ouzo

alles is verwijderd nogmaals bedankt voor de goede hulp.

hallo heb hem weg gekregen. alles werkt nu perfect, mag ik nu programma's verwijderen.

hier is het logje ik heb wel nog spybot-search destroy 2 rechts onder op de taakbalk. Zoek.exe Version 4.0.0.2 Updated 06-May-2013 Tool run by ronnie on do 09/05/2013 at 13:21:05,38. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3649235342-1575224409-750448862-1002\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default user.js not found ---- Lines mystart removed from prefs.js ---- user_pref("oldKeyword", "MyStart by IncrediMail.com="); ---- Lines mystart modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20130905_1325_.backup ==== Deleting Files \ Folders ====================== "C:\Program Files\Spybot" not found "C:\Windows\tasks\schedule1507535609.job" not found "C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\searchplugins\iMeshWebSearch.xml" deleted "C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\searchplugins\winamp-search.xml" deleted "C:\Windows\system32\appdata" deleted "C:\Program Files\Youdagames" deleted "C:\Program Files\BrowseToSave" deleted "C:\Users\ronnie\AppData\Roaming\Youdagames" deleted "C:\Users\ronnie\AppData\Roaming\ihelper" deleted "C:\Users\ronnie\AppData\LocalLow\DataMngr" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default - NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com - Forecastfox - %ProfilePath%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - Harley Davidson - %ProfilePath%\extensions\{2c088200-b973-11db-8314-0800200c9a66} - Google Toolbar for Firefox - %ProfilePath%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} - Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} - Halloween - %ProfilePath%\extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859} AppDir: C:\Program Files\Mozilla Firefox - Packard Bell Settings - %AppDir%\extensions\packardbell@partners.mozilla.com - Talkback - %AppDir%\extensions\talkback@mozilla.org - Google Toolbar for Firefox - %AppDir%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} - Firefox default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} ==== Firefox Plugins ====================== ==== Deleting Files \ Folders ====================== "C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[] mmiopbgcekanlhpjkonogoljpfmhpkhf - C:\Program Files\XingHaoLyrics\Chrome.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ronnie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ronnie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\forecastfox\cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\ronnie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ronnie\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\ronnie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

ik heb geen reclame meer alles ziet er weer normaal uit. ik heb spybot geinstalleerd en wil deze verwijderen maar dat lukt niet via software.hij blijft telkens hangen.

hallo Kape, bedankt voor de snelle reactie,ben blij dat je me wilt helpen. hier zijn de logjes # AdwCleaner v2.300 - Verslag gemaakt op 09/05/2013 om 09:58:45 # Geactualiseerd op 28/04/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : ronnie - PC_VAN_RONNIE # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\ronnie\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Program Files\Mozilla Firefox\.autoreg File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\user.js File Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\searchplugins\BabylonMngr.xml File Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\searchplugins\daemon-search.xml File Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\searchplugins\MyStart Search.xml File Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\searchplugins\WebSearch.xml File Verwijdert : C:\Windows\tasks\LyricsPal Update.job Map Verwijdert : C:\Program Files\AVG Secure Search Map Verwijdert : C:\Program Files\Babylon Map Verwijdert : C:\Program Files\Complitly Map Verwijdert : C:\Program Files\Conduit Map Verwijdert : C:\Program Files\DAEMON Tools Toolbar Map Verwijdert : C:\Program Files\Free Offers from Freeze.com Map Verwijdert : C:\Program Files\Freeze.com Map Verwijdert : C:\Program Files\IncrediMail_MediaBar_Nederlands_2 Map Verwijdert : C:\Program Files\WebSearch Map Verwijdert : C:\Program Files\Winamp Toolbar Map Verwijdert : C:\Program Files\XingHaoLyrics Map Verwijdert : C:\ProgramData\AVG Secure Search Map Verwijdert : C:\ProgramData\BetterSoft Map Verwijdert : C:\ProgramData\Browse2save Map Verwijdert : C:\ProgramData\Browser Manager Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\ProgramData\iWin Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browse2save Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab Map Verwijdert : C:\ProgramData\Search-NewTab Map Verwijdert : C:\ProgramData\SoftSafe Map Verwijdert : C:\ProgramData\Winamp Toolbar Map Verwijdert : C:\Users\ronnie\AppData\Local\AVG Secure Search Map Verwijdert : C:\Users\ronnie\AppData\Local\Bundled software uninstaller Map Verwijdert : C:\Users\ronnie\AppData\Local\Conduit Map Verwijdert : C:\Users\ronnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnbgpngnmidmfhmmfgfgbghgkdbonbh Map Verwijdert : C:\Users\ronnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\imebafcdnmajijilbielaljlgihglkmk Map Verwijdert : C:\Users\ronnie\AppData\Local\PackageAware Map Verwijdert : C:\Users\ronnie\AppData\Local\Winamp Toolbar Map Verwijdert : C:\Users\ronnie\AppData\LocalLow\AVG Secure Search Map Verwijdert : C:\Users\ronnie\AppData\LocalLow\BabylonToolbar Map Verwijdert : C:\Users\ronnie\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\ronnie\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2 Map Verwijdert : C:\Users\ronnie\AppData\LocalLow\searchquband Map Verwijdert : C:\Users\ronnie\AppData\LocalLow\Smart-Shopper2 Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Complitly Map Verwijdert : C:\Users\ronnie\AppData\Roaming\iWin Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\extensions\{95324e44-4b0a-47a9-8f77-9c6415e51c29} Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\extensions\5127622a56ab5@5127622a56aee.com Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\extensions\512762357d991@512762357d9ca.com Map Verwijdert : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\WinampToolbarData Map Verwijdert : C:\Users\ronnie\AppData\Roaming\OpenCandy Verwijdert bij het opstarten : C:\Program Files\Common Files\AVG Secure Search ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\5868ad0e268e547 Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_Nederlands_2 Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\searchqutoolbar Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Toolbar Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\XingHaoLyrics Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\AVG Secure Search Sleutel Verwijdert : HKCU\Software\Babylon Sleutel Verwijdert : HKCU\Software\BI Sleutel Verwijdert : HKCU\Software\BrowserMngr Sleutel Verwijdert : HKCU\Software\Complitly Sleutel Verwijdert : HKCU\Software\Headlight Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\ImInstaller Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IncrediMail_MediaBar_Nederlands_2 Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lrcspal@xinghao.net Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu 406 MediaBar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Winamp Toolbar Sleutel Verwijdert : HKLM\Software\AVG Secure Search Sleutel Verwijdert : HKLM\Software\AVG Security Toolbar Sleutel Verwijdert : HKLM\Software\BrowserMngr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A54DAB37-E900-4E7A-9E32-7B5372016CE5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2724386 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2727678 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\Freeze.com Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph Sleutel Verwijdert : HKLM\Software\ImInstaller Sleutel Verwijdert : HKLM\Software\IncrediMail_MediaBar_Nederlands_2 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104E39B5-345F-45E8-9D8A-0D28B5AFCC9C} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23332248-AD96-44C3-9E9B-F27BB0947921} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A54DAB37-E900-4E7A-9E32-7B5372016CE5} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8} Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_Nederlands_2 Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lrcspal@xinghao.net Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Sleutel Verwijdert : HKLM\Software\SimplyGen Sleutel Verwijdert : HKLM\Software\SP Global Sleutel Verwijdert : HKLM\Software\SProtector Sleutel Verwijdert : HKLM\Software\Winamp Toolbar Sleutel Verwijdert : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Main [browserMngr Start Page] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}] Waarde Verwijdert : HKCU\Software\Mozilla\Firefox\extensions [lrcspal@xinghao.net] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{95324E44-4B0A-47A9-8F77-9C6415E51C29}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16476 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.pu-results.info/?pid=42&r=2013/02/22&hid=1833368029&lg=EN&cc=BE --> hxxp://www.google.com -\\ Mozilla Firefox v2.0.0.14 (nl) File : C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\prefs.js C:\Users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\user.js ... Verwijdert ! Verwijdert : user_pref("browser.search.defaulturl", "hxxp://websearch.pu-results.info/?pid=42&r=2013/02/22&hid=18[...] Verwijdert : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...] Verwijdert : user_pref("winamp_toolbar.firsttime.showwindow", false); Verwijdert : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.10.1"); Verwijdert : user_pref("winamp_toolbar.metrics.activestampdate", "23"); Verwijdert : user_pref("winamp_toolbar.metrics.activestampmonth", "8"); Verwijdert : user_pref("winamp_toolbar.metrics.activestampyear", "2012"); Verwijdert : user_pref("winamp_toolbar.metrics.originalDate", "18"); Verwijdert : user_pref("winamp_toolbar.metrics.originalHours", "18"); Verwijdert : user_pref("winamp_toolbar.metrics.originalMinutes", "32"); Verwijdert : user_pref("winamp_toolbar.metrics.originalMonth", "9"); Verwijdert : user_pref("winamp_toolbar.metrics.originalSeconds", "34"); Verwijdert : user_pref("winamp_toolbar.metrics.originalYear", "2012"); Verwijdert : user_pref("winamp_toolbar.search.focusnewtab", false); Verwijdert : user_pref("winamp_toolbar.search.newtab", false); Verwijdert : user_pref("winamp_toolbar.search.populateoncomplete", false); Verwijdert : user_pref("winamp_toolbar.search.savehistory", true); Verwijdert : user_pref("winamp_toolbar.search.searchtype", "web"); Verwijdert : user_pref("winamp_toolbar.search.source", "tb50ffwinamp"); Verwijdert : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar"); Verwijdert : user_pref("winamp_toolbar.upgrade.showwindow", false); Verwijdert : user_pref("winamp_toolbar.winamp.appversion", "1"); Verwijdert : user_pref("winamp_toolbar.winamp.artist", ""); Verwijdert : user_pref("winamp_toolbar.winamp.title", "-999999"); Verwijdert : user_pref("winamp_toolbar.winamp.tracklength", "-999999"); Verwijdert : user_pref("winamp_toolbar.winamp.tracktime", "-999999"); Verwijdert : user_pref("browser.startup.homepage", "hxxp://websearch.pu-results.info/?pid=42&r=2013/02/22&hid=183[...] Verwijdert : user_pref("browser.search.selectedEngine", "WebSearch"); Verwijdert : user_pref("browser.search.order.1", "WebSearch"); Verwijdert : user_pref("browser.search.defaultenginename", "WebSearch"); Verwijdert : user_pref("browser.search.order.1,S", "WebSearch"); Verwijdert : user_pref("browser.search.defaultenginename,S", "WebSearch"); Verwijdert : user_pref("browser.search.selectedEngine,S", "WebSearch"); Verwijdert : user_pref("keyword.URL", "hxxp://websearch.pu-results.info/?pid=42&r=2013/02/22&hid=1833368029&lg=EN[...] -\\ Google Chrome v26.0.1410.64 File : C:\Users\ronnie\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.217] : homepage = "hxxp://websearch.pu-results.info/?pid=42&r=2013/02/22&hid=1833368029&lg=EN&cc=BE", ************************* AdwCleaner[s1].txt - [23630 octets] - [09/05/2013 09:58:45] ########## EOF - C:\AdwCleaner[s1].txt - [23691 octets] ########## hijack log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:14:17, on 9/05/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\System32\UMonit.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Internet Explorer 6 Search Companion wordt niet meer ondersteund. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;127.0.0.1;127.0.0.1; O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - !{8dcb7100-df86-4384-8842-8fa844297b3f} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [uMonit] C:\Windows\system32\UMonit.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-3649235342-1575224409-750448862-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3649235342-1575224409-750448862-1004\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Update Service (gupdate1c9870b528d3e20) (gupdate1c9870b528d3e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Spybot-S&D 2 Firewall Service (SDFirewallService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe O23 - Service: Spybot-S&D 2 Monitoring Service (SDMonitorService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe O23 - Service: vToolbarUpdater15.0.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- End of file - 11188 bytes

Hallo, ik denk dat ik malware op mijn pc heb, telkens ik een site via google zoek krijg ik nieuwe site's met reclame.En in de google pagina zitten ook veel reclame wat ik vroeger niet had. hoop dat iemend mij kan helpen. alvast bedankt. hier mijn hijack log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:51:58, on 8/05/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\taskeng.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Windows\System32\UMonit.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=42&r=2013/02/22&hid=1833368029&lg=EN&cc=BE R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Internet Explorer 6 Search Companion wordt niet meer ondersteund. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;127.0.0.1;127.0.0.1; R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: IncrediMail MediaBar Nederlands 2 Toolbar - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Program Files\IncrediMail_MediaBar_Nederlands_2\prxtbIncr.dll O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\ronnie\AppData\Roaming\Complitly\Complitly.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IncrediMail MediaBar Nederlands 2 - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Program Files\IncrediMail_MediaBar_Nederlands_2\prxtbIncr.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.0.0.2\AVG Secure Search_toolbar.dll O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} - C:\Program Files\XingHaoLyrics\lrcspal.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - !{8dcb7100-df86-4384-8842-8fa844297b3f} - (no file) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.0.0.2\AVG Secure Search_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [uMonit] C:\Windows\system32\UMonit.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-3649235342-1575224409-750448862-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-21-3649235342-1575224409-750448862-1003\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?') O4 - HKUS\S-1-5-21-3649235342-1575224409-750448862-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file) O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~2\browse~1\23787~1.43\{16cdf~1\browsemngr.dll c:\progra~1\browse~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Update Service (gupdate1c9870b528d3e20) (gupdate1c9870b528d3e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Spybot-S&D 2 Firewall Service (SDFirewallService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe O23 - Service: Spybot-S&D 2 Monitoring Service (SDMonitorService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe O23 - Service: vToolbarUpdater15.0.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- End of file - 13743 bytes

heb hem aangesloten als slave maar als ik kijk in Mijn computer staat hij er niet bij .Maar in de bios vindt hij de schijf wel. Zou ik de schijf niet op een pc met XP kunnen proberen (schijf afkoppelen en mijn schijf aankoppelen)

heb de schijf verwisseld en in het bios op auto detectie gedaan,hij herkende de schijf wel want ik zag het aan het volume (120 GB) maar hij vroeg niet van Master of Slave instellen,heb toen alles gesaved. de pc ging verder en vroeg normaal starten (heb normaal en veilige modus gedaan) maar het scherm bleef zwart met links boven een klein wit streepje dat staat te pinken.Heb terug de oude schijf aangesloten en deze starte wel weer normaal.

Ga straks eens proberen Als ik de pc opstart moet ik dan op F8 drukken om in de bios te komen of gaat dat automatisch.

Heb ubuntu gedraaid op pc,kon de schijf wel vinden maar kon ze niet openen. Heb nog een oude pc (pentium3 win 98) staan;kan ik daar de schijf niet van loskoppelen en de andere schijf er in plaatsen.

als ik F schijf wil openen met de laptop ,gaat hij zoeken en dan krijg ik de melding"F niet toegankelijk ,kan de opdracht niet uitvoeren door een fout in een I/O -apparaat.Op de schijf staat windows XP en ik heb de schijf op slave gezet.

Bedankt voor het snelle antwoord. Ik heb dat via apparaatbeheer gedaan,maar ik zie daar niets van de harde schijf.( schijf is een Baracuda 7200.7 160GB). Wat dbedoel je met aansluiten op laptop en deel de schijf? Laptop heeft XP.

Hallo, Ik heb een oude pc (XP) waar het moederbord van kapot is. Ik heb een docking station gekocht (Quickport combo) voor de harde schijf in te steken en zo mijn foto's van de C schijf af te halen.Maar als ik de docking station verbindt met de USB op mijn nieuwe pc (vista), dan kan ik de schijf niet vinden in Mijn computer en als ik hem aansluit op een oude laptop kan ik de C ,D en E wel zien maar kan alleen de D en de E openen maar de C niet.Maar op de laptop geeft hij wel andere namen F,G,H (De F is dan mijn C schijf).Kan iemand mij helpen Alvast bedankt.

Heb ik gedaan maar krijg ze niet verwijderd,maar ik heb het umonit probleem niet meer. Bedankt voor jullie goede hulp en tot volgende keer.

Hier zijn de logjes,maar ik krijg ze niet verwijderd.(2x geprobeert) Hier het MBAM logje Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4458 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 21/08/2010 22:54:55 mbam-log-2010-08-21 (22-54-55).txt Scantype: Snelle scan Objecten gescand: 138101 Verstreken tijd: 6 minuut/minuten, 47 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) en het andere Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:02:14, on 21/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing: R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [uMonit] C:\Windows\system32\UMonit.exe O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {4539348E-11D5-01D7-9A39-0080C8D85044} (GameDesire Slots 90th) - http://cached.gamedesire.com/g_bin/eng/slots90_2_0_0_38.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244133796822 O16 - DPF: {A1FE3DEF-11D4-CF77-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://cached.gamedesire.com/g_bin/eng/pirate_2_0_0_33.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9870b528d3e20) (gupdate1c9870b528d3e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe -- End of file - 10992 bytes

Hier het logje,Ik heb het niet altijd soms als ik de pc opstart komt het en soms niet het maakt niet uit of ik een externe schijf al aangesloten heb of niet ,ik heb dat al een heel tijdje maar het stoort niet ik wou juist weten waar het eventueel van zou kunnen komen.Maar bedankt dat jullie mij willen helpen. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:51:22, on 21/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Windows\System32\UMonit.exe C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing: R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [uMonit] C:\Windows\system32\UMonit.exe O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {4539348E-11D5-01D7-9A39-0080C8D85044} (GameDesire Slots 90th) - http://cached.gamedesire.com/g_bin/eng/slots90_2_0_0_38.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244133796822 O16 - DPF: {A1FE3DEF-11D4-CF77-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://cached.gamedesire.com/g_bin/eng/pirate_2_0_0_33.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9870b528d3e20) (gupdate1c9870b528d3e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe -- End of file - 11025 bytes

Ja, maar deze is niet altijd aangesloten alleen als ik hem nodig heb net zoals mijn externe harde schijf.

Hallo, telkens als ik mijn pc opstart ,krijg ik onder in mijn taakbalk umonit te staan.als ik er op klik gaat het niet open en als ik rechts klik krijg ik ook niets.Kan mij iemand helpen. bedankt:sad

Ik heb die twee proberen te verwijderen ,maar ze komen telkens weer terug.Maar ik krijg geen virus melding meer en mijn pc is sneller geworden.Wil je alvast bedanken voor de goede hulp.

Hier het logje ComboFix 10-07-10.01 - ronnie 11/07/2010 9:45.2.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.1127 [GMT 2:00] Gestart vanuit: c:\users\ronnie\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\ronnie\Desktop\CFScript.txt SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\windows\SBA28A650(119).tmp" "c:\windows\SBA28A650(131).tmp" "c:\windows\SBA28A650(356).tmp" "c:\windows\SBA28A650(41).tmp" "c:\windows\SBA28A650(68).tmp" "c:\windows\SBA28A650(93).tmp" "c:\windows\SBA28A650.tmp" "c:\windows\system32\fkkfqmehfgbzaruf.exe" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\SBA28A650(119).tmp c:\windows\SBA28A650(131).tmp c:\windows\SBA28A650(356).tmp c:\windows\SBA28A650(41).tmp c:\windows\SBA28A650(68).tmp c:\windows\SBA28A650(93).tmp c:\windows\SBA28A650.tmp c:\windows\system32\fkkfqmehfgbzaruf.exe . (((((((((((((((((((( Bestanden Gemaakt van 2010-06-11 to 2010-07-11 )))))))))))))))))))))))))))))) . 2010-07-11 07:52 . 2010-07-11 07:52 -------- d-----w- c:\users\ronnie\AppData\Local\temp 2010-07-11 07:52 . 2010-07-11 07:52 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-07-11 07:52 . 2010-07-11 07:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-07-06 14:47 . 2010-07-06 14:47 388096 ----a-r- c:\users\ronnie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-07-06 14:47 . 2010-07-06 14:47 -------- d-----w- c:\program files\Trend Micro 2010-07-05 19:34 . 2010-07-05 19:34 -------- d-----w- c:\users\ronnie\AppData\Local\Brein 2010-07-05 19:34 . 2010-07-05 19:34 -------- d-----w- c:\programdata\Brein 2010-07-05 19:06 . 2010-07-05 19:06 -------- d-----w- c:\users\ronnie\AppData\Roaming\Malwarebytes 2010-07-05 19:06 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-05 19:06 . 2010-07-05 19:06 -------- d-----w- c:\programdata\Malwarebytes 2010-07-05 19:06 . 2010-07-05 19:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-05 19:06 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-05 16:47 . 2010-07-05 16:47 -------- d-----w- c:\program files\Spotnet 2010-06-30 14:28 . 2010-06-30 15:01 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-06-30 14:28 . 2010-06-30 14:31 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-06-24 05:03 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-24 05:03 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-24 05:03 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-24 05:03 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-24 05:03 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-23 04:54 . 2010-06-23 04:54 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1299.tmp.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-11 07:39 . 2009-01-14 10:39 -------- d-----w- c:\users\ronnie\AppData\Roaming\WTablet 2010-07-11 07:32 . 2010-03-03 14:42 -------- d-----w- c:\users\ronnie\AppData\Roaming\Winamp 2010-07-05 16:51 . 2007-08-17 03:50 689564 ----a-w- c:\windows\system32\perfh013.dat 2010-07-05 16:51 . 2007-08-17 03:50 135646 ----a-w- c:\windows\system32\perfc013.dat 2010-07-05 16:48 . 2007-09-11 15:33 -------- d-----w- c:\program files\Microsoft.NET 2010-07-04 10:48 . 2008-02-01 15:53 -------- d-----w- c:\users\ronnie\AppData\Roaming\GrabIt 2010-06-13 08:42 . 2009-10-11 09:35 -------- d-----w- c:\program files\Common Files\AVSMedia 2010-06-13 08:42 . 2009-10-11 09:35 -------- d-----w- c:\program files\AVS4YOU 2010-06-11 04:58 . 2007-09-11 15:31 -------- d-----w- c:\programdata\Microsoft Help 2010-06-06 07:44 . 2008-02-28 07:26 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-03 06:14 . 2010-04-28 08:39 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-06-03 06:14 . 2010-04-28 08:39 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-05-30 06:20 . 2010-05-30 06:20 -------- d-----w- c:\program files\The Little Mermaid Pinball 2010-05-27 05:19 . 2010-05-26 18:24 -------- d-----w- c:\programdata\NOS 2010-05-26 18:31 . 2007-09-19 17:59 -------- d-----w- c:\program files\Common Files\Adobe 2010-05-26 17:06 . 2010-06-10 04:56 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-10 04:56 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-21 12:14 . 2009-10-03 09:18 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-14 20:21 . 2010-05-14 18:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2010-05-14 18:01 . 2007-09-08 14:32 227296 ----a-w- c:\users\ronnie\AppData\Local\GDIPFONTCACHEV1.DAT 2010-05-14 17:54 . 2010-05-14 17:54 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-05-14 17:54 . 2010-05-14 17:54 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-13 04:50 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-05-04 19:15 . 2010-06-10 04:56 834048 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 18:37 . 2010-06-10 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-05-01 14:13 . 2010-06-10 04:56 2037248 ----a-w- c:\windows\system32\win32k.sys 2010-04-28 08:39 . 2010-04-28 08:39 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-04-28 08:39 . 2010-04-28 08:39 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-04-23 14:13 . 2010-05-26 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-20 17:24 . 2009-04-06 14:03 3335148 ----a-w- c:\windows\Advanced.scr 2010-04-20 17:24 . 2009-04-06 14:03 230818 ----a-w- c:\windows\uninstall Advanced.exe 2010-04-12 15:29 . 2010-05-11 14:17 411368 ----a-w- c:\windows\system32\deployJava1.dll 2007-11-28 20:13 . 2007-08-16 18:28 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2007-11-28 20:13 . 2007-08-16 18:28 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2007-11-28 20:13 . 2007-08-16 18:28 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2007-11-28 20:13 . 2007-08-16 18:28 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2007-11-28 20:13 . 2007-08-16 18:28 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2009-06-04 14:17 . 2008-08-27 20:32 848 --sha-w- c:\windows\System32\KGyGaAvL.sys 2007-08-17 03:55 . 2007-08-17 03:54 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((( SnapShot@2010-07-09_14.05.47 ))))))))))))))))))))))))))))))))))))))))) . + 2007-08-16 18:22 . 2010-07-11 07:41 79132 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-07-12 06:34 . 2010-07-11 07:41 15874 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3649235342-1575224409-750448862-1002_UserData.bin + 2007-09-08 14:26 . 2010-07-11 07:39 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2007-09-08 14:26 . 2010-07-09 13:52 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2007-09-08 14:26 . 2010-07-11 07:39 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2007-09-08 14:26 . 2010-07-09 13:52 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2007-09-08 14:26 . 2010-07-09 13:52 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2007-09-08 14:26 . 2010-07-11 07:39 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-01-18 15:51 . 2010-07-08 19:58 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-18 15:51 . 2010-07-11 06:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-01-18 15:51 . 2010-07-08 19:58 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-01-18 15:51 . 2010-07-11 06:31 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-18 15:51 . 2010-07-08 19:58 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-18 15:51 . 2010-07-11 06:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-02-04 11:10 . 2010-07-09 12:24 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-02-04 11:10 . 2010-07-11 06:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-02-04 11:10 . 2010-07-11 06:30 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-02-04 11:10 . 2010-07-09 12:24 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-02-04 11:10 . 2010-07-11 06:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-02-04 11:10 . 2010-07-09 12:24 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-11 07:39 . 2010-07-11 07:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-07-09 13:52 . 2010-07-09 13:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-07-09 13:52 . 2010-07-09 13:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-07-11 07:39 . 2010-07-11 07:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2006-11-02 13:05 . 2010-07-11 07:41 125184 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2010-07-05 19:18 . 2010-07-06 21:22 671584 c:\windows\ServiceProfiles\LocalService\AppData\Local\WPFFontCache_v0400-System.dat + 2010-07-05 19:18 . 2010-07-09 15:44 671584 c:\windows\ServiceProfiles\LocalService\AppData\Local\WPFFontCache_v0400-System.dat + 2010-07-09 15:44 . 2010-07-09 15:44 765846 c:\windows\ServiceProfiles\LocalService\AppData\Local\WPFFontCache_v0400-S-1-5-21-3649235342-1575224409-750448862-1002-12288.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-05-07 353736] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-03 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304] "UMonit"="c:\windows\system32\UMonit.exe" [2008-04-24 200704] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "DataMngr"="c:\program files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe" [2009-11-24 184752] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-18 39424] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck xmnt2002 /bat=c:\windows\TEMP\PQ_BATCH.PQB /win=c:\windows /dbg=c:\Windows\TEMP\PQ_DEBUG.TXT /ver=262144 /prd=PartitionMagic\0autocheck autochk * [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:02,4e,fb,f8,05,37,ca,01 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1c9870b528d3e20;Google Update Service (gupdate1c9870b528d3e20);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 133104] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-05-12 721904] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-04-28 216200] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-06-03 242896] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-04-28 308064] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-09-07 1373480] . Inhoud van de 'Gedeelde Taken' map 2010-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 20:58] 2010-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 20:58] 2010-07-11 c:\windows\Tasks\Uitgebreide garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-08-16 16:38] 2010-07-10 c:\windows\Tasks\User_Feed_Synchronization-{81B8CD10-4125-4DDC-9BAB-22F898B79D52}.job - c:\windows\system32\msfeedssync.exe [2008-04-17 07:33] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.13\AMVConverter\grab.html IE: Converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Koppelingdoel converteren naar Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Koppelingdoel converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.13\MediaManager\grab.html IE: Selectie converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html DPF: {4539348E-11D5-01D7-9A39-0080C8D85044} - hxxp://cached.gamedesire.com/g_bin/eng/slots90_2_0_0_38.cab DPF: {A1FE3DEF-11D4-CF77-8340-0080C8D7ED4A} - hxxp://cached.gamedesire.com/g_bin/eng/pirate_2_0_0_33.cab FF - ProfilePath - c:\users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search= FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/ FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); . - - - - ORPHANS VERWIJDERD - - - - AddRemove-fkkfqmehfgbzaruf - c:\windows\system32\fkkfqmehfgbzaruf.exe AddRemove-FreeCell Plus_is1 - c:\program files\FreeCell Plus\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-11 09:52 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run UMonit = c:\windows\system32\UMonit.exe??????????????????????????????????? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ********************************* . Voltooingstijd: 2010-07-11 09:55:14 ComboFix-quarantined-files.txt 2010-07-11 07:55 ComboFix2.txt 2010-07-09 14:08 Pre-Run: 59.358.711.808 bytes beschikbaar Post-Run: 59.364.782.080 bytes beschikbaar - - End Of File - - A6D20F2A8BF43F7FF01EC33EBD18C5DA Hier de HiJackThis log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:10:05, on 11/07/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Windows\System32\UMonit.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing: R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [uMonit] C:\Windows\system32\UMonit.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {4539348E-11D5-01D7-9A39-0080C8D85044} (GameDesire Slots 90th) - http://cached.gamedesire.com/g_bin/eng/slots90_2_0_0_38.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244133796822 O16 - DPF: {A1FE3DEF-11D4-CF77-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://cached.gamedesire.com/g_bin/eng/pirate_2_0_0_33.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9870b528d3e20) (gupdate1c9870b528d3e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe -- End of file - 11231 bytes

hier is het log bestand van Combofix. ComboFix 10-07-08.02 - ronnie 09/07/2010 15:56:53.1.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.880 [GMT 2:00] Gestart vanuit: c:\users\ronnie\Desktop\ComboFix.exe SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ADS - Windows: deleted 24 bytes in 1 streams. (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\ronnie\AppData\Local\Microsoft\Windows\Temporary Internet Files\2bdd8448 c:\users\ronnie\AppData\Roaming\inst.exe c:\users\ronnie\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif . (((((((((((((((((((( Bestanden Gemaakt van 2010-06-09 to 2010-07-09 )))))))))))))))))))))))))))))) . 2010-07-09 14:05 . 2010-07-09 14:05 -------- d-----w- c:\users\ronnie\AppData\Local\temp 2010-07-09 14:05 . 2010-07-09 14:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-07-06 14:47 . 2010-07-06 14:47 388096 ----a-r- c:\users\ronnie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-07-06 14:47 . 2010-07-06 14:47 -------- d-----w- c:\program files\Trend Micro 2010-07-05 19:34 . 2010-07-05 19:34 -------- d-----w- c:\users\ronnie\AppData\Local\Brein 2010-07-05 19:34 . 2010-07-05 19:34 -------- d-----w- c:\programdata\Brein 2010-07-05 19:06 . 2010-07-05 19:06 -------- d-----w- c:\users\ronnie\AppData\Roaming\Malwarebytes 2010-07-05 19:06 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-05 19:06 . 2010-07-05 19:06 -------- d-----w- c:\programdata\Malwarebytes 2010-07-05 19:06 . 2010-07-05 19:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-05 19:06 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-05 16:47 . 2010-07-05 16:47 -------- d-----w- c:\program files\Spotnet 2010-06-30 14:28 . 2010-06-30 15:01 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-06-30 14:28 . 2010-06-30 14:31 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-06-24 05:03 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-24 05:03 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-24 05:03 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-24 05:03 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-24 05:03 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-23 04:54 . 2010-06-23 04:54 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1299.tmp.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-09 13:53 . 2009-01-14 10:39 -------- d-----w- c:\users\ronnie\AppData\Roaming\WTablet 2010-07-09 12:31 . 2010-03-03 14:42 -------- d-----w- c:\users\ronnie\AppData\Roaming\Winamp 2010-07-05 16:51 . 2007-08-17 03:50 689564 ----a-w- c:\windows\system32\perfh013.dat 2010-07-05 16:51 . 2007-08-17 03:50 135646 ----a-w- c:\windows\system32\perfc013.dat 2010-07-05 16:48 . 2007-09-11 15:33 -------- d-----w- c:\program files\Microsoft.NET 2010-07-04 10:48 . 2008-02-01 15:53 -------- d-----w- c:\users\ronnie\AppData\Roaming\GrabIt 2010-06-13 08:42 . 2009-10-11 09:35 -------- d-----w- c:\program files\Common Files\AVSMedia 2010-06-13 08:42 . 2009-10-11 09:35 -------- d-----w- c:\program files\AVS4YOU 2010-06-11 04:58 . 2007-09-11 15:31 -------- d-----w- c:\programdata\Microsoft Help 2010-06-06 07:44 . 2008-02-28 07:26 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-03 06:14 . 2010-04-28 08:39 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-06-03 06:14 . 2010-04-28 08:39 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-06-03 04:32 . 2010-06-03 04:32 50989 ----a-w- c:\windows\system32\fkkfqmehfgbzaruf.exe 2010-05-30 06:20 . 2010-05-30 06:20 -------- d-----w- c:\program files\The Little Mermaid Pinball 2010-05-27 05:19 . 2010-05-26 18:24 -------- d-----w- c:\programdata\NOS 2010-05-26 18:31 . 2007-09-19 17:59 -------- d-----w- c:\program files\Common Files\Adobe 2010-05-26 17:06 . 2010-06-10 04:56 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-10 04:56 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-21 12:14 . 2009-10-03 09:18 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-14 20:21 . 2010-05-14 18:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2010-05-14 18:01 . 2007-09-08 14:32 227296 ----a-w- c:\users\ronnie\AppData\Local\GDIPFONTCACHEV1.DAT 2010-05-14 17:54 . 2010-05-14 17:54 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-05-14 17:54 . 2010-05-14 17:54 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-13 04:50 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-05-11 14:17 . 2007-09-08 15:35 -------- d-----w- c:\program files\Java 2010-05-04 19:15 . 2010-06-10 04:56 834048 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 18:37 . 2010-06-10 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-05-01 14:13 . 2010-06-10 04:56 2037248 ----a-w- c:\windows\system32\win32k.sys 2010-04-28 08:39 . 2010-04-28 08:39 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-04-28 08:39 . 2010-04-28 08:39 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-04-23 14:13 . 2010-05-26 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-20 17:24 . 2009-04-06 14:03 3335148 ----a-w- c:\windows\Advanced.scr 2010-04-20 17:24 . 2009-04-06 14:03 230818 ----a-w- c:\windows\uninstall Advanced.exe 2010-04-12 15:29 . 2010-05-11 14:17 411368 ----a-w- c:\windows\system32\deployJava1.dll 2007-11-28 20:13 . 2007-08-16 18:28 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2007-11-28 20:13 . 2007-08-16 18:28 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2007-11-28 20:13 . 2007-08-16 18:28 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2007-11-28 20:13 . 2007-08-16 18:28 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2007-11-28 20:13 . 2007-08-16 18:28 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2007-09-17 15:07 . 2007-09-17 14:59 72 --sha-w- c:\windows\SBA28A650(119).tmp 2007-09-17 15:07 . 2007-09-17 14:59 72 --sha-w- c:\windows\SBA28A650(131).tmp 2007-09-17 15:07 . 2007-09-17 14:59 72 --sha-w- c:\windows\SBA28A650(356).tmp 2007-09-17 15:07 . 2007-09-17 14:59 72 --sha-w- c:\windows\SBA28A650(41).tmp 2007-09-17 15:07 . 2007-09-17 14:59 72 --sha-w- c:\windows\SBA28A650(68).tmp 2007-09-17 15:07 . 2007-09-17 14:59 72 --sha-w- c:\windows\SBA28A650(93).tmp 2007-09-17 15:07 . 2007-09-17 14:59 72 --sh--w- c:\windows\SBA28A650.tmp 2009-06-04 14:17 . 2008-08-27 20:32 848 --sha-w- c:\windows\System32\KGyGaAvL.sys 2007-08-17 03:55 . 2007-08-17 03:54 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] 2009-11-04 11:52 498688 ----a-w- c:\program files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}] 2009-11-20 17:34 87472 ----a-w- c:\progra~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}"= "c:\progra~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll" [2009-11-20 87472] [HKEY_CLASSES_ROOT\clsid\{abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-05-07 353736] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-03 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304] "UMonit"="c:\windows\system32\UMonit.exe" [2008-04-24 200704] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "DataMngr"="c:\program files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe" [2009-11-24 184752] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-18 39424] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck xmnt2002 /bat=c:\windows\TEMP\PQ_BATCH.PQB /win=c:\windows /dbg=c:\Windows\TEMP\PQ_DEBUG.TXT /ver=262144 /prd=PartitionMagic\0autocheck autochk * [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:02,4e,fb,f8,05,37,ca,01 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1c9870b528d3e20;Google Update Service (gupdate1c9870b528d3e20);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 133104] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-05-12 721904] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-04-28 216200] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-06-03 242896] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-04-28 308064] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-09-07 1373480] . Inhoud van de 'Gedeelde Taken' map 2010-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 20:58] 2010-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 20:58] 2010-05-23 c:\windows\Tasks\SmartDefrag.job - c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-06-07 16:15] 2010-07-09 c:\windows\Tasks\Uitgebreide garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-08-16 16:38] 2010-07-09 c:\windows\Tasks\User_Feed_Synchronization-{81B8CD10-4125-4DDC-9BAB-22F898B79D52}.job - c:\windows\system32\msfeedssync.exe [2008-04-17 07:33] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hln.be/ IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.13\AMVConverter\grab.html IE: Converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Koppelingdoel converteren naar Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Koppelingdoel converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.13\MediaManager\grab.html IE: Selectie converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html DPF: {4539348E-11D5-01D7-9A39-0080C8D85044} - hxxp://cached.gamedesire.com/g_bin/eng/slots90_2_0_0_38.cab DPF: {A1FE3DEF-11D4-CF77-8340-0080C8D7ED4A} - hxxp://cached.gamedesire.com/g_bin/eng/pirate_2_0_0_33.cab FF - ProfilePath - c:\users\ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\b0qxzzs0.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search= FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/ FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-AdobeBridge - (no file) AddRemove-PegSol_is1 - c:\program files\PegSol\unins000.exe ************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-09 16:05 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... [0] 0x00000002 scannen van verborgen autostart items ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run UMonit = c:\windows\system32\UMonit.exe??????????????????????????? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 **************************************** Voltooingstijd: 2010-07-09 16:08:09 ComboFix-quarantined-files.txt 2010-07-09 14:08 Pre-Run: 58.190.606.336 bytes beschikbaar Post-Run: 58.334.814.208 bytes beschikbaar - - End Of File - - CA19861335CADA916DE5011E7D5392F6

Hallo Ik heb problemen met opstarten veilige modus, al ik goed begrijp moet ik tijden het opstarten op F8 drukken,maar bij mij staat er geen veilige modus tussen. O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file Deze twee krijg ik niet verwijderd met HiJackthis.

Hallo Kape hier de HiJackThis log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:02:35, on 8/07/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Windows\System32\UMonit.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing: R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [uMonit] C:\Windows\system32\UMonit.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {4539348E-11D5-01D7-9A39-0080C8D85044} (GameDesire Slots 90th) - http://cached.gamedesire.com/g_bin/eng/slots90_2_0_0_38.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244133796822 O16 - DPF: {A1FE3DEF-11D4-CF77-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://cached.gamedesire.com/g_bin/eng/pirate_2_0_0_33.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9870b528d3e20) (gupdate1c9870b528d3e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe -- End of file - 12146 bytes en de MBAM log Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4292 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 8/07/2010 16:55:08 mbam-log-2010-07-08 (16-55-08).txt Scantype: Snelle scan Objecten gescand: 131249 Verstreken tijd: 6 minuut/minuten, 0 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Hoop dat alles goed is nu.

Het is gelukt, hier is het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:12:19, on 7/07/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Windows\System32\UMonit.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing: R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [uMonit] C:\Windows\system32\UMonit.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6.5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; InfoPath.2; Tablet PC 2.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://www8.agame.com/mirror/shockwave/u/ultimate_raceway/ultimate_raceway.dcr" O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {4539348E-11D5-01D7-9A39-0080C8D85044} (GameDesire Slots 90th) - http://cached.gamedesire.com/g_bin/eng/slots90_2_0_0_38.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244133796822 O16 - DPF: {A1FE3DEF-11D4-CF77-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://cached.gamedesire.com/g_bin/eng/pirate_2_0_0_33.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll,avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9870b528d3e20) (gupdate1c9870b528d3e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe -- End of file - 12873 bytes

Hallo Kape, Ik heb wat windows7 zij al gedaan ,ik hoop dat ik geen grote fout heb gedaan. Ik heb ook een HiJacklog proberen te maken maar ik kan niet knippen en plakken in de kladblok. Na de scan gaat het kladblokvenster wel open.maar ik kan van de scan niets selecteren.Hier heb je wel al de twee resutaten van MBAM . Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4279 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 5/07/2010 21:17:19 mbam-log-2010-07-05 (21-17-19).txt Scantype: Snelle scan Objecten gescand: 130862 Verstreken tijd: 7 minuut/minuten, 17 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 1 Registersleutels geïnfecteerd: 12 Registerwaarden geïnfecteerd: 1 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 5 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: C:\Windows\System32\3ca1e561.dll (Trojan.Vundo.H) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{981ecdeb-96ed-c80e-023a-6507eb85e658} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{981ecdeb-96ed-c80e-023a-6507eb85e658} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{981ecdeb-96ed-c80e-023a-6507eb85e658} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\91e4a80 (Adware.Adrotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ce6e95f-3d5a-d1ac-6ab2-c94170ff78f9} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2ce6e95f-3d5a-d1ac-6ab2-c94170ff78f9} (Adware.AdRotator) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bklapfxlhm (Trojan.Agent) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\Program Files\Advantage (Adware.Advantage) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Windows\System32\3ca1e561.dll (Trojan.Vundo.H) -> Delete on reboot. C:\Windows\System32\91e4a80.exe (Adware.Adrotator) -> Quarantined and deleted successfully. C:\Program Files\Advantage\AdVantage.db (Adware.Advantage) -> Quarantined and deleted successfully. C:\Program Files\Advantage\user.db (Adware.Advantage) -> Quarantined and deleted successfully. C:\Windows\System32\bubbqkcefowtw.dll (Trojan.Agent) -> Delete on reboot. En deze is nadat alles is verwijderd. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4279 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 5/07/2010 21:31:17 mbam-log-2010-07-05 (21-31-17).txt Scantype: Snelle scan Objecten gescand: 130336 Verstreken tijd: 6 minuut/minuten, 52 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Hoop dat alles nog in orde is. Bedank voor jullie snelle reactie. Ouzo