Myriad01

Kan u dan ook zeggen hoe, wat en waar aub? (u praat tegen een leek, we zijn 2 dagen verder dus alle schermen zijn dicht en ik weet niet waar ik dat vetgedrukt stuk moet zoeken/vinden) :-/ Dank.

Hier de logjes: ComboFix 10-01-16.03 - Kris 17/01/2010 13:37:40.1.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.32.1036.18.1014.542 [GMT 1:00] Gestart vanuit: c:\documents and settings\Kris\Bureau\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 100117-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Sygate Personal Firewall *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-1214440339-764733703-1644491937-1003 c:\recycler\S-1-5-21-931196064-335735689-1684122734-1005 C:\Thumbs.db c:\windows\msetup c:\windows\msetup\MSetup.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-17 to 2010-01-17 )))))))))))))))))))))))))))))) . 2010-01-14 15:53 . 2010-01-14 15:53 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2010-01-14 15:48 . 2010-01-14 15:48 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google 2010-01-14 10:02 . 2010-01-12 12:17 79872 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll 2010-01-14 10:02 . 2010-01-12 12:17 33280 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINCE\components\WeaveCrypto.dll 2010-01-11 10:35 . 2010-01-11 10:35 30876 ---ha-w- c:\windows\system32\mlfcache.dat 2010-01-10 11:52 . 2010-01-10 11:52 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-01-06 19:00 . 2010-01-06 19:20 -------- d-----w- c:\program files\WhatsRunning 2009-12-26 01:16 . 2009-12-26 01:16 -------- d-----w- c:\program files\MozBackup 2009-12-23 16:09 . 2009-12-23 16:09 -------- d-----w- c:\program files\7-Zip . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-17 12:25 . 2009-04-22 17:20 -------- d-----w- c:\documents and settings\Kris\Application Data\Skype 2010-01-17 12:11 . 2009-09-27 22:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-17 11:25 . 2009-04-22 17:24 -------- d-----w- c:\documents and settings\Kris\Application Data\skypePM 2010-01-14 15:44 . 2009-02-12 12:01 -------- d-----w- c:\program files\Google 2010-01-13 22:36 . 2009-07-25 14:55 -------- d-----w- c:\documents and settings\Kris\Application Data\vlc 2010-01-13 22:35 . 2009-07-09 16:48 -------- d-----w- c:\program files\Windows Media Connect 2 2010-01-13 22:35 . 2009-07-27 10:37 -------- d-----w- c:\program files\Firewalls - MozillaZine Knowledge Base_fichiers 2010-01-09 21:03 . 2009-04-26 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\pdf995 2010-01-09 21:03 . 2009-04-26 12:57 59 ----a-w- c:\windows\wpd99.drv 2010-01-07 15:07 . 2009-09-27 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-09-27 22:39 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-03 21:40 . 2009-06-22 13:59 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2009-12-31 20:59 . 2009-07-28 10:45 -------- d-----w- c:\documents and settings\Kris\Application Data\dvdcss 2009-12-25 02:02 . 2009-05-05 11:31 -------- d-----w- c:\program files\Windows Live 2009-12-25 01:59 . 2009-09-27 21:24 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-11 15:03 . 2009-02-12 19:30 80810 ----a-w- c:\windows\system32\perfc00C.dat 2009-12-11 15:03 . 2009-02-12 19:30 500746 ----a-w- c:\windows\system32\perfh00C.dat 2009-12-04 09:03 . 2009-12-04 09:03 251376 ----a-w- c:\documents and settings\Kris\Application Data\Mozilla\plugins\npgoogletalk.dll 2009-12-03 13:14 . 2009-11-18 20:16 -------- d-----w- c:\program files\Fichiers communs\Adobe 2009-12-03 12:09 . 2009-12-03 12:08 -------- d-----w- c:\program files\FileZilla 2009-12-01 08:53 . 2009-09-27 21:24 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-12-01 01:38 . 2009-08-29 12:45 -------- d-----w- c:\program files\CCleaner 2009-12-01 01:18 . 2009-08-29 11:08 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2009-12-01 01:16 . 2009-12-01 01:16 613888 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\sound\WMASoundPlugin.dll 2009-12-01 01:16 . 2009-12-01 01:16 53760 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\zlib.dll 2009-12-01 01:16 . 2009-12-01 01:16 1603072 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\sound\VorbisOGGSoundPlugin.dll 2009-12-01 01:16 . 2009-12-01 01:16 72704 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\RemoteControl.dll 2009-12-01 01:16 . 2009-12-01 01:16 5439488 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\PamelaPCR.exe 2009-12-01 01:16 . 2009-12-01 01:16 444928 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\sound\SystemMP3SoundPlugin.dll 2009-12-01 01:16 . 2009-12-01 01:16 1495040 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\lng.dll 2009-12-01 01:16 . 2009-12-01 01:16 1138688 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\libeay32.dll 2009-12-01 01:16 . 2009-12-01 01:16 489984 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\dbghelp.dll 2009-12-01 01:16 . 2009-12-01 01:16 630272 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\CrashRpt.dll 2009-12-01 01:14 . 2009-10-31 17:52 -------- d-----w- c:\program files\Fichiers communs\Nero 2009-12-01 01:14 . 2009-10-31 17:52 -------- dc----w- c:\documents and settings\All Users\Application Data\Nero 2009-12-01 01:02 . 2009-12-01 01:01 -------- d-----w- c:\program files\QuickTime 2009-12-01 01:01 . 2009-06-19 15:39 -------- dc----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-11-30 21:59 . 2009-11-30 21:52 -------- d-----w- c:\program files\PhotoFiltre 2009-11-26 11:43 . 2009-02-12 11:55 -------- d-----w- c:\program files\Java 2009-11-26 11:41 . 2009-11-26 11:41 152576 ----a-w- c:\documents and settings\Kris\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-26 11:41 . 2009-11-25 20:11 79488 ----a-w- c:\documents and settings\Kris\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-24 23:54 . 2009-07-22 17:08 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-11-24 23:51 . 2009-07-22 17:10 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-11-24 23:49 . 2009-07-22 17:10 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-11-24 23:48 . 2009-07-22 17:10 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-11-24 23:47 . 2009-07-22 17:10 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-11-24 23:47 . 2009-07-22 17:10 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-11-21 15:58 . 2009-02-12 19:29 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-18 14:23 . 2009-11-18 14:23 -------- d-----w- c:\documents and settings\Guest\Application Data\Nero 2009-11-07 16:32 . 2009-04-27 09:40 61416 ----a-w- c:\documents and settings\Kris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-11-03 20:49 . 2009-11-03 20:37 29184 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\CED7EA9B9D5D4C368001CEC627017007\WBMLauncher.exe 2009-11-03 20:49 . 2009-11-03 20:37 444416 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\CED7EA9B9D5D4C368001CEC627017007\setup.exe 2009-10-29 07:42 . 2009-02-12 19:30 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 05:39 . 2009-02-12 19:30 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2009-02-12 19:30 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-13 11:53 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-07-27 10:37 . 2009-07-27 10:37 66188 ----a-w- c:\program files\Firewalls - MozillaZine Knowledge Base.htm 2009-06-28 12:39 . 2009-06-28 12:39 8513560 ----a-w- c:\program files\Easy_Display_Manager2.2.10.1.zip . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-14 133104] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-21 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456] "EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-20 659456] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480] "BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-10-20 2768896] "DMHotKey"="c:\program files\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Documents and Settings\\Kris\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\Kris\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22/07/2009 18:10 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/07/2009 18:10 20560] R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [12/02/2009 12:55 4300] R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [14/01/2008 19:01 30208] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14/01/2010 16:44 135664] S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [01/08/2006 15:57 19840] S3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\Drivers\VMC326.sys --> c:\windows\system32\Drivers\VMC326.sys [?] . Inhoud van de 'Gedeelde Taken' map 2010-01-17 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 18:56] 2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 15:36] 2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 15:36] 2010-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2104426745-3539394545-3420655605-1005Core.job - c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-14 09:30] 2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2104426745-3539394545-3420655605-1005UA.job - c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-14 09:30] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 FF - ProfilePath - c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/|Ecosia FF - component: c:\documents and settings\Kris\Application Data\Mozilla\Firefox\Profiles\hmgv90km.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll FF - plugin: c:\documents and settings\Kris\Application Data\Mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\Kris\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) MSConfigStartUp-CTFMON - (no file) ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant] "ImagePath"="" . Voltooingstijd: 2010-01-17 13:43:44 ComboFix-quarantined-files.txt 2010-01-17 12:43 Pre-Run: 59 832 770 560 octets libres Post-Run: 59 966 787 584 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect - - End Of File - - D23A04B95791806A4C3A7703A842DABF ---------------------------------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.44 Database versie: 3581 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 17/01/2010 13:52:30 mbam-log-2010-01-17 (13-52-30).txt Scan type: Snelle Scan Objecten gescand: 114226 Verstreken tijd: 5 minute(s), 11 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) ---------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:55:38, on 17/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240481136234 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe -- End of file - 6515 bytes

Dag Kape, De HKUS 21 staat niet in de log. Enkel de 19, 20, 18 en een default. Zie copy: O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') Wat nu?

Ik heb hem gekocht bij Amazon France en vind daar geen correspondentie van terug (mail). Heb geen toegang tot de klantendienst van Amazon noch tot mijn afschriften van de VISA dus zal de leveringsbon moeten zoeken of naar de bank lopen. Echt iets om te blijven uitstellen tot ik dat ding hier helemaal niet meer aan de praat krijg :-D

Ok, merci!

Hey, Hier m'n logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:37:43, on 16/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-2104426745-3539394545-3420655605-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Guest') O4 - HKUS\S-1-5-21-2104426745-3539394545-3420655605-1006\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'Guest') O4 - HKUS\S-1-5-21-2104426745-3539394545-3420655605-1006\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User 'Guest') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240481136234 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing) -- End of file - 7723 bytes Geef ik nu een hoop duistere geheimen prijs? off-topic: ik dacht al dat het een principekwestie was. Het is zelfs nog erger dan BXL. Woon in Ixelles en dat wordt gewoon XL :-D Edit: er weer uitgegooid sinds laatste post (om je een idee te geven van de frequentie)

Nog meer dan een jaar. Moet alleen het aankoopbewijs nog terugvinden (best snel want het gaat van kwaad naar erger)

automatisch downloaden en installeren was aangevinkt dus erg vreemd. Inmiddels blijkt mijn probleem niet opgelost te zijn. Werd er net weer uitgegooid... Off-topic: @stegisoft: BXL is inderdaad Frans voor Brussel. Ik hou mij niet bezig met communautaire problemen aangezien ik 1) een inwijkeling ben en 2) niet in de rand woon. Of doelde je op iets anders?

Ok, heb ik nu gedaan. Het verbaast me een beetje dat ik met een oudere versie van firefox zat. Voor zover ik me kan herinneren kreeg ik een weekje geleden een update scherm te zien. Kan u me ook vertellen waar ik de automatische updates voor firefox kan instellen aub? Dank!

Hallo, Sinds een kleine 2 weken loopt firefox regelmatig vast dus moet telkens heropstarten. Signatuur foutmelding: szAppName: firefox.exe szAppVer: 1.9.1.3642 szModName: hungapp Kan iemand hier iets mee?

Dag allen, Vorige week heb ik enkele add-ons voor Mozilla gedownload met als resultaat dat firefox regelmatig vastliep, ik overal werd uitgegooid en een "dit is genant" pagina te zien kreeg. Ik heb telkens een error-rapport verzonden. Vandaag was er een firefox update (3.5.7) en werden add-ons automatisch gecontroleerd op compatibiliteit. Ik kan niet meer inloggen op Weave (add-on voor synchronisatie) maar verder werden er geen compatibiliteitsproblemen gemeld met andere add-ons. Ik kan echter ook niet meer inloggen op Fb (laadt de pagina niet - wachttijd verstreken) en mijn Gmail verschijnt gewoon helemaal niet. Andere sites werken prima voor zover getest. Er is maw. één en ander mis maar ik kan er de vinger niet op leggen en weet niet wat ik precies moet doen om het uit te vissen. Suggesties zijn welkom Dank, Myriad.

Hey Jürgen, Ik ben ongelofelijk aan het knoeien. Die balk bovenaan met beeld, bestand etc. heb ik momenteel niet (die is op vakantie denk ik) dus via die weg kan ik de bladwijzerbalk niet verwijderen. Inmiddels zit ik hier stommiteiten te doen. Heb via configuratiescherm de balk onderaan (die met 'start') verwijderd. Verkeerde move natuurlijk want nu weet ik niet hoe ik m'n laptop moet uitzetten. Trial and error is dus niet slim. 2-ledige vraag inmiddels: 1) hoe krijg ik de balk onderaan weer terug? 2) Waar is mijn bovenste balk met bestand, beeld, extra, etc. naartoe en hoe krijg ik die terug? Thanks a million! M. Edit: de 'startbalk' heb ik inmiddels terug. Nu enkel de bovenste balk nog... Edit2: menubalk is terug. En inderdaad bladwijzerbalk vewijderd via Beeld -> werkbalken. Bedankt!

Bedankt voor je snelle reactie! Als ik rechts klik in de balk is 'verwijderen' lichtgrijs en niet aanklikbaar en als ik op het bladwijzericoon klik en vervolgens rechts klik op het woord bladwijzerbalk idem... :-/

Hoi, Ik heb net een add-on geïnstalleerd voor firefox (samfind) en heb mijn oude bladwijzerbalk helemaal leegemaakt en alles daarin ondergebracht. Ik zou nu graag van die lege bladwijzerbalk af raken maar ik weet niet hoe ik hem kan verwijderen. Graag enig licht in de duisternis aub. Groet, M. Aan de mod: als 't in 't verkeerde topic staat, verplaats het dan maar (wist niet waar ik het kwijt kon)

Hey, Het schijnt een slecht contactje te zijn tussen beeldscherm en de rest. (heb ik 2 dagen geleden ontdekt maar ik moest de thread nog aanvullen). Dat wordt laptop terug binnendoen vrees ik hé?

Dag allen, Sinds een paar weken krijg ik geregeld een wit scherm (geen cursor, gewoon niets) als ik mijn laptop aansluit op stroom en soms ook bij het opstarten. De laptop werkt dus wel degelijk maar aangezien ik niets zie, zet ik hem dan uit via de power-knop. Lijkt me niet gezond maar zie geen andere manier. Heeft iemand een idee wat dit kan wezen en hoe het te verhelpen? Dank voor jullie reactie. Myriad.

Done! Bedankt voor 't nakijken!

Dag Kape, Het verwijderen van de items uit de eerste HJT-log gaf een error (invalid procedure call or argument) maar de items zijn wel verdwenen. Hier de resultaten van de malware scan: Malwarebytes' Anti-Malware 1.41 Database versie: 2866 Windows 5.1.2600 Service Pack 3 28/09/2009 11:13:43 mbam-log-2009-09-28 (11-13-43).txt Scan type: Snelle Scan Objecten gescand: 96924 Verstreken tijd: 6 minute(s), 11 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) -> dus niets aan te vinken/verwijderen of opnieuw opstarten... en hier het nieuwe HJT-logje: Logfile of HijackThis v1.99.1 Scan saved at 11:16:26, on 28/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\Kris\Bureau\Hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [sUPBackGround] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [iNTERNATIONAL] International O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240481136234 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

Dag allen, Heeft er iemand tijd en zin om naar mijn HJT-log te kijken aub? Ik heb de laatste weken veel zitten prutsen (lees programma's op- en afgooien) en vraag me af hoe 't zit met de gezondheid van mijn laptop :s 't Is voor mij allemaal redelijk chinees moet ik zeggen. Dank voor de moeite! Myriad. Logfile of HijackThis v1.99.1 Scan saved at 23:54:40, on 27/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Documents and Settings\Kris\Bureau\Hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [sUPBackGround] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [iNTERNATIONAL] International O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240481136234 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)