daveEHV

hallo ik logeer bij wat vrienden en die vroegen of ik kon helpen met hun laptop omdat die wat problemen had nu kwam ik erachter nadat ik wat programmas gedraaid zoals AVG free en geen virussen toen MBAM malware en die kreeg ook niets gevonden hij draait wel maar als ik de windows update open dan zie ik hem openen en meteen weer sluiten en zo zijn er meer dingen, ik kan ook niet in mijn computer hij opent hem maar sluit ook meteen weer af en weet niet goed wat ik ermee moet doen de c schijf staat ook bomvol terwijl ik ccleaner heb gebruikt en de documenten opgeschoond en de windows verkenner opent maar sluit ook meteen. graag wat hulp wat ik kan doen mvg dave

thanks for the info nu zit ik nog met een klein probleempje.Nu alles was schoongemaakt (niet in de winsxs) maar gewoon met ccleaner en eusing free registry cleaner kreeg ik mijn mozilla niet meer gestart had hem verwijderd met revo uninstall alles eruit en op nieuw geinstalleerd maar hij blijft weigeren om open te gaan mijn firefox?? het probleem is opgelost ik wil je danken voor de hulp mvg dave

ik heb toch nog een vraag aan je??? ik vraag me af wat ik in de volgende map kan verwijderen heb er een plaatje van gemaakt die zal ik hieronder posten het gaat me vooral om de backup folder en de manifests

had ik al gebruikt ondanks dat cc cleaner perfect werkt merk ik toch vaak dat ie niet alles opruimt gebruik er ook tweaknow reg cleaner en die vind vaak veel meer ik zal wat zuiniger met mijn reg omgaan hij loopt perfect dus dank je voor het antwoord

Na de laatste keer goed geholpen loopt eigenlijk alles vlekkeloos,maar had toch soms wat vastlopers ik vond dat niet zo erg,en ben gewoon wat info gaan zoeken en had het programma shell ex view gevonden en snel het probleem gevonden. Het probleem was mijn nieuwe firefox en sommige addons waren gewoon nog niet compatible zoals real player,maar ook hp smart webprinting dus even in de lijst opgezocht en gewoon eruit gegooid wat geen problemen meer opleverden.Tot vandaag al drie keer opnieuw opstarten als ik bijvoorbeeld oude programmas uit mijn AppData\Roaming folder verwijderden wat ik doe met 'fileassins' en 'eraser' maar niet alleen in die folder in meerdere folders maar ook mijn windows verkenner wil nogal eens hoesten en stoppen. Weet iemand wat ik ermee kan om het op te lossen?????

harstikke bedankt voor de hulp nu kan ik na heel wat dagen erachter te hebben gezeten weer wat relaxen hahaha en zal ik de opgelost knop gebruiken mvg dave

heb alles opgeschoond en herstart en herkende maar 3 fouten in mijn systeem;; bytesphere trap manager maar dat is van een programma dat niet meer in gebruik is, languagepack setup, hp healthcheck, alleen doet mijn mozilla het nog steeds niet? moet ik hem verwijderen met revo en opnieuw installeren??? verder ervaar ik geen problemen tot dus ver wat me al heel blij stemt thanks for the help mvg dave

sorry voor de late reactie heb 6 keer opnieuw moeten opstarten omdat spybot problemen bleef geven in de veilige modus, nadat ik hem verwijderd had kon ik de CFScript gebruiken, heb weer de registry foutmelding gekregen en veel acces denied in de combofix, en mozilla doet het nog steeds niet,uiteindelijk is er weer een nieuw log uit gekomen; ComboFix 10-06-29.03 - home 30-06-2010 19:38:46.7.2 - x86 MINIMAL Gestart vanuit: c:\users\home\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\home\Desktop\CFScript.txt * Nieuw herstelpunt werd aangemaakt FILE :: "c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\bases\as\pas4\ForDiff\base.keb.bat" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\bases\as\pas4\ForDiff\base.keb.bat . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TFFSMON -------\Legacy_TFNETMON -------\Legacy_TFSYSMON -------\Service_TfFsMon -------\Service_TfNetMon -------\Service_TfSysMon (((((((((((((((((((( Bestanden Gemaakt van 2010-05-28 to 2010-06-30 )))))))))))))))))))))))))))))) . 2010-06-30 17:45 . 2010-06-30 17:50 -------- d-----w- c:\users\home\AppData\Local\temp 2010-06-30 17:45 . 2010-06-30 17:45 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-06-30 17:45 . 2010-06-30 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-06-30 16:03 . 2010-06-30 16:03 -------- d-----w- c:\users\home\AppData\Roaming\HPAppData 2010-06-30 10:28 . 2010-06-30 10:28 -------- d-----w- c:\program files\ok-s.com 2010-06-29 13:18 . 2010-06-30 17:22 -------- d-----w- c:\program files\Emsisoft Anti-Malware 2010-06-29 12:16 . 2010-06-29 12:16 -------- d-----w- c:\program files\CCleaner 2010-06-28 08:11 . 2010-06-28 08:11 -------- d-----w- c:\program files\Unlocker 2010-06-28 07:12 . 1998-12-02 08:11 143360 ----a-w- c:\windows\system32\vbuzip10.dll 2010-06-28 07:12 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\Vb5db.dll 2010-06-28 06:24 . 2010-06-28 06:23 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-25 16:49 . 2010-06-25 16:49 -------- d-----w- c:\users\home\AppData\Local\Apps 2010-06-25 11:13 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2010-06-25 11:13 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2010-06-24 21:27 . 2010-06-24 21:27 -------- d-----w- c:\users\home\AppData\Roaming\FixIt 2010-06-24 20:10 . 2010-06-24 20:10 -------- d-----w- c:\users\home\AppData\Local\Adobe 2010-06-24 13:46 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-24 13:45 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-22 21:33 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-22 21:33 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-22 21:33 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-22 21:33 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-22 21:33 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 21:03 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-06-22 21:03 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-06-22 11:54 . 2010-06-22 11:54 -------- d-----w- c:\users\home\AppData\Roaming\PC Suite 2010-06-21 03:07 . 2010-06-21 03:10 -------- d-----w- c:\program files\TweakNow RegCleaner 2010-06-21 03:07 . 2010-06-21 03:07 -------- d-----w- c:\users\home\AppData\Roaming\TweakNow RegCleaner 2010-06-21 02:52 . 2010-06-21 02:52 -------- d-----w- c:\program files\ToniArts 2010-06-21 01:44 . 2010-06-21 01:44 -------- d-----w- c:\users\home\AppData\Roaming\Auslogics 2010-06-21 01:43 . 2010-06-21 01:43 -------- d-----w- c:\program files\Auslogics 2010-06-20 22:14 . 2010-06-20 22:14 -------- d-----w- c:\programdata\PC Suite 2010-06-20 21:58 . 2010-06-20 21:58 -------- d-----w- c:\users\home\{50a2dd4a-1e00-4bdd-b72a-daf48ba322fc} 2010-06-20 21:50 . 2007-05-02 14:31 90624 ----a-w- c:\windows\system32\nmwcdcls.dll 2010-06-20 21:50 . 2007-09-17 13:53 21632 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2010-06-20 21:50 . 2010-06-20 21:50 -------- dc----w- c:\windows\system32\DRVSTORE 2010-06-20 21:48 . 2010-06-24 19:37 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2010-06-20 21:47 . 2009-04-07 07:39 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys 2010-06-20 21:47 . 2009-04-07 07:39 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe 2010-06-20 21:47 . 2009-04-07 07:39 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll 2010-06-20 21:46 . 2010-06-24 17:56 -------- d-----w- c:\users\home\AppData\Roaming\Samsung 2010-06-20 21:45 . 2010-06-20 21:45 -------- d-----w- c:\program files\MarkAny 2010-06-20 21:45 . 2010-06-20 21:50 -------- d-----w- c:\program files\PC Connectivity Solution 2010-06-20 21:42 . 2010-06-24 18:30 -------- d-----w- c:\program files\Samsung 2010-06-20 21:39 . 2010-06-20 21:39 -------- d-----w- c:\users\home\AppData\Local\Downloaded Installations 2010-06-13 17:37 . 2010-06-13 17:37 -------- d-----w- c:\program files\Microsoft.NET 2010-06-13 17:32 . 2010-06-13 17:32 -------- d-----r- C:\MSOCache 2010-06-10 23:13 . 2010-06-10 23:13 -------- d-----w- c:\program files\WinPcap 2010-06-10 23:07 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys 2010-06-09 16:57 . 2010-06-09 17:01 -------- d-----w- c:\program files\Windows Live Safety Center 2010-05-31 22:34 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2010-05-31 22:33 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll 2010-05-31 22:33 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll 2010-05-31 22:33 . 2010-05-27 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll 2010-05-31 22:33 . 2010-05-31 22:34 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-05-31 22:11 . 2010-05-31 22:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2010-05-31 22:11 . 2010-06-29 12:38 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-05-31 19:32 . 2010-06-28 10:33 -------- d-----w- C:\OidView 2010-05-31 19:32 . 1998-09-01 06:44 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-30 17:51 . 2009-12-20 12:15 -------- d-----w- c:\programdata\Kaspersky Lab 2010-06-30 17:43 . 2009-02-28 14:33 666044 ----a-w- c:\windows\system32\perfh013.dat 2010-06-30 17:43 . 2009-02-28 14:33 126022 ----a-w- c:\windows\system32\perfc013.dat 2010-06-30 17:33 . 2010-04-21 19:22 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-06-30 17:33 . 2010-04-21 19:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-06-29 12:38 . 2010-02-14 08:20 -------- d-----w- c:\users\home\AppData\Roaming\vlc 2010-06-29 12:38 . 2009-12-20 16:44 -------- d-----w- c:\users\home\AppData\Roaming\uTorrent 2010-06-29 11:48 . 2010-03-27 17:30 -------- d-----w- c:\program files\Nero 2010-06-28 19:11 . 2009-11-02 14:50 -------- d-----w- c:\users\home\AppData\Roaming\Media Player Classic 2010-06-28 19:08 . 2010-05-17 19:54 -------- d-----w- c:\program files\DsNET Corp 2010-06-28 11:03 . 2009-02-28 08:01 -------- d-----w- c:\program files\Java 2010-06-26 11:39 . 2009-10-27 17:24 76216 ----a-w- c:\users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-26 11:38 . 2009-10-27 17:15 -------- d-----w- c:\programdata\Microsoft Help 2010-06-25 11:15 . 2010-06-25 11:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf 2010-06-25 11:15 . 2010-06-25 11:15 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf 2010-06-24 19:45 . 2009-11-13 17:42 7512 ----a-w- c:\users\home\AppData\Local\d3d9caps.dat 2010-06-24 17:02 . 2010-05-23 01:12 -------- d-----w- c:\program files\WhatsRunning 2010-06-24 13:46 . 2010-05-23 18:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-06-21 14:49 . 2010-01-27 19:28 -------- d-----w- c:\program files\MRU-Blaster 2010-06-21 02:52 . 2009-02-28 06:35 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-15 16:42 . 2010-06-15 16:42 133648 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll 2010-06-15 16:42 . 2010-06-15 16:42 133720 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll 2010-06-13 17:39 . 2009-10-27 17:16 -------- d-----w- c:\program files\Microsoft Works 2010-06-12 12:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-06-05 17:27 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-01 00:12 . 2009-11-03 20:06 -------- d-----w- c:\users\home\AppData\Roaming\HpUpdate 2010-05-31 17:17 . 2010-05-31 17:17 -------- d-----w- c:\programdata\SolarWinds 2010-05-30 12:50 . 2010-05-23 00:18 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-05-30 12:50 . 2010-04-14 22:41 -------- d-----w- c:\programdata\DivX 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\DivX 2010-05-30 12:47 . 2010-05-23 00:14 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-05-29 16:55 . 2009-10-27 20:32 -------- d-----w- c:\program files\Google 2010-05-27 20:32 . 2010-05-27 20:32 245936 ----a-w- c:\windows\system32\drivers\SynTP.sys 2010-05-27 20:31 . 2008-07-24 16:46 120104 ----a-w- c:\windows\system32\SynTPCo4.dll 2010-05-27 20:31 . 2008-07-24 16:26 165160 ----a-w- c:\windows\system32\SynTPAPI.dll 2010-05-27 20:31 . 2010-05-27 20:31 210216 ----a-w- c:\windows\system32\SynCtrl.dll 2010-05-27 20:31 . 2008-07-24 16:11 173352 ----a-w- c:\windows\system32\SynCOM.dll 2010-05-26 17:36 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft 2010-05-26 17:06 . 2010-06-10 23:08 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-10 23:08 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-23 18:59 . 2010-05-23 18:59 -------- d-----w- c:\programdata\Malwarebytes 2010-05-23 00:18 . 2010-05-23 00:18 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe 2010-05-23 00:13 . 2010-05-23 00:18 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe 2010-05-18 07:57 . 2009-12-26 13:48 -------- d-----w- c:\program files\uTorrent 2010-05-16 19:21 . 2010-05-16 19:21 -------- d-----w- c:\program files\VS Revo Group 2010-05-16 19:02 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\Real 2010-05-14 11:20 . 2009-12-20 21:31 -------- d-----w- c:\users\home\AppData\Roaming\SBMAV Disk Cleaner 2010-05-05 16:39 . 2009-12-20 13:01 113933 ----a-w- c:\windows\system32\drivers\klin.dat 2010-05-05 16:39 . 2009-12-20 13:01 97549 ----a-w- c:\windows\system32\drivers\klick.dat 2010-05-04 05:59 . 2010-06-10 23:08 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 05:55 . 2010-06-10 23:08 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-05-04 05:55 . 2010-06-10 23:08 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-05-04 04:31 . 2010-06-10 23:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-05-03 17:52 . 2010-05-03 17:52 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-05-01 16:56 . 2010-05-01 16:56 247296 ----a-w- c:\windows\system32\wbem\WMIPRVSE.EXE 2010-04-23 14:13 . 2010-05-26 16:43 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-22 00:44 . 2010-04-22 00:42 23209 ----a-w- c:\windows\hpqins15.dat 2010-04-16 16:43 . 2010-06-22 21:03 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll 2010-04-16 16:43 . 2010-06-22 21:03 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll 2010-04-16 16:43 . 2010-06-22 21:03 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll 2010-04-16 16:43 . 2010-06-22 21:03 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll 2010-04-05 17:01 . 2010-06-10 23:08 67072 ----a-w- c:\windows\system32\asycfilt.dll 2009-02-28 14:50 . 2009-02-28 14:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "a-squared"="c:\program files\EMSISOFT ANTI-MALWARE\a2guard.exe" [2010-06-29 3627912] "avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart] 2008-12-25 12:41 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent] 2008-11-28 17:04 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 09:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2009-11-10 14:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] 2008-11-18 18:35 914224 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-23 00:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] 2008-12-25 12:41 1316136 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent] 2009-05-08 16:32 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2008-11-14 21:02 218408 ------w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] 2008-10-30 10:51 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] 2008-11-26 10:34 210216 ------w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "VistaSp2"=hex(:50,9d,48,44,6b,59,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3031723917-1600518869-3245930991-1000] "EnableNotificationsRef"=dword:00000001 R2 BSSNMPTRAP;ByteSphere Trap Manager;c:\oidview\trap_manager.exe [x] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 136176] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x] R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 3200] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-05 691696] S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880] S1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [2010-05-15 39576] S1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [2010-05-05 11776] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2007-03-22 20560] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-11-03 21520] S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/27 16:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 17:04 87536] S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2010-06-29 1935120] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-04-07 233472] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456] S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952] S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320] S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096] S3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-06-29 71008] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-04-07 36608] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-23 107360] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map 2010-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 16:52] 2010-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 16:52] 2010-06-28 c:\windows\Tasks\HPCeeScheduleForhome.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-28 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll TCP: {5BB7BBF4-5484-4488-9278-0AEBB2BEBADE} = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\2e1wqqg9.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - falsec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-06-30 19:50 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\WLANExt.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Voltooingstijd: 2010-06-30 20:00:24 - machine werd herstart ComboFix-quarantined-files.txt 2010-06-30 18:00 ComboFix2.txt 2010-06-30 11:33 ComboFix3.txt 2010-06-29 14:31 Pre-Run: 203.093.504.000 bytes beschikbaar Post-Run: 202.643.140.608 bytes beschikbaar - - End Of File - - EFD22847F35B9C87C32FA00F992A5393

heb het cfscript.exe gedaan en een nieuwe combo foutmeldingen; regisytry editor 2* gesloten en mozilla firefox werkt nog steeds niet ComboFix 10-06-29.03 - home 30-06-2010 13:15:28.6.2 - x86 Gestart vanuit: c:\users\home\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\home\Desktop\CFScript.txt SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2010-05-28 to 2010-06-30 )))))))))))))))))))))))))))))) . 2010-06-30 11:22 . 2010-06-30 11:30 -------- d-----w- c:\users\home\AppData\Local\temp 2010-06-30 11:22 . 2010-06-30 11:22 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-06-30 11:22 . 2010-06-30 11:22 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-06-30 10:28 . 2010-06-30 10:28 -------- d-----w- c:\program files\ok-s.com 2010-06-29 13:18 . 2010-06-30 10:55 -------- d-----w- c:\program files\Emsisoft Anti-Malware 2010-06-29 12:16 . 2010-06-29 12:16 -------- d-----w- c:\program files\CCleaner 2010-06-28 08:11 . 2010-06-28 08:11 -------- d-----w- c:\program files\Unlocker 2010-06-28 07:12 . 1998-12-02 08:11 143360 ----a-w- c:\windows\system32\vbuzip10.dll 2010-06-28 07:12 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\Vb5db.dll 2010-06-28 06:24 . 2010-06-28 06:23 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-25 16:49 . 2010-06-25 16:49 -------- d-----w- c:\users\home\AppData\Local\Apps 2010-06-25 11:13 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2010-06-25 11:13 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2010-06-24 21:27 . 2010-06-24 21:27 -------- d-----w- c:\users\home\AppData\Roaming\FixIt 2010-06-24 20:10 . 2010-06-24 20:10 -------- d-----w- c:\users\home\AppData\Local\Adobe 2010-06-24 13:46 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-24 13:45 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-22 21:33 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-22 21:33 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-22 21:33 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-22 21:33 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-22 21:33 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 21:03 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-06-22 21:03 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-06-22 11:54 . 2010-06-22 11:54 -------- d-----w- c:\users\home\AppData\Roaming\PC Suite 2010-06-21 03:07 . 2010-06-21 03:10 -------- d-----w- c:\program files\TweakNow RegCleaner 2010-06-21 03:07 . 2010-06-21 03:07 -------- d-----w- c:\users\home\AppData\Roaming\TweakNow RegCleaner 2010-06-21 02:52 . 2010-06-21 02:52 -------- d-----w- c:\program files\ToniArts 2010-06-21 01:44 . 2010-06-21 01:44 -------- d-----w- c:\users\home\AppData\Roaming\Auslogics 2010-06-21 01:43 . 2010-06-21 01:43 -------- d-----w- c:\program files\Auslogics 2010-06-20 22:14 . 2010-06-20 22:14 -------- d-----w- c:\programdata\PC Suite 2010-06-20 21:58 . 2010-06-20 21:58 -------- d-----w- c:\users\home\{50a2dd4a-1e00-4bdd-b72a-daf48ba322fc} 2010-06-20 21:50 . 2007-05-02 14:31 90624 ----a-w- c:\windows\system32\nmwcdcls.dll 2010-06-20 21:50 . 2007-09-17 13:53 21632 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2010-06-20 21:50 . 2010-06-20 21:50 -------- dc----w- c:\windows\system32\DRVSTORE 2010-06-20 21:48 . 2010-06-24 19:37 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2010-06-20 21:47 . 2009-04-07 07:39 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys 2010-06-20 21:47 . 2009-04-07 07:39 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe 2010-06-20 21:47 . 2009-04-07 07:39 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll 2010-06-20 21:46 . 2010-06-24 17:56 -------- d-----w- c:\users\home\AppData\Roaming\Samsung 2010-06-20 21:45 . 2010-06-20 21:45 -------- d-----w- c:\program files\MarkAny 2010-06-20 21:45 . 2010-06-20 21:50 -------- d-----w- c:\program files\PC Connectivity Solution 2010-06-20 21:42 . 2010-06-24 18:30 -------- d-----w- c:\program files\Samsung 2010-06-20 21:39 . 2010-06-20 21:39 -------- d-----w- c:\users\home\AppData\Local\Downloaded Installations 2010-06-15 16:42 . 2010-06-15 16:42 133648 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll 2010-06-15 16:42 . 2010-06-15 16:42 133720 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll 2010-06-13 17:37 . 2010-06-13 17:37 -------- d-----w- c:\program files\Microsoft.NET 2010-06-13 17:32 . 2010-06-13 17:32 -------- d-----r- C:\MSOCache 2010-06-10 23:13 . 2010-06-10 23:13 -------- d-----w- c:\program files\WinPcap 2010-06-10 23:07 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys 2010-06-09 16:57 . 2010-06-09 17:01 -------- d-----w- c:\program files\Windows Live Safety Center 2010-05-31 22:34 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2010-05-31 22:33 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll 2010-05-31 22:33 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll 2010-05-31 22:33 . 2010-05-27 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll 2010-05-31 22:33 . 2010-05-31 22:34 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-05-31 22:11 . 2010-05-31 22:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2010-05-31 22:11 . 2010-06-29 12:38 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-05-31 19:32 . 2010-06-28 10:33 -------- d-----w- C:\OidView 2010-05-31 19:32 . 1998-09-01 06:44 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll 2010-05-31 17:18 . 2010-05-31 17:18 -------- d-----w- c:\users\home\AppData\Local\SolarWinds 2010-05-31 17:17 . 2010-05-31 17:17 -------- d-----w- c:\programdata\SolarWinds . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-30 10:58 . 2009-02-28 14:33 666044 ----a-w- c:\windows\system32\perfh013.dat 2010-06-30 10:58 . 2009-02-28 14:33 126022 ----a-w- c:\windows\system32\perfc013.dat 2010-06-30 10:53 . 2009-12-20 12:15 -------- d-----w- c:\programdata\Kaspersky Lab 2010-06-29 12:38 . 2010-02-14 08:20 -------- d-----w- c:\users\home\AppData\Roaming\vlc 2010-06-29 12:38 . 2009-12-20 16:44 -------- d-----w- c:\users\home\AppData\Roaming\uTorrent 2010-06-29 12:38 . 2010-04-21 19:22 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-06-29 11:48 . 2010-03-27 17:30 -------- d-----w- c:\program files\Nero 2010-06-28 19:11 . 2009-11-02 14:50 -------- d-----w- c:\users\home\AppData\Roaming\Media Player Classic 2010-06-28 19:08 . 2010-05-17 19:54 -------- d-----w- c:\program files\DsNET Corp 2010-06-28 11:03 . 2009-02-28 08:01 -------- d-----w- c:\program files\Java 2010-06-26 13:12 . 2010-04-21 19:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-06-26 11:39 . 2009-10-27 17:24 76216 ----a-w- c:\users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-26 11:38 . 2009-10-27 17:15 -------- d-----w- c:\programdata\Microsoft Help 2010-06-25 11:15 . 2010-06-25 11:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf 2010-06-25 11:15 . 2010-06-25 11:15 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf 2010-06-24 19:45 . 2009-11-13 17:42 7512 ----a-w- c:\users\home\AppData\Local\d3d9caps.dat 2010-06-24 17:02 . 2010-05-23 01:12 -------- d-----w- c:\program files\WhatsRunning 2010-06-24 13:46 . 2010-05-23 18:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-06-21 14:49 . 2010-01-27 19:28 -------- d-----w- c:\program files\MRU-Blaster 2010-06-21 02:52 . 2009-02-28 06:35 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-13 17:39 . 2009-10-27 17:16 -------- d-----w- c:\program files\Microsoft Works 2010-06-12 12:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-06-05 17:27 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-01 00:12 . 2009-11-03 20:06 -------- d-----w- c:\users\home\AppData\Roaming\HpUpdate 2010-05-30 12:50 . 2010-05-23 00:18 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-05-30 12:50 . 2010-04-14 22:41 -------- d-----w- c:\programdata\DivX 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\DivX 2010-05-30 12:47 . 2010-05-23 00:14 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-05-29 16:55 . 2009-10-27 20:32 -------- d-----w- c:\program files\Google 2010-05-27 20:32 . 2010-05-27 20:32 245936 ----a-w- c:\windows\system32\drivers\SynTP.sys 2010-05-27 20:31 . 2008-07-24 16:46 120104 ----a-w- c:\windows\system32\SynTPCo4.dll 2010-05-27 20:31 . 2008-07-24 16:26 165160 ----a-w- c:\windows\system32\SynTPAPI.dll 2010-05-27 20:31 . 2010-05-27 20:31 210216 ----a-w- c:\windows\system32\SynCtrl.dll 2010-05-27 20:31 . 2008-07-24 16:11 173352 ----a-w- c:\windows\system32\SynCOM.dll 2010-05-26 17:36 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft 2010-05-26 17:06 . 2010-06-10 23:08 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-10 23:08 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-23 18:59 . 2010-05-23 18:59 -------- d-----w- c:\programdata\Malwarebytes 2010-05-23 00:18 . 2010-05-23 00:18 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe 2010-05-23 00:13 . 2010-05-23 00:18 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe 2010-05-18 07:57 . 2009-12-26 13:48 -------- d-----w- c:\program files\uTorrent 2010-05-16 19:21 . 2010-05-16 19:21 -------- d-----w- c:\program files\VS Revo Group 2010-05-16 19:02 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\Real 2010-05-14 11:20 . 2009-12-20 21:31 -------- d-----w- c:\users\home\AppData\Roaming\SBMAV Disk Cleaner 2010-05-05 16:39 . 2009-12-20 13:01 113933 ----a-w- c:\windows\system32\drivers\klin.dat 2010-05-05 16:39 . 2009-12-20 13:01 97549 ----a-w- c:\windows\system32\drivers\klick.dat 2010-05-04 05:59 . 2010-06-10 23:08 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 05:55 . 2010-06-10 23:08 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-05-04 05:55 . 2010-06-10 23:08 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-05-04 04:31 . 2010-06-10 23:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-05-03 17:52 . 2010-05-03 17:52 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-05-01 16:56 . 2010-05-01 16:56 247296 ----a-w- c:\windows\system32\wbem\WMIPRVSE.EXE 2010-04-23 14:13 . 2010-05-26 16:43 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-22 00:44 . 2010-04-22 00:42 23209 ----a-w- c:\windows\hpqins15.dat 2010-04-20 23:02 . 2010-04-20 23:02 20 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\bases\as\pas4\ForDiff\base.keb.bat 2010-04-16 16:43 . 2010-06-22 21:03 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll 2010-04-16 16:43 . 2010-06-22 21:03 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll 2010-04-16 16:43 . 2010-06-22 21:03 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll 2010-04-16 16:43 . 2010-06-22 21:03 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll 2010-04-05 17:01 . 2010-06-10 23:08 67072 ----a-w- c:\windows\system32\asycfilt.dll 2009-02-28 14:50 . 2009-02-28 14:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "a-squared"="c:\program files\EMSISOFT ANTI-MALWARE\a2guard.exe" [2010-06-29 3627912] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] SetupExecute REG_MULTI_SZ \0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart] 2008-12-25 12:41 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent] 2008-11-28 17:04 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 09:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2009-11-10 14:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] 2008-11-18 18:35 914224 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-23 00:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] 2008-12-25 12:41 1316136 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent] 2009-05-08 16:32 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2008-11-14 21:02 218408 ------w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] 2008-10-30 10:51 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] 2008-11-26 10:34 210216 ------w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "VistaSp2"=hex(:50,9d,48,44,6b,59,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3031723917-1600518869-3245930991-1000] "EnableNotificationsRef"=dword:00000001 R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x] R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2010-06-29 1935120] R2 BSSNMPTRAP;ByteSphere Trap Manager;c:\oidview\trap_manager.exe [x] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 136176] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-06-29 71008] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x] R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 3200] R3 TfNetMon;TfNetMon; [x] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-05 691696] S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880] S1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [2010-05-15 39576] S1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [2010-05-05 11776] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2007-03-22 20560] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-11-03 21520] S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/27 16:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 17:04 87536] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-04-07 233472] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456] S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952] S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320] S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-04-07 36608] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-23 107360] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PROCEXP141 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map 2010-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 16:52] 2010-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 16:52] 2010-06-28 c:\windows\Tasks\HPCeeScheduleForhome.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-28 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll TCP: {5BB7BBF4-5484-4488-9278-0AEBB2BEBADE} = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\2e1wqqg9.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZKfox000&fl=0&ptb=21a3ZOhAu0ecYJ6YRpP6cQ&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77cea0e3&searchfor= FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - falsec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-06-30 13:30 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... c:\users\home\AppData\Local\Temp\catchme.dll 53248 bytes executable Scan succesvol afgerond verborgen bestanden: 1 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . Voltooingstijd: 2010-06-30 13:33:41 ComboFix-quarantined-files.txt 2010-06-30 11:33 ComboFix2.txt 2010-06-29 14:31 Pre-Run: 203.886.411.776 bytes beschikbaar Post-Run: 203.860.889.600 bytes beschikbaar - - End Of File - - 6FD8C79A4E45855E53F88A85C2978CBF

ik gebruik pctools allang niet meer dat is toch (spyware doctor)?? in mijn run mru zaten de restjes van pctools en threatfire heb ze leegemaakt nu is de vraag of ik de cfs script kan maken ??

de combofix ging goed maar op het einde kreeg ik 3* een foutmelding alle drie waren ze van de registry editor die hield op met werken en moest rebooten na de reboot, starten mozilla firefox niet meer op en mijn internet explororer gelukkig wel anders kon ik mijn log niet meer plaatsen maar hier is ie; ComboFix 10-06-28.01 - home 29-06-2010 16:20:16.5.2 - x86 Gestart vanuit: c:\users\home\Desktop\ComboFix.exe SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\kWab.dll c:\windows\system32\vbzlib1.dll . (((((((((((((((((((( Bestanden Gemaakt van 2010-05-28 to 2010-06-29 )))))))))))))))))))))))))))))) . 2010-06-29 14:27 . 2010-06-29 14:28 -------- d-----w- c:\users\home\AppData\Local\temp 2010-06-29 14:27 . 2010-06-29 14:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-06-29 13:36 . 2010-06-29 13:36 -------- d-----w- c:\users\home\AppData\Roaming\HPAppData 2010-06-29 13:18 . 2010-06-29 13:55 -------- d-----w- c:\program files\Emsisoft Anti-Malware 2010-06-29 12:16 . 2010-06-29 12:16 -------- d-----w- c:\program files\CCleaner 2010-06-28 08:11 . 2010-06-28 08:11 -------- d-----w- c:\program files\Unlocker 2010-06-28 07:12 . 1998-12-02 08:11 143360 ----a-w- c:\windows\system32\vbuzip10.dll 2010-06-28 07:12 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\Vb5db.dll 2010-06-28 06:24 . 2010-06-28 06:23 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-25 16:49 . 2010-06-25 16:49 -------- d-----w- c:\users\home\AppData\Local\Apps 2010-06-25 11:13 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2010-06-25 11:13 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2010-06-24 21:27 . 2010-06-24 21:27 -------- d-----w- c:\users\home\AppData\Roaming\FixIt 2010-06-24 20:10 . 2010-06-24 20:10 -------- d-----w- c:\users\home\AppData\Local\Adobe 2010-06-24 13:46 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-24 13:45 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-22 21:33 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-22 21:33 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-22 21:33 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-22 21:33 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-22 21:33 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 21:03 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-06-22 21:03 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-06-22 11:54 . 2010-06-22 11:54 -------- d-----w- c:\users\home\AppData\Roaming\PC Suite 2010-06-21 03:07 . 2010-06-21 03:10 -------- d-----w- c:\program files\TweakNow RegCleaner 2010-06-21 03:07 . 2010-06-21 03:07 -------- d-----w- c:\users\home\AppData\Roaming\TweakNow RegCleaner 2010-06-21 02:52 . 2010-06-21 02:52 -------- d-----w- c:\program files\ToniArts 2010-06-21 01:44 . 2010-06-21 01:44 -------- d-----w- c:\users\home\AppData\Roaming\Auslogics 2010-06-21 01:43 . 2010-06-21 01:43 -------- d-----w- c:\program files\Auslogics 2010-06-20 22:14 . 2010-06-20 22:14 -------- d-----w- c:\programdata\PC Suite 2010-06-20 21:58 . 2010-06-20 21:58 -------- d-----w- c:\users\home\{50a2dd4a-1e00-4bdd-b72a-daf48ba322fc} 2010-06-20 21:50 . 2007-05-02 14:31 90624 ----a-w- c:\windows\system32\nmwcdcls.dll 2010-06-20 21:50 . 2007-09-17 13:53 21632 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2010-06-20 21:50 . 2010-06-20 21:50 -------- dc----w- c:\windows\system32\DRVSTORE 2010-06-20 21:48 . 2010-06-24 19:37 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2010-06-20 21:47 . 2009-04-07 07:39 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys 2010-06-20 21:47 . 2009-04-07 07:39 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe 2010-06-20 21:47 . 2009-04-07 07:39 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll 2010-06-20 21:46 . 2010-06-24 17:56 -------- d-----w- c:\users\home\AppData\Roaming\Samsung 2010-06-20 21:45 . 2010-06-20 21:45 -------- d-----w- c:\program files\MarkAny 2010-06-20 21:45 . 2010-06-20 21:50 -------- d-----w- c:\program files\PC Connectivity Solution 2010-06-20 21:42 . 2010-06-24 18:30 -------- d-----w- c:\program files\Samsung 2010-06-20 21:39 . 2010-06-20 21:39 -------- d-----w- c:\users\home\AppData\Local\Downloaded Installations 2010-06-15 16:42 . 2010-06-15 16:42 133648 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll 2010-06-15 16:42 . 2010-06-15 16:42 133720 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll 2010-06-13 17:37 . 2010-06-13 17:37 -------- d-----w- c:\program files\Microsoft.NET 2010-06-13 17:32 . 2010-06-13 17:32 -------- d-----r- C:\MSOCache 2010-06-10 23:13 . 2010-06-10 23:13 -------- d-----w- c:\program files\WinPcap 2010-06-10 23:07 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys 2010-06-09 16:57 . 2010-06-09 17:01 -------- d-----w- c:\program files\Windows Live Safety Center 2010-05-31 22:34 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2010-05-31 22:33 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll 2010-05-31 22:33 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll 2010-05-31 22:33 . 2010-05-27 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll 2010-05-31 22:33 . 2010-05-31 22:34 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-05-31 22:11 . 2010-05-31 22:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2010-05-31 22:11 . 2010-06-29 12:38 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-05-31 19:32 . 2010-06-28 10:33 -------- d-----w- C:\OidView 2010-05-31 19:32 . 1998-09-01 06:44 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll 2010-05-31 17:18 . 2010-05-31 17:18 -------- d-----w- c:\users\home\AppData\Local\SolarWinds 2010-05-31 17:17 . 2010-05-31 17:17 -------- d-----w- c:\programdata\SolarWinds . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-29 13:35 . 2009-02-28 14:33 666044 ----a-w- c:\windows\system32\perfh013.dat 2010-06-29 13:35 . 2009-02-28 14:33 126022 ----a-w- c:\windows\system32\perfc013.dat 2010-06-29 13:30 . 2009-12-20 12:15 -------- d-----w- c:\programdata\Kaspersky Lab 2010-06-29 12:38 . 2010-02-14 08:20 -------- d-----w- c:\users\home\AppData\Roaming\vlc 2010-06-29 12:38 . 2009-12-20 16:44 -------- d-----w- c:\users\home\AppData\Roaming\uTorrent 2010-06-29 12:38 . 2010-04-21 19:22 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-06-29 11:48 . 2010-03-27 17:30 -------- d-----w- c:\program files\Nero 2010-06-28 19:11 . 2009-11-02 14:50 -------- d-----w- c:\users\home\AppData\Roaming\Media Player Classic 2010-06-28 19:08 . 2010-05-17 19:54 -------- d-----w- c:\program files\DsNET Corp 2010-06-28 11:03 . 2009-02-28 08:01 -------- d-----w- c:\program files\Java 2010-06-26 13:12 . 2010-04-21 19:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-06-26 11:39 . 2009-10-27 17:24 76216 ----a-w- c:\users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-26 11:38 . 2009-10-27 17:15 -------- d-----w- c:\programdata\Microsoft Help 2010-06-25 11:15 . 2010-06-25 11:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf 2010-06-25 11:15 . 2010-06-25 11:15 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf 2010-06-24 19:45 . 2009-11-13 17:42 7512 ----a-w- c:\users\home\AppData\Local\d3d9caps.dat 2010-06-24 17:02 . 2010-05-23 01:12 -------- d-----w- c:\program files\WhatsRunning 2010-06-24 13:46 . 2010-05-23 18:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-06-21 14:49 . 2010-01-27 19:28 -------- d-----w- c:\program files\MRU-Blaster 2010-06-21 02:52 . 2009-02-28 06:35 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-13 17:39 . 2009-10-27 17:16 -------- d-----w- c:\program files\Microsoft Works 2010-06-12 12:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-06-05 17:27 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-01 00:12 . 2009-11-03 20:06 -------- d-----w- c:\users\home\AppData\Roaming\HpUpdate 2010-05-30 12:50 . 2010-05-23 00:18 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-05-30 12:50 . 2010-04-14 22:41 -------- d-----w- c:\programdata\DivX 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-05-30 12:50 . 2009-11-10 01:54 -------- d-----w- c:\program files\DivX 2010-05-30 12:47 . 2010-05-23 00:14 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-05-29 16:55 . 2009-10-27 20:32 -------- d-----w- c:\program files\Google 2010-05-27 20:32 . 2010-05-27 20:32 245936 ----a-w- c:\windows\system32\drivers\SynTP.sys 2010-05-27 20:31 . 2008-07-24 16:46 120104 ----a-w- c:\windows\system32\SynTPCo4.dll 2010-05-27 20:31 . 2008-07-24 16:26 165160 ----a-w- c:\windows\system32\SynTPAPI.dll 2010-05-27 20:31 . 2010-05-27 20:31 210216 ----a-w- c:\windows\system32\SynCtrl.dll 2010-05-27 20:31 . 2008-07-24 16:11 173352 ----a-w- c:\windows\system32\SynCOM.dll 2010-05-26 17:36 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft 2010-05-26 17:06 . 2010-06-10 23:08 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-10 23:08 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-23 18:59 . 2010-05-23 18:59 -------- d-----w- c:\programdata\Malwarebytes 2010-05-23 00:18 . 2010-05-23 00:18 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe 2010-05-23 00:13 . 2010-05-23 00:18 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe 2010-05-18 07:57 . 2009-12-26 13:48 -------- d-----w- c:\program files\uTorrent 2010-05-16 19:21 . 2010-05-16 19:21 -------- d-----w- c:\program files\VS Revo Group 2010-05-16 19:02 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\Real 2010-05-14 11:20 . 2009-12-20 21:31 -------- d-----w- c:\users\home\AppData\Roaming\SBMAV Disk Cleaner 2010-05-05 16:39 . 2009-12-20 13:01 113933 ----a-w- c:\windows\system32\drivers\klin.dat 2010-05-05 16:39 . 2009-12-20 13:01 97549 ----a-w- c:\windows\system32\drivers\klick.dat 2010-05-04 05:59 . 2010-06-10 23:08 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 05:55 . 2010-06-10 23:08 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-05-04 05:55 . 2010-06-10 23:08 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-05-04 04:31 . 2010-06-10 23:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-05-03 17:52 . 2010-05-03 17:52 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-05-01 16:56 . 2010-05-01 16:56 247296 ----a-w- c:\windows\system32\wbem\WMIPRVSE.EXE 2010-04-23 14:13 . 2010-05-26 16:43 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-22 00:44 . 2010-04-22 00:42 23209 ----a-w- c:\windows\hpqins15.dat 2010-04-20 23:02 . 2010-04-20 23:02 20 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\bases\as\pas4\ForDiff\base.keb.bat 2010-04-16 16:43 . 2010-06-22 21:03 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll 2010-04-16 16:43 . 2010-06-22 21:03 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll 2010-04-16 16:43 . 2010-06-22 21:03 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll 2010-04-16 16:43 . 2010-06-22 21:03 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll 2010-04-05 17:01 . 2010-06-10 23:08 67072 ----a-w- c:\windows\system32\asycfilt.dll 2009-02-28 14:50 . 2009-02-28 14:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "a-squared"="c:\program files\EMSISOFT ANTI-MALWARE\a2guard.exe" [2010-06-29 3627912] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] SetupExecute REG_MULTI_SZ \0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart] 2008-12-25 12:41 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent] 2008-11-28 17:04 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 09:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2009-11-10 14:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] 2008-11-18 18:35 914224 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-23 00:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] 2008-12-25 12:41 1316136 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent] 2009-05-08 16:32 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2008-11-14 21:02 218408 ------w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] 2008-10-30 10:51 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] 2008-11-26 10:34 210216 ------w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "VistaSp2"=hex(:50,9d,48,44,6b,59,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3031723917-1600518869-3245930991-1000] "EnableNotificationsRef"=dword:00000001 R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x] R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2010-06-29 1935120] R2 BSSNMPTRAP;ByteSphere Trap Manager;c:\oidview\trap_manager.exe [x] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 136176] R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-06-29 71008] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x] R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 3200] R3 TfNetMon;TfNetMon; [x] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-05 691696] S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880] S1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [2010-05-15 39576] S1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [2010-05-05 11776] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2007-03-22 20560] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-11-03 21520] S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/27 16:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 17:04 87536] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-04-07 233472] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456] S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320] S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-04-07 36608] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-23 107360] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - A2UTIL *NewlyCreated* - FSUSBEXDISK *Deregistered* - PROCEXP141 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map 2010-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 16:52] 2010-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-29 16:52] 2010-06-28 c:\windows\Tasks\HPCeeScheduleForhome.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-28 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll TCP: {5BB7BBF4-5484-4488-9278-0AEBB2BEBADE} = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\2e1wqqg9.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZKfox000&fl=0&ptb=21a3ZOhAu0ecYJ6YRpP6cQ&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77cea0e3&searchfor= FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - falsec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . . ------- Bestandsassociaties ------- . vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %* vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %* jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %* . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-RegClean Expert Scheduler - c:\program files\Registry Clean Expert\RCHelper.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-06-29 16:28 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . Voltooingstijd: 2010-06-29 16:31:49 ComboFix-quarantined-files.txt 2010-06-29 14:31 Pre-Run: 207.741.247.488 bytes beschikbaar Post-Run: 207.712.415.744 bytes beschikbaar - - End Of File - - A96DAB971D1539CA1E2DE8B20545DA1E

ok heb het proje mber.exe gebruikt daar kwam niets uit en de gmer die heeft niet volledig gewerkt want die geeft me systemcrashes en een blauw scherm dus hebt het maar gelaten voor wat het is ohh had ook de catchme.exe gebruikt en daar kwam ook niets uit dus denk dat ik zover niets meer kan doen vriendelijk bedankt voor je hulp mvg dave

nou eigenlijk liep alles prima op emsisoft na die hij er wel eens afgooit maar dat komt waarschijnlijk omdat er 2 sleutels in mijn prog zit maar had verder nog gmer rootkit opgestart en toen laten draaien, ik heb een ntfs systeem dus had alleen files aangevinkt en de drive en showall laten draaien en voetbal gaan kijken, kom ik terug complete system crash gehad niet terug te vinden in mijn logboeken alleen een enkele fout melding dat mijn languagepack niet werkte en die ttsfmon dat die ook niet werkte verder loopt ie prima zover als ik nu kan zien en zoals ik hem nu gebruik ben nu een volledige scan aan het draaien en daarna toch even die gmer.exe laten draaien als je wat tips hebt heel graag mvg dave oh ja en nee ben geen brasser met mijn laptop heb hem ''nieuw'' gekocht bij mediamarkt maar ik was niet de eerste klant vind er zelfs oude gedeeltes uit 2004 en documenten en scan logs uit 2006 en 2008 dus lijkt wel of ik hp zijn zooi aan het opruimen ben lmao

hier het nieuwe log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:22:22, on 28-6-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Emsisoft Anti-Malware\a2guard.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\home\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 208.67.222.222,208.67.220.220 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 7432 bytes

hier is het nieuwe log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:03:51, on 27-6-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\home\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file) O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 208.67.222.222,208.67.220.220 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 7698 bytes

ok na zelf wat nageplozen te hebben op verschillende boards zoals hjiackthis.nl en bleeping computer kom ik toch tot de conclusie dat er nogal wat uit mijn pc moet het auto run programma van sys heb ik eens goed door geplozen en kom tot de volgende ontdekkingen in mijn registry : hklm\system\currentcontrolset\services zitten de volgende fouten: catchme File not found: C:\Windows\System32\Drivers\catchme.sys < die zit in mijn root bij legacy_catchme IpInIp IP in IP Tunnel Driver File not found: system32\DRIVERS\ipinip.sys ManyCam File not found: system32\DRIVERS\ManyCam.sys deze heb ik nooit gehad weet ook niet waar die vandaan komt superantispyware zegt dat het een trojan is? NwlnkFlt IPX Traffic Filter Driver File not found: system32\DRIVERS\nwlnkflt.sys NwlnkFwd IPX Traffic Forwarder Driver File not found: system32\DRIVERS\nwlnkfwd.sys ok ik heb in het apparaatbeheer rondgekeken en vond daar : TfFsMon ; TfNetMon ; TfSysMon ; onder de map ; Stuurprogrammas die niet plug and play compatibel zijn,; als ik ze aanklik met rechter muis kan ik ze in de eigenschappen starten of stoppen krijg er alleen geen toegang toe mvg dave

het is met sprongen vooruit gegaan mijn office blijft 1606 aangeven could not acces network en er zijn nog maar 2 opstartsturrprogrammas die niet werken:TfFsMon,TfSysMon maar verder geen fout meldingen meer en microsoft deinstalleer ik wel, nu rest me de vraag dat ik in msconfig naar die twee heb gezocht en tot mijn verbazing staan er best veel dingen die gestopt zijn waarvan ik denk dat sommige het wel moeten doen waar kan ik nagaan welke services het wel moeten doen of niet? en ook online er werd gesproken over pc tools die niet volledig verwijderd is (TfFsMon,TfSysMon) verder geen problemen volgens mijn logboek als de languagpack maar niet echt nodig ook de HP health Check werkt niet meer maar ook niet echt nodig ik heb even het programma autorun van sysinternals gebruikt om te achterhalen waar ze zitten : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TfFsmon \TfNetMon \TfSysMon en mijn autorun programma geeft aan: TfFsMon File not found: system32\drivers\TfFsMon.sys TfNetMon File not found: C:\Windows\System32\Drivers\TfNetMon.sys TfSysMon File not found: system32\drivers\TfSysMon.sys hopelijk is het nu wat duidelijker want weet niet wat ik ermee moet en of ze nodige zijn mvg dave

ok heb de dns veranderd zoals je ook kunt zien Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:22:45, on 25-6-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Emsisoft Anti-Malware\a2guard.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\home\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 208.67.222.222,208.67.220.220 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 8005 bytes

ik had inderdaad gekeken en mijn dns komt overeen met O17 ik heb al gelezen op het net wat het nou inhoudt maar werd nou niet wijzer van waarom dat nu zichtbaar is in hijackthis log en kweezie wabbit zou je het veranderen of niet?? want mijn probleem van microsoft blijft aanwezig en als ik in de 'run' msinfo32 toets om mijn problemen te bekijken geeft ie zelfs aan dat ik geen toegang tot de WMI heb en dan kom ik weer terug op de wmi error die ik eerder in deze forum heb geplaatst ???? dus denk dat ik beter het log kan sluiten en een formatje erover wat denk jij????? of ik moet in ms-dos controles uitvoeren en dat is te lang geleden om de juiste commands voor een windows vista sp2 met ntfs drive te achterhalen de helft doet het niet meer powershell xcopy is voortaan robocopy hahahah dus weet het niet wat te doen graag een zetje in de rug

ok ik heb de instellingen gecontroleerd en inderdaad bij mijn IPv4 DNS-servers staan ze ook prexcies als in lijn O17 nu is mijn vraag wat doet het het is de eerste keer dat ik het zie???? en moet ik het toch veranderen?? en waarom?? sorry ben niet zo heel nieuwsgierig hoop dat ik niet te lastig ben ohh en het nieuwe logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:32:10, on 25-6-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Emsisoft Anti-Malware\a2guard.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\home\Desktop\procexp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\System32\cmd.exe C:\Windows\system32\conime.exe C:\Users\home\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 8099 bytes

nee rinkelt totaal geen belletje het logje is clean : Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 4233 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 24-6-2010 15:55:14 mbam-log-2010-06-24 (15-55-14).txt Scantype: Snelle scan Objecten gescand: 126824 Verstreken tijd: 8 minuut/minuten, 33 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) ---------- Post toegevoegd om 16:07 ---------- Vorige post was om 15:57 ---------- heb het nagekeken op google iets van telfort mijn provider maar waarom geeft die anlyzer dan aan dat ik waarschijnlijk problemem heb met mijn tcpip heeft een systeemfout 64 daar misschien mee te maken en bij mijn msn geeft ie aan dat er problemen mee zijn maar ook met mijn antimalware van emsi soft en idt audio geeft ie probs aan maar ook mijn microsoft office zegt ie error 1606 netwerk problemen?? zit nog net niet tegen het plafond aan hehehe grt dave

ok heb mijn eigen log ook op een analyzer site geplaatst uit pure nieuwsgierigheid HijackThis Logfileauswertung en daar heb ik meerdere problemen met hetzelfde log als hier bij mijn tcpip (O17): [?] - O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 maar ook bij mijn asquared emsi soft die hij er constant uitgooit zal zometeen ook even het mbam logje plaatsen die had ik er twee dagen geleden ook af moeten gooien omdat die niet meer werkte

sorry voor de late reactie maar kwam iets tussen hier alsnog the hijacklogje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:15:19, on 24-6-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Users\home\Desktop\HiJackThis.exe C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?') O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?') O4 - HKUS\S-1-5-21-3031723917-1600518869-3245930991-1000\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (User '?') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 9283 bytes

nee maar zou ook niet weten welke versie ik zou moeten gebruiken en of dat ook wel het probleem is voor alles ---------- Post toegevoegd om 19:55 ---------- Vorige post was om 19:52 ---------- nee nog niet maar weet ook niet welke versie ik zou moeten gebruiken heb nooit norton gehad weet ook niet of dat het probleem is voor alle problemen

sinds ik sp2 heb ik verscheidenen problemen : hp health check :kan het pad nietvinden language pack setup:kan toepassing niet initialisren volsnap(schaduwkopiec:) :te weinig ruimte om er een te maken ???? opstart programmas:SRTSP,SRTSPX,TfFsMon,TfSysMon zijn opstart stuurprogrammas die niet worden geladen norton internet security: die heb ik niet eens geinstalleerd?????? dit komt uit mijn logboek ik heb al een paar weken terug ook al problemen gehad met norton en ik dacht dat we hem verwijderd hadden mijn antimalware van emsisoft gooit ie er ook constant uit en mijn microsoft office doet het ook niet meer en geeft een error code 1606 netwerk problemen????? hoop dat het makkelijk is op te lossen ik heb al op de microsoft sites gekeken en van alles wat geprobeerd maar kom er niet aan uit graag wat hulp mvg dave