-w- c:\windows\system32\html.iec 2012-10-30 22:51 . 2011-06-11 14:59 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 22:51 . 2011-01-13 20:42 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 22:51 . 2011-01-13 20:42 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-10-30 22:51 . 2011-01-13 20:42 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-10-30 22:51 . 2011-01-13 20:42 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-10-30 22:51 . 2011-01-13 20:42 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-10-30 22:51 . 2012-11-11 06:54 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-10-30 22:51 . 2011-01-13 20:42 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 22:51 . 2011-01-13 20:42 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-10-30 22:51 . 2011-01-13 20:42 41224 ----a-w- c:\windows\avastSS.scr 2012-10-30 22:50 . 2011-01-13 20:42 227648 ----a-w- c:\windows\system32\aswBoot.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 6"="d:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-19 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552] "SkyTel"="SkyTel.EXE" [2007-10-11 1826816] "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-09-23 15512424] "NvMediaCenter"="NvMCTray.dll" [2012-09-23 108392] "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-09-23 1634112] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-03 07:35 946352 -c--a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2011-03-15 15:42 499608 -c----w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beidsccertprop] 2011-12-01 15:08 31256 -c--a-w- c:\program files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Tray] 2011-04-25 18:27 733576 ----a-w- d:\program files\EASEUS\Todo Backup\bin\TrayNotify.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Watch] 2011-04-22 16:26 69000 ----a-w- d:\program files\EASEUS\Todo Backup\bin\EuWatch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-08-19 18:47 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2012-08-28 06:41 247768 ----a-w- d:\program files\TomTom HOME 2\TomTomHOMERunner.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2012-12-09 10:21 969104 ----a-w- d:\program files\uTorrent\uTorrent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "hpqddsvc"=2 (0x2) "gupdatem"=3 (0x3) "gupdate"=2 (0x2) "EASEUS Agent"=2 (0x2) "Nero BackItUp Scheduler 4.0"=2 (0x2) "TomTomHOMEService"=3 (0x3) "AdvancedSystemCareService5"=2 (0x2) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "TomTomHOME.exe"="d:\program files\TomTom HOME 2\TomTomHOMERunner.exe" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [3/07/2011 11:14 30600] R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [3/07/2011 11:14 35720] R0 EUFS;EUFS;c:\windows\system32\drivers\eufs.sys [3/07/2011 11:14 20744] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [6/01/2013 18:23 14776] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [11/11/2012 7:54 20624] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11/06/2011 15:59 738504] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13/01/2011 21:42 361032] R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [4/01/2011 17:58 13696] R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [3/07/2011 11:14 14216] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;d:\program files\IObit\Advanced SystemCare 6\ASCService.exe [20/12/2012 17:44 464256] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13/01/2011 21:42 21256] R2 TomTomHOMEService;TomTomHOMEService;d:\program files\TomTom HOME 2\TomTomHOMEService.exe [28/08/2012 7:41 92632] R3 EUDISK;EASEUS Disk Enumerator;c:\windows\system32\drivers\eudisk.sys [3/07/2011 11:14 187528] S2 MBAMScheduler;MBAMScheduler;d:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [14/01/2013 18:55 398184] S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14/01/2013 18:55 682344] S3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [25/01/2010 14:56 115712] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [13/01/2011 18:25 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [13/01/2011 18:25 8456] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14/01/2013 18:55 21104] S4 EASEUS Agent;EASEUS Agent;d:\program files\EASEUS\Todo Backup\bin\Agent.exe [3/07/2011 11:13 56200] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-01-15 18:03 1606760 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe . Inhoud van de 'Gedeelde Taken' map . 2013-01-15 c:\windows\Tasks\ASC6_AutoClean.job - d:\program files\IObit\Advanced SystemCare 6\AutoSweep.exe [2012-12-20 13:51] . 2013-01-15 c:\windows\Tasks\ASC6_PerformanceMonitor.job - d:\program files\IObit\Advanced SystemCare 6\Monitor.exe [2012-12-20 19:33] . 2013-01-15 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-07 22:50] . 2013-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd94e46f58c89a.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-19 19:09] . 2013-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-19 19:09] . 2013-01-15 c:\windows\Tasks\SmartDefragUpdate.job - d:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-01-06 10:06] . 2013-01-15 c:\windows\Tasks\SmartDefrag_Startup.job - d:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2013-01-06 14:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://www.google.be uInternet Connection Wizard,ShellNext = iexplore IE: Free YouTube Download - c:\documents and settings\Xxxxx Xxxx.XXXXX\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm Trusted Zone: fgov.be\ccff02.minfin Trusted Zone: fgov.be\minfin TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 . . ------- Bestandsassociaties ------- . .scr=AutoCADScriptFile . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-01-15 20:13 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw[1]*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~[1]*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL" . Voltooingstijd: 2013-01-15 20:14:27 ComboFix-quarantined-files.txt 2013-01-15 19:14 . Pre-Run: 2.810.912.768 bytes beschikbaar Post-Run: 2.936.791.040 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn . - - End Of File - - 77779653600397BCB3FEE7CA247C92B1

Bij deze, incl. standaard dt fout : # AdwCleaner v2.105 - Verslag gemaakt op 15/01/2013 om 18:37:16 # Geactualiseerd op 08/01/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : xxx xxxx - xxxx # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\xxxx xxx.xxx\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\user.js Map Verwijdert : C:\Documents and Settings\All Users.WINDOWS\Application Data\{B49A644A-1076-4A3D-B124-DAA7862F2318} Map Verwijdert : C:\Documents and Settings\All Users.WINDOWS\Application Data\~0 Map Verwijdert : C:\Documents and Settings\All Users.WINDOWS\Application Data\FreeRIP Map Verwijdert : C:\Documents and Settings\All Users.WINDOWS\Application Data\Tarma Installer Map Verwijdert : C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Ilivid Map Verwijdert : C:\Program Files\Conduit Map Verwijdert : C:\Program Files\nuke_downloads_NL Map Verwijdert : C:\Program Files\Windows Searchqu Toolbar ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBCD0F74-3C14-48D3-A59B-6542272F855F} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF9C1295-B6E3-4573-8A6C-3FFB5EED6FDA} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBCD0F74-3C14-48D3-A59B-6542272F855F} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijdert : HKCU\Software\nuke_downloads_NL Sleutel Verwijdert : HKCU\Software\PriceGong Sleutel Verwijdert : HKCU\Software\SmartBar Sleutel Verwijdert : HKCU\Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{BF9C1295-B6E3-4573-8A6C-3FFB5EED6FDA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3272744 Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\DigitalVolcano\OpenCandy Sleutel Verwijdert : HKLM\Software\ilivid Sleutel Verwijdert : HKLM\Software\InstallCore Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12A5FE7C-6354-467C-960E-4F71BA934880} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DED56517-C930-48A6-A641-68CDAE228E2E} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BF9C1295-B6E3-4573-8A6C-3FFB5EED6FDA} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nuke_downloads_NL Toolbar Sleutel Verwijdert : HKLM\Software\nuke_downloads_NL Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\Software\Tarma Installer Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DBCD0F74-3C14-48D3-A59B-6542272F855F}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v23.0.1271.97 ************************* AdwCleaner[R1].txt - [5865 octets] - [15/01/2013 18:36:20] AdwCleaner[s1].txt - [5437 octets] - [15/01/2013 18:37:16] ########## EOF - C:\AdwCleaner[s1].txt - [5497 octets] ##########

Dasle, Kape : bedankt alvast Hierbij de MBAM en Hijack-log : Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.01.14.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 xxxxx:: xxxxx[administrator] Bescherming: Ingeschakeld 14/01/2013 19:58:52 mbam-log-2013-01-14 (19-58-52).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 295970 Verstreken tijd: 5 minuut/minuten, 16 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 3 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:26:22, on 14/01/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE d:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe d:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe C:\WINDOWS\system32\svchost.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe d:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe D:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe D:\Program Files\hijackthis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - D:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Advanced SystemCare 6] "d:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-1409082233-113007714-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\********\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 6942 bytes

Hallo, De laatste paar dagen valt m'n PC vanzelf uit : eerst blokkeert alles (zie nog wel scherm maar cursor reageert niet) waarna ook het scherm zwart wordt. Ik dacht eerst dat het lag een aan de nieuwe ventilator (vorige maakte veel lawaai) maar ook na herinstallatie van de vorige ventilator bleef het probleem. 'k Heb me wel schuldig gemaakt aan het aanpassen van de BIOS (vooral power management) zonder er echt iets van te kennen . Anderzijds merk ik dat het vooral voordoet bij Google Chrome en voorlopig nog niet bij IE. In vergelijkbare topics las ik dat ik een Hijack log moet posten, bij deze : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:10:50, on 13/01/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE d:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe d:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\explorer.exe D:\Program Files\IObit\Advanced SystemCare 6\Asc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Program Files\hijackthis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: nuke downloads NL Toolbar - {dbcd0f74-3c14-48d3-a59b-6542272f855f} - C:\Program Files\nuke_downloads_NL\prxtbnuke.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - D:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL O2 - BHO: nuke downloads NL - {dbcd0f74-3c14-48d3-a59b-6542272f855f} - C:\Program Files\nuke_downloads_NL\prxtbnuke.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: nuke downloads NL Toolbar - {dbcd0f74-3c14-48d3-a59b-6542272f855f} - C:\Program Files\nuke_downloads_NL\prxtbnuke.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Advanced SystemCare 6] "d:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-1409082233-113007714-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\********\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///D:/Program%20Files/AutoCAD%202002/AcPreview.ocx O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 7183 bytes Hopelijk kan iemand me verder helpen alvast bedankt, damo