sers

Hieronder het logfile. Echter nergens in het log het woord imesh te vinden. Wel de naam van de externe schijf (Maxtor) Op die externe schijf (F) staan dus al die imesh files/programma's. Hoe kan ik bv via CCleaner op de F schijf komen? log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:58:34 AM, on 12/30/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\Eigenaar.DELL\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eigenaar.DELL\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe -- End of file - 9074 bytes

Enige tijd geleden kreeg ik een Java runtime error op mijn desktop. Windows XP. Het e.e.a. werd met uw hulp snel en goed opgelost. Er was toen ook sprake dat een programma (Imesh) de reden kon zijn. Deze werd toen verwijderd van mijn c schijf. Nu heb ik weer een melding ontvangen en ben wat verder gaan zoeken. Mijn externe F schijf staat vol met met programma's met het woord Imesh erin. Deinstaleren lukt niet. Ik heb ccleaner maar daarmee kan ik alleen programma's op mijn C schijf verwijderen. Ik heb nog alle programma's die volgens uw adviezen (van enige tijd geleden)gebruikt werden om het probleem op te lossen. Ik wil graag al die Imesh items verwijderen (Omdat ik denk dat dit de boosdoener is). Ik gebruik i.e 7 firefox en google chrome (reden is dat ik een website onderhoud) In firefox krijg ik altijd als "searchimesh.com" te zien als startpagina. Wat moet ik doen? Alvast bedankt voor uw hulp en mocht uw antwoord wat later komen......alle geluk en gezondheid voor 2012! mvg

3 van de 4 testmails (de 4de is er niet) zeggen nu geen problemen meer te hebben en ontvingen de testmail in het juiste vakje. Misschien komt het omdat ik die vinkjes heb weggehaald? Anyway het lijkt me opgelost. Bedankt voor uw inzet mvg

Ja ik heb ooit (lang geleden) iets gedaan in de wizzard regels. Ik heb nu bij alle vakjes het vinkje weggehaald. kijken wat er gebeurd. Ik ga test berichten sturen en kom terug mvg

Ik heb een testberichtje verstuurd Nog een opmerkelijk item is het feit dat ik nu soms een pop up krijg getiteld <<fout in regels>> met als inhoud Regel voor voor ongewenste-email en met als fout: kan niet verplaatsen naar de map ongewenst mvg

Het rare is dat ik vanavond iemand sprak die ik via mijn normale email een berichtje had gestuurd dat bericht ook als Spam werd ontvangen. Dat was voorheen nooit het geval bij die persoon. Dus ik denk dat het misschien wel bij mij zit? ---------- Post toegevoegd om 23:15 ---------- Vorige post was om 23:12 ---------- inzake uw opmerking over de foutmelding """""The requested URL /thanks.php was not found on this server" over de "bedanking". Mogelijk zit daar een verband met het probleem van de INbox en/of SPAMbox"""" Ja daar ben ik ook mee bezig om dat op te lossen maar als amateurtje is dat best moeilijk. De berichten die via dat contactformulier verzonden worden worden wel allemaal ontvangen op de hotmail account van de vereniging mvg

Ik gebruik MS outlook. Ik bouw en onderhou ook een website (www.hvhetslot.nl) Daar zit een contact formulier in en als ik daar een bericht verstuur naar het emailadres van de vereniging (dat heb ik niet onder beheer maar iemand anders) komt dat binnen in de map ongewenste email in de hotmail account van de vereniging

Ik heb nog een probleempje en ik denk dat het komt door b.g. probleem wat opgelost is Als ik van mijn computer een mailtje verstuur naar iemand dan komt dat af en toe in haar/zijn inbox als zg <ongewenste mail>> of <<spam>> Kan ik daar wat aan doen? Alvast bedankt voor uw antwoord mvg

Dat is heel duidelijke taal Bedankt!

Ok. ga ik doen! Bedankt voor alle hulp. Blijft alleen de vraag open of dit allemaal door Imesh komt. Ik begrijp het als jullie als forum daarop niet kunnen/willen antwoorden. Nogmaals bedankt mvg

Ik heb intussen Java deleted en installed maar alleen de versie 6 update 26. Is dat ok? Moet ik nu nog meer doen? Nogmaals bedankt mvg ---------- Post toegevoegd om 10:57 ---------- Vorige post was om 10:56 ---------- ok ik zal een nieuw HJT logje maken en sturen samen met MBAM log mvg ---------- Post toegevoegd om 11:00 ---------- Vorige post was om 10:57 ---------- HJT Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:58:11 AM, on 11/26/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe -- End of file - 8814 bytes MBAM log Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8245 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 11/26/2011 10:35:06 AM mbam-log-2011-11-26 (10-35-06).txt Scantype: Snelle scan Objecten gescand: 171240 Verstreken tijd: 5 minuut/minuten, 28 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) mvg ---------- Post toegevoegd om 11:01 ---------- Vorige post was om 11:00 ---------- HJT Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:58:11 AM, on 11/26/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe -- End of file - 8814 bytes MBAM log Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8245 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 11/26/2011 10:35:06 AM mbam-log-2011-11-26 (10-35-06).txt Scantype: Snelle scan Objecten gescand: 171240 Verstreken tijd: 5 minuut/minuten, 28 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) mvg ---------- Post toegevoegd om 11:09 ---------- Vorige post was om 11:01 ---------- uw vraag: Oplossing 2. Hiervoor moeten we weten welk programma de fout heeft veroorzaakt. Weet je nog wat je deed toen de foutmelding verscheen? Ik heb eigelijk alleen Imesh geprobeerd te verwijderen omdat ik dacht dat het daardoor kwam. De vraag is: Is dat ook zo? mvg

Bedankt voor uw hulp. Mbam, geupdated en gedraaid. 0 infected. zie log beneden. Ik neem aan dat ik dan niet nog een keer moet scannen? Ik ga nu Java verwijderen en opnieuw instaleren. Tenslotte nog een vraagje: Dat iMesh programma was de boosdoener. If so dan zal ik er voortaan geen gebruik van maken. Nogmaals bedankt mvg

hier is het file Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:10:09 PM, on 11/25/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office\1043\wfxmsrvr.exe C:\PROGRA~1\MICROS~2\Office\1043\OLFMOD32.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe -- End of file - 9914 bytes ---------- Post toegevoegd om 23:12 ---------- Vorige post was om 23:11 ----------

Ps ik ben bang dat het komt door een downloadprgamma dat ik geinstallerd had en weer verwijder IMESH

Goede morgen Ik kreeg ineens een melding en een berichtje op mijn desktop inzake runtime fatal error. De tekst ervan staat beneden. De vraag is: is dit ernstig? moet ik wat doen? Ik heb Antimalware laten lopen met 0 result en ook Avast geeft geen meldingen van foute bestanden. Alvast bedankt voor uw antwoord A fatal error has been detected by the Java Runtime Environment: # # EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x7c919af2, pid=980, tid=1716 # # JRE version: 6.0_29-b11 # Java VM: Java HotSpot Client VM (20.4-b02 mixed mode, sharing windows-x86 ) # Problematic frame: # C [ntdll.dll+0x19af2] # # If you would like to submit a bug report, please visit: # HotSpot Virtual Machine Error Reporting Page # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # --------------- T H R E A D --------------- Current thread (0x032dc400): JavaThread "AWT-Windows" daemon [_thread_in_native, id=1716, stack(0x00990000,0x00a90000)] siginfo: ExceptionCode=0xc0000005, writing address 0x00000010 Registers: EAX=0x00000000, EBX=0x00000000, ECX=0x00001384, EDX=0x0333c7c0 ESP=0x00a8fa6c, EBP=0x00a8fae0, ESI=0x0333c7b0, EDI=0x00000000 EIP=0x7c919af2, EFLAGS=0x00010246 Top of Stack: (sp=0x00a8fa6c) 0x00a8fa6c: 0333c7b0 0333c680 00000001 002e002c 0x00a8fa7c: 6d0c76d4 000404c8 0000982c 00a8fa78 0x00a8fa8c: 00000000 0000c053 00a8fa64 00000000 0x00a8fa9c: 00a8fb1c 7c809ad8 7c800c98 ffffffff 0x00a8faac: 7c800c90 7c804ed8 6d062a8c 6d062b18 0x00a8fabc: 6d102d8c 6d102d6c 6d102d70 6d06426c 0x00a8facc: 7e3ad312 0333c680 7e398b8c 00000000 0x00a8fadc: 00001384 00a8fb28 7c901046 0033c7b0 Instructions: (pc=0x7c919af2) 0x7c919ad2: 97 7c f6 d8 57 1b c0 f7 d0 25 e0 e1 97 7c 8b f8 0x7c919ae2: 8b 46 10 3b c3 89 45 fc 0f 84 9e 00 00 00 8b 06 0x7c919af2: ff 40 10 8b 45 fc 83 e0 01 89 45 e8 8b 06 ff 40 0x7c919b02: 14 f6 05 f0 02 fe 7f 01 0f 85 16 9d 02 00 39 5d Register to memory mapping: EAX=0x00000000 is an unknown value EBX=0x00000000 is an unknown value ECX=0x00001384 is an unknown value EDX=0x0333c7c0 is an unknown value ESP=0x00a8fa6c is pointing into the stack for thread: 0x032dc400 EBP=0x00a8fae0 is pointing into the stack for thread: 0x032dc400 ESI=0x0333c7b0 is an unknown value EDI=0x00000000 is an unknown value Stack: [0x00990000,0x00a90000], sp=0x00a8fa6c, free space=1022k Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code) C [ntdll.dll+0x19af2] RtlpWaitForCriticalSection+0x5b C [ntdll.dll+0x1046] RtlEnterCriticalSection+0x46 C [uSER32.dll+0x8734] GetDC+0x6d C [uSER32.dll+0x8816] GetDC+0x14f C [uSER32.dll+0x89cd] GetWindowLongW+0x127 C [uSER32.dll+0x8a10] DispatchMessageW+0xf Java frames: (J=compiled Java code, j=interpreted, Vv=VM code) j sun.awt.windows.WToolkit.eventLoop()V+0 j sun.awt.windows.WToolkit.run()V+52 v ~StubRoutines::call_stub --------------- P R O C E S S --------------- Java Threads: ( => current thread ) 0x02dc0400 JavaThread "Thread-3" daemon [_thread_in_native, id=2888, stack(0x03d30000,0x03d80000)] 0x032e4000 JavaThread "Thread-14" [_thread_blocked, id=2916, stack(0x03660000,0x036b0000)] 0x02db5c00 JavaThread "Timer-2" [_thread_blocked, id=3560, stack(0x03170000,0x031c0000)] 0x0333d000 JavaThread "thread applet-Sniklaas.class-1" [_thread_blocked, id=1532, stack(0x03700000,0x03750000)] 0x03330400 JavaThread "AWT-EventQueue-2" [_thread_in_native, id=3572, stack(0x039b0000,0x03a00000)] 0x03325c00 JavaThread "AWT-Shutdown" [_thread_blocked, id=3812, stack(0x03610000,0x03660000)] 0x0332c800 JavaThread "JVM[id=0]-Heartbeat" daemon [_thread_blocked, id=772, stack(0x03960000,0x039b0000)] 0x03317000 JavaThread "Browser Side Object Cleanup Thread" [_thread_blocked, id=3124, stack(0x03910000,0x03960000)] 0x03312c00 JavaThread "Windows Tray Icon Thread" [_thread_in_native, id=2352, stack(0x037a0000,0x037f0000)] 0x03310000 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=676, stack(0x03750000,0x037a0000)] 0x032ea400 JavaThread "CacheMemoryCleanUpThread" daemon [_thread_blocked, id=1696, stack(0x03280000,0x032d0000)] 0x032e2c00 JavaThread "SysExecutionTheadCreator" daemon [_thread_blocked, id=2320, stack(0x036b0000,0x03700000)] =>0x032dc400 JavaThread "AWT-Windows" daemon [_thread_in_native, id=1716, stack(0x00990000,0x00a90000)] 0x032d9800 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=2748, stack(0x03520000,0x03570000)] 0x032d4400 JavaThread "Java Plug-In Pipe Worker Thread (Client-Side)" daemon [_thread_in_native, id=2252, stack(0x034d0000,0x03520000)] 0x02dc4c00 JavaThread "Timer-0" [_thread_blocked, id=3072, stack(0x03230000,0x03280000)] 0x02d5d800 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=2504, stack(0x031e0000,0x03230000)] 0x02d41800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=4040, stack(0x02fb0000,0x03000000)] 0x02d32c00 JavaThread "C1 CompilerThread0" daemon [_thread_blocked, id=3204, stack(0x02f60000,0x02fb0000)] 0x02d31400 JavaThread "Attach Listener" daemon [_thread_blocked, id=444, stack(0x02f10000,0x02f60000)] 0x02d30000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=1648, stack(0x02ec0000,0x02f10000)] 0x02d2c800 JavaThread "Finalizer" daemon [_thread_blocked, id=1700, stack(0x02e70000,0x02ec0000)] 0x02d27c00 JavaThread "Reference Handler" daemon [_thread_blocked, id=1392, stack(0x02e20000,0x02e70000)] 0x00308000 JavaThread "main" [_thread_in_native, id=3116, stack(0x008e0000,0x00930000)] Other Threads: 0x02cebc00 VMThread [stack: 0x02dd0000,0x02e20000] [id=1472] 0x02d55000 WatcherThread [stack: 0x03000000,0x03050000] [id=2500] VM state:not at safepoint (normal execution) VM Mutex/Monitor currently owned by a thread: None Heap def new generation total 4928K, used 1806K [0x229e0000, 0x22f30000, 0x27f30000) eden space 4416K, 30% used [0x229e0000, 0x22b32530, 0x22e30000) from space 512K, 88% used [0x22e30000, 0x22ea1558, 0x22eb0000) to space 512K, 0% used [0x22eb0000, 0x22eb0000, 0x22f30000) tenured generation total 10944K, used 1736K [0x27f30000, 0x289e0000, 0x329e0000) the space 10944K, 15% used [0x27f30000, 0x280e2070, 0x280e2200, 0x289e0000) compacting perm gen total 12288K, used 3114K [0x329e0000, 0x335e0000, 0x369e0000) the space 12288K, 25% used [0x329e0000, 0x32ceabb8, 0x32ceac00, 0x335e0000) ro space 10240K, 51% used [0x369e0000, 0x36f0d0b8, 0x36f0d200, 0x373e0000) rw space 12288K, 54% used [0x373e0000, 0x37a79570, 0x37a79600, 0x37fe0000) Code Cache [0x00af0000, 0x00be8000, 0x02af0000) total_blobs=490 nmethods=272 adapters=154 free_code_cache=32541568 largest_free_block=0 Dynamic libraries: 0x00400000 - 0x00424000 C:\Program Files\Java\jre6\bin\java.exe 0x7c900000 - 0x7c9b8000 C:\WINDOWS\system32\ntdll.dll 0x7c7d0000 - 0x7c8d0000 C:\WINDOWS\system32\kernel32.dll 0x64d00000 - 0x64d34000 C:\Program Files\AVAST Software\Avast\snxhk.dll 0x77f40000 - 0x77feb000 C:\WINDOWS\system32\ADVAPI32.dll 0x77da0000 - 0x77e33000 C:\WINDOWS\system32\RPCRT4.dll 0x77f10000 - 0x77f21000 C:\WINDOWS\system32\Secur32.dll 0x7c340000 - 0x7c396000 C:\Program Files\Java\jre6\bin\msvcr71.dll 0x6d7f0000 - 0x6da9f000 C:\Program Files\Java\jre6\bin\client\jvm.dll 0x7e390000 - 0x7e421000 C:\WINDOWS\system32\USER32.dll 0x77e40000 - 0x77e89000 C:\WINDOWS\system32\GDI32.dll 0x76af0000 - 0x76b1e000 C:\WINDOWS\system32\WINMM.dll 0x76330000 - 0x7634d000 C:\WINDOWS\system32\IMM32.DLL 0x5d1a0000 - 0x5d1a7000 C:\WINDOWS\system32\serwvdrv.dll 0x5b4c0000 - 0x5b4c7000 C:\WINDOWS\system32\umdmxfrm.dll 0x6d7a0000 - 0x6d7ac000 C:\Program Files\Java\jre6\bin\verify.dll 0x6d320000 - 0x6d33f000 C:\Program Files\Java\jre6\bin\java.dll 0x6d000000 - 0x6d14c000 C:\Program Files\Java\jre6\bin\awt.dll 0x72f70000 - 0x72f96000 C:\WINDOWS\system32\WINSPOOL.DRV 0x77be0000 - 0x77c38000 C:\WINDOWS\system32\msvcrt.dll 0x774a0000 - 0x775de000 C:\WINDOWS\system32\ole32.dll 0x77390000 - 0x77493000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll 0x77e90000 - 0x77f06000 C:\WINDOWS\system32\SHLWAPI.dll 0x5b190000 - 0x5b1c8000 C:\WINDOWS\system32\uxtheme.dll 0x6d7e0000 - 0x6d7ef000 C:\Program Files\Java\jre6\bin\zip.dll 0x6d420000 - 0x6d426000 C:\Program Files\Java\jre6\bin\jp2native.dll 0x6d1d0000 - 0x6d1e3000 C:\Program Files\Java\jre6\bin\deploy.dll 0x77a40000 - 0x77ad6000 C:\WINDOWS\system32\CRYPT32.dll 0x77ae0000 - 0x77af2000 C:\WINDOWS\system32\MSASN1.dll 0x7c9c0000 - 0x7d1e2000 C:\WINDOWS\system32\SHELL32.dll 0x770e0000 - 0x7716b000 C:\WINDOWS\system32\OLEAUT32.dll 0x40ca0000 - 0x40d86000 C:\WINDOWS\system32\WININET.dll 0x03050000 - 0x03059000 C:\WINDOWS\system32\Normaliz.dll 0x456d0000 - 0x45803000 C:\WINDOWS\system32\urlmon.dll 0x41340000 - 0x4152b000 C:\WINDOWS\system32\iertutil.dll 0x6d6a0000 - 0x6d6e6000 C:\Program Files\Java\jre6\bin\regutils.dll 0x77bd0000 - 0x77bd8000 C:\WINDOWS\system32\VERSION.dll 0x6d600000 - 0x6d613000 C:\Program Files\Java\jre6\bin\net.dll 0x71a30000 - 0x71a47000 C:\WINDOWS\system32\WS2_32.dll 0x71a20000 - 0x71a28000 C:\WINDOWS\system32\WS2HELP.dll 0x6d620000 - 0x6d629000 C:\Program Files\Java\jre6\bin\nio.dll 0x746a0000 - 0x746ec000 C:\WINDOWS\system32\MSCTF.dll 0x75250000 - 0x7527e000 C:\WINDOWS\system32\msctfime.ime 0x6d230000 - 0x6d27f000 C:\Program Files\Java\jre6\bin\fontmanager.dll 0x719d0000 - 0x71a10000 C:\WINDOWS\System32\mswsock.dll 0x76ee0000 - 0x76f07000 C:\WINDOWS\system32\DNSAPI.dll 0x76d20000 - 0x76d39000 C:\WINDOWS\system32\iphlpapi.dll 0x76f70000 - 0x76f78000 C:\WINDOWS\System32\winrnr.dll 0x76f20000 - 0x76f4d000 C:\WINDOWS\system32\WLDAP32.dll 0x76f80000 - 0x76f86000 C:\WINDOWS\system32\rasadhlp.dll 0x61200000 - 0x61259000 C:\WINDOWS\system32\hnetcfg.dll 0x71a10000 - 0x71a18000 C:\WINDOWS\System32\wshtcpip.dll 0x6d1a0000 - 0x6d1c3000 C:\Program Files\Java\jre6\bin\dcpr.dll 0x68000000 - 0x68036000 C:\WINDOWS\system32\rsaenh.dll 0x76970000 - 0x76a25000 C:\WINDOWS\system32\USERENV.dll 0x6ff20000 - 0x6ff75000 C:\WINDOWS\system32\netapi32.dll 0x74db0000 - 0x74e1d000 C:\WINDOWS\system32\RICHED20.DLL 0x76bb0000 - 0x76bbb000 C:\WINDOWS\system32\PSAPI.DLL VM Arguments: jvm_args: -D__jvm_launched=3144973570 -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar -Dsun.awt.warmup=true java_command: sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid4092_pipe3,read_pipe_name=jpi2_pid4092_pipe2 Launcher Type: SUN_STANDARD Environment Variables: PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\WINDOWS\system32\WindowsPowerShell\v1.0 USERNAME=Eigenaar OS=Windows_NT PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel --------------- S Y S T E M --------------- OS: Windows XP Build 2600 Service Pack 3 CPU:total 1 (1 cores per cpu, 1 threads per core) family 15 model 2 stepping 9, cmov, cx8, fxsr, mmx, sse, sse2 Memory: 4k page, physical 2619376k(1970952k free), swap 3999400k(3473080k free) vm_info: Java HotSpot Client VM (20.4-b02) for windows-x86 JRE (1.6.0_29-b11), built on Oct 3 2011 01:01:08 by "java_re" with MS VC++ 7.1 (VS2003) time: Thu Nov 24 13:21:10 2011 elapsed time: 466 seconds

ja dacht ik ook aan. denk dat ik dat maar doe. Bedanklt voor de tip!

hallo allemaal Nadat ik vorige week perfect door jullie geholpen ben inzake het oplossen van het Perflib_Perdata probleem blijkt nu dat ik nog een (hopelijk klein) probleempje heb. Ik heb avast als antispy program. Als ik de computer opstart dan verschijnt het icoontje niet rechts onderin beeld Als ik dan op het programma op mijn desktop klik staan er alle groene vinkjes en de tekst Uw systeem is volledig beveiligd en het icoontje rechtsonder in verschijnt dan. Ik heb ook even gekeken via CCleaner in het start-up screen. daar staat Avast niet in Wel heb ik nu avast webrep onder de I.e. toolbar. Die had ik nooit. Ik heb via instelling de fabrieksinstelling ingeschakeld maar dat helpt ook Heeft iemand een idee bij voorbaat dank ---------- Post toegevoegd om 22:54 ---------- Vorige post was om 22:53 ---------- Het e.e.a is gebeurd (het niet verschijnen van het icoontje) nadat ik al die programma's gedraaid heb om het Perflib_Perdata probleem op te lossen

Alles dik in orde nu! Hartelijk dank voor de hulp mvg

daar ben ik weer. Bovenstaande instructies uitgevoerd. zie log files below. Maar eerst het volgende. Nadat Combofix klaar was kam er een pop-up met """"kan het bestand c:\docume>>>\eige>>>\Del\locals>>>\Temp\log.txt niet vinden. Ja nee of annuleren. Ik heb maar op ja gedrukt en een leeg kladblok kwam op. De >>> staat voor een liggende S (Kan het ymbool niet vinden) Verder Toen ik op internet kwam vroeg een pop-Up of ik I.E. Explorer als default browser wilde instellen. ook daar heb ik ja gezegd. Heb ik dat alles goed gedaan??? zie onder de log files: 3 files van combofix kwamen er op: MIsschien zit er een bij van een oudere datum? 1) ComboFix 11-10-02.01 - Eigenaar 10/02/2011 12:55:21.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2558.2058 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\QueryScan c:\documents and settings\Eigenaar.DELL\Application Data\completescan c:\documents and settings\Eigenaar.DELL\Application Data\install c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\1.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\a.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\b.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\c.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\d.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\e.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\f.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\g.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\h.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\i.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\J.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\k.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\l.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\m.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\n.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\o.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\p.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\q.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\r.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\s.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\t.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\u.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\v.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\w.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\x.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\y.xml c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\z.xml c:\program files\google\common\google updater\googleupdaterservice.exe c:\program files\MPAccess c:\program files\QueryScan c:\program files\QueryScan\uninstall.exe c:\windows\Downloaded Program Files\Install.inf c:\windows\IsUn0413.exe c:\windows\system32\comct332.ocx c:\windows\system32\DC120fc7_32.dll F:\autorun.inf . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MYWEBSEARCHSERVICE . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-02 to 2011-10-02 )))))))))))))))))))))))))))))) . . 2011-10-01 08:13 . 2011-10-01 08:13 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-30 18:37 . 2011-10-02 08:07 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend 2011-09-28 09:22 . 2011-09-28 10:15 -------- d-----w- c:\program files\Cobian Backup 10 2011-09-27 10:04 . 2011-09-27 10:04 -------- d-----w- c:\program files\DIFX 2011-09-24 14:37 . 2011-09-24 14:37 -------- d-----w- c:\program files\Speccy 2011-09-18 10:35 . 2011-09-18 10:35 -------- dc----w- c:\documents and settings\All Users\Application Data\NCH Software 2011-09-18 10:33 . 2011-09-18 10:33 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\NCH Software 2011-09-18 08:55 . 2011-09-18 08:55 -------- dc----w- c:\documents and settings\All Users\Application Data\Socusoft 2011-09-12 20:53 . 2011-09-12 20:53 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\nl.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1 2011-09-09 09:12 . 2011-09-09 09:12 602624 -c----w- c:\windows\system32\dllcache\crypt32.dll 2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll 2011-09-04 21:01 . 2011-09-04 21:01 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys 2011-09-04 08:06 . 2011-09-04 08:06 0 ---ha-w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\BIT9.tmp 2011-09-03 13:04 . 2007-01-31 17:01 256000 ----a-r- c:\windows\system32\drivers\netr73.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-25 19:29 . 2011-05-19 09:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-09 09:12 . 2004-08-04 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 20:45 . 2010-08-14 15:28 41184 ----a-w- c:\windows\avastSS.scr 2011-09-06 20:45 . 2010-08-14 15:28 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-09-06 20:38 . 2011-02-23 21:39 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-09-06 20:37 . 2010-08-14 15:28 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-09-06 20:36 . 2010-08-14 15:28 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-09-06 20:36 . 2010-08-14 15:28 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-09-06 20:36 . 2010-08-14 15:28 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-09-06 20:36 . 2010-08-14 15:28 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-09-06 20:36 . 2010-08-14 15:28 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-09-06 20:33 . 2010-08-14 15:28 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-08-31 15:00 . 2010-08-07 18:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-15 13:29 . 2004-08-04 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02 . 2004-08-04 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 1999-05-03 14:01 . 1999-05-03 14:01 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL 1998-12-08 23:53 . 1998-12-08 23:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL 1998-12-08 23:53 . 1998-12-08 23:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL 1998-12-08 23:53 . 1998-12-08 23:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL 1998-12-08 23:53 . 1998-12-08 23:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL 1998-12-08 23:53 . 1998-12-08 23:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-10 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LVCOMS"="c:\program files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2001-09-06 94208] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-02-10 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-10 118784] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk] backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Reality Fusion GameCam SE.lnk] backup=c:\windows\pss\Reality Fusion GameCam SE.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^hpqtra08.exe] path=c:\documents and settings\Eigenaar.DELL\Menu Start\Programma's\Opstarten\hpqtra08.exe backup=c:\windows\pss\hpqtra08.exeStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk] backup=c:\windows\pss\Secunia PSI.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] 2010-10-27 09:00 1015808 ----a-w- c:\program files\Ares\Ares.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2004-02-10 09:51 118784 ----a-w- c:\windows\system32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2008-06-02 07:28 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2004-02-10 09:55 155648 ----a-w- c:\windows\system32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS] 2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu] 2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor] 2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] 2010-12-20 21:18 20480 ----a-w- c:\program files\Real\RealPlayer\realplay.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2011-03-10 22:04 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\Hp\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"= "c:\\Program Files\\iMesh Applications\\MediaBar\\Datamngr\\ToolBar\\dtUser.exe"= "c:\\Program Files\\Ares\\Ares.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/23/2011 11:39 PM 442200] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/14/2010 5:28 PM 320856] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/14/2010 5:28 PM 20568] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/20/2010 4:38 PM 136176] S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8/20/2010 4:38 PM 136176] S3 netr73;Sitecom RT73 Wireless Driver for Vista;c:\windows\system32\drivers\netr73.sys [9/3/2011 3:04 PM 256000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc getPlusHelper REG_MULTI_SZ getPlusHelper . Inhoud van de 'Gedeelde Taken' map . 2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 14:38] . 2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 14:38] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ mSearch Bar = hxxp://www.google.com IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.0.1 DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} - hxxp://gocanaria.ath.cx:8000/kxhcm10.ocx DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) AddRemove-PuzzelMatch Kleurboek 1-2-3 nr.1 - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-02 13:13 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2488) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Maxtor\Sync\SyncServices.exe . ************************************************************************** . Voltooingstijd: 2011-10-02 13:25:24 - machine werd herstart ComboFix-quarantined-files.txt 2011-10-02 11:25 ComboFix2.txt 2010-08-08 10:25 . Pre-Run: 37,192,286,208 bytes beschikbaar Post-Run: 37,104,869,376 bytes beschikbaar . - - End Of File - - F286D03A71D870152913FDFD5EBB0E74 2) 2011-10-02 11:23:28 . 2011-10-02 11:23:28 662 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-PuzzelMatch Kleurboek 1-2-3 nr.1.reg.dat 2011-10-02 11:21:34 . 2011-10-02 11:21:34 159 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-10.reg.dat 2011-10-02 11:13:49 . 2011-10-02 11:13:49 313 -c--a-w- C:\Qoobox\Quarantine\F\av2.zip 2011-10-02 11:13:45 . 2010-08-08 10:32:46 55 -c--a-w- C:\Qoobox\Quarantine\F\autorun.inf.vir 2011-10-02 11:05:50 . 2011-10-02 11:05:50 892 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\Legacy_MYWEBSEARCHSERVICE.reg.dat 2011-10-02 11:05:23 . 2011-10-02 11:05:23 9,828 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2011-10-02 10:52:16 . 2011-10-02 10:52:16 51 -c--a-w- C:\Qoobox\Quarantine\catchme.log 2011-07-01 06:48:40 . 2011-07-02 10:24:56 80,770 ----a-w- C:\Qoobox\Quarantine\C\Program Files\QueryScan\uninstall.exe.vir 2011-06-20 20:10:25 . 2011-06-20 20:13:34 5,120 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\mru.xml.vir 2011-05-30 04:20:36 . 2011-05-30 04:20:36 45,048 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\w.xml.vir 2011-05-30 04:20:36 . 2011-05-30 04:20:36 4,760 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\x.xml.vir 2011-05-30 04:20:36 . 2011-05-30 04:20:36 13,264 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\y.xml.vir 2011-05-30 04:20:36 . 2011-05-30 04:20:36 12,784 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\z.xml.vir 2011-05-30 04:20:34 . 2011-05-30 04:20:34 116,328 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\t.xml.vir 2011-05-30 04:20:34 . 2011-05-30 04:20:34 23,936 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\u.xml.vir 2011-05-30 04:20:34 . 2011-05-30 04:20:34 31,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\v.xml.vir 2011-05-30 04:20:32 . 2011-05-30 04:20:32 203,952 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\s.xml.vir 2011-05-30 04:20:28 . 2011-05-30 04:20:28 45,656 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\r.xml.vir 2011-05-30 04:20:26 . 2011-05-30 04:20:26 101,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\p.xml.vir 2011-05-30 04:20:26 . 2011-05-30 04:20:26 6,712 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\q.xml.vir 2011-05-30 04:20:24 . 2011-05-30 04:20:24 38,048 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\n.xml.vir 2011-05-30 04:20:24 . 2011-05-30 04:20:24 43,024 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\o.xml.vir 2011-05-30 04:20:22 . 2011-05-30 04:20:22 109,664 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\m.xml.vir 2011-05-30 04:20:20 . 2011-05-30 04:20:20 38,776 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\k.xml.vir 2011-05-30 04:20:20 . 2011-05-30 04:20:20 78,400 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\l.xml.vir 2011-05-30 04:20:18 . 2011-05-30 04:20:18 58,272 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\h.xml.vir 2011-05-30 04:20:18 . 2011-05-30 04:20:18 51,728 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\i.xml.vir 2011-05-30 04:20:18 . 2011-05-30 04:20:18 36,216 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\J.xml.vir 2011-05-30 04:20:16 . 2011-05-30 04:20:16 83,136 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\g.xml.vir 2011-05-30 04:20:14 . 2011-05-30 04:20:14 115,448 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\e.xml.vir 2011-05-30 04:20:14 . 2011-05-30 04:20:14 70,088 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\f.xml.vir 2011-05-30 04:20:12 . 2011-05-30 04:20:12 107,272 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\d.xml.vir 2011-05-30 04:20:10 . 2011-05-30 04:20:10 176,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\c.xml.vir 2011-05-30 04:20:06 . 2011-05-30 04:20:06 161,632 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\b.xml.vir 2011-05-30 04:20:04 . 2011-05-30 04:20:04 141,592 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\a.xml.vir 2011-05-30 04:20:02 . 2011-05-30 04:20:02 38,584 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\1.xml.vir 2011-04-30 20:44:28 . 2011-04-30 21:17:17 6 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\completescan.vir 2011-04-30 20:40:33 . 2011-04-30 20:41:01 10 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\install.vir 2011-03-10 22:04:23 . 2011-03-10 22:04:23 182,768 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Google\Common\Google Updater\googleupdaterservice.exe.vir 2010-03-04 08:22:42 . 2010-03-04 08:22:42 462 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\Install.inf.vir 2008-02-09 16:56:10 . 1999-08-04 11:00:00 522,752 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\DC120fc7_32.dll.vir 2008-01-29 20:39:23 . 1998-11-13 12:08:20 308,224 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\IsUn0413.exe.vir 2008-01-18 16:02:21 . 1999-05-07 12:24:20 414,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\comct332.ocx.vir 3) ComboFix 10-08-07.02 - Eigenaar 08/08/2010 12:10:43.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.325 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Eigenaar.DELL\Mijn documenten\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Panda Security c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2KRN_DATA c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM2 c:\program files\Panda Security\ActiveScan 2.0\nanocache.fil2 c:\program files\Panda Security\ActiveScan 2.0\pav.sig c:\program files\Panda Security\ActiveScan 2.0\pavvts.dat c:\program files\Panda Security\ActiveScan 2.0\psnengav.nsc c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext F:\autorun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 )))))))))))))))))))))))))))))) . 2010-08-08 08:19 . 2010-08-08 09:54 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend 2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Malwarebytes 2010-08-07 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-07 18:12 . 2010-08-07 18:12 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-07 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-07 13:17 . 2010-08-07 13:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira 2010-08-07 12:06 . 2010-08-07 12:06 -------- d-----r- c:\documents and settings\LocalService\Favorieten 2010-08-07 09:59 . 2010-08-07 09:59 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Avira 2010-08-07 09:53 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-08-07 09:53 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-08-07 09:53 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-08-07 09:53 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-08-07 09:53 . 2010-08-07 09:53 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira 2010-08-07 09:53 . 2010-08-07 09:53 -------- d-----w- c:\program files\Avira 2010-08-07 09:12 . 2010-08-07 09:12 -------- d-----w- c:\program files\Trend Micro 2010-08-06 09:17 . 2010-08-06 09:17 -------- d-----w- c:\program files\Uniblue 2010-08-06 08:51 . 2010-08-06 08:51 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Agics 2010-08-04 14:03 . 2010-08-04 14:03 -------- d-----w- c:\windows\system32\wbem\Repository 2010-08-03 09:27 . 2010-08-04 14:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-29 22:31 . 2010-07-29 22:31 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\IsolatedStorage 2010-07-13 21:09 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-07 09:12 . 2010-08-07 09:12 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-06 09:28 . 2008-08-18 08:22 -------- d-----w- c:\program files\CCleaner 2010-08-06 09:17 . 2009-08-14 21:28 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Uniblue 2010-08-05 13:31 . 2010-08-05 13:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcp71.dll 2010-08-05 13:31 . 2010-08-05 13:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\jmc.dll 2010-08-05 13:31 . 2010-08-05 13:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcr71.dll 2010-08-05 13:31 . 2010-08-05 13:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-sse.dll 2010-08-05 13:31 . 2010-08-05 13:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-d3d.dll 2010-08-04 14:02 . 2009-06-27 20:28 -------- d-----w- c:\program files\Free Offers from Freeze.com 2010-07-29 09:32 . 2009-08-28 22:22 -------- d-----w- c:\program files\Defraggler 2010-07-16 22:30 . 2010-07-16 22:30 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_hellboy.0200f4406079039e4f9f4fd4269c6144.dll 2010-07-16 22:30 . 2010-07-16 22:30 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_hellboy.2389dbbb7a92af30b5bb4e62701f18a5.dll 2010-07-16 22:28 . 2010-07-16 22:28 626688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jan_2010.114da6697b16a4308920de3f00df9d11.dll 2010-07-16 22:27 . 2010-07-16 22:27 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jan_2010.6ce545b01335b0127c2a55cc392a24e6.dll 2010-07-16 22:15 . 2010-07-16 22:15 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jan_2010.d3c0a2c195757b5887793e496479436f.dll 2010-07-16 22:15 . 2010-07-16 22:15 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_jan_2010.734d2ae11536c3d1a34ecdb91aaab798.dll 2010-07-16 11:38 . 2010-07-16 11:38 1298432 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_fairdrivebonus.c758372be753af44acdea3ddd4c0b015.dll 2010-07-16 11:37 . 2010-07-16 11:37 1306624 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_greenbonus.6150c13bb168b4b80750f08a02e28a9e.dll 2010-07-16 11:27 . 2010-07-16 11:27 1011712 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_july_2010.934131b7e2f15e0deb06b4e317c6c108.dll 2010-07-16 11:27 . 2010-07-16 11:27 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_july_2010.9c1607d40a53de9ef91918fa73cf99d0.dll 2010-07-16 11:27 . 2010-07-16 11:27 696320 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_july_2010.23b0661a6bd3570a6d2da1750a0085ca.dll 2010-07-16 11:27 . 2010-07-16 11:27 1286144 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\dragonladybonus.2ddbbf43b6d3b001ca5ad84e9dc4e54d.dll 2010-07-16 11:27 . 2010-07-16 11:27 2052096 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_july_2010.9f48110b234a40c3be22491a86bde221.dll 2010-07-16 11:27 . 2010-07-16 11:27 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_july_2010.3e886f3e2ac4872e018f5e377cc83ee6.dll 2010-07-16 11:06 . 2010-07-16 11:06 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010.efc83f7d6106f6f7311664ff1b2b2a32.dll 2010-07-16 11:06 . 2010-07-16 11:06 897024 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglecollectbonus.596cdc646662e46fb224ad69f0d29c52.dll 2010-07-16 11:02 . 2010-07-16 11:02 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010_ts2.010d658f2ae9013a31869ea2a90f670a.dll 2010-07-16 11:02 . 2010-07-16 11:02 1253376 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglebonus.1a195cb4fbfbdacf89c6d27c99a6de3d.dll 2010-07-16 11:01 . 2010-07-16 11:01 1273856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\progressivepickxofybonus_gao_may_2010_ts2.3570ad65954894854a4b31a8a356f0d8.dll 2010-07-16 11:00 . 2010-07-16 11:00 1654784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010.e60a82cb58fa330160e763dfeb0216d7.dll 2010-07-16 10:55 . 2010-07-16 10:55 962560 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickuntilbonus_gao_may_2010.51a9dc144ac371f77832e6c933f17727.dll 2010-07-16 10:54 . 2010-07-16 10:54 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010_ts2.0452ecc824ce8f16f726aeca77ff7172.dll 2010-07-16 10:52 . 2010-07-16 10:52 647168 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jun_2010.d455e3e6fd646b2b4ff2d1415e18a526.dll 2010-07-16 10:44 . 2010-07-16 10:44 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010.2405f0d3d8c04e05ae817cdad30d69ce.dll 2010-07-16 10:44 . 2010-07-16 10:44 2023424 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010_ts2.f8d4d9cfbfb83922a1dd69fdf7c205ec.dll 2010-07-16 10:33 . 2010-07-16 10:33 1691648 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_jun_2010.e94e166b3e5fdfc627184eb59be56c08.dll 2010-07-16 10:33 . 2010-07-16 10:33 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jun_2010.a30d1768b69cfafa9177550a249e5143.dll 2010-07-16 10:33 . 2010-07-16 10:33 905216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\soccerbonus.e748cc00ac46bd91666eb47f10b5b6e5.dll 2010-07-16 10:29 . 2010-07-16 10:29 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jun_2010.671a4e67b9b7512fd028318bbf42d763.dll 2010-07-16 10:20 . 2010-07-16 10:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_may_2010.327983cc45ba0730f50c5a42b7bffc26.dll 2010-07-16 10:20 . 2010-07-16 10:20 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_hellboy.ee1c177b2b367dc15184591e57db5798.dll 2010-07-15 21:23 . 2010-07-15 21:23 1650688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_mar_2010.011b7c042032e11252156706d78b5e83.dll 2010-07-15 21:22 . 2010-07-15 21:22 708608 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_mar_2010.00e558dbf98f160d236f0e738de93c37.dll 2010-07-15 21:20 . 2010-07-15 21:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_mar_2010.e5e91d49a18e4440b5a76ddd6446140c.dll 2010-07-15 21:19 . 2010-07-15 21:19 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_mar_2010.05a7fd71980574f91eb4c1420f71b1f7.dll 2010-07-11 11:13 . 2008-02-11 14:36 -------- dc----w- c:\documents and settings\All Users\Application Data\MGS 2010-07-11 11:09 . 2010-07-11 11:09 225552 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\videopokersuite1.e45a40be28c5bc5514b9e806f30cdc6f.dll 2010-07-11 11:09 . 2010-07-11 11:09 536576 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldplugin.a5e08942278dbb53df46a8a9523a445b.dll 2010-07-11 11:09 . 2010-07-11 11:09 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll 2010-07-11 11:08 . 2010-07-11 11:08 602112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.f7a40649bbd758b8f99cf67e1769d71c.dll 2010-07-11 11:08 . 2010-07-11 11:08 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll 2010-07-11 11:01 . 2010-07-11 11:01 372736 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_threereelslottour.56771e0804a357b382c833fa1cc8338b.dll 2010-07-11 11:00 . 2010-07-11 11:00 212992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_type_3reelnormal1_2.a6fd3910e9b23c299d2e5b44aaea7530.dll 2010-07-11 10:59 . 2010-07-11 10:59 307300 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjackplugin.0b33c40e992b0cec60ff557d251457d2.dll 2010-07-11 10:59 . 2010-07-11 10:59 335976 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvtabletournamentlobby.fc620794b1b18938b640573c722b3922.dll 2010-07-11 10:58 . 2010-07-11 10:58 311398 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjacktourxxx.96f2985eb296e0eeb1592aacd45d6e4c.dll 2010-07-11 10:43 . 2010-07-11 10:43 188416 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptleaderboard.4146c172bd98dcfce86f1098fd229eb4.dll 2010-07-11 10:42 . 2010-07-11 10:42 94208 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.461d2601d0d39d2e2d5cd4a02a2b3087.dll 2010-07-11 10:42 . 2010-07-11 10:42 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunetransition.cdb6c11f100d3a3cb0c0550c21b277e4.dll 2010-07-11 10:41 . 2010-07-11 10:41 1568768 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune.b328b57943682e2d7fd4847916ff9b2b.dll 2010-07-11 10:41 . 2010-07-11 10:41 913680 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.1f8183fa66e67576038aca6f8bbaa5aa.dll 2010-07-11 10:40 . 2010-07-11 10:40 1232896 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_gspider.770d41ad6c8d6246716f0968e4501795.dll 2010-07-11 10:39 . 2010-07-11 10:39 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_septgao_09.7dc488ed3eadaa7b6b5d08dbca4c71cf.dll 2010-07-11 10:39 . 2010-07-11 10:39 1236992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_spiderbonus.c6f7df06987955caf77bb513ebf7e5b5.dll 2010-07-11 10:36 . 2010-07-11 10:36 1609728 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_tggg.1a1d0cf38dbf32cac78a651320f71d98.dll 2010-07-11 10:36 . 2010-07-11 10:36 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunexxx.88b69b79191872d92329d1cfa9817586.dll 2010-07-11 10:36 . 2010-07-11 10:36 376832 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.c25cbc913a8fbff25d5ff4436d66df8a.dll 2010-07-11 10:35 . 2010-07-11 10:35 1478656 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.1d6c52060a19ffc8e8529c6648d8f610.dll 2010-07-11 10:35 . 2010-07-11 10:35 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp2.46a4643f83fb4fee5edbd7b72ebf781d.dll 2010-07-11 10:35 . 2010-07-11 10:35 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_crankbonus.79fd1aae910e128f743d90232d089b3b.dll 2010-07-11 10:34 . 2010-07-11 10:34 1638400 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.246c971e5683180dd3d0e381fb6d8651.dll 2010-07-11 10:34 . 2010-07-11 10:34 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1.a5649140bdbd3a1f7c08b381be6f0a22.dll 2010-07-11 10:33 . 2010-07-11 10:33 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_octgao_09.27dbd220adee9f16140622d34764fadb.dll 2010-07-11 10:33 . 2010-07-11 10:33 1626112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_flightzone.120e06d45a565cdc8a97a294773b7eb8.dll 2010-07-11 10:31 . 2010-07-11 10:31 246032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\powerpokersuite1_nl.4b954e6e9e7bfe3947a12889040c706e.dll 2010-07-11 10:28 . 2010-07-11 10:28 65536 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\void.df7f7ef643b2f9803f9738f1b85d08e7.dll 2010-07-11 10:27 . 2010-07-11 10:27 471040 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.165da379d8a0adee611c449ba3662532.dll 2010-07-10 17:04 . 2009-09-04 21:07 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT 2010-07-10 17:03 . 2009-09-04 20:47 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT 2010-06-28 20:15 . 2009-12-20 13:15 -------- d-----w- c:\program files\EUcasino 2010-06-24 21:10 . 2010-06-24 21:08 -------- d-----w- c:\program files\RadioBar 2010-06-24 21:08 . 2010-06-24 21:08 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\RadioBar 2010-06-23 14:31 . 2004-08-04 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat 2010-06-23 14:31 . 2004-08-04 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat 2010-06-14 14:31 . 2008-01-18 14:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-01 17:37 . 2010-05-12 08:14 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-24 08:31 . 2010-05-24 08:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcp71.dll 2010-05-24 08:31 . 2010-05-24 08:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\jmc.dll 2010-05-24 08:31 . 2010-05-24 08:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcr71.dll 2010-05-24 08:31 . 2010-05-24 08:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-sse.dll 2010-05-24 08:31 . 2010-05-24 08:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-d3d.dll 2010-05-12 12:22 . 2010-05-12 12:22 393216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll 2010-05-12 12:22 . 2010-05-12 12:22 352256 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll 2010-05-12 12:13 . 2010-05-12 12:13 1171456 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll 2010-05-12 12:11 . 2010-05-12 12:11 1204224 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll 2010-05-12 12:03 . 2010-05-12 12:03 1142784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll 2010-05-12 12:01 . 2010-05-12 12:01 1290240 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll 2010-05-12 12:01 . 2010-05-12 12:01 827392 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll 2010-05-12 12:01 . 2010-05-12 12:01 1196032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll 2010-05-12 11:39 . 2010-05-12 11:39 499984 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll . ((((((((((((((((((((((((((((( SnapShot@2010-08-08_09.24.58 ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-08 09:40 . 2010-08-08 09:40 16384 c:\windows\Temp\Perflib_Perfdata_6b0.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Sitecom Wireless Network USB Adapter Turbo G WL-172\Installer\WLANUTL.EXE [2010-3-31 913408] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk] backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk] backup=c:\windows\pss\Secunia PSI.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2003-04-06 22:07 114688 -c--a-w- c:\windows\system32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2008-03-13 08:34 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2003-04-06 22:19 155648 ----a-w- c:\windows\system32\igfxtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS] 2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu] 2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor] 2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] 2007-03-04 16:06 673280 ----a-w- c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/7/2010 11:53 AM 135336] S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc getPlusHelper REG_MULTI_SZ getPlusHelper . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-08 12:19 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(656) c:\windows\system32\NTMARTA.DLL . Voltooingstijd: 2010-08-08 12:25:19 ComboFix-quarantined-files.txt 2010-08-08 10:25 ComboFix2.txt 2010-08-08 09:30 Pre-Run: 53,177,044,992 bytes beschikbaar Post-Run: 53,187,727,360 bytes beschikbaar - - End Of File - - 1CC087BCCF9A9AEF8DB9BE617CC23E59 HijckThis ComboFix 10-08-07.02 - Eigenaar 08/08/2010 12:10:43.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.325 [GMT 2:00] Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Eigenaar.DELL\Mijn documenten\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Panda Security c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2KRN_DATA c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM2 c:\program files\Panda Security\ActiveScan 2.0\nanocache.fil2 c:\program files\Panda Security\ActiveScan 2.0\pav.sig c:\program files\Panda Security\ActiveScan 2.0\pavvts.dat c:\program files\Panda Security\ActiveScan 2.0\psnengav.nsc c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext F:\autorun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 )))))))))))))))))))))))))))))) . 2010-08-08 08:19 . 2010-08-08 09:54 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend 2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Malwarebytes 2010-08-07 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-07 18:12 . 2010-08-07 18:12 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-07 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-07 13:17 . 2010-08-07 13:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira 2010-08-07 12:06 . 2010-08-07 12:06 -------- d-----r- c:\documents and settings\LocalService\Favorieten 2010-08-07 09:59 . 2010-08-07 09:59 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Avira 2010-08-07 09:53 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-08-07 09:53 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-08-07 09:53 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-08-07 09:53 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-08-07 09:53 . 2010-08-07 09:53 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira 2010-08-07 09:53 . 2010-08-07 09:53 -------- d-----w- c:\program files\Avira 2010-08-07 09:12 . 2010-08-07 09:12 -------- d-----w- c:\program files\Trend Micro 2010-08-06 09:17 . 2010-08-06 09:17 -------- d-----w- c:\program files\Uniblue 2010-08-06 08:51 . 2010-08-06 08:51 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Agics 2010-08-04 14:03 . 2010-08-04 14:03 -------- d-----w- c:\windows\system32\wbem\Repository 2010-08-03 09:27 . 2010-08-04 14:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-29 22:31 . 2010-07-29 22:31 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\IsolatedStorage 2010-07-13 21:09 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-07 09:12 . 2010-08-07 09:12 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-06 09:28 . 2008-08-18 08:22 -------- d-----w- c:\program files\CCleaner 2010-08-06 09:17 . 2009-08-14 21:28 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Uniblue 2010-08-05 13:31 . 2010-08-05 13:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcp71.dll 2010-08-05 13:31 . 2010-08-05 13:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\jmc.dll 2010-08-05 13:31 . 2010-08-05 13:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcr71.dll 2010-08-05 13:31 . 2010-08-05 13:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-sse.dll 2010-08-05 13:31 . 2010-08-05 13:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-d3d.dll 2010-08-04 14:02 . 2009-06-27 20:28 -------- d-----w- c:\program files\Free Offers from Freeze.com 2010-07-29 09:32 . 2009-08-28 22:22 -------- d-----w- c:\program files\Defraggler 2010-07-16 22:30 . 2010-07-16 22:30 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_hellboy.0200f4406079039e4f9f4fd4269c6144.dll 2010-07-16 22:30 . 2010-07-16 22:30 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_hellboy.2389dbbb7a92af30b5bb4e62701f18a5.dll 2010-07-16 22:28 . 2010-07-16 22:28 626688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jan_2010.114da6697b16a4308920de3f00df9d11.dll 2010-07-16 22:27 . 2010-07-16 22:27 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jan_2010.6ce545b01335b0127c2a55cc392a24e6.dll 2010-07-16 22:15 . 2010-07-16 22:15 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jan_2010.d3c0a2c195757b5887793e496479436f.dll 2010-07-16 22:15 . 2010-07-16 22:15 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_jan_2010.734d2ae11536c3d1a34ecdb91aaab798.dll 2010-07-16 11:38 . 2010-07-16 11:38 1298432 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_fairdrivebonus.c758372be753af44acdea3ddd4c0b015.dll 2010-07-16 11:37 . 2010-07-16 11:37 1306624 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_greenbonus.6150c13bb168b4b80750f08a02e28a9e.dll 2010-07-16 11:27 . 2010-07-16 11:27 1011712 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_july_2010.934131b7e2f15e0deb06b4e317c6c108.dll 2010-07-16 11:27 . 2010-07-16 11:27 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_july_2010.9c1607d40a53de9ef91918fa73cf99d0.dll 2010-07-16 11:27 . 2010-07-16 11:27 696320 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_july_2010.23b0661a6bd3570a6d2da1750a0085ca.dll 2010-07-16 11:27 . 2010-07-16 11:27 1286144 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\dragonladybonus.2ddbbf43b6d3b001ca5ad84e9dc4e54d.dll 2010-07-16 11:27 . 2010-07-16 11:27 2052096 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_july_2010.9f48110b234a40c3be22491a86bde221.dll 2010-07-16 11:27 . 2010-07-16 11:27 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_july_2010.3e886f3e2ac4872e018f5e377cc83ee6.dll 2010-07-16 11:06 . 2010-07-16 11:06 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010.efc83f7d6106f6f7311664ff1b2b2a32.dll 2010-07-16 11:06 . 2010-07-16 11:06 897024 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglecollectbonus.596cdc646662e46fb224ad69f0d29c52.dll 2010-07-16 11:02 . 2010-07-16 11:02 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010_ts2.010d658f2ae9013a31869ea2a90f670a.dll 2010-07-16 11:02 . 2010-07-16 11:02 1253376 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglebonus.1a195cb4fbfbdacf89c6d27c99a6de3d.dll 2010-07-16 11:01 . 2010-07-16 11:01 1273856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\progressivepickxofybonus_gao_may_2010_ts2.3570ad65954894854a4b31a8a356f0d8.dll 2010-07-16 11:00 . 2010-07-16 11:00 1654784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010.e60a82cb58fa330160e763dfeb0216d7.dll 2010-07-16 10:55 . 2010-07-16 10:55 962560 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickuntilbonus_gao_may_2010.51a9dc144ac371f77832e6c933f17727.dll 2010-07-16 10:54 . 2010-07-16 10:54 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010_ts2.0452ecc824ce8f16f726aeca77ff7172.dll 2010-07-16 10:52 . 2010-07-16 10:52 647168 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jun_2010.d455e3e6fd646b2b4ff2d1415e18a526.dll 2010-07-16 10:44 . 2010-07-16 10:44 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010.2405f0d3d8c04e05ae817cdad30d69ce.dll 2010-07-16 10:44 . 2010-07-16 10:44 2023424 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010_ts2.f8d4d9cfbfb83922a1dd69fdf7c205ec.dll 2010-07-16 10:33 . 2010-07-16 10:33 1691648 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_jun_2010.e94e166b3e5fdfc627184eb59be56c08.dll 2010-07-16 10:33 . 2010-07-16 10:33 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jun_2010.a30d1768b69cfafa9177550a249e5143.dll 2010-07-16 10:33 . 2010-07-16 10:33 905216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\soccerbonus.e748cc00ac46bd91666eb47f10b5b6e5.dll 2010-07-16 10:29 . 2010-07-16 10:29 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jun_2010.671a4e67b9b7512fd028318bbf42d763.dll 2010-07-16 10:20 . 2010-07-16 10:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_may_2010.327983cc45ba0730f50c5a42b7bffc26.dll 2010-07-16 10:20 . 2010-07-16 10:20 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_hellboy.ee1c177b2b367dc15184591e57db5798.dll 2010-07-15 21:23 . 2010-07-15 21:23 1650688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_mar_2010.011b7c042032e11252156706d78b5e83.dll 2010-07-15 21:22 . 2010-07-15 21:22 708608 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_mar_2010.00e558dbf98f160d236f0e738de93c37.dll 2010-07-15 21:20 . 2010-07-15 21:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_mar_2010.e5e91d49a18e4440b5a76ddd6446140c.dll 2010-07-15 21:19 . 2010-07-15 21:19 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_mar_2010.05a7fd71980574f91eb4c1420f71b1f7.dll 2010-07-11 11:13 . 2008-02-11 14:36 -------- dc----w- c:\documents and settings\All Users\Application Data\MGS 2010-07-11 11:09 . 2010-07-11 11:09 225552 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\videopokersuite1.e45a40be28c5bc5514b9e806f30cdc6f.dll 2010-07-11 11:09 . 2010-07-11 11:09 536576 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldplugin.a5e08942278dbb53df46a8a9523a445b.dll 2010-07-11 11:09 . 2010-07-11 11:09 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll 2010-07-11 11:08 . 2010-07-11 11:08 602112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.f7a40649bbd758b8f99cf67e1769d71c.dll 2010-07-11 11:08 . 2010-07-11 11:08 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll 2010-07-11 11:01 . 2010-07-11 11:01 372736 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_threereelslottour.56771e0804a357b382c833fa1cc8338b.dll 2010-07-11 11:00 . 2010-07-11 11:00 212992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_type_3reelnormal1_2.a6fd3910e9b23c299d2e5b44aaea7530.dll 2010-07-11 10:59 . 2010-07-11 10:59 307300 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjackplugin.0b33c40e992b0cec60ff557d251457d2.dll 2010-07-11 10:59 . 2010-07-11 10:59 335976 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvtabletournamentlobby.fc620794b1b18938b640573c722b3922.dll 2010-07-11 10:58 . 2010-07-11 10:58 311398 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjacktourxxx.96f2985eb296e0eeb1592aacd45d6e4c.dll 2010-07-11 10:43 . 2010-07-11 10:43 188416 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptleaderboard.4146c172bd98dcfce86f1098fd229eb4.dll 2010-07-11 10:42 . 2010-07-11 10:42 94208 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.461d2601d0d39d2e2d5cd4a02a2b3087.dll 2010-07-11 10:42 . 2010-07-11 10:42 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunetransition.cdb6c11f100d3a3cb0c0550c21b277e4.dll 2010-07-11 10:41 . 2010-07-11 10:41 1568768 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune.b328b57943682e2d7fd4847916ff9b2b.dll 2010-07-11 10:41 . 2010-07-11 10:41 913680 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.1f8183fa66e67576038aca6f8bbaa5aa.dll 2010-07-11 10:40 . 2010-07-11 10:40 1232896 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_gspider.770d41ad6c8d6246716f0968e4501795.dll 2010-07-11 10:39 . 2010-07-11 10:39 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_septgao_09.7dc488ed3eadaa7b6b5d08dbca4c71cf.dll 2010-07-11 10:39 . 2010-07-11 10:39 1236992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_spiderbonus.c6f7df06987955caf77bb513ebf7e5b5.dll 2010-07-11 10:36 . 2010-07-11 10:36 1609728 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_tggg.1a1d0cf38dbf32cac78a651320f71d98.dll 2010-07-11 10:36 . 2010-07-11 10:36 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunexxx.88b69b79191872d92329d1cfa9817586.dll 2010-07-11 10:36 . 2010-07-11 10:36 376832 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.c25cbc913a8fbff25d5ff4436d66df8a.dll 2010-07-11 10:35 . 2010-07-11 10:35 1478656 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.1d6c52060a19ffc8e8529c6648d8f610.dll 2010-07-11 10:35 . 2010-07-11 10:35 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp2.46a4643f83fb4fee5edbd7b72ebf781d.dll 2010-07-11 10:35 . 2010-07-11 10:35 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_crankbonus.79fd1aae910e128f743d90232d089b3b.dll 2010-07-11 10:34 . 2010-07-11 10:34 1638400 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.246c971e5683180dd3d0e381fb6d8651.dll 2010-07-11 10:34 . 2010-07-11 10:34 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1.a5649140bdbd3a1f7c08b381be6f0a22.dll 2010-07-11 10:33 . 2010-07-11 10:33 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_octgao_09.27dbd220adee9f16140622d34764fadb.dll 2010-07-11 10:33 . 2010-07-11 10:33 1626112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_flightzone.120e06d45a565cdc8a97a294773b7eb8.dll 2010-07-11 10:31 . 2010-07-11 10:31 246032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\powerpokersuite1_nl.4b954e6e9e7bfe3947a12889040c706e.dll 2010-07-11 10:28 . 2010-07-11 10:28 65536 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\void.df7f7ef643b2f9803f9738f1b85d08e7.dll 2010-07-11 10:27 . 2010-07-11 10:27 471040 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.165da379d8a0adee611c449ba3662532.dll 2010-07-10 17:04 . 2009-09-04 21:07 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT 2010-07-10 17:03 . 2009-09-04 20:47 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT 2010-06-28 20:15 . 2009-12-20 13:15 -------- d-----w- c:\program files\EUcasino 2010-06-24 21:10 . 2010-06-24 21:08 -------- d-----w- c:\program files\RadioBar 2010-06-24 21:08 . 2010-06-24 21:08 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\RadioBar 2010-06-23 14:31 . 2004-08-04 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat 2010-06-23 14:31 . 2004-08-04 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat 2010-06-14 14:31 . 2008-01-18 14:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-01 17:37 . 2010-05-12 08:14 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-24 08:31 . 2010-05-24 08:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcp71.dll 2010-05-24 08:31 . 2010-05-24 08:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\jmc.dll 2010-05-24 08:31 . 2010-05-24 08:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcr71.dll 2010-05-24 08:31 . 2010-05-24 08:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-sse.dll 2010-05-24 08:31 . 2010-05-24 08:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-d3d.dll 2010-05-12 12:22 . 2010-05-12 12:22 393216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll 2010-05-12 12:22 . 2010-05-12 12:22 352256 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll 2010-05-12 12:13 . 2010-05-12 12:13 1171456 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll 2010-05-12 12:11 . 2010-05-12 12:11 1204224 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll 2010-05-12 12:03 . 2010-05-12 12:03 1142784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll 2010-05-12 12:01 . 2010-05-12 12:01 1290240 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll 2010-05-12 12:01 . 2010-05-12 12:01 827392 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll 2010-05-12 12:01 . 2010-05-12 12:01 1196032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll 2010-05-12 11:39 . 2010-05-12 11:39 499984 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll . ((((((((((((((((((((((((((((( SnapShot@2010-08-08_09.24.58 ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-08 09:40 . 2010-08-08 09:40 16384 c:\windows\Temp\Perflib_Perfdata_6b0.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Sitecom Wireless Network USB Adapter Turbo G WL-172\Installer\WLANUTL.EXE [2010-3-31 913408] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk] backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk] backup=c:\windows\pss\Secunia PSI.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2003-04-06 22:07 114688 -c--a-w- c:\windows\system32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2008-03-13 08:34 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2003-04-06 22:19 155648 ----a-w- c:\windows\system32\igfxtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS] 2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu] 2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor] 2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] 2007-03-04 16:06 673280 ----a-w- c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/7/2010 11:53 AM 135336] S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc getPlusHelper REG_MULTI_SZ getPlusHelper . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-08 12:19 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(656) c:\windows\system32\NTMARTA.DLL . Voltooingstijd: 2010-08-08 12:25:19 ComboFix-quarantined-files.txt 2010-08-08 10:25 ComboFix2.txt 2010-08-08 09:30 Pre-Run: 53,177,044,992 bytes beschikbaar Post-Run: 53,187,727,360 bytes beschikbaar - - End Of File - - 1CC087BCCF9A9AEF8DB9BE617CC23E59 ---------- Post toegevoegd om 13:45 ---------- Vorige post was om 13:43 ---------- Ik doe verder nog maar even niets tot ik van u verdere instructies krijg alvast bedankt!

hier is het log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:15:01 AM, on 10/1/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe -- End of file - 9992 bytes

Ja dat heb ik gedaan tot alles helemaal schoon was. Daarna weer geprobeerd om te copy-en en nu geeft hij aan dat Perflib_Perdata_78 in gebruik is door een ander programma. De getallen worden anders dat is het enige

heel duiidelijk! Bedankt ga ik doen Een vraagje nog Als ik kijk naar Performance LOgs and Alert dan staat er OPSTART TYPE HANDMATIG en Aanmelden als Netwerkservice. Moet ik nadat ik het bovenstaande heb gedaan dit weer terug zetten zoals het nu is alvast bedankt ---------- Post toegevoegd om 14:28 ---------- Vorige post was om 14:25 ---------- Nu ik er nog eens naar kijk denk ik dat hij al gestopt was omdat ik alleen de optie starten en allen starten en vernieuwen open heb staan. Stoppen is niet aanklikbaar Dus wat nu te doen

hallo, Ik heb een probleempje met het copieren van alle windows programma naar mijn externe schijf (backup) Als ik op het mapje windows druk en het wil copieeren naar mijn F schijf (extern) stop het proces en verschijnt er een pop-up dat Perflib_Perdata_220 in gebruik is door een ander programma. Ik heb het al eerder gedan en toen kwam de pop-up met Perflib_Perdata_174 Ik heb het hele systeem uitgebreid gescanned met Avast en Anti Malware (malwarebyte's) Ik heb het geprobeerd met Avast uitgeschakeld. Ook niets. Alle programma's )zover ik weet) waren gesloten Wie kan me helpen Alvast bedankt ---------- Post toegevoegd om 10:32 ---------- Vorige post was om 10:30 ---------- Ik heb ook nog geprobeerd om via het Windows zoekprogramma's Perflib_Perdata_220 op te zoeken maar zonder resultaat

Ja beste Jean-Pierre, Het probleem is opgelost en....misteries zullen er altijd blijven. Had vanmorgen nog een klein probleempje met mijn Sitecom wireless router. Hoe dat is ontstaan is ook een misterie maar het was simpel om dat op te lossen: uninstalled oude programma, van de site van Sitecom een nieuwe driver geladen (is tegenwoordig geschikt voor alle Sitecoms!) en het liep gesmeerd! Voordat ik afsluit als OPGELOST zou ik je nogmaals hartelijk willen bedanken voor de getoonde intresse en hulp Bedankt! Groeten

Ik heb ook nog even iets kleins gedaan met Moviemaker (werk ik wel af en toe mee) en heb de indruk dat dit zeker sneller werkt maar of het in verhouding staat met de uitbreiding van 2x 1GB weet ik eigelijk niet.