wietsebuseyne

thx again kape ccleaner had ik al laten lopen morgen gaat de computer terug naar de eigenaar hopelijk heeft ze dan geen problemen, maar dit zal wel niet aangezien alle bedreigingen weg zijn en ik ook de browser etc heb geupdate. Het enige rare is dat de computer mijn draadloos internet niet herkent... (precies ook geen andere netwerken) alleen via een kabel lukt dit. Ik hoop dat ze dit probleem niet heeft met haar draadloos internet al begin ik ervoor te vrezen... EDIT: een of andere knop voor draadloos op en af gezet en nu werkt het perfect ik dank u opnieuw

kheb het erin gesleept hij deed weer een scan ofzo maar kdenk da het wel gelukt is. Ineens ook service pack 3 geinstalleerd... ComboFix 11-06-28.02 - Eveline Goethals 28/06/2011 20:31:16.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.32.1043.18.502.269 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eveline Goethals\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Eveline Goethals\Bureaublad\CFScript.txt AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . FILE :: "c:\documents and settings\Eveline Goethals\Application Data\17.tmp" "c:\documents and settings\Eveline Goethals\Application Data\1C.tmp" "c:\documents and settings\Eveline Goethals\Application Data\21.tmp" "c:\documents and settings\Eveline Goethals\Application Data\22.tmp" "c:\program files\Hitman Pro\hitmanpro2.sys" "C:\sdm32.exe" "C:\ssf32.exe" "C:\syc32.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\Eveline Goethals\Application Data\17.tmp c:\documents and settings\Eveline Goethals\Application Data\21.tmp c:\program files\Hitman Pro\hitmanpro2.sys . ----- BITS: Mogelijk geïnfecteerde sites ----- . hxxp://apnmedia.ask.com . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_HITMANPRO2 -------\Service_hitmanpro2 -------\Service_mailKmd . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-28 to 2011-06-28 )))))))))))))))))))))))))))))) . . 2011-06-28 18:19 . 2011-06-28 18:19 -------- d-----w- c:\documents and settings\LocalService\Menu Start 2011-06-27 17:21 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-27 17:21 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-27 17:21 . 2011-06-27 17:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-06-27 17:11 . 2011-06-27 17:11 -------- d-----w- c:\program files\Common Files\Java 2011-06-27 17:09 . 2011-06-27 17:07 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-06-27 17:09 . 2011-06-27 17:07 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-06-27 17:09 . 2011-06-27 17:07 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-06-27 15:47 . 2011-06-28 18:16 -------- d--h--r- c:\documents and settings\Eveline Goethals\Onlangs geopend 2011-06-27 15:13 . 2011-06-27 15:13 -------- d-----w- c:\program files\CCleaner 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll 2011-06-27 13:48 . 2011-06-27 13:48 -------- d-----w- c:\documents and settings\Eveline Goethals\Application Data\Malwarebytes 2011-06-27 13:47 . 2011-06-27 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-06-27 13:09 . 2011-06-16 04:49 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-06-27 13:09 . 2011-06-16 04:49 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-06-27 13:09 . 2011-06-16 04:49 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-06-27 13:09 . 2011-06-16 04:49 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll 2011-06-27 13:09 . 2011-06-16 04:49 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-06-27 13:09 . 2011-06-16 04:49 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-06-27 13:09 . 2011-06-16 04:49 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe 2011-06-27 13:09 . 2011-06-16 04:49 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-06-27 13:09 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-27 13:09 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-22 18:49 . 2011-06-22 18:49 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-09 13:58 . 2011-06-09 13:58 -------- d-----w- c:\documents and settings\Eveline Goethals\Local Settings\Application Data\PCHealth 2011-06-07 03:44 . 2011-06-07 03:44 -------- d-----w- c:\program files\MSBuild 2011-06-07 03:44 . 2011-06-07 03:44 -------- d-----w- c:\program files\Reference Assemblies 2011-06-07 03:42 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2011-06-07 03:39 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2011-06-07 03:39 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2011-06-07 03:39 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2011-06-07 03:39 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2011-06-07 03:39 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2011-06-07 03:39 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2011-06-07 03:15 . 2011-06-07 03:15 -------- d-----w- c:\program files\MSXML 6.0 2011-06-07 03:10 . 2011-06-07 03:10 -------- d-----r- c:\documents and settings\LocalService\Favorieten 2011-06-06 20:24 . 2011-06-06 20:24 -------- d-----w- c:\documents and settings\Eveline Goethals\Application Data\Avira 2011-06-06 19:50 . 2011-06-06 19:50 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2011-06-06 06:27 . 2010-05-06 10:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-06-06 06:26 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-06-06 05:20 . 2011-06-06 16:12 -------- d-----w- C:\tvd 2011-06-05 21:53 . 2011-06-28 18:12 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-06-05 21:53 . 2011-06-28 18:12 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-06-05 21:53 . 2010-06-17 13:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2011-06-05 21:53 . 2010-06-17 13:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2011-06-05 21:53 . 2011-06-05 21:53 -------- d-----w- c:\program files\Avira 2011-06-05 21:53 . 2011-06-05 21:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-06 19:22 . 2011-04-06 19:22 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-06-16 04:49 . 2011-06-27 13:09 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608] "Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400] "MtdAcq"="c:\program files\Creative\Shared Files\Media Sniffer\MtdAcq.exe" [2005-09-14 229466] "Octoshape Streaming Services"="c:\program files\Octoshape Streaming Services\Eveline Goethals\OctoshapeClient.exe" [2006-02-13 214648] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "SMSERIAL"="sm56hlpr.exe" [2005-09-16 557056] "RTHDCPL"="RTHDCPL.EXE" [2006-07-06 16251904] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-07-17 65536] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-07-10 86016] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-07-14 798810] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-25 185896] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-07-25 1397760] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-04-10 15360] . c:\documents and settings\Eveline Goethals\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2007-3-19 114688] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\fxsclnt.exe"= "c:\\Program Files\\NetMeeting\\Conf.exe"= "c:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"= "c:\\Program Files\\InterVideo\\MediaOne Gallery\\mediaone.exe"= "c:\\Program Files\\Octoshape Streaming Services\\Eveline Goethals\\OctoshapeClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Zattoo\\zattood.exe"= "c:\\Program Files\\Zattoo\\Zattoo2.exe"= "c:\\Program Files\\Zattoo\\Zattoo.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Documents and Settings\\Eveline Goethals\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [6/04/2011 21:22 218688] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/06/2011 23:53 136360] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/02/2010 8:23 135664] S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [22/08/2007 19:07 223232] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [27/06/2011 19:21 39984] . Inhoud van de 'Gedeelde Taken' map . 2011-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 06:23] . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 06:23] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.destandaard.be/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html TCP: DhcpNameServer = 193.74.208.65 194.119.228.67 FF - ProfilePath - c:\documents and settings\Eveline Goethals\Application Data\Mozilla\Firefox\Profiles\zfg91kos.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]GMER - Rootkit Detector and Remover[/url] Rootkit scan 2011-06-28 20:47 Windows 5.1.2600 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(1168) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Ahead\InCD\InCDsrv.exe c:\windows\sm56hlpr.exe c:\windows\RTHDCPL.EXE c:\program files\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\CTsvcCDA.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\Logitech\Video\FxSvr2.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\Tablet.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\ehome\mcrdsvc.exe c:\program files\Windows Media Player\WMPNetwk.exe c:\windows\system32\dllhost.exe c:\windows\eHome\ehmsas.exe . ************************************************************************** . Voltooingstijd: 2011-06-28 20:53:31 - machine werd herstart ComboFix-quarantined-files.txt 2011-06-28 18:53 ComboFix2.txt 2011-06-27 16:24 . Pre-Run: 3.886.776.320 bytes beschikbaar Post-Run: 3.768.770.560 bytes beschikbaar . - - End Of File - - FC6718DF48DAF58AA1ACE60231AB0174

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:14:59, on 27/06/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\sm56hlpr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe C:\Program Files\Octoshape Streaming Services\Eveline Goethals\OctoshapeClient.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Eveline Goethals\Mijn documenten\Downloads\HijackThis.exe C:\Program Files\Java\jre6\bin\jqs.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.destandaard.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Eveline Goethals\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 11289 bytes malwarebytes: ik had eerder al eens gescand maar die log ben ik kwijt (kan ik wrs nog wel terug vinden maar is niet per se nodig denkik) en dus heb ik nogmaals gescand... er zijn nog infecties gevonden ookal had hij vorige keer zogezegd alles verwijderd.... Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Databaseversie: 6961 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 27/06/2011 19:38:53 mbam-log-2011-06-27 (19-38-53).txt Scantype: Snelle scan Objecten gescand: 163537 Verstreken tijd: 15 minuut/minuten, 5 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 3 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\sdm32.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. c:\ssf32.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. c:\syc32.exe (Spyware.BlackShadesNET) -> Quarantined and deleted successfully. ik had ook combofix al uitgevoerd ondertussen: ComboFix 11-06-26.03 - Eveline Goethals 27/06/2011 17:38:09.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.32.1043.18.502.197 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eveline Goethals\Mijn documenten\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Eveline Goethals\Application Data\10.tmp c:\documents and settings\Eveline Goethals\Application Data\15.tmp c:\documents and settings\Eveline Goethals\Application Data\16.tmp c:\documents and settings\Eveline Goethals\Application Data\18.tmp c:\documents and settings\Eveline Goethals\Application Data\1C.tmp c:\documents and settings\Eveline Goethals\Application Data\1F.tmp c:\documents and settings\Eveline Goethals\Application Data\20.tmp c:\documents and settings\Eveline Goethals\Application Data\22.tmp c:\documents and settings\Eveline Goethals\Application Data\24.tmp c:\documents and settings\Eveline Goethals\Application Data\25.tmp c:\documents and settings\Eveline Goethals\Application Data\28.tmp c:\documents and settings\Eveline Goethals\Application Data\29.tmp c:\documents and settings\Eveline Goethals\Application Data\D.tmp c:\documents and settings\Eveline Goethals\Application Data\E.tmp c:\documents and settings\Eveline Goethals\Application Data\Ejhyhc.exe c:\documents and settings\Eveline Goethals\Application Data\F.tmp c:\documents and settings\Eveline Goethals\Local Settings\Application Data\024187.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\024437.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\024453.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\024484.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\024500.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\024515.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\048359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\055390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\055671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\055875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\056671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\058484.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\058546.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\058562.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1012453.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\104693.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1056312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1056484.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\11031.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\110640.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\110671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\110687.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1112546.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1119468.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1119671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1119687.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1119953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1146125.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1146140.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1146171.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\114678.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\114693.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1236187.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1246109.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1246140.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1246156.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1246187.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\124678.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1338171.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1358984.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\135915.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1437671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1437703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\153278.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\155437.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\155453.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\155484.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\155500.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\155531.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\15615.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\159500.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1632140.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1639125.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1639703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1721578.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1732546.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1738625.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1738703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1821593.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\183293.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843234.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843437.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843453.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843468.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843484.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843765.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843796.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843843.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1843921.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1910312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1910390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1921562.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1940734.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\1940796.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\197625.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2011109.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2019906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2021703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2040984.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\204146.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\207250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\207265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\207281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\207312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\207328.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2120125.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2142890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\217250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\217265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\217281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\217390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2215750.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2215828.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2220171.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2221859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2241390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2242875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\227250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\227359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\227390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\227406.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\227421.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2317140.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2341484.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2342875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2342953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\237250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\237359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\237375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\237406.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\237421.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2417140.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2420171.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2420218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2442875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2442953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\247250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\247359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\247375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\247390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2520234.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\252262.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2536156.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2542875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2542953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\255562.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\256796.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\257250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\257359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\257375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\257390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2636234.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2642890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2642953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\267250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\267265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\267281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\267296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\271993.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2720531.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2736171.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2742890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2746.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\277250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\277265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\277281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2819453.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2820312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2822234.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\283393.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\287250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\287265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\287281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2921187.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2933437.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\2933453.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\297250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\297265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\297281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3019437.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3020531.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\307250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\307265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\307281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3121671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3122593.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3133515.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\317250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\317265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\317281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3233468.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\327250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\327265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\327281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\327296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3320312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\332218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\337250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\337265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\337281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\337296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3421828.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3433656.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\347250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\347265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\347281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3533968.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\356437.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\356890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\357250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\357265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\357281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3620859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\367250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\367265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\367281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3722156.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\377250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\377343.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\377375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\377390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\377406.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3848875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\387250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\387265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\387281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3920859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3948109.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3948812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3949421.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3949468.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3949515.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3950609.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3951593.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\3952703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\397250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\397359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\397375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\397390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4022281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4048859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4048875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4048906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4048921.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4048953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\407250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\407265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\407281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\412921.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\413484.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\413703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\413718.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4148859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4148875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4148890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4148906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4148937.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\417250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\417265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\417281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4220890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4248859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4248875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4248890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4248906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4248921.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\427250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\427265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\427281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\432515.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\43315.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\433421.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\433828.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\43415.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4348859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4348875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4348890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4348906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4348921.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4359718.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\437250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\437343.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\437359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\437375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4448859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4448875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4448890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4448937.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4448953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\447140.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\447250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\447265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\447281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\450312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4511687.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\454359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4548859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4548875.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4548890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4548921.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4548937.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\456109.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\456531.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\456906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\45693.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\457250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\457265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\457281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\457562.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\457812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\458562.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4645703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\467250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\467265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\467281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\46746.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4745796.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\47460.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\477250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\477265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\477281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\47746.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4846234.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4852953.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\487250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\487265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\487281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\487296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4937812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4939312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4939609.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4940156.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4940203.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\494478.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4944812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\4944984.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\49450.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\49493.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\497250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\497343.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\497359.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\497375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\497500.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5011703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5011906.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5011968.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\501246.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5037812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5037828.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5037859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5037890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5037921.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\504265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\504281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5046171.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5046390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\50478.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5062.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\507250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\507265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\507281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5110156.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5133328.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5144203.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5144500.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5144515.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5144531.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\514593.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5146390.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\514671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\515265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\519656.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\519843.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5211625.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5212140.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\521278.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5233609.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5239843.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5240500.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5240531.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5240765.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5241125.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\524131.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\527937.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5312812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\532203.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\532218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\532250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\532265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\532312.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5333281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5333296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5333328.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5333343.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5333375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5346515.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5346671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\535265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5433281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5433296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5433328.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5433343.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5433375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5446890.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\545640.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5456734.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5513375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5557234.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\555765.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\558578.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5627703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5646812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5647765.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5647812.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\565718.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5657375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\572862.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\574546.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5748828.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5827703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\584531.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5848296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5859125.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\588703.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\594671.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5948406.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5955218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\5956687.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\595796.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\614859.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\632203.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\632218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\632250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\632265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\632281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\6570.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\732203.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\732218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\732250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\732265.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\732281.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\752968.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\75715.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\80515.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\811656.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\832203.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\832218.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\832375.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\832406.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\832421.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\853984.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\8540.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\855781.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\912453.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\932203.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\932234.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\932250.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\932296.exe c:\documents and settings\Eveline Goethals\Local Settings\Application Data\932328.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-27 to 2011-06-27 )))))))))))))))))))))))))))))) . . 2011-06-27 15:47 . 2011-06-27 15:47 -------- d--h--r- c:\documents and settings\Eveline Goethals\Onlangs geopend 2011-06-27 15:13 . 2011-06-27 15:13 -------- d-----w- c:\program files\CCleaner 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll 2011-06-27 14:53 . 2011-06-27 14:53 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll 2011-06-27 13:48 . 2011-06-27 13:48 -------- d-----w- c:\documents and settings\Eveline Goethals\Application Data\Malwarebytes 2011-06-27 13:47 . 2011-06-27 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-06-27 13:09 . 2011-06-16 04:49 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-06-27 13:09 . 2011-06-16 04:49 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-06-27 13:09 . 2011-06-16 04:49 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-06-27 13:09 . 2011-06-16 04:49 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll 2011-06-27 13:09 . 2011-06-16 04:49 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-06-27 13:09 . 2011-06-16 04:49 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-06-27 13:09 . 2011-06-16 04:49 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe 2011-06-27 13:09 . 2011-06-16 04:49 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-06-27 13:09 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-27 13:09 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-22 18:49 . 2011-06-22 18:49 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-22 18:24 . 2011-06-23 18:12 164352 ----a-w- C:\syc32.exe 2011-06-20 05:24 . 2011-06-20 05:24 340 ----a-w- c:\documents and settings\Eveline Goethals\Application Data\21.tmp 2011-06-20 05:22 . 2011-06-20 05:22 152064 ----a-w- C:\ssf32.exe 2011-06-19 07:52 . 2011-06-19 07:52 151552 ----a-w- C:\sdm32.exe 2011-06-13 17:34 . 2011-06-13 17:34 893 ----a-w- c:\documents and settings\Eveline Goethals\Application Data\17.tmp 2011-06-09 13:58 . 2011-06-09 13:58 -------- d-----w- c:\documents and settings\Eveline Goethals\Local Settings\Application Data\PCHealth 2011-06-07 03:44 . 2011-06-07 03:44 -------- d-----w- c:\program files\MSBuild 2011-06-07 03:44 . 2011-06-07 03:44 -------- d-----w- c:\program files\Reference Assemblies 2011-06-07 03:42 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2011-06-07 03:39 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2011-06-07 03:39 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2011-06-07 03:39 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2011-06-07 03:39 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2011-06-07 03:39 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2011-06-07 03:15 . 2011-06-07 03:15 -------- d-----w- c:\program files\MSXML 6.0 2011-06-07 03:10 . 2011-06-07 03:10 -------- d-----r- c:\documents and settings\LocalService\Favorieten 2011-06-06 20:24 . 2011-06-06 20:24 -------- d-----w- c:\documents and settings\Eveline Goethals\Application Data\Avira 2011-06-06 19:50 . 2011-06-06 19:50 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2011-06-06 06:27 . 2010-05-06 10:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-06-06 06:26 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-06-06 05:20 . 2011-06-06 16:12 -------- d-----w- C:\tvd 2011-06-05 21:53 . 2011-04-01 15:07 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-06-05 21:53 . 2011-04-01 15:07 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-06-05 21:53 . 2010-06-17 13:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2011-06-05 21:53 . 2010-06-17 13:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2011-06-05 21:53 . 2011-06-05 21:53 -------- d-----w- c:\program files\Avira 2011-06-05 21:53 . 2011-06-05 21:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-06 19:22 . 2011-04-06 19:22 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-06-16 04:49 . 2011-06-27 13:09 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608] "Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400] "MtdAcq"="c:\program files\Creative\Shared Files\Media Sniffer\MtdAcq.exe" [2005-09-14 229466] "Octoshape Streaming Services"="c:\program files\Octoshape Streaming Services\Eveline Goethals\OctoshapeClient.exe" [2006-02-13 214648] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "SMSERIAL"="sm56hlpr.exe" [2005-09-16 557056] "RTHDCPL"="RTHDCPL.EXE" [2006-07-06 16251904] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-07-17 65536] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-07-10 86016] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-07-14 798810] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-25 185896] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-07-25 1397760] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304] "Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-04-10 15360] . c:\documents and settings\Eveline Goethals\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2007-3-19 114688] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\fxsclnt.exe"= "c:\\Program Files\\NetMeeting\\Conf.exe"= "c:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"= "c:\\Program Files\\InterVideo\\MediaOne Gallery\\mediaone.exe"= "c:\\Program Files\\Octoshape Streaming Services\\Eveline Goethals\\OctoshapeClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Zattoo\\zattood.exe"= "c:\\Program Files\\Zattoo\\Zattoo2.exe"= "c:\\Program Files\\Zattoo\\Zattoo.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Documents and Settings\\Eveline Goethals\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [6/04/2011 21:22 218688] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/06/2011 23:53 136360] S1 mailKmd;mailKmd; [x] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/02/2010 8:23 135664] S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [22/08/2007 19:07 223232] S3 hitmanpro2;Hitman Pro 2 Driver;c:\program files\Hitman Pro\hitmanpro2.sys [24/01/2007 16:04 10336] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 06:23] . 2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 06:23] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.destandaard.be/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html TCP: DhcpNameServer = 193.74.208.65 194.119.228.67 FF - ProfilePath - c:\documents and settings\Eveline Goethals\Application Data\Mozilla\Firefox\Profiles\zfg91kos.default\ . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-Ejhyhc - c:\documents and settings\Eveline Goethals\Application Data\Ejhyhc.exe HKLM-Run-name_me - c:\documents and settings\Eveline Goethals\Application Data\1C.tmp HKLM-Run-aexi - c:\documents and settings\Eveline Goethals\Application Data\22.tmp AddRemove-HijackThis - g:\harde schijf\HijackThis.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-06-27 18:18 Windows 5.1.2600 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run name_me = c:\documents and settings\Eveline Goethals\Application Data\1C.tmp??|?#? ??????????|????@?????????????)?????@?#?????"??|??????????????????#?????\?#?x?)?????x?)?P??????|???|?Q'?x?)???????)????????|Lo)?x?)?|?#????????|p?)?H?#?A??|??)?]??|x?)?????A???x???????h;? aexi = c:\documents and settings\Eveline Goethals\Application Data\22.tmp??|?#? ??????????|????@?????????????)?????@?#?????"??|??????????????????#?????\?#?x?)?????x?)?P??????|???|?Q'?x?)???????)????????|Lo)?x?)?|?#????????|p?)?H?#?A??|??)?]??|x?)?????A???x???????h;? . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2212) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Ahead\InCD\InCDsrv.exe c:\windows\sm56hlpr.exe c:\windows\RTHDCPL.EXE c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Logitech\Video\FxSvr2.exe c:\windows\system32\CTsvcCDA.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\Tablet.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\ehome\mcrdsvc.exe c:\program files\Windows Media Player\WMPNetwk.exe c:\windows\system32\wscntfy.exe c:\windows\eHome\ehmsas.exe c:\windows\system32\dllhost.exe . ************************************************************************** . Voltooingstijd: 2011-06-27 18:24:27 - machine werd herstart ComboFix-quarantined-files.txt 2011-06-27 16:24 . Pre-Run: 1.467.793.408 bytes beschikbaar Post-Run: 3.635.056.640 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect . - - End Of File - - DE93844A3CF353F858D1F0DC378BB261

hallo, hierbij een hijackthislogje van een computer van iemand die altijd van "kotnet" verwijderd word omdat haar computer niet veilig zou zijn. Ik heb al gezien dan inderdaad veel programma outdated zijn en ze geupdate, maar er is toch nog iets mis met het internet ook. Bij deze dus een hijackthis-log, even checken zou handig zijn. Combofix heb ik al geprobeerd maar die zei iets van versie is verlopen ofzo misschien later nog eens proberen... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:08:32, on 27/06/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\sm56hlpr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\jodrive32.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\Windows Media Player\WMPNetwk.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Octoshape Streaming Services\Eveline Goethals\OctoshapeClient.exe C:\WINDOWS\system32\rundll32.exe G:\Harde Schijf\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.destandaard.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\EVELIN~1\LOCALS~1\Temp\138.exe -init O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Microsoft Config Setup] C:\WINDOWS\jodrive32.exe O4 - HKLM\..\Run: [name_me] C:\Documents and Settings\Eveline Goethals\Application Data\1C.tmp O4 - HKLM\..\Run: [oo] C:\WINDOWS\xsdll.exe O4 - HKLM\..\Run: [aexi] C:\Documents and Settings\Eveline Goethals\Application Data\22.tmp O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Eveline Goethals\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [wuaucldt] c:\documents and settings\eveline goethals\wuaucldt.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Ejhyhc] C:\Documents and Settings\Eveline Goethals\Application Data\Ejhyhc.exe O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O24 - Desktop Component 0: (no name) - http://by109fd.bay109.hotmail.msn.com/cgi-bin/saferd/2007%2d2%2ejpg?_lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e19%2e250%2fcgi%2dbin%2fgetmsg%2f2007%252d2%252ejpg&hm___qs=%26msg%3dE95811AB%2dD7F5%2d437E%2dA729%2d060D14D05B2E%26start%3d0%26len%3d821785%26mimepart%3d3%26curmbox%3d00000000%2d0000%2d0000%2d0000%2d000000000001%26b%3d65462892873ff4fa7b6a0634a2718e80%26disk%3d10%2e1%2e106%2e207_d534%26login%3develine_goethals%26domain%3dhotmail%252ecom%26_lang%3dEN%26country%3dBE&hm___cacheh=1&file=2007%2d2%2ejpg&domain=hotmail.com -- End of file - 12995 bytes

heb combofix niet meer moeten uitvoeren, na uitschakelen AVG, herstart van mijn PC en aanpassen van keyword.url veranderd deze niet meer thx voor de hulp

gewoon uitschakelen lijkt niet te helpen... nog steeds wilt combofix niets doen nadat ik resident shield en alle andere mogelijke onderdelen van AVG heb uitgeschakeld... ik heb AVG internet security 2011. verder heb ik ergens gelezen dat net AVG het probleem zou kunnen zijn en dat AVG geen veranderingen in de configuratie van FF toelaat. Ik heb online shield en linkscanner uitgeschakeld maar nog steeds kan ik keyword.url niet veranderd (het veranderd steeds terug...)

Na restart wel, heb nu nog eens keyword.url aangepast in about:config en hoop dat het nu blijft... EDIT: snel even firefox herstart en keyword.url is weer veranderd in fileserve search

sorry dat het zo lang duurde maar hier zien de logjes:

hallo, laatste 2 dagen is mijn muis twee keer verdwenen en dan begint de computer ook hard te draaien ook al is er niets bezig. Het enige dat ik dan kan doen is de computer met de knop lang in te drukken uit zetten... daarom zou ik het appreciëren als iemand dit logje zou willen checken Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 12:57:27, on 2/06/2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Users\Marianne\Downloads\mbam-setup-1.51.0.1200.exe C:\Users\Marianne\AppData\Local\Temp\is-GO4I3.tmp\mbam-setup-1.51.0.1200.tmp C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox 4.0 Beta 12\firefox.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Download de Link met Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Marianne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marianne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C1B87CF8-D93B-4FA2-BE61-1CD9823A3E2C}: NameServer = 193.74.208.65,194.119.228.67 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 8187 bytes na snelle MBAM scan :

hallo, ik heb een aantal problemen met mijn computer. Ten eerste veranderd de Firefox adres-bar search automatisch naar een of andere vervelende fileserve search (heb ooit zo een programma daarvan geinstalleerd ). Ik kan dit veranderen in about:config en dan keyword.url veranderen, het werkt dan tot ik firefox restart is het terug die fileserve search http://fileservehome.com/?prt=mp3tubetb02ff&Keywords= verder zou ik graag van alle nutteloze programma's die mee opstarten met de computer af geraken. Ik heb al in CMD=>msconfig bij opstarten alle programma's uitgeschakeld (behalve CAD en MSN die mogen blijven), maar nu zag ik ook bij services veel dingen staan en zag ik dat nog steeds een aantal processen opstarten die niet moeten (bv cursorfx, rocketdock en hamachi processen). Is het veilig om een aantal services uit te schakelen? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:48:57, on 2/05/2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\CD Art Display\CAD.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\conhost.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files\Mozilla Firefox 4.0\firefox.exe C:\Users\Wietse\Downloads\hijackthis.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Mozilla Firefox 4.0\plugin-container.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O1 - Hosts: ::1 localhost O1 - Hosts: 84.22.98.3 www.tvshack.cc O1 - Hosts: 84.22.98.3 tvshack.cc O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CD Art Display.lnk = C:\Program Files\CD Art Display\CAD.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Wietse\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wietse\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll O9 - Extra 'Tools' menuitem: iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.16.0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{86CDAA2D-62FC-4112-A559-213B0EA1F566}: NameServer = 193.74.208.65,194.119.228.67 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe -- End of file - 9917 bytes

ja, maar dan kan ik niet alleen de ratio veranderen, dan converteert hij het hele bestand, met wrs dus ook kwaliteits- en zeker tijdsverlies

hallo, ik zit met een mkv file met een foute aspect ratio. Ik zou hem graag willen veranderen naar 16:9, maar dan niet in mijn media player, maar met een of ander programma, zodat het bij iedereen de juiste ratio heeft. voor AVI files is MPEG4 Modifier 1.4.4 goed, maar dus niet voor MKV files. Ik wil dus de ratio veranderen zonder te reencoden of converten, en zonder kwaliteitsverlies. bedankt, Wietse

ja, verborgen mappen weergeven staat aan, maar ik kan noch met zoeken noch in tussen alle bestanden in de temp map de bepaald "geinfecteerde" bestanden vinden... Als ik de map temp scan blijft AVG echter zeggen dat tbmain.exe geinfecteerd is... :S

bvb c:\user\.....\appdata\temp\tbmain.exe ik heb dit bestand dan gezocht, maar kon het niet vinden... oftewel heeft AVG het al verwijderd (zou normaal niet mogen dachtik) oftewel ziet hij dingen die er niet zijn...

Malwarebytes' Anti-Malware 1.45 [url="http://www.malwarebytes.org/"]Malwarebytes[/url] Databaseversie: 3930 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 26/09/2010 11:31:22 mbam-log-2010-09-26 (11-31-22).txt Scantype: Snelle scan Objecten gescand: 109526 Verstreken tijd: 8 minuut/minuten, 49 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:34:19, on 26/09/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Stardock\CursorFX\CursorFX.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\SlySoft\CloneCD\CloneCD.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Internet Download Manager\IDMan.exe D:\Users\Wietse\Downloads\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://igoogle.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: iTunes.lnk = C:\Program Files\iTunes\iTunes.exe O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wietse\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll O9 - Extra 'Tools' menuitem: iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 7559 bytes tijdens het scannen geeft AVG wel meerdere waarschuwingen dat er bepaalde bestanden gevaarlijk zijn, maar mbam geeft deze niet aan. AVG zit waarschijnlijk fout, aangezien hij wel meerdere bestanden onterecht als malware herkent.... (= zeer irritant )

hallo, ik zou graag een analyse van deze hijackthis-log hebben. Ik heb het gevoel dat er nogal veel processen opstarten bij het opstarten van windows (taakbeheer => processen), en zou willen weten welke er onnodig zijn... Degene die voor mij moeten opstarten zijn: -itunes -rocketdock -fences (stardock fences) -AVG -MSN -Cursorfx Ik heb bij msconfig=>opstarten al vele programma's ge-uncheckt zodat ze niet zouden mogen mee opstarten, maar nog steeds zijn er zeer veel processen aan het draaien wanneer ik nog niets zelf heb opgestart, en vele hiervan heten "svchost.exe (hostproces voor windows)" hier is niks mis mee, maar er draaien wel tegelijk 10 of meer van deze processen, terwijl dit op mijn andere pc niet het geval is... Verder zou ik graag ook weten of er iets van spyware/virussen opstaat, aangezien ik een tijdje gelede 2 keer een BSOD (blue screen of death) heb gehad ik denk niet dat er iets kwaadaardigs op staat, maar je kan het maar beter zeker weten.... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:21:20, on 25/09/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Stardock\CursorFX\CursorFX.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe D:\Users\Wietse\Downloads\hijackthis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://igoogle.be/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: iTunes.lnk = C:\Program Files\iTunes\iTunes.exe O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wietse\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll O9 - Extra 'Tools' menuitem: iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 8443 bytes

nogmaals bedankt! ik heb net alles gedaan, en we zitten nu met drie pc op het internet, hoop dat het nu nog blijft! allesinds bedankt!

dit alles van delen was al ingesteld op beide win-7 computers. De andere verbinding die niet gebruikt werden stonden ook uitgeschakeld. Ik heb ook de rest gedaan. deze twee computers kunnen nu samen op internet zonder problemen. De problemen zitten dus wel degelijk bij de laatste windows XP computer. Ik heb daar ook al vanalles geprobeert, maar toch blijft het internet uitvallen om de zoveel tijd. suggesties voor de correcte instellingen? bedankt voor je antwoorden!

dank voor je hulp, maar dit is momenteel het geval. Ik heb het ook al allemaal een statisch ip adres gegeven, een deel wel en een deel niet, maar nog steeds werkt het internet niet naar behoren het zou ook door iets anders kunnen komen, maar dit betwijfel ik, aangezien ik af en toe een ipadres-conflict krijg... als er iets anders zou kunnen zijn dat het verbinden met internet met meer dan 1/2 computers zou kunnen verhinderen, is elk antwoord ook zeer geapprecieerd. wietse

hallo, ik zit met een probleem. Ik heb een linksys WAG160N router aangesloten op een windows 7 desktop, 1 laptop die draadloos verbonden is (windows 7), en nog 1 desktop met zo'n usb stick voor draadloos internet (XP). Het probleem is er gekomen sinds de XP desktop erbij is gekomen. Sinds we met drie zijn, werkt het internet vaak niet. Soms volstaat reconnecten, maar meestal moet je de stekker van de router uittrekken. Via een melding van windows ben ik al te weten gekomen dat dit door een ipconflict veroorzaakt wordt. Ik heb al veel geprobeert: - elke pc een statisch ip gegeven (via cmd ipconfig /all en dan instellen), maar dit hielp niet. Het waren nochtans allemaal verschillende ipadressen. - mac adres in de router instellingen veranderd naar lan Mac adres maar 4 laatste cijfers veranderd (had ik ergens gelezen), niets geholpen - in cmd, "ipconfig /renew" en "ipconfig /release" op duizenden manieren geprobeerd, geen succes Pas als ik de twee andere pc van het internet loskoppel, en de router herstart door de stekker uit te trekken, werkt het terug op mijn laptop dit is zéér vervelend, en zou dus echt moeten veranderen, het heeft geen zin dat we een (veel te dure) router gekocht hebben als we toch met maximum 1-2 computers op het internet kunnen elke hulp is zeer geapprecieerd! Wietse

hallo, ik zou graag deze site blokkeren, zodat hij niet meer openspringt wanneer ik ergens op klik. Deze komt namelijk voor op een site die ik veel gebruik en is zeer irritant: http://download-vuze.com/?ref=qss hij komt voor op deze website: http://quicksilverscreen.com/add_video.php Ik heb al veel geprobeerd met adblock plus, maar ik slaag er alleen in onderdelen van de site te blokkeren, dus niet de popup zelf Ik kan ook met ProCon de site blokkeren, maar dan opent hij nog steeds:rofl: Als er iemand mij kan zeggen wat ik in adblock plus moet toevoegen en eender welke methode, vertel het mij aub! WB

ok, heb systeemherstel uitgevoerd via veilige modus, en dit werkte wel... alle problemen zijn nu weg na was reinstalls... bedankt voor je hulp!

een dagje later zijn er meer problemen gekomen eerst gaf framework een foutmelding: Er is een onverwerkte uitzondering opgetreden in een onderdeel in de toepassing. Als u op Doorgaan klikt, wordt deze fout genegeerd en gaat de toepassing verder. ... Er is geprobeerd toegang te verkrijgen tot een socket op een volgens toegangsmachtigingen niet toegestane manier [cijfers IP adres, dacht dat het beter was mss niet openbaar te geven] als ik op details klik: Zie het einde van dit bericht voor meer informatie over het aanroepen van JIT-foutopsporing (Just In Time) in plaats van dit dialoogvenster. ************** Tekst van uitzondering ************** System.Net.Sockets.SocketException: Er is geprobeerd toegang te verkrijgen tot een socket op een volgens de toegangsmachtigingen niet toegestane manier 174.140.154.19:80 bij System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) bij System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP) bij System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) ************** Geladen assembly's ************** mscorlib Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll ---------------------------------------- Megavideo stat logger Assembly-versie: 1.0.0.0 Win32-versie: 1.0.0.0 CodeBase: file:///D:/Users/Wietse/Downloads/MV%20Stat%20logger/MV%20Stat%20logger/Megavideo%20stat%20logger.exe ---------------------------------------- System.Windows.Forms Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll ---------------------------------------- System Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll ---------------------------------------- System.Drawing Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll ---------------------------------------- System.Configuration Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll ---------------------------------------- System.Xml Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll ---------------------------------------- System.resources Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.resources/2.0.0.0_nl_b77a5c561934e089/System.resources.dll ---------------------------------------- mscorlib.resources Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll ---------------------------------------- System.Windows.Forms.resources Assembly-versie: 2.0.0.0 Win32-versie: 2.0.50727.4927 (NetFXspW7.050727-4900) CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms.resources/2.0.0.0_nl_b77a5c561934e089/System.Windows.Forms.resources.dll ---------------------------------------- ************** JIT-foutopsporing ************** Als u JIT-foutopsporing wilt inschakelen, moet in het configuratiebestand voor deze toepassing of computer (machine.config) de waarde jitDebugging in het gedeelte system.windows.forms zijn ingesteld. De toepassing moet ook zijn gecompileerd terwijl foutopsporing was ingeschakeld. Bijvoorbeeld: <configuration> <system.windows.forms jitDebugging="true" /> </configuration> Wanneer JIT-foutopsporing is ingeschakeld, worden onverwerkte uitzonderingen naar het JIT-foutopsporingsprogramma gestuurd dat op de computer is geregistreerd en worden niet door dit dialoogvenster verwerkt. al mijn programmas die met microsoft framework werken werken nu niet meer... reinstal van framework heb ik al geprobeert, maar dat helpt niets... extra vraagje dus: hoe kan ik ervoor zorgen dat alles terug normaal werkt met framework??? daarna kwamen er nog meer problemen: systeemherstel lukt niet meer (doet alles goed, op het einde start hij gwn op met melding dat het mislukt is...) firewall staat standaard uit als ik opnieuw opstart als ik firefox opstart vraagt hij elke keer opnieuw "als standaarbrowser instellen? ...", heb handmatig moeten instellen in standaarprogrammas voor hij stopte met vragen... ComboFix 09-11-30.05 - Wietse 01/12/2009 16:37:57.1.2 - x86 NETWORK Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.3069.2438 [GMT 1:00] Gestart vanuit: C:\Users\Wietse\Desktop\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\$RECYCLE.BIN\S-1-5-21-435334616-315076922-1310901493-1000 C:\Program Files\WinPCap C:\Program Files\WinPCap\install.log C:\Program Files\WinPCap\rpcapd.exe C:\Program Files\WinPCap\Uninstall.exe C:\Windows\system32\drivers\npf.sys C:\Windows\system32\Packet.dll C:\Windows\system32\pthreadVC.dll C:\Windows\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Service_NPF (((((((((((((((((((( Bestanden Gemaakt van 2009-11-01 to 2009-12-01 )))))))))))))))))))))))))))))) . 2009-12-01 16:54:22 . 2009-12-01 17:05:16 4096 d-----w- C:\Users\Wietse\AppData\Local\temp 2009-12-01 16:54:22 . 2009-12-01 16:54:22 0 d-----w- C:\Users\Default\AppData\Local\temp 2009-12-01 15:07:42 . 2009-12-01 15:07:42 0 d--h--w- C:\Windows\PIF 2009-12-01 14:20:36 . 2009-12-01 15:14:41 0 d-----w- C:\Windows\system32\URTTEMP 2009-12-01 14:18:05 . 2009-12-01 15:14:53 0 d-----w- C:\Program Files\Reference Assemblies 2009-12-01 14:17:59 . 2009-12-01 15:14:40 0 d-----w- C:\Windows\system32\XPSViewer 2009-12-01 13:35:03 . 2009-12-01 15:14:42 0 d-----w- C:\Windows\system32\BestPractices 2009-12-01 13:35:03 . 2009-12-01 13:35:03 0 d-----w- C:\inetpub 2009-11-30 20:42:35 . 2009-11-30 20:42:35 0 d-----w- C:\ProgramData\CheckPoint 2009-11-30 20:42:21 . 2009-12-01 17:04:26 4096 d-----w- C:\Windows\Internet Logs 2009-11-30 16:29:33 . 2009-12-01 15:00:40 4096 d-----w- C:\Program Files\Samurize 2009-11-29 19:29:45 . 2009-11-29 19:29:45 495104 ----a-w- C:\Windows\system32\sqlite3.dll 2009-11-28 17:17:16 . 2009-12-01 15:14:52 4096 d-----w- C:\Users\Wietse\AppData\Local\WindowsFormsApplication1 2009-11-26 17:50:20 . 2009-10-29 07:22:37 2048 ----a-w- C:\Windows\system32\tzres.dll 2009-11-18 16:48:02 . 2009-11-18 16:48:02 138240 ----a-w- C:\Users\Wietse\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll 2009-11-18 16:48:02 . 2009-11-18 16:48:02 138240 ----a-w- C:\Users\Wietse\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll 2009-11-18 16:48:02 . 2009-11-18 16:48:02 138240 ----a-w- C:\Users\Wietse\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll 2009-11-18 16:48:02 . 2009-11-18 16:48:02 138240 ----a-w- C:\Users\Wietse\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll 2009-11-18 16:48:02 . 2009-11-18 16:48:02 0 d-----w- C:\Users\Wietse\AppData\Roaming\SystemRequirementsLab 2009-11-12 20:03:42 . 2009-11-12 20:03:42 0 d-----w- C:\Windows\Sun 2009-11-11 12:32:21 . 2009-12-01 16:05:35 0 d-----w- C:\ProgramData\FLEXnet 2009-11-11 12:28:39 . 2009-11-11 12:28:39 4096 d-----w- C:\Program Files\Adobe Media Player 2009-11-11 12:26:59 . 2009-11-11 12:26:59 0 d-----w- C:\Program Files\Common Files\Adobe AIR 2009-11-11 12:26:30 . 2009-11-26 22:47:05 4096 d-----w- C:\Users\Wietse\AppData\Local\Adobe 2009-11-11 12:24:10 . 2009-11-11 12:24:10 0 d-----w- C:\Program Files\Common Files\Macrovision Shared 2009-11-11 12:19:40 . 2009-11-11 12:29:23 8192 d-----w- C:\Program Files\Common Files\Adobe 2009-11-10 22:33:37 . 2009-11-11 09:35:08 4096 d-----w- C:\Program Files\Microsoft Silverlight 2009-11-08 12:17:37 . 2006-11-29 12:06:18 3426072 ----a-w- C:\Windows\system32\d3dx9_32.dll 2009-11-08 12:17:16 . 2009-11-08 12:17:16 0 d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2009-11-01 17:24:38 . 2009-11-01 17:24:38 0 d-----w- C:\Users\Default\AppData\Local\Microsoft Help . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-01 17:04:02 . 2009-10-26 20:10:38 768726 ----a-w- C:\Windows\system32\perfh013.dat 2009-12-01 17:04:02 . 2009-10-26 20:10:38 160598 ----a-w- C:\Windows\system32\perfc013.dat 2009-12-01 16:00:44 . 2009-10-26 20:11:37 4096 d-----w- C:\Program Files\Bonjour 2009-12-01 15:18:23 . 2009-12-01 15:20:10 2908160 ----a-w- C:\Windows\Internet Logs\xDBD23F.tmp 2009-12-01 15:14:57 . 2009-10-27 17:18:43 4096 d-----w- C:\Program Files\CD Art Display 2009-12-01 15:14:55 . 2009-10-26 20:12:02 4096 d-----w- C:\Program Files\iTunes 2009-12-01 15:14:55 . 2009-07-14 04:52:30 0 d-----w- C:\Program Files\MSBuild 2009-12-01 14:35:29 . 2009-11-30 20:43:58 0 d-----w- C:\Users\Wietse\AppData\Roaming\CheckPoint 2009-11-30 20:44:16 . 2009-11-30 20:43:10 417745 ---ha-w- C:\Windows\system32\drivers\vsconfig.xml 2009-11-30 20:43:51 . 2009-11-30 20:43:51 0 d-----w- C:\Program Files\CheckPoint 2009-11-18 16:48:04 . 2009-10-26 20:36:43 4096 d-----w- C:\Program Files\SystemRequirementsLab 2009-11-14 19:51:06 . 2009-11-14 19:51:06 0 ---ha-w- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2009-11-14 13:47:48 . 2009-10-26 20:15:02 108824 ----a-w- C:\Users\Wietse\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-14 13:16:08 . 2009-10-28 17:33:06 12288 d-----w- C:\ProgramData\Microsoft Help 2009-11-14 13:14:39 . 2009-10-28 17:35:48 4096 d-----w- C:\Program Files\Microsoft Works 2009-11-11 09:35:48 . 2009-10-26 20:52:28 0 d-----w- C:\ProgramData\NVIDIA 2009-11-10 22:33:16 . 2009-10-26 21:33:05 4096 d-----w- C:\Program Files\Microsoft 2009-11-08 12:17:57 . 2009-10-26 21:32:21 4096 d-----w- C:\Program Files\Windows Live 2009-10-31 16:29:59 . 2009-10-31 16:29:59 4096 d-----w- C:\Program Files\Multiupload Batch Uploader 2009-10-31 12:12:14 . 2009-10-28 15:52:54 0 d-----w- C:\Program Files\Java 2009-10-31 12:11:57 . 2009-10-31 12:10:48 4096 d-----w- C:\Program Files\TubeMaster++ 2009-10-31 11:38:48 . 2009-10-31 11:38:48 0 d-----w- C:\Program Files\iPod 2009-10-31 11:38:48 . 2009-10-26 20:11:22 0 d-----w- C:\ProgramData\Apple Computer 2009-10-31 11:38:48 . 2009-10-26 20:09:50 4096 d-----w- C:\Program Files\Common Files\Apple 2009-10-31 11:34:36 . 2009-10-31 11:34:36 79144 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-10-30 16:23:19 . 2009-10-30 16:21:12 0 d-----w- C:\Users\Wietse\AppData\Roaming\Sony 2009-10-30 16:21:57 . 2009-10-30 16:21:57 0 d-----w- C:\ProgramData\Sony 2009-10-30 16:21:46 . 2009-10-30 16:21:46 0 d-----w- C:\Users\Wietse\AppData\Roaming\Publish Providers 2009-10-30 16:21:46 . 2009-10-30 16:21:46 0 d-----w- C:\Program Files\VSTplugins 2009-10-30 13:10:22 . 2009-10-30 13:10:20 4096 d-----w- C:\Program Files\Real Alternative 2009-10-29 21:22:49 . 2009-10-29 21:22:38 4096 d-----w- C:\Program Files\K-Lite Codec Pack 2009-10-29 21:17:52 . 2009-10-29 21:17:50 0 d-----w- C:\Users\Wietse\AppData\Roaming\Media Player Classic 2009-10-28 20:05:16 . 2009-10-28 20:03:57 0 d-----w- C:\Users\Wietse\AppData\Roaming\BSplayer 2009-10-28 20:02:35 . 2009-10-28 20:02:35 0 d-----w- C:\Users\Wietse\AppData\Roaming\Megaupload 2009-10-28 20:02:10 . 2009-10-28 20:02:10 0 d-----w- C:\Program Files\Megaupload 2009-10-28 20:02:09 . 2009-10-28 20:02:09 0 d--h--w- C:\Program Files\InstallShield Installation Information 2009-10-28 19:59:58 . 2009-10-28 19:59:58 0 d-----w- C:\Users\Wietse\AppData\Roaming\InstallShield 2009-10-28 17:35:06 . 2009-10-28 17:35:06 0 d-----w- C:\Program Files\Microsoft.NET 2009-10-28 17:33:39 . 2009-10-28 17:33:38 0 d-----w- C:\Program Files\Microsoft Visual Studio 8 2009-10-28 15:52:56 . 2009-10-28 15:53:04 411368 ----a-w- C:\Windows\system32\deploytk.dll 2009-10-27 17:33:34 . 2009-10-27 17:33:30 4096 d-----w- C:\Program Files\RocketDock 2009-10-27 17:18:45 . 2009-10-27 17:18:45 4096 d-----w- C:\Users\Wietse\AppData\Roaming\CD Art Display 2009-10-26 21:58:35 . 2009-10-26 21:58:35 0 d-----w- C:\Users\Wietse\AppData\Roaming\AVG9 2009-10-26 21:50:10 . 2009-10-26 20:26:23 4096 d-----w- C:\Users\Wietse\AppData\Roaming\uTorrent 2009-10-26 21:46:48 . 2009-10-26 21:46:48 12464 ----a-w- C:\Windows\system32\avgrsstx.dll 2009-10-26 21:46:41 . 2009-10-26 21:46:41 333192 ----a-w- C:\Windows\system32\drivers\avgldx86.sys 2009-10-26 21:46:37 . 2009-10-26 21:46:37 28424 ----a-w- C:\Windows\system32\drivers\avgmfx86.sys 2009-10-26 21:46:35 . 2009-10-26 21:46:35 4096 d-----w- C:\ProgramData\avg9 2009-10-26 21:46:35 . 2009-10-26 21:46:35 0 d-----w- C:\Program Files\AVG 2009-10-26 21:32:40 . 2009-10-26 21:32:40 0 d-----w- C:\Program Files\Windows Live SkyDrive 2009-10-26 21:29:39 . 2009-10-26 21:29:39 0 d-----w- C:\Program Files\Common Files\Windows Live 2009-10-26 20:43:06 . 2009-10-26 20:43:03 8192 d-----w- C:\Program Files\AGEIA Technologies 2009-10-26 20:42:59 . 2009-10-26 20:42:57 4096 d-----w- C:\Program Files\Common Files\Wise Installation Wizard 2009-10-26 20:27:01 . 2009-10-26 20:27:01 0 d-----w- C:\Program Files\uTorrent 2009-10-26 20:25:06 . 2009-10-26 20:25:06 0 d-----w- C:\Users\Wietse\AppData\Roaming\Bump Technologies, Inc 2009-10-26 20:17:03 . 2009-10-26 20:12:30 0 d-----w- C:\Users\Wietse\AppData\Roaming\Apple Computer 2009-10-26 20:12:24 . 2009-10-26 20:12:02 0 d-----w- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-26 20:11:31 . 2009-10-26 20:11:22 4096 d-----w- C:\Program Files\QuickTime 2009-10-26 20:11:07 . 2009-10-26 20:11:06 4096 d-----w- C:\Program Files\Apple Software Update 2009-10-02 04:06:59 . 2009-10-26 19:47:53 728648 ----a-w- C:\Windows\system32\drivers\dxgkrnl.sys 2009-10-01 09:29:14 . 2009-10-26 19:48:35 195440 ------w- C:\Windows\system32\MpSigStub.exe 2009-09-15 18:40:18 . 2009-09-15 18:40:18 6114816 ----a-w- C:\Windows\system32\drivers\NETw5s32.sys 2009-09-15 18:19:34 . 2009-09-15 18:19:34 2756608 ----a-w- C:\Windows\system32\NETw5r32.dll 2009-09-15 18:18:04 . 2009-09-15 18:18:04 675840 ----a-w- C:\Windows\system32\NETw5c32.dll 2009-09-10 05:52:05 . 2009-10-26 19:49:27 257024 ----a-w- C:\Windows\system32\msv1_0.dll 2009-09-05 19:28:40 . 2009-10-27 17:18:44 69632 ----a-w- C:\Windows\cadSSaver.scr 2009-09-03 07:04:15 . 2009-10-26 19:47:53 1320960 ----a-w- C:\Windows\system32\CertEnroll.dll 2009-06-10 21:26:35 . 2009-07-14 02:04:20 9633792 --sha-r- C:\Windows\Fonts\StaticCache.dat 2009-07-14 01:14:45 . 2009-07-13 23:42:17 396800 --sha-w- C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 15:44:30 3883856] "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 12:58:52 495616] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-07-14 01:14:38 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-09-05 00:54:42 417792] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2009-08-19 14:24:18 13793824] "AVG9_TRAY"="C:\PROGRA~1\AVG\AVG9\avgtray.exe" [2009-11-12 16:19:34 2020120] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-10-28 15:52:56 149280] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-10-28 19:21:26 141600] "AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 06:58:34 611712] "ISW"="C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" [2009-08-26 16:20:22 722288] C:\Users\Wietse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CAD - Snelkoppeling.lnk - C:\Program Files\CD Art Display\CAD.exe [2009-10-27 2187264] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\Windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\System32\drivers\avgldx86.sys [26/10/2009 22:46:41 333192] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [14/07/2009 0:52:04 48128] R2 avg9wd;AVG Free WatchDog;C:\Program Files\AVG\AVG9\avgwdsvc.exe [26/10/2009 22:46:35 285392] R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [26/08/2009 17:20:14 25208] R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [26/08/2009 17:20:40 435568] R3 itecir;ITECIR Infrared Receiver;C:\Windows\System32\drivers\itecir.sys [9/03/2009 8:58:16 56320] R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;C:\Windows\System32\drivers\NETw5s32.sys [15/09/2009 19:40:18 6114816] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda32v.sys [21/08/2009 20:24:04 66592] S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;C:\Windows\System32\drivers\netw5v32.sys [10/06/2009 22:18:24 4231168] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.yahoo.com mStart Page = hxxp://www.yahoo.com uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: {86CDAA2D-62FC-4112-A559-213B0EA1F566} = 193.74.208.65,194.119.228.67 DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-AdobeBridge - (no file) HKLM-Run-ZoneAlarm Client - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe AddRemove-Free Studio_is1 - C:\Program Files\DVDVideoSoft\Free Studio\unins000.exe AddRemove-NVIDIA Drivers - C:\Windows\system32\nvuninst.exe UninstallGUI AddRemove-Uninstall_is1 - C:\Program Files\Common Files\DVDVideoSoft\unins000.exe AddRemove-WinPcapInst - C:\Program Files\WinPcap\uninstall.exe AddRemove-ZoneAlarm Pro - C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'lsass.exe'(484) C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll - - - - - - - > 'Explorer.exe'(5096) C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll C:\Program Files\RocketDock\RocketDock.dll C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll C:\Program Files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . het liefst zou ik gwn systeemherstel doen naar de tijd dat alles nog werkte!

een van mijn accounts is onlangs gehackt, en dus dacht ik aan een keylogger ofziets... kan iemand (kapexD) dit logje onderzoeken op rare dingen??? alvast bedankt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:22:36, on 30/11/2009 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\CD Art Display\CAD.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wuauclt.exe C:\Users\Wietse\Programma's\Mirror_maker_v2.12.1.exe D:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Megaupload\Mega Manager\MegaManager.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\explorer.exe D:\Users\Wietse\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CAD - Snelkoppeling.lnk = C:\Program Files\CD Art Display\CAD.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{86CDAA2D-62FC-4112-A559-213B0EA1F566}: NameServer = 193.74.208.65,194.119.228.67 O17 - HKLM\System\CS1\Services\Tcpip\..\{86CDAA2D-62FC-4112-A559-213B0EA1F566}: NameServer = 193.74.208.65,194.119.228.67 O17 - HKLM\System\CS2\Services\Tcpip\..\{86CDAA2D-62FC-4112-A559-213B0EA1F566}: NameServer = 193.74.208.65,194.119.228.67 O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 5950 bytes

ja tuurlijk, maar dan werkte het niet... dat was net het probleem... toch bedankt voor de reply, maar ondertussen heb ik het na veel en lang prutsen al kunnen oplossen... nogmaals bedankt voor je reply! WB