daveEHV

goedemiddag kape zover ik nu kan merken totaal geen problemen en hoop dat het zo blijft mvg dave

goedeavond kape hierbij de twee logs Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:56:43, on 19-2-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19019) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IObit\IObit Security 360\is360tray.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Secunia\PSI\psi_tray.exe C:\Program Files\TeamViewer\Version6\TeamViewer.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\dave\Desktop\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HPCon | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HPCon | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HPCon | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 10335 bytes mbam log Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Databaseversie: 5812 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 19-2-2011 20:49:35 mbam-log-2011-02-19 (20-49-35).txt Scantype: Snelle scan Objecten gescand: 148923 Verstreken tijd: 5 minuut/minuten, 45 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 1 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\Users\dave\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.

hallo kape even hijack binnen gehaald en plaats hierbij meteen het log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:13:47, on 19-2-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19019) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\TeamViewer\Version6\TeamViewer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IObit\IObit Security 360\is360tray.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Secunia\PSI\psi_tray.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\dave\Desktop\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HPCon | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102399 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HPCon | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HPCon | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll O1 - Hosts: ::1 localhost O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHP1.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Dllhost.dll O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 11564 bytes

hallo al een tijdje heb ik constant problemen met mijn windowsverkenner. Telkens als ik een map open of in mijn computer geeft ie aan windowsverkennner moet sluiten gister kreeg ik voor het eerst een RunDLL32.exe foutmelding dat ie niet meer werkt en kan eigenlijk nergens van afleiden waar dat ineens vandaan kwam. Is het een serieus probleem of kan ik het laten liggen mvg dave

hahaha denk dat was ie ik heb de laatste verwijderingen nog gedaan en was idd nog vol oude zooi en gelukkig stond systeemherstel gewoon aangevinkt dus zijn die niet besmet in ieder geval verder zijn de laatste taken uitgevoerd wederom bedankt kape en alvast een heel goed weekend gewenst mvg dave

nee helemaal geen dus wat mij betreft kan het onderwerp gesloten worden en bedankt voor de hulp mvg dave

dag kape zo lekker vanuit bed hahah met de teamviewer alles kunnen oplossen en heb ook een log voor je volgens mij zag het er goed uit ComboFix 11-02-17.02 - Lies 18-02-2011 12:15:55.5.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.447.192 [GMT 1:00] Gestart vanuit: c:\documents and settings\Lies\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Lies\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Bear Share Removal Tool c:\program files\Bear Share Removal Tool\BearShareRemovalTool.exe c:\program files\Bear Share Removal Tool\database.db c:\program files\Bear Share Removal Tool\Results\List-08-02-11-18-40-49.txt c:\program files\Bear Share Removal Tool\Results\List-08-02-11-19-23-17.txt c:\program files\Bear Share Removal Tool\unins000.dat c:\program files\Bear Share Removal Tool\unins000.exe c:\program files\BearShare Applications c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\chrome.manifest c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\content\DataMngr.js c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\content\FFBHO.js c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\content\overlay.js c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\content\overlay.xul c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\content\Settings.xml c:\program files\BearShare Applications\MediaBar\Datamngr\FirefoxExtension\install.rdf c:\program files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-18 to 2011-02-18 )))))))))))))))))))))))))))))) . 2011-02-17 14:31 . 2011-02-17 15:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2011-02-17 14:31 . 2011-02-17 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2011-02-17 11:36 . 2011-02-17 11:36 -------- d--h--r- c:\documents and settings\Lies\Onlangs geopend 2011-02-17 11:30 . 2011-02-17 11:30 -------- d-----w- c:\windows\system32\Adobe 2011-02-09 12:08 . 2011-02-09 12:08 -------- d-----w- c:\program files\TeamViewer 2011-02-09 12:06 . 2011-02-18 10:17 -------- d-----w- c:\documents and settings\Lies\Application Data\TeamViewer 2011-02-09 11:31 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-09 11:31 . 2011-02-09 11:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-09 11:31 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-08 17:00 . 2010-10-13 08:38 81920 ----a-w- c:\windows\eSellerateControl350.dll 2011-02-08 17:00 . 2010-10-13 08:38 356352 ----a-w- c:\windows\eSellerateEngine.dll 2011-02-08 16:47 . 2011-02-18 09:33 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-02-08 16:47 . 2011-02-18 09:33 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-08 16:45 . 2011-02-12 11:15 -------- d-----w- c:\documents and settings\Lies\Local Settings\Application Data\Spotify 2011-02-08 16:45 . 2011-02-12 11:15 -------- d-----w- c:\documents and settings\Lies\Application Data\Spotify 2011-02-08 16:45 . 2011-02-08 16:45 -------- d-----w- c:\program files\Spotify 2011-02-08 16:35 . 2011-02-08 16:35 -------- d-----w- c:\documents and settings\Lies\Local Settings\Application Data\Secunia PSI 2011-02-08 16:35 . 2011-02-08 16:35 -------- d-----w- c:\program files\Secunia 2011-02-08 16:17 . 2011-02-08 16:17 -------- d-----w- c:\documents and settings\Lies\Application Data\IObit 2011-02-08 16:17 . 2011-02-08 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit 2011-02-08 16:17 . 2011-02-08 16:17 -------- d-----w- c:\program files\IObit 2011-02-08 16:15 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-08 16:15 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-08 16:15 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-08 16:15 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-08 16:15 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-02-08 16:15 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-02-08 16:15 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-08 16:14 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr 2011-02-08 16:14 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-08 16:14 . 2011-02-08 16:14 -------- d-----w- c:\program files\Alwil Software 2011-02-08 16:14 . 2011-02-08 16:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2011-02-08 16:13 . 2011-02-18 10:26 -------- d-----w- c:\documents and settings\bureaublad 2011-02-08 16:13 . 2011-02-08 16:13 388096 ----a-r- c:\documents and settings\Lies\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-02-08 15:09 . 2011-02-08 15:09 -------- d-----w- c:\documents and settings\Administrator 2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll 2011-01-26 21:31 . 2011-01-26 21:31 -------- d-----w- c:\documents and settings\All Users\Application Data\1E2CE 2011-01-26 21:28 . 2011-01-26 21:28 -------- d-----w- c:\documents and settings\peer\Local Settings\Application Data\PackageAware 2011-01-21 14:44 . 2011-01-21 14:44 441344 -c----w- c:\windows\system32\dllcache\shimgvw.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-18 09:33 . 2008-09-05 20:54 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-01-21 14:44 . 2004-08-04 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 14:04 . 2004-08-04 12:00 1855104 ----a-w- c:\windows\system32\win32k.sys 2010-12-22 12:34 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 23:52 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-12-20 23:52 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-20 23:52 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-12-20 17:25 . 2004-08-04 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll 2010-12-20 12:55 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec 2010-12-09 15:15 . 2004-08-04 12:00 739328 ----a-w- c:\windows\system32\ntdll.dll 2010-12-09 15:14 . 2004-08-04 12:00 2197120 ------w- c:\windows\system32\ntoskrnl.exe 2010-12-09 15:14 . 2004-08-04 00:58 2073728 ------w- c:\windows\system32\ntkrnlpa.exe 2010-12-09 14:30 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll . ((((((((((((((((((((((((((((( SnapShot_2011-02-09_13.16.15 ))))))))))))))))))))))))))))))))))))))))) . + 2011-02-18 11:08 . 2011-02-18 11:08 16384 c:\windows\Temp\Perflib_Perfdata_6d8.dat + 2011-02-02 13:35 . 2011-02-02 13:35 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll + 2011-02-02 13:35 . 2011-02-02 13:35 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe + 2011-02-02 13:35 . 2011-02-02 13:35 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll + 2011-02-17 11:31 . 2011-02-18 10:25 87711 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe + 2011-02-02 13:46 . 2011-02-02 13:46 98304 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll + 2011-02-02 13:35 . 2011-02-02 13:35 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll + 2011-02-02 13:55 . 2011-02-02 13:55 68536 c:\windows\system32\Adobe\Director\SWDNLD.EXE + 2010-09-23 03:47 . 2010-09-23 03:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\reader_sl.exe + 2010-09-23 02:03 . 2010-09-23 02:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\eula.exe + 2010-09-23 01:52 . 2010-09-23 01:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\acrotextextractor.exe + 2010-09-22 17:12 . 2010-09-22 17:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroRd32Info.exe + 2011-02-02 13:47 . 2011-02-02 13:47 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll + 2011-02-02 13:35 . 2011-02-02 13:35 136568 c:\windows\system32\Macromed\Shockwave 10\SCC.dll + 2011-02-02 13:35 . 2011-02-02 13:35 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll + 2011-02-02 13:35 . 2011-02-02 13:35 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll + 2011-02-02 13:35 . 2011-02-02 13:35 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll + 2011-02-02 13:35 . 2011-02-02 13:35 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll + 2011-02-02 13:35 . 2011-02-02 13:35 471040 c:\windows\system32\Macromed\Shockwave 10\Control.dll + 2011-02-15 22:24 . 2011-02-15 22:24 234656 c:\windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe + 2011-02-15 16:42 . 2011-02-15 16:42 234656 c:\windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe + 2011-02-15 16:42 . 2011-02-15 16:42 311456 c:\windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.dll + 2011-02-18 09:34 . 2011-02-18 09:33 157472 c:\windows\system32\javaws.exe - 2011-02-08 16:47 . 2011-02-08 16:47 157472 c:\windows\system32\javaws.exe - 2011-02-08 16:47 . 2011-02-08 16:47 145184 c:\windows\system32\javaw.exe + 2011-02-18 09:34 . 2011-02-18 09:33 145184 c:\windows\system32\javaw.exe - 2011-02-08 16:47 . 2011-02-08 16:47 145184 c:\windows\system32\java.exe + 2011-02-18 09:34 . 2011-02-18 09:33 145184 c:\windows\system32\java.exe + 2011-02-17 11:31 . 2011-02-17 11:31 292216 c:\windows\system32\Adobe\Shockwave 11\syminstallstub.exe + 2011-02-02 13:46 . 2011-02-02 13:46 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe + 2011-02-02 13:55 . 2011-02-02 13:55 469944 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1159620.exe + 2011-02-02 13:35 . 2011-02-02 13:35 136568 c:\windows\system32\Adobe\Shockwave 11\SCC.dll + 2011-02-02 13:48 . 2011-02-02 13:48 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll + 2011-02-02 13:47 . 2011-02-02 13:47 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll + 2011-02-02 13:35 . 2011-02-02 13:35 798208 c:\windows\system32\Adobe\Shockwave 11\gi.dll + 2011-02-02 13:46 . 2011-02-02 13:46 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll + 2011-02-02 13:55 . 2011-02-02 13:55 215992 c:\windows\system32\Adobe\Director\SwDir.dll + 2011-02-02 13:47 . 2011-02-02 13:47 135168 c:\windows\system32\Adobe\Director\np32dsw.dll + 2011-02-18 09:34 . 2011-02-18 09:34 180224 c:\windows\Installer\6897a.msi + 2011-02-18 09:33 . 2011-02-18 09:33 677376 c:\windows\Installer\6896a.msi + 2010-09-10 17:17 . 2010-09-10 17:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\JP2KLib.dll + 2010-09-22 19:41 . 2010-09-22 19:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AdobeCollabSync.exe + 2010-09-23 03:47 . 2010-09-23 03:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroRd32.exe + 2010-09-22 17:04 . 2010-09-22 17:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroPDF.dll + 2010-09-22 18:39 . 2010-09-22 18:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\acrobroker.exe + 2010-09-22 17:50 . 2010-09-22 17:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\a3dutility.exe + 2011-02-02 13:35 . 2011-02-02 13:35 1495040 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll + 2008-10-05 03:24 . 2011-02-15 22:24 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2011-02-02 13:39 . 2011-02-02 13:39 1019904 c:\windows\system32\Adobe\Shockwave 11\iml32.dll + 2011-02-02 13:35 . 2011-02-02 13:35 2224816 c:\windows\system32\Adobe\Shockwave 11\gt.exe + 2011-02-02 13:41 . 2011-02-02 13:41 1802240 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll + 2010-09-22 17:05 . 2010-09-22 17:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\rt3d.dll + 2010-06-19 16:51 . 2010-06-19 16:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AGM.dll + 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\2179c.msp + 2010-09-23 02:03 . 2010-09-23 02:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroRd32.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2008-09-05 577536] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624] "IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Lies\Menu Start\Programma's\Opstarten\ MRU-Blaster Silent Clean.lnk - c:\program files\MRU-Blaster\mrublaster.exe [2004-3-28 1216512] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 20:33 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] 2008-09-05 09:28 53248 -c--a-w- c:\windows\system32\VTTimer.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\KCeasy\\giFT\\giFTl.exe"= "h:\\muziek\\uTorrent.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8-2-2011 17:15 294608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8-2-2011 17:15 17744] R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [8-2-2011 17:17 312152] R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [10-1-2011 15:24 993848] R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [10-1-2011 15:24 399416] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1-9-2010 9:30 15544] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17-12-2010 19:50 136176] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] . Inhoud van de 'Gedeelde Taken' map 2011-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-17 18:50] 2011-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-17 18:50] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game12.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\documents and settings\Lies\Application Data\Mozilla\Firefox\Profiles\2lpm2v0q.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . - - - - ORPHANS VERWIJDERD - - - - AddRemove-Bear Share Removal Tool_is1 - c:\program files\Bear Share Removal Tool\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-18 12:20 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(512) c:\windows\system32\CLBCATQ.DLL . Voltooingstijd: 2011-02-18 12:22:22 ComboFix-quarantined-files.txt 2011-02-18 11:22 ComboFix2.txt 2011-02-09 13:18 ComboFix3.txt 2011-02-08 15:51 ComboFix4.txt 2010-08-04 12:38 Pre-Run: 47.012.335.616 bytes beschikbaar Post-Run: 47.007.354.880 bytes beschikbaar - - End Of File - - FCEDA26FB2EDF1F101F420778B8F9D68 mvg dave

thanks kape ik heb de cfs aangemaakt en ga nu kijken of dat ik het met de teamviewer kan fixen alvast bedankt ik laat je weten hoe het ging mvg dave

hallo kape de teamviewer werkt als een trein hahaha leuk programma hier dan het log van de combofix ComboFix 11-02-07.05 - Lies 09-02-2011 14:11:40.4.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.447.193 [GMT 1:00] Gestart vanuit: c:\documents and settings\Lies\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: /u AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-09 to 2011-02-09 )))))))))))))))))))))))))))))) . 2011-02-09 12:31 . 2011-02-09 12:39 -------- d--h--r- c:\documents and settings\Lies\Onlangs geopend 2011-02-09 12:08 . 2011-02-09 12:08 -------- d-----w- c:\program files\TeamViewer 2011-02-09 12:06 . 2011-02-09 12:07 -------- d-----w- c:\documents and settings\Lies\Application Data\TeamViewer 2011-02-09 11:31 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-09 11:31 . 2011-02-09 11:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-09 11:31 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-08 17:00 . 2010-10-13 08:38 81920 ----a-w- c:\windows\eSellerateControl350.dll 2011-02-08 17:00 . 2010-10-13 08:38 356352 ----a-w- c:\windows\eSellerateEngine.dll 2011-02-08 17:00 . 2011-02-08 17:40 -------- d-----w- c:\program files\Bear Share Removal Tool 2011-02-08 16:47 . 2011-02-08 16:47 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-02-08 16:47 . 2011-02-08 16:47 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-08 16:45 . 2011-02-09 12:42 -------- d-----w- c:\documents and settings\Lies\Local Settings\Application Data\Spotify 2011-02-08 16:45 . 2011-02-09 12:42 -------- d-----w- c:\documents and settings\Lies\Application Data\Spotify 2011-02-08 16:45 . 2011-02-08 16:45 -------- d-----w- c:\program files\Spotify 2011-02-08 16:35 . 2011-02-08 16:35 -------- d-----w- c:\documents and settings\Lies\Local Settings\Application Data\Secunia PSI 2011-02-08 16:35 . 2011-02-08 16:35 -------- d-----w- c:\program files\Secunia 2011-02-08 16:17 . 2011-02-08 16:17 -------- d-----w- c:\documents and settings\Lies\Application Data\IObit 2011-02-08 16:17 . 2011-02-08 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit 2011-02-08 16:17 . 2011-02-08 16:17 -------- d-----w- c:\program files\IObit 2011-02-08 16:15 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-08 16:15 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-08 16:15 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-08 16:15 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-08 16:15 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-02-08 16:15 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-02-08 16:15 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-08 16:14 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr 2011-02-08 16:14 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-08 16:14 . 2011-02-08 16:14 -------- d-----w- c:\program files\Alwil Software 2011-02-08 16:14 . 2011-02-08 16:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2011-02-08 16:13 . 2011-02-08 16:13 388096 ----a-r- c:\documents and settings\Lies\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-02-08 16:13 . 2011-02-08 16:13 -------- d-----w- c:\documents and settings\bureaublad 2011-02-08 15:09 . 2011-02-08 15:09 -------- d-----w- c:\documents and settings\Administrator 2011-01-26 21:31 . 2011-01-26 21:31 -------- d-----w- c:\documents and settings\All Users\Application Data\1E2CE 2011-01-26 21:28 . 2011-01-27 05:04 -------- d-----w- c:\program files\BearShare Applications 2011-01-26 21:28 . 2011-01-26 21:28 -------- d-----w- c:\documents and settings\peer\Local Settings\Application Data\PackageAware 2011-01-21 14:44 . 2011-01-21 14:44 441344 -c----w- c:\windows\system32\dllcache\shimgvw.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-08 16:47 . 2008-09-05 20:54 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-01-21 14:44 . 2004-08-04 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 14:04 . 2004-08-04 12:00 1855104 ----a-w- c:\windows\system32\win32k.sys 2010-12-22 12:34 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 23:52 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-12-20 23:52 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-20 23:52 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-12-20 17:25 . 2004-08-04 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll 2010-12-20 12:55 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec 2010-12-09 15:15 . 2004-08-04 12:00 739328 ----a-w- c:\windows\system32\ntdll.dll 2010-12-09 15:14 . 2004-08-04 12:00 2197120 ------w- c:\windows\system32\ntoskrnl.exe 2010-12-09 15:14 . 2004-08-04 00:58 2073728 ------w- c:\windows\system32\ntkrnlpa.exe 2010-12-09 14:30 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2010-11-18 18:15 . 2008-09-05 07:50 86016 ----a-w- c:\windows\system32\isign32.dll . ((((((((((((((((((((((((((((( SnapShot@2011-02-08_15.49.41 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-11 23:02 . 2009-07-11 23:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll + 2009-07-11 23:02 . 2009-07-11 23:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-11 23:02 . 2009-07-11 23:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-11 23:02 . 2009-07-11 23:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-11 23:02 . 2009-07-11 23:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll + 2009-07-11 23:02 . 2009-07-11 23:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-11 23:02 . 2009-07-11 23:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-11 23:02 . 2009-07-11 23:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2011-02-09 11:49 . 2011-02-09 11:49 16384 c:\windows\Temp\Perflib_Perfdata_724.dat - 2004-08-04 12:00 . 2010-11-06 00:23 66560 c:\windows\system32\mshtmled.dll + 2004-08-04 12:00 . 2010-12-20 23:52 66560 c:\windows\system32\mshtmled.dll + 2007-08-13 16:54 . 2010-12-20 23:52 55296 c:\windows\system32\msfeedsbs.dll - 2007-08-13 16:54 . 2010-11-06 00:23 55296 c:\windows\system32\msfeedsbs.dll + 2004-08-04 12:00 . 2010-12-20 23:52 25600 c:\windows\system32\jsproxy.dll - 2004-08-04 12:00 . 2010-11-06 00:23 25600 c:\windows\system32\jsproxy.dll + 2010-09-01 08:30 . 2010-09-01 08:30 15544 c:\windows\system32\drivers\psi_mf.sys + 2009-07-12 16:14 . 2010-12-20 23:52 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-07-12 16:14 . 2010-11-06 00:23 12800 c:\windows\system32\dllcache\xpshims.dll - 2007-08-13 16:54 . 2010-11-06 00:23 66560 c:\windows\system32\dllcache\mshtmled.dll + 2007-08-13 16:54 . 2010-12-20 23:52 66560 c:\windows\system32\dllcache\mshtmled.dll + 2008-09-05 09:54 . 2010-12-20 23:52 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2008-09-05 09:54 . 2010-11-06 00:23 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2007-08-13 16:44 . 2010-11-06 00:23 43520 c:\windows\system32\dllcache\licmgr10.dll + 2007-08-13 16:44 . 2010-12-20 23:52 43520 c:\windows\system32\dllcache\licmgr10.dll + 2007-08-13 16:54 . 2010-12-20 23:52 25600 c:\windows\system32\dllcache\jsproxy.dll - 2007-08-13 16:54 . 2010-11-06 00:23 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-12-14 07:10 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll - 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\system32\dllcache\csrsrv.dll + 2011-02-09 11:35 . 2010-11-06 00:23 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll + 2011-02-09 11:35 . 2010-11-06 00:23 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll + 2011-02-09 11:35 . 2010-11-06 00:23 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll + 2011-02-09 11:35 . 2010-11-06 00:23 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll + 2011-02-09 11:35 . 2010-11-06 00:23 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll + 2009-07-11 23:02 . 2009-07-11 23:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-11 23:05 . 2009-07-11 23:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - 2004-08-04 12:00 . 2010-11-06 00:23 206848 c:\windows\system32\occache.dll + 2004-08-04 12:00 . 2010-12-20 23:52 206848 c:\windows\system32\occache.dll - 2004-08-04 12:00 . 2010-11-06 00:23 611840 c:\windows\system32\mstime.dll + 2004-08-04 12:00 . 2010-12-20 23:52 611840 c:\windows\system32\mstime.dll - 2007-08-13 16:54 . 2010-11-06 00:23 602112 c:\windows\system32\msfeeds.dll + 2007-08-13 16:54 . 2010-12-20 23:52 602112 c:\windows\system32\msfeeds.dll + 2011-02-08 16:43 . 2011-02-08 16:43 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe + 2011-02-08 16:47 . 2011-02-08 16:47 157472 c:\windows\system32\javaws.exe + 2011-02-08 16:47 . 2011-02-08 16:47 145184 c:\windows\system32\javaw.exe - 2009-09-12 09:05 . 2009-09-12 09:05 145184 c:\windows\system32\javaw.exe + 2011-02-08 16:47 . 2011-02-08 16:47 145184 c:\windows\system32\java.exe - 2009-09-12 09:05 . 2009-09-12 09:05 145184 c:\windows\system32\java.exe + 2004-08-04 12:00 . 2010-12-20 23:52 184320 c:\windows\system32\iepeers.dll - 2004-08-04 12:00 . 2010-11-06 00:23 184320 c:\windows\system32\iepeers.dll + 2004-08-04 12:00 . 2010-12-20 23:52 387584 c:\windows\system32\iedkcs32.dll - 2004-08-04 12:00 . 2010-11-06 00:23 387584 c:\windows\system32\iedkcs32.dll + 2004-08-04 12:00 . 2010-12-20 12:55 173568 c:\windows\system32\ie4uinit.exe - 2004-08-04 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe - 2008-09-05 09:23 . 2010-12-16 12:41 187408 c:\windows\system32\FNTCACHE.DAT + 2008-09-05 09:23 . 2011-02-09 11:48 187408 c:\windows\system32\FNTCACHE.DAT - 2007-08-13 16:54 . 2010-11-06 00:23 916480 c:\windows\system32\dllcache\wininet.dll + 2007-08-13 16:54 . 2010-12-20 23:52 916480 c:\windows\system32\dllcache\wininet.dll + 2007-08-13 16:44 . 2010-12-20 23:52 206848 c:\windows\system32\dllcache\occache.dll - 2007-08-13 16:44 . 2010-11-06 00:23 206848 c:\windows\system32\dllcache\occache.dll + 2009-04-16 12:54 . 2010-12-09 15:15 739328 c:\windows\system32\dllcache\ntdll.dll + 2007-08-13 16:54 . 2010-12-20 23:52 611840 c:\windows\system32\dllcache\mstime.dll - 2007-08-13 16:54 . 2010-11-06 00:23 611840 c:\windows\system32\dllcache\mstime.dll + 2008-09-05 09:54 . 2010-12-20 23:52 602112 c:\windows\system32\dllcache\msfeeds.dll - 2008-09-05 09:54 . 2010-11-06 00:23 602112 c:\windows\system32\dllcache\msfeeds.dll + 2009-04-16 12:54 . 2010-12-20 17:25 735232 c:\windows\system32\dllcache\lsasrv.dll - 2009-04-16 12:54 . 2009-06-25 08:27 735232 c:\windows\system32\dllcache\lsasrv.dll - 2009-06-25 08:27 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll + 2009-06-25 08:27 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll - 2009-07-12 16:14 . 2010-11-06 00:23 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-07-12 16:14 . 2010-12-20 23:52 247808 c:\windows\system32\dllcache\ieproxy.dll - 2007-08-13 16:54 . 2010-11-06 00:23 184320 c:\windows\system32\dllcache\iepeers.dll + 2007-08-13 16:54 . 2010-12-20 23:52 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-06-09 09:00 . 2010-12-20 23:52 743424 c:\windows\system32\dllcache\iedvtool.dll - 2010-06-09 09:00 . 2010-11-06 00:23 743424 c:\windows\system32\dllcache\iedvtool.dll - 2007-08-13 16:39 . 2010-11-06 00:23 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2007-08-13 16:39 . 2010-12-20 23:52 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2007-08-13 16:39 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe + 2007-08-13 16:39 . 2010-12-20 12:55 173568 c:\windows\system32\dllcache\ie4uinit.exe + 2010-04-20 05:35 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll - 2010-04-20 05:35 . 2010-10-28 13:09 290048 c:\windows\system32\dllcache\atmfd.dll + 2011-02-08 16:48 . 2011-02-08 16:48 180224 c:\windows\Installer\eb619.msi + 2011-02-08 16:47 . 2011-02-08 16:47 675840 c:\windows\Installer\eb613.msi + 2011-02-08 16:15 . 2011-02-08 16:15 219648 c:\windows\Installer\16b7d4.msi + 2011-02-09 11:35 . 2010-11-06 00:23 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll + 2011-02-09 11:36 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll + 2011-02-09 11:36 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe + 2011-02-09 11:35 . 2010-11-06 00:23 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll + 2011-02-09 11:35 . 2010-11-06 00:23 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll + 2011-02-09 11:35 . 2010-11-06 00:23 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll + 2011-02-09 11:35 . 2010-11-06 00:23 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll + 2011-02-09 11:35 . 2010-11-06 00:23 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll + 2011-02-09 11:35 . 2010-11-06 00:23 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll + 2011-02-09 11:35 . 2010-11-06 00:23 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll + 2011-02-09 11:35 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe + 2009-07-11 23:02 . 2009-07-11 23:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll + 2009-07-11 23:02 . 2009-07-11 23:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll + 2004-08-04 12:00 . 2010-12-20 23:52 1210880 c:\windows\system32\urlmon.dll - 2004-08-04 12:00 . 2010-11-06 00:23 1210880 c:\windows\system32\urlmon.dll - 2004-08-04 12:00 . 2010-07-27 06:30 8509440 c:\windows\system32\shell32.dll + 2004-08-04 12:00 . 2011-01-21 14:44 8509440 c:\windows\system32\shell32.dll + 2004-08-04 12:00 . 2010-12-20 23:52 5961216 c:\windows\system32\mshtml.dll + 2008-10-05 03:24 . 2011-02-08 16:43 5971408 c:\windows\system32\Macromed\Flash\NPSWF32.dll - 2007-08-13 16:34 . 2010-11-06 00:23 1991680 c:\windows\system32\iertutil.dll + 2007-08-13 16:34 . 2010-12-20 23:52 1991680 c:\windows\system32\iertutil.dll + 2008-10-16 15:51 . 2010-12-31 14:04 1855104 c:\windows\system32\dllcache\win32k.sys - 2007-08-13 16:54 . 2010-11-06 00:23 1210880 c:\windows\system32\dllcache\urlmon.dll + 2007-08-13 16:54 . 2010-12-20 23:52 1210880 c:\windows\system32\dllcache\urlmon.dll + 2008-06-17 19:03 . 2011-01-21 14:44 8509440 c:\windows\system32\dllcache\shell32.dll - 2008-06-17 19:03 . 2010-07-27 06:30 8509440 c:\windows\system32\dllcache\shell32.dll + 2008-10-16 15:51 . 2010-12-09 15:14 2197120 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-10-16 15:51 . 2010-12-09 15:14 2031616 c:\windows\system32\dllcache\ntkrpamp.exe + 2008-10-16 15:51 . 2010-12-09 15:14 2073728 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-16 15:51 . 2010-12-09 15:14 2153472 c:\windows\system32\dllcache\ntkrnlmp.exe + 2007-08-13 16:54 . 2010-12-20 23:52 5961216 c:\windows\system32\dllcache\mshtml.dll + 2008-09-05 09:54 . 2010-12-20 23:52 1991680 c:\windows\system32\dllcache\iertutil.dll - 2008-09-05 09:54 . 2010-11-06 00:23 1991680 c:\windows\system32\dllcache\iertutil.dll + 2011-02-08 16:13 . 2011-02-08 16:13 1094656 c:\windows\Installer\16b7ce.msi + 2011-02-09 11:35 . 2010-11-06 00:23 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll + 2011-02-09 11:35 . 2010-11-06 00:23 5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll + 2011-02-09 11:35 . 2010-11-06 00:23 1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll + 2008-10-16 15:51 . 2010-12-09 15:14 2197120 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-16 15:51 . 2010-12-09 15:14 2031616 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-10-16 15:51 . 2010-12-09 15:14 2073728 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-10-16 15:51 . 2010-12-09 15:14 2153472 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2008-09-05 09:52 . 2011-02-09 11:37 37443528 c:\windows\system32\MRT.exe + 2007-08-13 16:54 . 2010-12-20 10:52 11080704 c:\windows\system32\ieframe.dll - 2007-08-13 16:54 . 2010-11-06 00:23 11080704 c:\windows\system32\ieframe.dll + 2008-09-05 09:54 . 2010-12-20 10:52 11080704 c:\windows\system32\dllcache\ieframe.dll - 2008-09-05 09:54 . 2010-11-06 00:23 11080704 c:\windows\system32\dllcache\ieframe.dll + 2011-02-09 11:35 . 2010-11-06 00:23 11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2011-01-06 14:06 721840 ----a-w- c:\progra~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2008-09-05 577536] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624] "IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Lies\Menu Start\Programma's\Opstarten\ MRU-Blaster Silent Clean.lnk - c:\program files\MRU-Blaster\mrublaster.exe [2004-3-28 1216512] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 20:33 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] 2008-09-05 09:28 53248 -c--a-w- c:\windows\system32\VTTimer.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\KCeasy\\giFT\\giFTl.exe"= "h:\\muziek\\uTorrent.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\Program Files\\Bear Share Removal Tool\\BearShareRemovalTool.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8-2-2011 17:15 294608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8-2-2011 17:15 17744] R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [8-2-2011 17:17 312152] R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [10-1-2011 15:24 993848] R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [10-1-2011 15:24 399416] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1-9-2010 9:30 15544] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17-12-2010 19:50 136176] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] . Inhoud van de 'Gedeelde Taken' map 2011-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-17 18:50] 2011-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-17 18:50] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game12.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\documents and settings\Lies\Application Data\Mozilla\Firefox\Profiles\2lpm2v0q.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-09 14:16 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3128) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2011-02-09 14:18:01 ComboFix-quarantined-files.txt 2011-02-09 13:17 ComboFix2.txt 2011-02-08 15:51 ComboFix3.txt 2010-08-04 12:38 Pre-Run: 48.244.064.256 bytes beschikbaar Post-Run: 48.317.116.416 bytes beschikbaar - - End Of File - - 9BEB58F7E51C358A01FB640784DAAC2C

gelukkig ziet het er al beter uit ik had uitmezelf al een combofix gedaan en kon zo snel niets vinden heb ook de teamviewer bij mijn moeder geinstaleerd dus kan de alsnog even de fix uitvoeren en dan een logbestand plaatsen verder had ik geen problemen meer ondervonden en mozilla werkte ook weer goed mvg dave

beste kape ik heb de in de c:/program files de map ask.com verwijderd maar vond ook in de program files de map 'bearshare applications' en die kon ik niet verwijderen ik heb in ieder geval twee nieuwe logjes Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 5718 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 9-2-2011 12:42:05 mbam-log-2011-02-09 (12-42-05).txt Scantype: Snelle scan Objecten gescand: 152060 Verstreken tijd: 9 minuut/minuten, 21 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:45:35, on 9-2-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\IObit\IObit Security 360\IS360tray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Secunia\PSI\psi_tray.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\IObit\IObit Security 360\IS360srv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Secunia\PSI\PSIA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Secunia\PSI\sua.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\bureaublad\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220607649250 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe -- End of file - 6418 bytes

hallo kape thanks voor de reactie ik reis morgen naar mijn moeder en dan zal ik het oplossen ik weet dat er een programma is zodat ik dat bij haar kan installeren kun je mij vertellen hoe ik het makkelijkste vanuit mij thuis op haar pc kan inloggen zodat ik het in het vervolg vanuit mij thuis kan doen vriendelijk bedankt dave

mijn moeder heeft perongeluk bearshare op haar pc gezet en instantly problemen ik heb mozilla de browser die ze graag gebruikt opnieuw geiinstaleerd maar als ik hem open krijg van WOT een waarschuwing dat de bearshare programma onveilig is nu heb ik een hjt log om te kijken hoe ik het het beste kan verwiujderen zodat mozilla weer goed werkt en de bearshare kan verwijderen mvg dave Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:31:47, on 8-2-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\IObit\IObit Security 360\IS360tray.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\IObit\IObit Security 360\IS360srv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\alg.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\bureaublad\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start AVG - Uninstallation survey O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220607649250 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 6517 bytes

hallo, ik ben mijn originele cd kwijt maar wil toch mijn updater gebruiken. nu las ik op een site : install Canon camera software without CD en dan is voor mij op toepassing alleen dit wat er staat: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Canon\ZoomBrowser EX] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Canon\ZoomBrowser EX\Settings] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Canon\ZoomBrowser EX\Install] nu is mijn vraag of ik dan ook andere canon onderdelen in mijn registry eerst moet verwijderen? en ja heb het gecheckt in zo verre dat ik alleen positieve reacties gelezen heb maar wil toch voor de zekerheid ff checken of het kan of dat iemand me kan vertellen of dat ik dit gewoon kan toevoegen aan mijn registry? mvg dave

dank je kape voor het goed nieuws en een hartstikke goed nieuwjaar gewenst en gelukkig is hij clean ik doe daar ook uiterst mijn best voor zonder al teveel werk maar me goed beschermen en tijdig updaten met alle software die ik gebruik mvg dave

hallo kape sorry dat het even duurde voor een reactie. hier alsnog een log alles bleek goed te zijn ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6419 # api_version=3.0.2 # EOSSerial=0f9631dea2f9a440b857519d3545ec7b # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2010-12-27 08:09:40 # local_time=2010-12-27 09:09:40 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=1280 16777215 100 0 6394186 6394186 0 0 # compatibility_mode=5892 16776573 100 100 234199 130996329 0 0 # compatibility_mode=8192 67108863 100 0 127 127 0 0 # scanned=160832 # found=0 # cleaned=0 # scan_time=13379 mvg dave en alvast een prettig nieuwjaar

als eerste prettige kerstdagen voor iedereen verder heb ik wat problemen met msn nu had ik al in het archief gekeken en kwam op wat sites zoals deze : " » impFix – Remove the MSN virus!" - yandao.com maar telkens als ik er wat downloaden kwam mijn emsisoft met trojan generic in de download dus plaats nu eerst een log om ff zeker te weten of het probleem nu wel bij mijn msn ligt of bij degenen in mijn contacten lijst Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:11:22, on 25-12-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Secunia\PSI\psi_tray.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Windows\explorer.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\dave\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HPCon | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HPCon | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HPCon | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra button: URL Adviseur - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 11575 bytes

vriendelijk bedankt dat je de tijd hebt genomen om ernaar te kijken en waarschijnlijk heb ik hem dan gewoon te lang aan gelaten hij heeft er de laatste dagen ook niet echt last meer van gehad maar als ik weet dat ik hem langer niet gebruik zet ik hem ook uit heb er al zoveel problemen mee gehad met deze fijne laptop van de Media #@#$$%# dat ik meteen para werd en dacht gaan we weer lols toch bedankt en zal het wel iets van mijn eigen zijn mvg dave

ok ik begreep het al niet helemaal wat de bedoeling was heb hoop dat ie nu dan wel ok is mvg dave

sorry dacht dat het zo ook zou werken alsnog hier de jpg files

[ATTACH]7836[/ATTACH]hallo kweezie ik had process explorer van sysinternals gedownload en heb een kopie van alle processen als .txt bestand gemaakt en had de administrator show all optie ingeschakeld hoop dat het goed is kon in taakbeheer geen kopie maken compleet wist niet hoe Procexp.txt

ik had al gedaan wat je op had geschreven ook de alle processen tonen en ook de kolom met de hoogste cpu gebruik bovenaan de reden dat ik mijn vraag posten is juist omdat bij hoog cpu gebruik ik niets in mijn taak beheer kon vinden en wilde niet wild gaan googlen en vooral progjes instaleren die zogenaamd duidelijkheid moet brengen en het niet doen vaak hahah maar zal alsnog een afbeelding willen nemen als je toch wil maar dat was mijn eerste probleem wat me opviel waar blaast ie zo terwijl er niets aan staat als alleen firefox

ik heb de laatste dagen nogal last van hoog cpu maar vooral het blazen van de pc of dat ie veel programmas gebruikt terwijl 1 pagina van internet open is mijn onbegrip is omdat ik secunia gebruik en heb een tiptop in orde laptop en goed up to date ik gebruik kaspersky en emsisoft en geen illegale dingen of sites ik krijg geen probleem gevonden en in taakbeheer lijkt alles naar behoren geen pieken of zo en het is recent gestart wie kan me hier bij helpen ??

dank je had de systeemherstel gedaan alles opgelost het lag waarschijnlijk aan het programma tableau public thanks a million

sinds gister heb ik veel last bij het opstarten van mijn laptop van foutmeldingen zoals: audio die niet werkt: maar toch wel DHCP client die niet werkt en meerdere fout meldingen ook mijn beveiliging van windows geeft ie aan dat die niet werkt en als ik hem wil opstarten werkt ie ook niet ik heb kaspersky internet security 2010 en gebruik ook emsisoft anti malware beide geven geen meldingen ook niet na een scan heb ook een online scan gedaan van bit defender en die geeft ook niets aan wat kan het plotselingen probleem van wel 6 foutmeldingen zijn??? graag wat hulp mvg dave