haperende Windows

[Michel Ludikhuyze]

Hallo , sinds enkele weken heeft de pc kuren , soms verschijnen er andere schermen dan ik vraag , dan weer rolt de pagina automatisch naar onder , als ik iets wil schrijven in een vak rolt de cursor naar rechts , dan weer verschijnt plots het startmenu als ik iets aan het lezen ben , dan kan ik niks meer schrijven of steeds dat startmenu verschijnt weer ....pfffff

Ik heb al enkele keren de scanner laten speuren naar rommel maar die meld niks .

Ik plaats hierbij alvast een logje van HJ:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:03:27, on 12/04/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe

C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^ZO^xdm043^YY^be&ptb=B1EC1643-04DD-4748-AB24-7E67B0DAC0CA&si=pd

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-toolbaredits/menusearch.jhtml?s=202980021&p2=^UX^xdm018^YY^be&si=maps4pc&a=5BA4B94B-406D-4440-9B13-13D307AF14B2&n=2013040801&cv=3

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe

O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe

--

End of file - 8609 bytes

[clarkie]

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

[juisterr]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll

O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe

O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-toolbaredits/menusearch.jhtml?s=202980021&p2=^ UX^xdm018^YY^be&si=maps4pc&a=5BA4B94B-406D-4440-9B13-13D307AF14B2&n=2013040801&c v=3

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

- - - Updated - - -

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  startupall;
  filesrcm; 
  autoclean;
  shortcutfix;
  iedefaults; 
  
  
  
  
  

  
  

• Klik daarna op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[Michel Ludikhuyze]

OK , bedankt alvast , ik ga dit morgen fixen ,

tot dan !

[Michel Ludikhuyze]

Zo , ziehier het log :

Zoek.exe Version 4.0.0.2 Updated 08-April-2013

Tool run by Gebruiker on za 13/04/2013 at 7:07:11,81.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-436374069-1965331169-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} deleted successfully

==== Deleting CLSID Registry Values ======================

==== FireFox Fix ======================

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\7m3zp0dy.default

user.js not found

---- Lines 6vxi2otn@uyibx-kxbp.edu removed from prefs.js ----

---- Lines 6vxi2otn@uyibx-kxbp.edu modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1360832330734},\"6vxi2otn@uyibx-kxbp.edu\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\Gebruiker\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7m3zp0dy.default\\\\extensions\\\\6vxi2otn@uyibx-kxbp.edu\",\"mtime\":1362593109000},\"39ffxtbr@MapsGalaxy_39.com\":{\"descriptor\":\"C:\\\\Program Files\\\\MapsGalaxy_39\\\\bar\\\\1.bin\",\"mtime\":1365829307671}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1365709241265}}},{\"name\":\"app-profile\",\"addons\":{\"39ffxtbr@MapsGalaxy_39.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\Gebruiker\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7m3zp0dy.default\\\\extensions\\\\39ffxtbr@MapsGalaxy_39.com\",\"mtime\":1365398954234},\"6vxi2otn@uyibx-kxbp.edu\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\Gebruiker\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7m3zp0dy.default\\\\extensions\\\\6vxi2otn@uyibx-kxbp.edu\",\"mtime\":1362593109000}}}]");

---- Lines WebSearch removed from prefs.js ----

user_pref("browser.startup.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=B1EC1643-04DD-4748-AB24-7E67B0DAC0CA&n=77fc8fe0&p2=^ZO^xdm043^YY^be&si=pd");

user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");

user_pref("extensions.mywebsearch.prevKwdEnabled", true);

user_pref("extensions.mywebsearch.prevKwdURL", "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=B1EC1643-04DD-4748-AB24-7E67B0DAC0CA&n=77fc8fe0&ind=2013040608&p2=^ZO^xdm043^YY^be&si=pd&searchfor=");

user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");

user_pref("extensions.toolbar.mindspark._49Members_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=B1EC1643-04DD-4748-AB24-7E67B0DAC0CA&n=77fc8fe0&p2=^ZO^xdm043^YY^be&si=pd");

user_pref("keyword.URL", "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=B1EC1643-04DD-4748-AB24-7E67B0DAC0CA&n=77fc8fe0&ind=2013040608&p2=^ZO^xdm043^YY^be&si=pd&searchfor=");

---- Lines WebSearch modified from prefs.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

user_pref("browser.search.defaultenginename", "My Web Search");

---- Lines Web Search modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20131304_0710_.backup

==== Deleting Files \ Folders ======================

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\7m3zp0dy.default\searchplugins\my-web-search.xml" deleted

"C:\Documents and Settings\All Users\Application Data\Browse2ssaave" deleted

"C:\Program Files\BrowseToSave" deleted

"C:\Program Files\MapsGalaxy_39" deleted

"C:\Program Files\WhiteSmoke_B" deleted

"C:\found.000" deleted

"C:\Documents and Settings\All Users\Application Data\SoftSafe" deleted

"C:\Documents and Settings\All Users\Application Data\Browse2ssaave" deleted

"C:\Documents and Settings\Gebruiker\Local Settings\Application Data\CRE" deleted

"C:\Documents and Settings\Gebruiker\Local Settings\Application Data\CRE" deleted

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\7m3zp0dy.default\extensions\6vxi2otn@uyibx-kxbp.edu" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-04-10 20:56:25 51805280F311A595A85BAB179B180309 1374 ----a-w- C:\WINDOWS\imsins.BAK

====== C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp ====

====== C:\WINDOWS\system32 =====

2013-04-05 15:39:46 1FBCCC1C540ACC4EB3F718B659ED63CA 693976 ----a-w- C:\WINDOWS\System32\FlashPlayerApp.exe

2013-04-05 08:44:31 537310193B7ED6DA6640FBC5CA862FEA 4554 ----a-w- C:\WINDOWS\System32\PerfStringBackup.TMP

====== C:\WINDOWS\system32\drivers =====

2013-04-05 13:21:51 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

====== C:\WINDOWS\Tasks ======

2013-04-05 12:24:16 8CC1A3C15D31B863D5ABA2DAA53DA52F 462 ---ha-w- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6008B089-E3E7-40CA-A296-A4B92170F245}.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-04-06 06:22:58 -------- d-----w- C:\Program Files\Tyre

2013-04-05 13:15:06 -------- d-----w- C:\Program Files\Mozilla Maintenance Service

======= C: =====

====== C:\Documents and Settings\Gebruiker\Application Data ======

2013-04-08 05:29:23 -------- d-----w- C:\Documents and Settings\Gebruiker\Local Settings\Application Data\IAC

2013-04-08 05:29:22 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\MapsGalaxy_39

2013-04-06 06:23:32 -------- d-----w- C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Tyre

2013-04-06 06:23:02 -------- d-----w- C:\Documents and Settings\Gebruiker\Application Data\Tyre

2013-04-06 06:23:02 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programma's\Tyre

2013-04-06 06:23:01 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Tyre

====== C:\Documents and Settings\Gebruiker ======

2013-04-05 18:36:27 -------- d--h--r- C:\Documents and Settings\Gebruiker\Onlangs geopend

====== C: exe-files ==

2013-04-10 21:00:21 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2817183-IE8\spuninst\spuninst.exe

2013-04-10 21:00:17 A669C1B40E5D23F5EBE7EF498631B7D1 174080 -c----w- C:\WINDOWS\ie8updates\KB2817183-IE8\ie4uinit.exe

2013-04-10 10:26:28 AA964645D3A987CA87186A36DFFBF28D 5677408 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.64\26.0.1410.64_26.0.1410.43_chrome_updater.exe

2013-04-08 05:28:33 77C2C0A7868D7B7E8A670EBBCE77DAAB 111 ----a-w- C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\21TLO1TC\MAPSGALAXY[1].EXE

2013-04-08 05:28:33 57A4256D29A9F246AA29EE26A407E2CE 215088 ----a-w- C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\F4ILQV0U\MapsGalaxy[1].exe

2013-04-06 06:24:40 17C2E4281FADD04771695A94FB82D878 41472 ----a-w- C:\Documents and Settings\Gebruiker\Application Data\Tyre\gpx2itn.exe

2013-04-06 06:24:35 17C2E4281FADD04771695A94FB82D878 41472 ----a-w- C:\Documents and Settings\All Users\Application Data\Tyre\gpx2itn.exe

2013-04-06 06:24:33 0079B1B0459B2749C3A499376EE1EF68 18946816 ----a-w- C:\Program Files\Tyre\TyreLite.exe

2013-04-06 06:24:29 28C5451AE7C11FD63CB460AD07F21890 800712 ----a-w- C:\Program Files\Tyre\unins000.exe

2013-04-06 06:24:05 80EE90B85A8D46B3B7BFD5E8894DB1BD 10280757 ----a-w- C:\Documents and Settings\Gebruiker\Application Data\Tyre\TyreSetup.exe

2013-04-06 06:23:08 FF4139F975A27DBCA2D41F4A2C1ED432 40960 ----a-w- C:\Documents and Settings\Gebruiker\Application Data\Tyre\appstop.exe

2013-04-06 06:23:01 FF4139F975A27DBCA2D41F4A2C1ED432 40960 ----a-w- C:\Documents and Settings\All Users\Application Data\Tyre\appstop.exe

2013-04-06 06:23:00 DA25DE5E2662C9BC200A364DDECA9F5E 27697541 ----a-w- C:\Program Files\Tyre\Tyre.exe

2013-04-06 06:20:44 82F8161A70928EA0E258E27BAC2C1BE5 4084751 ----a-w- C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\TyreSetup.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-436374069-1965331169-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Alcmtr"

"hkey"="HKLM"

"command"="ALCMTR.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CLMLServer"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\CLML\\CLMLSvc.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DAEMON Tools Pro Agent"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\DAEMON Tools Pro\\DTAgent.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HotKeysCmds"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IgfxTray"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="KernelFaultCheck"

"hkey"="HKLM"

"command"="%systemroot%\\system32\\dumprep 0 -k"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Utility]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Logitech Utility"

"hkey"="HKLM"

"command"="Logi_MwX.Exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Optimizer Pro]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Optimizer Pro"

"hkey"="HKCU"

"command"="C:\\Program Files\\Optimizer Pro\\OptProLauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCMAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PCMAgent"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\PowerCinema\\PCMAgent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PlayMovie"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\PlayMovie\\PMVService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RTHDCPL"

"hkey"="HKLM"

"command"="RTHDCPL.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SDTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SkyTel]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SkyTel"

"hkey"="HKLM"

"command"="SkyTel.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TVEService]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TVEService"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\TV Enhance\\TVEService.exe\""

==== Startup Folders ======================

2013-04-05 16:11:17 1761 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\McAfee Security Scan Plus.lnk

2013-01-07 15:40:55 864 ----a-w- C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten\OpenOffice.org 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05/04/2013 17:39]

C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2012 20:04]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ [undertermined Task]

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\TMFP sP8c:\ProC:ram Files\Microsoft Security Client\MpCmdRun.exe []

C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDImmunize.exe []

C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDScan.exe []

C:\WINDOWS\tasks\User_Feed_Synchronization-{6008B089-E3E7-40CA-A296-A4B92170F245}.job --ah----- [undertermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\7m3zp0dy.default

- MapsGalaxy - %ProfilePath%\extensions\39ffxtbr@MapsGalaxy_39.com

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\7m3zp0dy.default

47299371607DC2FB234444EEACB1639E - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update

75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner +

A5C14075B571AF1C9592595BE724D9D2 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

2AA3703D87E1327A2290C9D416D89A28 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 13:14]

Skype Click to Call - Gebruiker - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^ZO^xdm043^YY^be&ptb=B1EC1643-04DD-4748-AB24-7E67B0DAC0CA&si=pd"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{518C2FAA-1395-4575-AA0A-6185D7ED730E}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{518C2FAA-1395-4575-AA0A-6185D7ED730E} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_nlBE474"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-436374069-1965331169-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{364EA597-E728-4CE4-BB4A-ED846EF47970} deleted successfully

HKEY_USERS\S-1-5-21-436374069-1965331169-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{364EA597-E728-4CE4-BB4A-ED846EF47970} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{364EA597-E728-4CE4-BB4A-ED846EF47970} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-436374069-1965331169-1177238915-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{364EA597-E728-4CE4-BB4A-ED846EF47970} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Documents and Settings\Gebruiker\Bureaublad\HiJackThis.lnk - C:\Documents and Settings\Gebruiker\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts on All Users Desktop ======================

C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\Documents and Settings\All Users\Bureaublad\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\All Users\Bureaublad\Tyre.lnk - C:\Program Files\Tyre\Tyre.exe

==== shortcuts in Users Start Menu ======================

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Tyre\Create or edit language file.lnk - C:\Program Files\Tyre\Tyre.exe /langedit

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Tyre\Library.lnk - C:\Program Files\Tyre\Tyre.exe /library

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Tyre\POI Manager.lnk - C:\Program Files\Tyre\Tyre.exe /pois

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Tyre\Tourist Information Manager.lnk - C:\Program Files\Tyre\Tyre.exe /tim

==== shortcuts in All Users Start Menu ======================

C:\Documents and Settings\All Users\Menu Start\Programma's\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\mcuicnt.exe SecurityScanner.dll

C:\Documents and Settings\All Users\Menu Start\Programma's\McAfee Security Scan Plus\Verwijderen.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.0.318\McAfee.ico

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Tyre\Tyre.lnk - C:\Program Files\Tyre\Tyre.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Tyre\Verwijder Tyre.lnk - C:\Program Files\Tyre\unins000.exe

==== shortcuts in Quick Launch ======================

C:\Documents and Settings\Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Mozilla\Firefox\Profiles\7m3zp0dy.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

After Reboot

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

[juisterr]

En hoe staat het met de problemen? Mag ik een controle HIjackThis logje zien aub.

[Michel Ludikhuyze]

Ik ondervind geen problemen voor zover ik hem al gebruikt heb (pc) . Wel vind ik mijn favorieten terug bij WExpl. die waren sinds enkele weken plots verdwenen .

Ziehier het logje van HJ :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:51:13, on 13/04/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe

C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - Unknown owner - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe

O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe

--

End of file - 7551 bytes

[juisterr]

Wel vind ik mijn favorieten terug lijkt me een goed ding Logje is schoon.

[Michel Ludikhuyze]

Bedankt voor de deskundige hulp ,

tot de volgende keer,

[juisterr]

Je kan de gebruikte tool verwijderen.,