Nucia Security Forums

bchelper.exe

buurtje — Thu, 17 May 2012 18:44:39 GMT

goedenavond op de computer bij het opstarten bchelper.exe melding na zoektocht hier de logs die ik gemaakt heb.Hoop dat u mij kunt helpen alvast erg bedankt

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Databaseversie: v2012.05.17.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Save :: GEBRUIK-SNS9EES [administrator]

17-5-2012 19:45:21
mbam-log-2012-05-17 (19-45-21).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen

| Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 185098
Verstreken tijd: 7 minuut/minuten, 22 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 34
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> Geen actie ondernomen.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Geen actie ondernomen.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> Geen actie ondernomen.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> Geen actie ondernomen.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> Geen actie ondernomen.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> Geen actie ondernomen.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk

(PUP.GamesPlayLab) -> Geen actie ondernomen.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki

(PUP.Funmoods) -> Geen actie ondernomen.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk

(PUP.GamesPlayLab) -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Geen actie ondernomen.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Geen actie

ondernomen.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> Geen actie

ondernomen.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> Geen

actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-

1111-110011221158} (PUP.GamePlayLab) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-

110011221158} (PUP.GamePlayLab) -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111

-1111-110011221158} (PUP.GamePlayLab) -> Geen actie ondernomen.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) ->

Succesvol in quarantaine geplaatst en verwijderd.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) ->

Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) ->

Succesvol in quarantaine geplaatst en verwijderd.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> Succesvol in quarantaine

geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Succesvol in

quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-

1111-110011221158} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en

verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-

110011221158} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en

verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111

-1111-110011221158} (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en

verwijderd.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Succesvol

in quarantaine geplaatst en verwijderd.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Succesvol

in quarantaine geplaatst en verwijderd.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-

07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This

(Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.

Registerwaarden gedetecteerd: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher

(Adware.GamePlayLab) -> Data: 215 Apps -> Succesvol in quarantaine geplaatst en

verwijderd.

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 5
C:\PROGRAM FILES\I Want This (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.
C:\Users\Save\Local Settings\Application Data\I Want This (Adware.GamePlayLab) ->

Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Save\Local Settings\Application Data\I Want This\Chrome

(Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Save\AppData\Local\I Want This (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 25
C:\Users\Save\Downloads\SoftonicDownloader_for_jlcs-internet-tv (1).exe

(PUP.BundleOffer.Downloader.S) -> Geen actie ondernomen.
C:\Users\Save\Downloads\SoftonicDownloader_for_jlcs-internet-tv.exe

(PUP.BundleOffer.Downloader.S) -> Geen actie ondernomen.
C:\Users\Save\Downloads\SoftonicDownloader_voor_jlcs-internet-tv.exe

(PUP.BundleOffer.Downloader.S) -> Geen actie ondernomen.
C:\Users\Save\Downloads\SoftonicDownloader_voor_internettv.exe

(PUP.BundleOffer.Downloader.S) -> Geen actie ondernomen.
C:\PROGRAM FILES\I Want This\I Want This.dll (PUP.GamePlayLab) -> Geen actie

ondernomen.
C:\PROGRAM FILES\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\AppData\Local\Temp\is1373634743\IWantThis_ROW.exe

(Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Save\Downloads\MediaPlayerSetup.exe (Adware.Agent) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\Downloads\PDFReaderSetup.exe (Adware.Agent) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\Downloads\FLVPlayerSetup (1).exe (Adware.Agent) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\Downloads\FLVPlayerSetup (2).exe (Adware.Agent) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\Downloads\FLVPlayerSetup (3).exe (Adware.Agent) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\Downloads\FLVPlayerSetup.exe (Adware.Agent) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\I Want This.ini (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\appAPIinternalWrapper.js (Adware.GamePlayLab) ->

Succesvol in quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\fb.js (Adware.GamePlayLab) -> Succesvol in quarantaine

geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\I Want This.exe (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\I Want This.ico (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> Succesvol

in quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) ->

Succesvol in quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\jquery.js (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\json.js (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\PROGRAM FILES\I Want This\Uninstall.exe (Adware.GamePlayLab) -> Succesvol in

quarantaine geplaatst en verwijderd.
C:\Users\Save\Local Settings\Application Data\I Want This\Chrome\I Want This.crx

(Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Save\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab)

-> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Save at 20:19:53 on 2012-05-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2038.1114 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\rundll32.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\sppsvc.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.nl
uStart Page = hxxp://search.babylon.com/?AF=119999&babsrc=HP_ss&mntrId=86f0cfd2000000000000001c26ca1a03
uDefault_Page_URL = www.google.nl
uURLSearchHooks: H - No File
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - c:\program files\dealply\DealPlyIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: {77F8C945-4B74-4BD6-A073-E0D1997EDCE8} - No File
uRun: [Google Update] "c:\users\save\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Browser companion helper] c:\program files\browsercompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
uPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{69B82999-BE54-485E-95CB-32F6ED0FD8DC} : DhcpNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{69B82999-BE54-485E-95CB-32F6ED0FD8DC}\2716E646A656C6F6679636 : DhcpNameServer = 192.168.2.1 212.54.40.25 212.54.35.25
TCP: Interfaces\{69B82999-BE54-485E-95CB-32F6ED0FD8DC}\3596475636F6D6535333136364 : DhcpNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-9 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-6-9 337880]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-6-9 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-6-9 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-4-1 44768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 257696]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-6-9 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-9 52224]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-05-06 13:24:07 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-06 13:24:07 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 13:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-08 16:50:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
2012-03-06 23:15:19 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:02:14 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01:48 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 05:59:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-06 05:59:41 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-01 05:46:57 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:37:41 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 20:20:51,05 ===============

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:40:18, on 17-5-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Save\Desktop\35r8y5oj.exe
C:\Users\Save\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Save\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=119999...00001c26ca1a03
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - (no file)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
O4 - HKCU\..\Run: [Google Update] "C:\Users\Save\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

--
End of file - 5191 bytes

Msn

Mark1994 — Thu, 17 May 2012 16:58:13 GMT

Hey,

Is het mogelijk een gewone MSN te downloaden, niet zo'n een apparte, gewoon de normale, Google helpt me niet.:(

probleem met verkenner bij opstarten

robit — Thu, 17 May 2012 15:33:37 GMT

heej

ik ben nieuw hier
en ik hoop dat jullie op mijn vraag een antwoord kunnen geven

ik heb op mijn asus laptop (w7) nog niet zo lang geleden een virus gehad.
mijn computer werd overgenomen en ze bestuurden de muis en dergelijke.
ik heb hem verwijderd met Mbam en ik heb er nu geen last meer van maar tijdens
het zoeken naar het virus heb ik perongeluk explorer.exe afgesloten bij taakbeheer...

sindsdien doet de laptop enorm raar (ik weet niet of het door het virus is of door het afsluiten van explorer.exe)

bij het opstarten nadat ik mijn gebruikersnaam en wachtwoord heb ingetypt komt er een melding dat er een probleem is met windows verkenner en dat hij zoekt naar een oplossing.
9 van de 10 keer begint hij dan opnieuw met zoeken en blijft hij dat doen.

soms stopt hij en zegt hij dat hij geen oplossing gevonden krijgt en afsluit.
dan sluiten alle vensters en de taakbalk verdwijnt.
de enige manier om dan weg te komen is ctrl+alt+del en den afsluiten

heel soms dan heeft hij een oplossing gevonden en is er verder niks aan de hand.

na dat virus doen ook mijn Fn toetsen het niet meer (maar ik ben nog bezig met de drivers daarvan te updaten)

ik hoop jullie hierbij zoveel mogelijk geinformeerd te hebben
als je nog wat wil weten moet je het maar vragen

hier de Mbam logje :

Malwarebytes Anti-Malware (-evaluatieversie-) 1.61.0.1400
www.malwarebytes.org

Databaseversie: v2012.05.17.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Olieslagers :: OLIESLAGERS-PC [administrator]

Realtime bescherming: Ingeschakeld

17-5-2012 17:45:45
mbam-log-2012-05-17 (17-45-45).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 218154
Verstreken tijd: 2 minuut/minuten, 27 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 2
HKCU\Software\DC3_FEXEC (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 1
C:\Users\Olieslagers\AppData\Local\Temp\dclogs (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 4
C:\Users\Olieslagers\AppData\Local\Temp\72638.exe (Trojan.MSIL.Gen) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Olieslagers\Local Settings\Temporary Internet Files\Content.IE5\9FG2526C\My New 2012 Car[1].exe (Trojan.MSIL.Gen) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Olieslagers\AppData\Local\Temp\dclogs\201 2-05-16-4.dc (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Olieslagers\AppData\Local\Temp\dclogs\201 2-05-17-5.dc (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

ik twijfelde welke ik moest plaatsen dus ik plaats ze maar allebei :$

2012/05/17 10:49:03 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 67.215.246.204 (Type: outgoing, Port: 59203, Process: bittorrent.exe)
2012/05/17 11:01:24 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 222.71.163.133 (Type: outgoing, Port: 15009, Process: bittorrent.exe)
2012/05/17 11:01:32 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 220.248.241.197 (Type: outgoing, Port: 15009, Process: bittorrent.exe)
2012/05/17 11:01:56 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 89.28.104.175 (Type: outgoing, Port: 15009, Process: bittorrent.exe)
2012/05/17 11:16:59 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 11:17:01 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 11:17:04 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 11:17:05 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 11:38:10 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 11:38:12 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 11:38:15 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 11:38:16 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 11:53:54 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 85.234.173.212 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 12:54:16 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Executing scheduled update: Daily
2012/05/17 12:54:28 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Scheduled update executed successfully: database updated from version v2012.05.16.03 to version v2012.05.17.02
2012/05/17 12:54:28 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting database refresh
2012/05/17 12:54:28 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Stopping IP protection
2012/05/17 12:55:15 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection stopped
2012/05/17 12:55:17 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Database refreshed successfully
2012/05/17 12:55:17 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 12:55:18 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 15:27:17 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 188.130.177.120 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 15:50:13 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 15:50:16 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 15:50:19 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 15:50:20 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 15:50:27 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 85.234.162.208 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 15:59:35 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 15:59:37 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 15:59:40 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 15:59:41 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 16:16:03 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 16:16:05 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 16:16:08 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 16:16:09 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 16:34:02 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 16:34:02 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Executing scheduled update: Daily
2012/05/17 16:34:04 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 16:34:04 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Database already up-to-date
2012/05/17 16:34:07 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 16:34:07 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 16:34:23 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 89.28.40.240 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 16:34:39 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 60.172.230.113 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 16:42:52 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 16:42:53 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 16:42:56 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 16:42:57 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully
2012/05/17 16:43:21 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 67.215.246.204 (Type: outgoing, Port: 49411, Process: bittorrent.exe)
2012/05/17 16:43:21 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 67.215.246.204 (Type: outgoing, Port: 49412, Process: bittorrent.exe)
2012/05/17 16:58:48 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 89.28.14.94 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 16:58:48 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 87.251.151.128 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 16:58:56 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 222.64.97.239 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 17:29:36 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 83.128.53.167 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 17:31:54 +0200 OLIESLAGERS-PC Olieslagers IP-BLOCK 58.240.105.187 (Type: outgoing, Port: 30195, Process: utorrent.exe)
2012/05/17 17:52:08 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting protection
2012/05/17 17:52:10 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Protection started successfully
2012/05/17 17:52:13 +0200 OLIESLAGERS-PC Olieslagers MESSAGE Starting IP protection
2012/05/17 17:52:13 +0200 OLIESLAGERS-PC Olieslagers MESSAGE IP Protection started successfully

nu het DDS log bestand:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.0
Run by Olieslagers at 18:06:23 on 2012-05-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4008.2143 [GMT 2:00]
.
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\FBAgent.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbhelper.dll
uURLSearchHooks: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll
mURLSearchHooks: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Hyperionics DB Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll
TB: uTorrentBar_NL Toolbar: {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [DMWmicrosoft] C:\Users\Olieslagers\AppData\Local\Temp\hTIcT.exe
uRun: [java32] C:\Users\Olieslagers\AppData\Roaming\java32.exe
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [NWEReboot]
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\OLIESL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Free YouTube to MP3 Converter - C:\Users\Olieslagers\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: Interfaces\{09CF6340-0104-486C-8C9C-9787A6C80B18} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{09CF6340-0104-486C-8C9C-9787A6C80B18}\3465F486F6473707F647A556E69647 : DhcpNameServer = 10.10.10.1 10.0.0.200
TCP: Interfaces\{09CF6340-0104-486C-8C9C-9787A6C80B18}\3667F686F6473707F64736572737963747 : DhcpNameServer = 10.10.10.1 10.0.0.200
TCP: Interfaces\{09CF6340-0104-486C-8C9C-9787A6C80B18}\46C696E6B6 : DhcpNameServer = 195.130.131.132 192.168.0.1
TCP: Interfaces\{09CF6340-0104-486C-8C9C-9787A6C80B18}\77962756C6563737 : DhcpNameServer = 10.0.0.2
TCP: Interfaces\{09CF6340-0104-486C-8C9C-9787A6C80B18}\8414C4 : DhcpNameServer = 10.10.10.1 10.0.0.200
TCP: Interfaces\{2AF89CE6-C863-451F-8B1E-8BE87B75ACDE} : DhcpNameServer = 10.0.0.2
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{1CA1377B-DC1D-4A52-9585-6E06050FAC53}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{87775fdb-6972-41f9-ae51-8326e38cb206}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{338B4DFE-2E2C-4338-9E41-E176D497299E}
{87775fdb-6972-41f9-ae51-8326e38cb206}
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [NWEReboot]
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Olieslagers\AppData\Roaming\Mozilla\Firefox\Profiles\dqwa4zwi.default\
FF - prefs.js: keyword.URL - hxxp://www.bigseekpro.com/search/toolbar/hypercam/{DF38098E-9456-45AD-ACB1-96C28614C8F6}?q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-28 2343816]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-13 654408]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-23 2009704]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-27 241488]
R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-23 2655768]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 257696]
S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-13 267480]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-13 135664]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PAC207;SoC PC-Camera;C:\Windows\system32\DRIVERS\PFC027.SYS --> C:\Windows\system32\DRIVERS\PFC027.SYS [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-05-17 16:00:15 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{7CFA1BA2-589F-48A2-9EB5-CB811CF1DF93}
2012-05-17 15:59:44 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{9CF4BF77-F10C-44F2-A1A1-F83F031826E9}
2012-05-17 15:51:39 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{8E8D734A-02A2-4B33-A2FB-1132F8832F02}
2012-05-17 15:51:12 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{5D4E9665-E1E0-41B1-8293-EEC84DADAB5C}
2012-05-17 14:53:00 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{161A0976-6F9B-4F7D-8815-4CC06DEF41AC}\mpengine.dll
2012-05-17 14:41:31 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{5C18A823-DCAF-4DAF-B620-FAB51481FE2F}
2012-05-17 14:33:54 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{92D2C26D-3871-4D61-BF4D-8DFF138B39CF}
2012-05-17 14:33:25 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{E770FFF1-C6F9-4581-B3F9-F284672EC0DD}
2012-05-17 14:31:40 8917360 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-17 14:14:52 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{26900535-6387-49D3-A6EB-C2810D892747}
2012-05-17 14:14:36 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{E88810AC-4359-4D01-BC11-4BCDE0215A5F}
2012-05-17 13:58:18 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{F2F0CD67-CC5F-453A-A594-78B4BFB5DA08}
2012-05-17 13:58:06 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{12769964-7A32-4204-AFEC-682DA19C0CCE}
2012-05-17 13:49:12 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{14341784-4A76-4683-A23E-123EBEACB731}
2012-05-17 13:48:54 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{F7DFFB81-EC82-4BE3-91DF-571ABC14D11D}
2012-05-17 13:45:57 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{B8F7BFDF-F615-40C8-8B32-D74B443F75A7}
2012-05-17 13:45:30 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{004EBAF7-FD92-40BC-945E-9B9B249322C8}
2012-05-17 09:37:10 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{73923542-593D-4259-8DF7-E68DF02FD58B}
2012-05-17 09:36:54 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{9AFB0709-FED7-4736-802B-FF4CD7DB6998}
2012-05-17 09:24:41 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{642C90CE-DEC8-41A9-810F-ED9657AAE1EF}
2012-05-17 09:16:00 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{0C2C866A-8A32-490D-802D-D06C45237BBD}
2012-05-17 09:15:44 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{6D2826F4-61E8-479D-BB40-DEA744DCD9A2}
2012-05-16 11:44:38 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{D0118D67-EE53-423F-B6B6-03863C221718}
2012-05-16 11:44:22 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{CE026938-BCF1-4462-A035-C0AD269DD10D}
2012-05-16 11:40:57 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{0C97808C-C89A-4D54-92E7-5CE23F672741}
2012-05-16 11:40:27 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{8D5A11E9-0265-4E8B-9D35-CDD404C84332}
2012-05-16 11:39:39 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{621DC191-FA63-47A9-A11D-DBDDEE084C61}
2012-05-16 11:39:28 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{293162F6-9512-40EA-A53A-72A6F24CAD53}
2012-05-16 11:35:58 -------- d-----w- C:\Program Files\Synaptics
2012-05-16 11:12:13 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{5C7FEFC6-D220-40E0-9D11-801C1288754B}
2012-05-16 11:11:47 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{697339ED-92DF-40FD-B145-F50601606B59}
2012-05-16 11:07:48 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{E548FA98-8D4F-4148-B21E-F4FF1AED725B}
2012-05-16 11:07:36 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{4F8F1AE6-50A7-41AA-BCBF-E82B75ECD55D}
2012-05-15 15:20:54 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{33EB5716-F559-439F-9646-3E32C57FD6F3}
2012-05-15 15:20:26 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{2471B110-4C55-403E-B566-6678E8A4F45B}
2012-05-15 04:57:24 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{1B31EBEC-889C-43B0-A5CE-9F69010A3A4B}
2012-05-15 04:57:09 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{5FD5C532-A6B1-4C29-A672-D8D80896B7ED}
2012-05-14 14:41:25 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{DC581BDC-865F-4C73-B44F-400ADC498081}
2012-05-14 14:41:08 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{D31C85B2-21E5-4F3F-AF2D-C6E89EB979AD}
2012-05-14 05:03:04 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{B6C3D9F3-7248-4251-9322-82CC1462B06E}
2012-05-13 20:40:57 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{661BA32E-5761-44CC-89C5-859EB0E0A298}
2012-05-13 20:19:47 772552 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-05-13 20:14:54 955848 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-05-13 20:14:54 839112 ----a-w- C:\Windows\System32\deployJava1.dll
2012-05-13 18:58:56 -------- d-----w- C:\Users\Olieslagers\AppData\Roaming\Malwarebytes
2012-05-13 18:58:51 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-13 18:58:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-13 18:58:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-13 18:57:44 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{2B27C1A1-F941-4EAF-A332-AD353BF502FC}
2012-05-13 18:57:21 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{240A35E6-541B-42D6-900D-FAD57A0097E7}
2012-05-13 18:48:22 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{C3B13C71-B044-4E13-AC3F-B094C800E133}
2012-05-13 18:47:49 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{5A209CFE-BFB2-4E59-BC4A-997854FE047E}
2012-05-13 17:59:32 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{A9EACC3D-30DF-4001-A967-9FEFA6952483}
2012-05-13 17:54:05 252712 ----a-w- C:\Windows\ETDUninst.dll
2012-05-13 17:28:10 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{08AA98F4-91F5-4239-8BF5-9824F768D61F}
2012-05-13 17:24:53 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{2363C69C-CD6C-4542-8E3F-6DFE67E07634}
2012-05-13 17:17:11 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{E1085FEF-9005-4ED7-B7E3-DE66E69F50BD}
2012-05-13 17:16:57 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{BCA5ADB2-B51E-4ABA-A02E-7C996ADEF744}
2012-05-13 10:26:38 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{A98D096E-D80F-454B-B5BC-B17E78E6C707}
2012-05-13 10:26:06 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{EF94ED88-715B-48C5-93AA-11F5CE1EDA4F}
2012-05-13 09:33:38 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A8908863-108B-4210-8C55-E9AD04098450}\gapaengine.dll
2012-05-13 09:33:03 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-13 09:27:49 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-05-13 09:27:33 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-05-11 21:15:42 -------- d-----w- C:\Users\Olieslagers\AppData\Local\LogMeIn Hamachi
2012-05-11 21:15:11 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-05-09 05:06:14 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{473D8F0F-8C89-4944-8B0F-E93134C2FC99}
2012-05-09 05:06:03 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{257ED48F-9574-473B-8B20-0661E0656067}
2012-05-08 19:18:10 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-08 19:18:10 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-08 19:18:09 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-08 19:18:08 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-08 19:18:07 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-08 19:18:06 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-08 19:17:41 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-08 19:17:31 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-08 19:17:30 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-08 19:17:30 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-08 19:17:30 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-08 19:17:29 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-08 19:17:29 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-06 19:10:32 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{824B98CB-D872-4FD3-9836-53FBD1D614C2}
2012-05-06 19:10:15 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{C0379FD3-3F7E-4F98-91BE-369AA06E79AF}
2012-05-03 15:10:05 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{45628575-84DD-4224-B7CE-DD58A8638211}
2012-05-03 15:09:50 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{BD002554-C088-46F5-A05A-2FA5E2E33424}
2012-05-01 10:38:20 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{34203C02-C199-483D-8F64-2B3B7EDB9374}
2012-05-01 10:38:00 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{28816E7E-0675-4778-A304-DE1A38CE75C6}
2012-05-01 09:59:07 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{F11D9550-474E-4AD5-9297-8D1B578406DF}
2012-04-30 20:47:31 558592 ----a-w- C:\Users\Olieslagers\AppData\Roaming\java32.exe
2012-04-29 20:18:18 -------- d-----w- C:\jagex_cache
2012-04-29 12:31:45 -------- d-----w- C:\Users\Olieslagers\jagexcache
2012-04-29 12:02:43 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{5ED6F1AD-2397-4DE7-BE69-412D35E3758C}
2012-04-29 12:02:27 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{2C4CD525-4152-4CD3-A7A7-D67A1CDC01A2}
2012-04-28 23:25:37 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{F7D977B8-DB80-405D-937A-AE7353C9129A}
2012-04-28 23:24:01 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{C13F3748-1B55-4DA0-B76C-E440BFC05488}
2012-04-28 15:48:22 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{B24C8075-B746-47C1-8494-F38EC37203BF}
2012-04-28 15:48:07 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{4DE47A43-D6B6-4DC9-BED2-562896C815D3}
2012-04-24 05:59:49 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{AC38A108-A16D-4CCA-ABAA-4D82EA1BB39A}
2012-04-24 05:59:34 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{179E1616-C368-4D79-BE7A-8356959393D9}
2012-04-23 15:41:32 -------- d-----w- C:\Program Files (x86)\Free Mouse Auto Clicker
2012-04-22 09:29:14 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{042258E5-0C4E-4FCB-B877-B9583A0872CA}
2012-04-22 09:28:58 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{CE356724-F0AA-4DBD-9544-FAA948C48B31}
2012-04-21 22:08:49 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{B8E7A909-42E4-4586-A4E7-876113521A54}
2012-04-21 22:08:27 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{E683375F-651D-4CDB-9DFE-442630E45C0A}
2012-04-21 09:50:30 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{2C354A88-B0AD-410F-928D-C8BD9BCDE644}
2012-04-21 09:50:13 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{ACFC55B9-77E9-444C-8FE7-F4113737D1C7}
2012-04-20 11:54:13 -------- d-----w- C:\Users\Olieslagers\AppData\Roaming\OpenOffice.org
2012-04-20 11:28:43 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{251F9FA9-3888-42BD-831E-4CEA61113DFE}
2012-04-20 11:28:32 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{2ED1722B-8227-4130-8D94-38E443720AF5}
2012-04-19 21:15:35 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{CB6A683C-4CA8-456D-8F12-3AFEEB785BA6}
2012-04-19 21:15:19 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{34074930-53B7-4BC8-8AAF-15F3CFBB8858}
2012-04-18 14:41:56 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{5ED1A49A-CB4C-431D-B98F-2012528539E4}
2012-04-18 14:41:29 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{2E84FF19-175A-4E1D-9372-98280ED34479}
2012-04-18 11:17:41 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{E90903F1-CF17-431C-8BE1-FA430FB8902C}
2012-04-18 11:17:20 -------- d-----w- C:\Users\Olieslagers\AppData\Local\{3F4AE1B9-3247-40AD-9C9F-C2FA1C9D4036}
2012-04-17 18:14:58 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
.
==================== Find3M ====================
.
2012-05-17 14:32:05 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-05-13 20:19:22 687560 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-05 17:51:25 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 17:51:25 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 17:51:21 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 18:07:02,24 ===============

ik hoop dat ik het zo een beetje goed heb gedaan en als het niet zo is moet je het even zeggen
MVG Tibor

probleem met verkenner bij opstarten

robit — Thu, 17 May 2012 15:10:11 GMT

heej

ik ben nieuw hier ;)
en ik hoop dat jullie op mijn vraag een antwoord kunnen geven

ik heb op mijn asus laptop (w7) nog niet zo lang geleden een virus gehad.
mijn computer werd overgenomen en ze bestuurden de muis en dergelijke.
ik heb hem verwijderd met Mbam en ik heb er nu geen last meer van maar tijdens
het zoeken naar het virus heb ik perongeluk explorer.exe afgesloten bij taakbeheer...

sindsdien doet de laptop enorm raar (ik weet niet of het door het virus is of door het afsluiten van explorer.exe)

bij het opstarten nadat ik mijn gebruikersnaam en wachtwoord heb ingetypt komt er een melding dat er een probleem is met windows verkenner en dat hij zoekt naar een oplossing.
9 van de 10 keer begint hij dan opnieuw met zoeken en blijft hij dat doen.

soms stopt hij en zegt hij dat hij geen oplossing gevonden krijgt en afsluit.
dan sluiten alle vensters en de taakbalk verdwijnt.
de enige manier om dan weg te komen is ctrl+alt+del en den afsluiten

heel soms dan heeft hij een oplossing gevonden en is er verder niks aan de hand.

na dat virus doen ook mijn Fn toetsen het niet meer (maar ik ben nog bezig met de drivers daarvan te updaten)

ik hoop jullie hierbij zoveel mogelijk geinformeerd te hebben
als je nog wat wil weten moet je het maar vragen

MVG Tibor

Laptop trager

WouterE — Thu, 17 May 2012 13:59:12 GMT

Goedemiddag,

Mijn laptop is de laatste paar dagen een stuk trager geworden en bij het muziek afspelen hapert hij af en toe. Norton heb ik al gedraaid, maar die heeft niets kunnen vinden. Zou iemand een blik op mijn laptop kunnen/willen werpen? Ik ben begonnen met een hijackthis-logje, maar daar had mijn computer al problemen mee:

Dank alvast!

Hama usb 2.0 Card Reader 35 in 1 werkt niet meer.

Econz — Thu, 17 May 2012 11:25:18 GMT

Beste Nucia,

Ik heb sinds 2 jaar een Card Reader in gebruik van het merk : Hama Cardreader/Writer 35 in 1, USB 2.0.
Hij heeft het vanaf het begin altijd goed gedaan.
Nu heb ik de cardreader al een hele tijd (ongeveer een jaar) niet meer gebruikt en nu wilde ik hem weer gaan gebruiken aangezien ik iets op een sd-kaartje wil zetten, maar hij geeft een foutcode weer (Dit apparaat start niet. (Code 10) ).

Ik heb van alles geprobeerd:

1. andere usb-poort
2. apparaat verwijderd,pc opnieuw opgestart, cardreader weer in een usb-poort geplugged.
3. stuurprogramma proberen te updaten, maar de pc geeft weer dat er geen betere of nieuw stuurprogramma wordt gevonden.

De pc herkent de cardreader wel (usb-geluidje), maar er wordt geen station weergegeven, ook niet als ik een ander (leeg) SD-kaartje in de reader stop.
Voorheen kon ik het station aanklikken en kijken wat er op de sd-kaart stond nadat ik deze in de cardreader plugde.
Dat doet hij nu niet meer.

Ook heb ik op de site van Hama gekeken of ik daar een stuurprogramma kon downloaden.

Code:

00034630 / Cardreader/Writer 35:1, USB 2.0         WIN 2000 SP4/XP SP2         1.24 [12,20 MB]         

00034634 / CardReaderWriter 35in1, USB 2.0         WIN ME/XP         Icon Tool [2,88 MB]         

00034634 / CardReaderWriter 35in1, USB 2.0         WIN 98SE/2000         2.14 [2,88 MB]         

00034634 / CardReaderWriter 35in1, USB 2.0         MAC OS 9.x         1.0b [0,04 MB]

Het gekke hiervan is, dat er nergens een driver staat voor Windows 7, terwijl deze cardreader het WEL altijd heeft gedaan op mijn Windows 7 PC.
Toch bestaat er geen W7 driver voor mijn Hama cardreader.

Weet iemand wat de oplossing is, om de cardreader weer te laten functioneren zoals hij dat voorheen ook heeft gedaan?

Alvast bedankt!

Pederoco is jarig!

Tom Poes — Thu, 17 May 2012 07:54:59 GMT

Vandaag is Pederoco jarig.

Van harte gefeliciteerd, Peter!

Foutmelding 800B0100 bij Windows Update: Windows Service Pack 1 (KB976932)

Sander1985 — Wed, 16 May 2012 21:24:46 GMT

Hallo,

Ik kreeg elke keer een foutmelding bij de Windows Update: Windows Service Pack 1 (KB976932). Alle andere updates voert hij wel goed uit, alleen bij de Service Pack krijg ik een foutmelding (800B0100).
Graag hulp om dit op te lossen.

Alvast bedankt!

Met vriendelijke groet,
Sander van Mill

Probleem met scrollwiel muis.

valord — Wed, 16 May 2012 20:36:58 GMT

Beste mensen van nucia,

Eergisteren schafte ik me een nieuwe muis aan, namelijk de Logitech Corded Mouse M500. Echter heb ik vandaag opgemerkt dat de muis problemen heeft bij het scrollen, blijkbaar beweegt het wiel wanneer er met de muis bewogen word ( geen idee of dat mag). Maar vooral het feit dat de muis nogal wat springt bij het scrollen irriteert me, namelijk wanneer ik omlaag scroll springt de muis omhoog. Ik denk dat de sensitiviteit te hoog is voor mijn nogal grote handen, enig idee waar ik deze kan aanpassen of waaraan het probleem zou kunnen liggen?

Ge�nfecteerd

ARGUS — Wed, 16 May 2012 20:27:12 GMT

Acer eConsole 16-5-2012 1.2.23.0
Acer eMode Management 16-5-2012 2.0.18.1
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 16-5-2012 11.2.202.235
Adobe Shockwave Player 11.6 Adobe Systems, Inc. 16-5-2012 11.6.5.635
Athlon 64 Processor Driver 16-5-2012 1.2.2.2
Avira Free Antivirus Avira 16-5-2012 12.0.0.1125
Babylon Babylon 16-5-2012
Babylon toolbar on IE 16-5-2012
CCleaner Piriform 16-5-2012 3.18
CleanUp! 16-5-2012
DelinvFile - 4.04 Assistance and Resources for Computing, Inc. 30-4-2012 4.04
Foxit Reader 5.1 Foxit Corporation 2-4-2012 5.1.4.104
Greenshot 2-4-2012
HiJackThis Trend Micro 2-4-2012 0,38 MB 1.0.0
Java(TM) 7 Update 4 Oracle 9-5-2012 99,4 MB 7.0.40
JavaFX 2.1.0 Oracle Corporation 9-5-2012 21,3 MB 2.1.0
Malwarebytes Anti-Malware versie 1.61.0.1400 Malwarebytes Corporation 10-4-2012 1.61.0.1400
Microsoft .NET Framework 1.1 10-4-2012
Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft 27-1-2005 3,24 MB 1.1.4322
Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 9-5-2012 188,3 MB 2.2.30729
Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 9-5-2012 240 MB 3.2.30729
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 9-5-2012
Microsoft IntelliPoint 8.2 Microsoft Corporation 5-5-2012 8.20.468.0
Microsoft Silverlight Microsoft Corporation 9-5-2012 45,3 MB 5.1.10411.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 5-5-2012 10,5 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 6-5-2012 10,5 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 6-5-2012 15,0 MB 10.0.40219
NTI Backup NOW! 4 NewTech Infosystems 27-1-2005 4
NTI CD & DVD-Maker NewTech Infosystems 27-1-2005 7
NTI HomeVideo-Maker ArcSoft 16-5-2012
PC Speed Up - Volledige uninstall Speedchecker Limited 16-5-2012 2.3.17
PowerDVD 16-5-2012
Realtek AC'97 Audio Realtek Semiconductor Corp. 6-5-2012 5.36
Revo Uninstaller Pro 2.5.8 VS Revo Group, Ltd. 30-4-2012 2.5.8
SlimDrivers SlimWare Utilities, Inc. 5-5-2012 25,5 MB 2.2.20441
Speccy Piriform 16-5-2012 1.16
SpywareBlaster 4.4 Javacool Software LLC 16-5-2012 4.4.0
SUPERAntiSpyware SUPERAntiSpyware.com 16-5-2012 5.0.1146
Tweaking.com - Advanced System Tweaker Tweaking.com 16-5-2012 1.0.2
Tweaking.com - Windows Repair (All in One) Tweaking.com 16-5-2012 1.7.2
VIA Platform apparaatbeheer VIA Technologies, Inc. 2-4-2012 1.34
VirusTotal Uploader 2.0 16-5-2012
VLC media player 2.0.1 VideoLAN 16-5-2012 2.0.1
Wajam Wajam 16-5-2012 1.42
Windows XP Service Pack 3 Microsoft Corporation 2-4-2012 20080414.175804
WinRAR 4.11 (32-bit) win.rar GmbH 16-5-2012 4.11.0
Yontoo 1.10.02 Yontoo LLC 16-5-2012 1.10.02

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:28:42, on 16-5-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17109)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VIA\RAID\vialogsv.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Babylon\Babylon-Pro\TC\BabylonTC.exe
C:\Program Files\PC Speed Up\PCSUService.exe
C:\Program Files\Wajam\Updater\WajamUpdater.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=17425
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Greenshot] "C:\Program Files\Greenshot\Greenshot.exe"
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\PC Speed Up\PCSpeedUp.lnk
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1334090076671
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorie�n - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\PC Speed Up\PCSUService.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe
O23 - Service: WajamUpdater - Wajam - C:\Program Files\Wajam\Updater\WajamUpdater.exe

--
End of file - 8355 bytes

Zeventien kwetsbaarheden verholpen in QuickTime voor Windows

pascal247 — Wed, 16 May 2012 10:38:20 GMT

Apple verhelpt zeventien kwetsbaarheden in QuickTime voor Windows

Waarschuwing voor:

Programma: Apple Quicktime
Versie: eerder dan 7.7.2
Besturingssysteem: Microsoft Windows
Alert ID: WD-2012-046
Gepubliceerd via: Website
Datum laatste wijziging: 16 Mei 2012

Korte omschrijving
Apple heeft een update (versie 7.7.2) beschikbaar gesteld voor de mediaspeler QuickTime. Hiermee verhelpt Apple diverse beveiligingslekken.

Hoe los ik het op?
- Microsoft Windows
Apple QuickTime kan je automatisch updaten. Dit doe je door in het QuickTime help-menu voor de optie 'Bestaande software bijwerken...' te kiezen (Engelse versie QuickTime: 'Update existing software...').

- Handmatig
Je kunt de update van QuickTime ook handmatig installeren vanaf de volgende pagina:
QuickTime 7.7.2 voor Microsoft Windows: http://www.apple.com/quicktime/download/

Loopt mijn computer risico?
Je computer loopt een risico als je gebruik maakt van Apple QuickTime op Windows met een versie lager dan 7.7.2.

Twijfel je of je QuickTime op je computer ge�nstalleerd hebt, dan kun je dit onder Windows als volgt controleren:

Kies in het startmenu voor 'Instellingen' -> 'Configuratiescherm' (Engelse versie: 'Settings' -> 'Control Panel')
Klik in het configuratiescherm op 'Software' (Engelse versie: 'Add or Remove Programs')
Je ziet een overzicht van de ge�nstalleerde software. Kijk in de lijst of Apple QuickTime op je computer ge�nstalleerd is.

Wat kan er gebeuren?
Een aanvaller krijgt via het misbruiken van de beveiligingslekken de controle over je computer. Zo is het mogelijk dat:

Persoonlijke gegevens, zoals wachtwoorden of creditcardgegevens, in handen van kwaadwillenden komen.
Essenti�le computerbestanden worden verwijderd, waardoor je computer niet meer werkt.
Bestanden worden herschreven, waardoor deze niet meer bruikbaar zijn.
Je computer wordt ingezet bij aanvallen gericht op andere computers op internet zonder dat je dit merkt (zie hiervoor ook de botnetfilm van Waarschuwingsdienst.nl).
Je computer wordt gebruikt voor het versturen van spam zonder dat je dit merkt.
Opnamemogelijkheden voor geluid of beeld (jouw webcam) zonder dat je het merkt van buitenaf worden aangezet en bediend. Jij, jouw huisgenoten en jouw eigendommen worden zo ongemerkt afgeluisterd of bekeken door iemand van buiten.

Waar vind ik meer informatie?
Meer informatie is te vinden op de Apple support website:
http://support.apple.com/kb/HT5261

Waarschuwingsdienst.nl

Kwetsbaarheden verholpen in Opera

pascal247 — Wed, 16 May 2012 07:35:53 GMT

Kwetsbaarheden verholpen in Opera

Waarschuwing voor:

Programma: Opera
Versie: eerder dan 11.63
Besturingssysteem: Apple Mac OS X, Linux Linux, Microsoft Windows, UNIX UNIX
Alert ID: WD-2012-045
Gepubliceerd via: Website
Datum laatste wijziging: 15 Mei 2012

Korte omschrijving
Opera verhelpt verschillende kwetsbaarheden in haar webbrowser met het uitgeven van versie 11.64.

Hoe los ik het op?
Opera heeft versie 11.64 uitgebracht waarin de kwetsbaarheden zijn verholpen. Je kunt deze versie handmatig of automatisch downloaden op onderstaande manieren:

Automatisch downloaden:

Ga naar 'Help' en kies voor de menu-optie 'controleren op updates' (Engelse versie 'check for updates').

Handmatig downloaden:

http://www.opera.com/download

Loopt mijn computer risico?
Heb je versie 11.63 of eerder van de Opera webbrowser ge�nstalleerd? Dan is je computer kwetsbaar. Je kunt op de volgende manier controleren van welke versie van Opera je op dit moment gebruikt:

Start Opera.
Ga naar 'Help' en kies voor de menu-optie 'Over Opera'.
De gebruikte versie van Opera wordt aan je getoond in een nieuwe pagina.

Wat kan er gebeuren?
Installeer je deze update niet, dan kan een aanvaller gebruik maken van de kwetsbaarheid en zo controle krijgen over je computer. Dit kan tot gevolg hebben dat:

(Persoonlijke) Gegevens, zoals wachtwoorden of creditcardgegevens, in handen van kwaadwillenden komen.
Essenti�le computerbestanden worden verwijderd, waardoor de computer niet meer werkt.
Bestanden worden herschreven waardoor deze niet meer bruikbaar zijn.
Uw computer wordt ingezet bij aanvallen gericht op andere computers op het internet zonder dat je dit merkt.

Waar vind ik meer informatie?
Je kunt meer informatie vinden in de onderstaande (Engelstalige) beveiligingsadviezen van Opera.
Windows versie: http://www.opera.com/docs/changelogs/windows/1164/
Linux versie: http://www.opera.com/docs/changelogs/unix/1164/
Mac versie: http://www.opera.com/docs/changelogs/mac/1164/

Waarschuwingsdienst.nl

Internet explorer firefox en andere programma's reageren niet meer

jeke — Tue, 15 May 2012 17:57:34 GMT

Zelfs malwarebytes reageert niet als ik scan enkel in veilige modus kan ik scannen. Het is de eerste keer dat ik dit voor heb p mijn laptop met windows 7 starter en ik denk dat er een serieus probleem is.
Ik stuur hierbij de scan van malwarebytes in veilige modus maar deze vind dus niets. In gewone stand krijg ik steeds de melding dat het programma niet meer reageerd ook als ik op het icoon computer klik en de schijf boot c zie daar staat een raar teken van windows denk ik of een shil dat in veilige modus niet aanwezig is.
Is er iemand die me kan helpen want dit heb ik nog nooit mee gemaakt dat alle programma's heel traag op starten en niet meer reageren zelfs schijf defragmentatie wil niet werken. Ook het log bestand van malwarebytes gaat traag open ik ben nu al een minuut aan het wachten en de log is nog steeds niet geopent.

Help met het kiezen van nieuwe laptop!

Moziffi — Tue, 15 May 2012 15:10:41 GMT

Ik mag binnenkort een laptop uitkiezen voor €500 of iets meer.
Bij Dixons hebben we een in het oog: http://www.dixons.nl/laptop-tablet/n...tm-b960-1.html
Ook bij BCC geweest maar daar was alles veel te duur.
Kunnen jullie aub advies geven over de prijs & kwaliteitsverhouding?
Mijn ouders zegge dat HP beste is.

Thanks:D

verwijderen, verkeerd geplaatst topic

Moziffi — Tue, 15 May 2012 13:43:43 GMT

Dit topic verwijderen. Nieuwe aangemaakt op de goede forum!

Rare programma�s/mappen

Michael1996 — Tue, 15 May 2012 13:39:27 GMT

sinds gisteren komen er steeds onbekende programma's en mappen onder op de werkbalk te staan. Als ik mijn muis erop houd staat er niks in de programma's/mappen. Bij klikken gaan ze weg. Ik weet niet zeker of het malware is, maar het is erg irritant. Ik heb al een volledige scan gedaan met mbam en de virusscanner van windows 8, daarbij was niks gevonden.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:37:44, on 15-5-2012
Platform: Unknown Windows (WinNT 6.02.0058)
MSIE: Internet Explorer v10.0 (10.00.8250.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\PROGRA~2\SABnzbd\SABnzbd.exe
C:\Users\michael\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Iomega Storage Manager\IomegaStorageManager.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?PC=BNHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKCU\..\Run: [EPSON0020B1 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE /FU "C:\Users\michael\AppData\Local\Temp\E_S917E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\michael\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2111011055-3715268814-2444765668-1001\..\Run: [EPSON0020B1 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE /FU "C:\Users\michael\AppData\Local\Temp\E_S917E.tmp" /EF "HKCU" (User '?')
O4 - HKUS\S-1-5-21-2111011055-3715268814-2444765668-1001\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" (User '?')
O4 - HKUS\S-1-5-21-2111011055-3715268814-2444765668-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - Global Startup: Iomega Storage Manager.lnk = C:\Program Files (x86)\Iomega Storage Manager\IomegaStorageManager.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\michael\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\michael\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules� - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PCloudd - Iomega Corp - C:\Program Files (x86)\Iomega Storage Manager\pCloudd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10288 bytes

pc/windows7 loopt vast

anja_25 — Tue, 15 May 2012 08:51:35 GMT

Hallo,

Mijn pc windows 7 systeem loopt steeds vaker vast...ik kan dan niet meer werken totdat ik een algehele reset doe door het systeem eerst helemaal af te sluiten met de knop op de systeemkast.
Met taakbeheer gaat dit niet lukken.

Dit gebeurt meestal en weet nog niet of dat alleen zo is waneer ik aan het surfen ben, maar dan valt het op. Ook heb ik vaker dat wanneer ik windows live mail gebruik er even een zwart scherm verschijnt met de melding: beelschermstuurprogramma reageert niet meer en is hersteld.

Daarover kwam ik op google veel zaken tegen... maar ik merk dat het alleen zo is wanneer ik bovenstaand mail programma gebruik. Weet niet of dit ook samenhangt met het vastlopen van het windows 7 systeem.
Het is namelijk zo, wanneer de fout optreedt van het beelschermstuurprogramma ik daarna weer gewoon kan werken.

Weet iemand wat dit kan zijn en wat ik er tegen kan doen?
Het systeem is nu zo`n anderhalf jaar oud... alle updates staan erop en zou naar mijn mening ook virusvrij zijn.

Probleem met outlook

Mark1994 — Mon, 14 May 2012 16:27:59 GMT

Hoi,

Ik had vroeger Office 2010, helaas was de proefperiode voorbij, nu heb ik 2007, maar als ik outlook start heb ik deze melding.

Hoe laat ik die weg?

biosupdate gigabyte GA-X58-UD3R gaat moeilijk

friamarina — Mon, 14 May 2012 14:59:23 GMT

Mobo Gigabyte GA-EX58-UD3R
Intel� Core™ i7 CPU 920 @ 2.67GHz � 8
Geheugen Buffalo D3U 1066 3,0 GiB
Voeding OCZ 500 SxS 500 Watt
Videokaart Geforce 9800
Harde schijf Maxtor 300 Gib met Windows Vista en later Windows8 32-bit
Harde schijf Maxtor 1000 Gib Linux met Ubuntu Uitgave 12.04 (precise) 32-bit en vorige uitgaven ook 64-bit

Tot enkele of meerdere uren na het uitzetten van de computer kan hij vaak niet goed opstarten de ventilatoren en harddisks gaan draaien en leds op de mobo gaan branden, maar als de lampjes op het toetsenbord niet gaan branden komt er ook totaal niets op het beeldscherm.Op een wattmeter waar de voedings-stekker in zit zie je het gebruik gaan van 59 watt naar72 watt en dan terug naar 60watt bij goed opstarten gaat het gebruik direct verder naar ca 120 watt. Misschien is dit een indicatie waar de oorzaak zit.
Het probleem trad voor het eerst op na het in de pauze(slaap)stand zetten van Ubuntu maar later steeds vaker vooral als het systeem meerdere uren had gedraaid. De wachttijd voor goed functioneren wordt nu steeds langer.

Dit mobo heeft opstartproblemen ,de faq van Gigabyte zegt dat je dan het bios moet opwaarderen. Als je hun Windows tool @BIOS wilt vermijden lukt de tool Qflash niet omdat het nieuwe biosbestand te groot is (grens 1Mb).

Hun aanbevolen Dos-tool flashspi.exe op een opstartbare USB-stick met nieuwe biosfile EX58UD3R.J18 en autoexec.bat opdrachtregel
�flashspi /Z EX58UD3R.J18� werkt vooralsnog niet. Op het scherm verschijnt het bericht :geen biosfile gevonden.

Nu heb ik ergens gelezen dat je de biosfile ex58ud3r.j18 kunt herbenoemen naar ex58ud3r.bin,en daarnaast dan de autoexec.bat opdrachtregel
�flashspi /Z EX58UD3R.J18� moet veranderen in
�flashspi /Z EX58UD3R.bin�,waarmee het wel zou werken.

Weet iemand of deze procedure schade kan aanrichten of weer wordt geblokkerd of dat alleen de Windowstool @Bios mogelijk is, wat ook wordt beweerd,omdat alleen dan biosfiles >1Mb mogelijk zouden worden?

Virussen?

Mark1994 — Mon, 14 May 2012 13:15:21 GMT

Hey,

Ik draai op de pc van me ouders (Windows XP) momenteel via TeamViewer 7 het programma EEK.

Ik weet niet of ik hiervoor een topic moet aanmaken in het speciale forumdeel.

Bijgevoegde afbeelding(en)

HELP.jpg‎ (53,0 KB)

Snelkoppelingen werken niet meer!

PipiLadderkous — Mon, 14 May 2012 13:10:49 GMT

Goedemiddag,

Zoonlief heeft een spel gedownload en ineens waren de meeste snelkoppelingen lnk koppelingen. Afgelopen week kreeg ik ook Incredimail niet meer geopend door een actie van hem. Die gaf aan dat hij incompatibel was. Verwijderd, weer opnieuw geinstalleerd maar werkt nog steeds niet. Nu weet ik niet precies welke versie van Windows 7 ik heb, sorry. Heb wel een paar tips van jullie uitgevoerd maar het lukt nog steeds niet. Kunnen jullie me aub helpen. Vr.gr. Carla

********************* Exe and Lnk Checker logfile *********************
Version: V1.2
Logfile saved: 14-05-2012 / 14:54:55
Run location: C:\Users\Vermeulen\AppData\Local\Temp\A218.tmp
Softwareversie Windows 7 Ultimate

This tool has been developed by Nucia Security.
http://wwww.nucia.eu/
***********************************************************************

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe
(standaard) REG_SZ exefile
Content Type REG_SZ application/x-msdownload

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\PersistentHandler
(standaard) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile
(standaard) REG_SZ Application
EditFlags REG_BINARY 38070000
FriendlyTypeName REG_EXPAND_SZ @\System32\shell32.dll,-10156

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DefaultIcon
(standaard) REG_SZ %1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open
EditFlags REG_BINARY 00000000

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command
(standaard) REG_SZ "%1" %*
IsolatedCommand REG_SZ "%1" %*

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas
HasLUAShield REG_SZ

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\command
(standaard) REG_SZ "%1" %*
IsolatedCommand REG_SZ "%1" %*

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser
(standaard) REG_SZ @shell32.dll,-50944
Extended REG_SZ
SuppressionPolicyEx REG_SZ {F211AA05-D4DF-4370-A2A0-9F19C09756A7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\command
DelegateExecute REG_SZ {ea72d00e-4960-42fa-ba92-7792a7944c1d}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers
(standaard) REG_SZ Compatibility

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Compatibility
(standaard) REG_SZ {1d27f844-3a1f-4410-85ac-14651078412d}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\DropHandler
(standaard) REG_SZ {86C86720-42A0-1069-A2E8-08002B30309D}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\PifProps
(standaard) REG_SZ {86F19A00-42A0-1069-A2E9-08002B30309D}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page
(standaard) REG_SZ {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk
(standaard) REG_SZ lnkfile

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{000214EE-0000-0000-C000-000000000046}
(standaard) REG_SZ {00021401-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{000214F9-0000-0000-C000-000000000046}
(standaard) REG_SZ {00021401-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{00021500-0000-0000-C000-000000000046}
(standaard) REG_SZ {00021401-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
(standaard) REG_SZ {00021401-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew
Handler REG_SZ {ceefea1b-3e29-4ef1-b34c-fec79c4f70af}
IconPath REG_EXPAND_SZ \System32\shell32.dll,-16769
ItemName REG_SZ @shell32.dll,-30397
MenuText REG_SZ @shell32.dll,-30318
NullFile REG_SZ

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew\Config
DontRename REG_SZ

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile
(standaard) REG_SZ Shortcut
EditFlags REG_DWORD 0x1
FriendlyTypeName REG_SZ @shell32.dll,-4153
IsShortcut REG_SZ
NeverShowExt REG_SZ

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\CLSID
(standaard) REG_SZ {00021401-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Compatibility
(standaard) REG_SZ {1d27f844-3a1f-4410-85ac-14651078412d}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\OpenContainingFolderMenu
(standaard) REG_SZ {37ea3a21-7493-4208-a011-7f9ea79ce9f5}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\{00021401-0000-0000-C000-000000000046}
(standaard) REG_SZ

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\DropHandler
(standaard) REG_SZ {00021401-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\IconHandler
(standaard) REG_SZ {00021401-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\PropertySheetHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\PropertySheetHandlers\ShimLayer Property Page
(standaard) REG_SZ {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList
(standaard) REG_SZ

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile REG_NONE 0000

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithList
(standaard) REG_SZ

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile REG_NONE

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice
Progid REG_SZ Applications\CCleaner.exe

-= EOF =-

Geen beeld na opstart.

SpyNo — Mon, 14 May 2012 12:52:25 GMT

Hoi.

Een vraag wat ik zelf nog niet heb kunnen oplossen, hopelijk kan iemand mij hier mee helpen. Kort samengevat: De pc start op, maar er komt maar geen beeld en blijft zwart. Beeldscherm powerknop blijft maar knipperen. Pas na enkele minuten verschijnt het bureaublad en blijft de powerknop van het beeldscherm dan ook continu branden. Meestal gebeurt dit alleen maar als de pc minimaal acht uur van de stroom is geweest (geen laptop)!

Wat heb ik zelf gedaan:

Harde schijf getest, videokaart getest, intern geheugen getest, bios reset naar standaard voorwaarden, tijd en datum wordt goed aangegeven, alle software en hardware onderdelen zijn voorzien van de laatste updates. gescand op virussen en spyware. Logboek geeft niks bijzonder aan, en er worden geen foutmeldingen weergegeven.

Win7 Bitlocker probleem

Da P — Mon, 14 May 2012 07:26:37 GMT

Hallo,

Gisteren wou ik via Windows BitLocker mijn externe harde schijf met een paswoord voorzien. Ik ben met het proces gestart, maar vooraleer het volledig afgerond was is in mijn huis de stroom uitgevallen waardoor de externe harde schijf zonder voeding kwam te zitten, en waardoor het BitLocker proces werd beeindigd.

Wanneer ik nu mijn harde schijf aansluit en opzet, vraagt BitLocker naar het wachtwoord, wat ik dan ook ingeef. Maar na dan op enter te drukken blijft bitlocker hangen en geraakt niet in de schijf,...

Wie weet raad hierover hoe ik OF bitlocker er terug af krijg OF het onderbroken proces door stroomuitval terug opzet om het te kunnen afronden OF via een recovery tool (freeware of betalend) mijn bestanden eraf kan halen? Formatteren is geen optie aangezien ik de bestanden die erop staan nog terug wil.

Dank bij voorbaat,

Pieter

licht regelen van monitor

f.r.a.n.k — Mon, 14 May 2012 00:29:39 GMT

Hoi
Ik zou de hoeveelheid licht uit mijn lichtbak (monitor) wat willen dimmen voor het bekijken van een film op m'n pc, maar ik vrees dat dat niet mogelijk is of toch? Of zit er op de vlc player soms een dimmer of equalizer?

Beste laptop

christian1122 — Sun, 13 May 2012 22:48:45 GMT

Hoi allemaal

Ik zoek een goede laptop voor ong 700 euro
Het liefst eentje met een beetje goeie grafische card (niet voor grootte games maar bijv voor minecraft) ik heb er 3 maar ben niet egt goed met specs :S
Welke is volgens jullie het best?

http://m.mediamarkt.nl/node/4?articl...22&order=brand

http://m.mediamarkt.nl/node/4?articl...cs#tabElements

http://m.mediamarkt.nl/node/4?articl...cs#tabElements

Text Enhance

pickleman — Sun, 13 May 2012 21:12:14 GMT

Hoi,

Ik heb last van rare onverwachte links op websites. Er over hooveren levert een reclame blokje op van Text Enhance. Hoe raak ik hier van af?

Ik heb de vier stappen doorlopen.

1. Defogger uitgevoerd

2. Malwarebytes Anti-Malware

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Databaseversie: 5843

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22-2-2011 21:53:57
mbam-log-2011-02-22 (21-53-57).txt

Scantype: Volledige scan (C:\|E:\|L:\|Q:\|)
Objecten gescand: 375532
Verstreken tijd: 35 minuut/minuten, 53 seconde(n)

Geheugenprocessen ge�nfecteerd: 0
Geheugenmodulen ge�nfecteerd: 0
Registersleutels ge�nfecteerd: 1
Registerwaarden ge�nfecteerd: 1
Registerdata ge�nfecteerd: 0
Mappen ge�nfecteerd: 0
Bestanden ge�nfecteerd: 4

Geheugenprocessen ge�nfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen ge�nfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels ge�nfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.

Registerwaarden ge�nfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSSMSGS (Backdoor.Bot) -> Value: MSSMSGS -> Quarantined and deleted successfully.

Registerdata ge�nfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen ge�nfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden ge�nfecteerd:
c:\WINDOWS\System32\winioa32.rom (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\WINDOWS\System32\winziv32.rom (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\WINDOWS\SysWOW64\winioa32.rom (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\WINDOWS\SysWOW64\winziv32.rom (Backdoor.Bot) -> Quarantined and deleted successfully.

3 DDS

dds.txt

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Peter at 22:01:23 on 2012-05-13
Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.6135.3737 [GMT 2:00]
.
AV: Sophos Anti-Virus *Enabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
SP: Sophos Anti-Virus *Enabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Bandoo\Bandoo.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ION\EZ Video Converter\MediaTVMonitor.exe
C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Bandoo\BndCore.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://nl.woofi.info
uStart Page = hxxp://www.startpagina.nl/
mStart Page = hxxp://nl.woofi.info
mSearch Page = hxxp://nl.woofi.info
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Sophos Web Content Scanner: {39ea7695-b3f2-4c44-a4bc-297ada8fd235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
BHO: Loader Class: {9d717f81-9148-4f12-8568-69135f087db0} - C:\PROGRA~2\WI3C8A~1\Datamngr\BROWSE~1.DLL
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [AdobeBridge]
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Kerio VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
mRun: []
mRun: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\SMINST\Launcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EZVHSC~1.LNK - C:\Program Files (x86)\ION\EZ Video Converter\MediaTVMonitor.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Doel van koppeling converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
LSP: C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll
DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab
DPF: {28B66320-9687-4B13-8757-36F901887AB5} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {B7915D9F-6057-4153-BE1B-8E234BD66980} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/ma7.0.23/ImageUploader7.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1 212.61.15.8 212.61.25.226
TCP: Interfaces\{49171518-154B-4B7C-B537-6C9FA73B93A7} : DhcpNameServer = 192.168.1.1 212.61.15.8 212.61.25.226
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\progra~2\wi3c8a~1\datamngr\datamngr.dll c:\progra~2\wi3c8a~1\datamngr\iebho.dll c:\progra~2\sophos\sophos~1\sophos~1.dll c:\progra~2\bandoo\bndhook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{074C1DC5-9320-4A9A-947D-C042949C6216}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{39EA7695-B3F2-4C44-A4BC-297ADA8FD235}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{99079a25-328f-4bd4-be04-00955acaa0a7}
{9D717F81-9148-4f12-8568-69135F087DB0}
{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
{AE7CD045-E861-484f-8273-0445EE161910}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
{F4971EE7-DAA0-4053-9964-665D8EE6A077}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}
{99079a25-328f-4bd4-be04-00955acaa0a7}
mRun-x64: [Kerio VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
mRun-x64: [(standaard)]
mRun-x64: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun-x64: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun-x64: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun-x64: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\SMINST\Launcher.exe
AppInit_DLLs-X64: c:\progra~2\wi3c8a~1\datamngr\datamngr.dll c:\progra~2\wi3c8a~1\datamngr\iebho.dll c:\progra~2\sophos\sophos~1\sophos~1.dll c:\progra~2\bandoo\bndhook.dll
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 SAVOnAccess;SAVOnAccess;C:\Windows\system32\DRIVERS\savonaccess.sys --> C:\Windows\system32\DRIVERS\savonaccess.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 KVPNCSvc;Kerio VPN Client Service;C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2010-3-2 972648]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-2 2214504]
R2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2010-10-8 163056]
R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2010-6-14 97520]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2012-4-11 232472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-7-9 248936]
R2 swi_service;Sophos Web Intelligence Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2012-2-21 1543704]
R3 kvnet;Kerio Virtual Network Adapter;C:\Windows\system32\DRIVERS\kvnet.sys --> C:\Windows\system32\DRIVERS\kvnet.sys [?]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech QuickCam E3500(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-31 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 257696]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;C:\Windows\system32\DRIVERS\aabed2.sys --> C:\Windows\system32\DRIVERS\aabed2.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-2-21 1038088]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-31 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 SophosBootDriver;SophosBootDriver;C:\Windows\system32\DRIVERS\SophosBootDriver.sys --> C:\Windows\system32\DRIVERS\SophosBootDriver.sys [?]
.
=============== File Associations ===============
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-05-13 17:45:26 -------- d-----w- C:\Users\Peter\AppData\Local\{4125D8D6-28D7-4A63-938F-731E19C3E04A}
2012-05-13 17:45:10 -------- d-----w- C:\Users\Peter\AppData\Local\{971511D6-37D4-43C0-8CD8-E7D2601E54CE}
2012-05-12 21:09:49 -------- d-----w- C:\Users\Peter\AppData\Local\{02CF6365-5550-4208-8C8C-5F397C2BF256}
2012-05-12 21:09:38 -------- d-----w- C:\Users\Peter\AppData\Local\{59D05893-8E97-4F7E-865F-A5C784EA7573}
2012-05-12 09:09:09 -------- d-----w- C:\Users\Peter\AppData\Local\{189C2B27-47B7-44AC-925B-4E5DF702F559}
2012-05-12 09:08:59 -------- d-----w- C:\Users\Peter\AppData\Local\{B31EC126-57A7-4C3D-9454-DC3BDD22B199}
2012-05-11 21:08:31 -------- d-----w- C:\Users\Peter\AppData\Local\{79FFDDCC-AEA2-452F-888C-B10357B0F631}
2012-05-11 21:08:19 -------- d-----w- C:\Users\Peter\AppData\Local\{61C02FFE-2B2C-4681-8732-205C22E25D37}
2012-05-11 19:33:17 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{877F7B14-665C-4650-BF5F-4EA992ADD676}\mpengine.dll
2012-05-11 09:07:30 -------- d-----w- C:\Users\Peter\AppData\Local\{F25BB514-E9FD-41F7-BD0D-DC112F82F7A2}
2012-05-11 09:07:17 -------- d-----w- C:\Users\Peter\AppData\Local\{8E36F49A-BB0E-4FCB-9EC9-90CEE935F1E3}
2012-05-10 20:26:46 -------- d-----w- C:\Users\Peter\AppData\Local\{C71298ED-627D-4BF4-A61A-950E3E2C2C08}
2012-05-10 08:26:21 -------- d-----w- C:\Users\Peter\AppData\Local\{4F60B598-495D-4C20-BE44-F89CFD852C89}
2012-05-10 08:26:10 -------- d-----w- C:\Users\Peter\AppData\Local\{1A7C53E4-E237-4412-BB39-0EFC1DD8276B}
2012-05-09 20:25:42 -------- d-----w- C:\Users\Peter\AppData\Local\{B326C46D-9580-4710-94E6-8D82F3DD7A5D}
2012-05-09 20:25:32 -------- d-----w- C:\Users\Peter\AppData\Local\{7D02BF69-1DC3-470A-B3C3-D4C1A80F97C7}
2012-05-09 08:25:03 -------- d-----w- C:\Users\Peter\AppData\Local\{AA053225-32AC-4828-83F3-72662161FA01}
2012-05-09 08:24:52 -------- d-----w- C:\Users\Peter\AppData\Local\{0006D11B-E10F-4BF3-BAAA-4326E2FD498B}
2012-05-08 20:49:03 -------- d-----w- C:\Users\Peter\AppData\Local\Vid-Saver
2012-05-08 20:49:02 -------- d-----w- C:\Program Files (x86)\Vid-Saver
2012-05-08 20:34:04 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-08 20:34:03 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-08 20:34:03 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-08 20:34:03 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-08 20:33:14 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-08 20:33:14 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-08 20:33:13 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-08 20:33:05 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-08 20:33:03 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-08 20:33:03 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-08 20:33:03 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-08 20:33:03 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-08 20:33:02 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-08 20:20:53 -------- d-----w- C:\Users\Peter\AppData\Local\{ABAF1495-9F5B-4AD1-A62E-6841C002D705}
2012-05-08 20:20:41 -------- d-----w- C:\Users\Peter\AppData\Local\{AB5F589E-7B4F-475D-960B-206047039B17}
2012-05-07 19:15:36 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-07 19:00:20 -------- d-----w- C:\Users\Peter\AppData\Local\{E3310BAC-5247-464A-8914-809605EA2E26}
2012-05-07 19:00:04 -------- d-----w- C:\Users\Peter\AppData\Local\{CD22D25B-BB0F-4B65-9933-2205E5097040}
2012-05-06 15:05:59 -------- d-----w- C:\Users\Peter\AppData\Local\{F5527A01-0BFF-4150-9127-8347BDC35C96}
2012-05-06 15:05:43 -------- d-----w- C:\Users\Peter\AppData\Local\{D96E935F-9552-4614-A9F0-F5DFBFD10C3B}
2012-05-05 19:26:23 -------- d-----w- C:\Users\Peter\AppData\Local\{F74EE420-1B4C-4EF3-B2B2-F21F92EC7DA4}
2012-05-05 19:26:09 -------- d-----w- C:\Users\Peter\AppData\Local\{D24A3A89-364E-499A-859A-7244CB4A6ADD}
2012-04-27 10:04:30 -------- d-----w- C:\Users\Peter\AppData\Local\{8607FF21-87C8-46ED-A848-8BE1DAA743D0}
2012-04-27 10:04:19 -------- d-----w- C:\Users\Peter\AppData\Local\{78E0DA70-A1EB-4CA1-81A9-F1D6FEA081C9}
2012-04-26 15:39:34 -------- d-----w- C:\Users\Peter\AppData\Local\{FBA59CC0-9B32-4671-9478-94F2D9D01227}
2012-04-26 15:39:19 -------- d-----w- C:\Users\Peter\AppData\Local\{786E64F6-076B-4A91-85BA-2013973DE13F}
2012-04-25 19:48:49 -------- d-----w- C:\Users\Peter\AppData\Local\{C56EAF8B-5119-417B-BB5F-4F7A99F85B9B}
2012-04-25 19:48:34 -------- d-----w- C:\Users\Peter\AppData\Local\{AC9A991D-13E4-47C4-B31B-2B703B3D0EA1}
2012-04-24 20:52:50 -------- d-----w- C:\Users\Peter\AppData\Local\{B49B7F08-DCDC-4CDB-91EB-50D96AFE67C5}
2012-04-24 08:52:24 -------- d-----w- C:\Users\Peter\AppData\Local\{4D114C8E-3862-4DAF-970A-AE852744D9BA}
2012-04-24 08:52:13 -------- d-----w- C:\Users\Peter\AppData\Local\{079B71C9-484B-4EBA-B9E7-7BE4FDF14351}
2012-04-23 20:50:59 -------- d-----w- C:\Users\Peter\AppData\Local\{B12C4139-1210-479E-B7BD-732A679C7B3A}
2012-04-23 20:50:45 -------- d-----w- C:\Users\Peter\AppData\Local\{3F239337-EA04-4A1D-85AA-EA4BB5669EC2}
2012-04-23 19:52:07 856712 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-04-19 07:40:06 -------- d-----w- C:\Users\Peter\AppData\Local\{D8B028D7-EE99-40AF-B13A-225647D40F40}
2012-04-19 07:39:52 -------- d-----w- C:\Users\Peter\AppData\Local\{C2B84769-64EA-4021-B308-C937D5C0C944}
2012-04-18 13:03:36 -------- d-----w- C:\Users\Peter\AppData\Local\{E7B3C79B-1DCC-468B-8E36-43C81C98BF18}
2012-04-18 01:02:59 -------- d-----w- C:\Users\Peter\AppData\Local\{6AEDF249-F1DD-49C5-8197-834F8C7027E2}
2012-04-18 01:02:49 -------- d-----w- C:\Users\Peter\AppData\Local\{DFBBFE1F-6743-4EED-935C-71808EAD0B5A}
2012-04-17 13:01:03 -------- d-----w- C:\Users\Peter\AppData\Local\{0316B19E-CADA-430C-B232-A3AA1C132C78}
2012-04-17 13:00:47 -------- d-----w- C:\Users\Peter\AppData\Local\{90A208E9-89FE-4057-9077-BA1FAF9FC47D}
2012-04-16 18:35:38 -------- d-----w- C:\Users\Peter\AppData\Local\{21574457-D18C-45AA-B5E1-061E8E41E699}
2012-04-16 18:35:24 -------- d-----w- C:\Users\Peter\AppData\Local\{D034E535-FDAF-4D98-975C-7073477FC594}
2012-04-16 01:57:01 -------- d-----w- C:\Users\Peter\AppData\Local\{5AD48A86-0923-4C70-8239-6C29BC76D5D1}
2012-04-15 13:56:33 -------- d-----w- C:\Users\Peter\AppData\Local\{3DF12AEA-70BD-45A7-9EDE-4E0BD1AF51BF}
2012-04-15 13:56:20 -------- d-----w- C:\Users\Peter\AppData\Local\{0D65F74C-549E-4A6F-8A14-4DE9FCC45237}
2012-04-14 16:35:36 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2012-04-14 16:30:53 -------- d-----w- C:\Users\Peter\AppData\Local\{C34E5CF8-322A-4072-B227-52D45B77E42C}
2012-04-14 16:30:38 -------- d-----w- C:\Users\Peter\AppData\Local\{1C544AF6-9B75-4632-A209-17C0DCDEE1C3}
.
==================== Find3M ====================
.
2012-05-07 19:15:49 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-07 19:15:49 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-04 13:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-30 19:17:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-08 16:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 16:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
.
============= FINISH: 22:02:40,40 ===============

attach.txt: not posted yet

Hopelijk kunnen jullie mij helpen,

Alvast bedankt!

Pc start niet meer op

LeonRos — Sun, 13 May 2012 16:08:51 GMT

Hallo,

Mijn naam is Leon ros, en ik ben nieuw hier op dit forum :).
Ik heb een vraagje en heb er rond gezocht maar heb niet mij probleem kunnen vinden op dit forum ( of ik heb er misschien overheen gekeken, als dat zo is sorry voor een dubbele post haha).

Ik heb een dell xps 710 en sinds kort wil die niet meer opstarten,
als ik hem aandruk, hoor je alleen een klik en gaat het lampje op de voorkant knipperen en is geel.

Het is geen code wat die doorgeeft want hij knippert constant met steeds een seconde ertussen. Er zitten ook 2 nieuwe geheugen bankjes in van icidu als ik het goed heb 2x2gb ddr2. De ene keer start ie achter elkaar op en zo wil die 2 dagen niet opstarten :S. Beetje apart haha. Dus ik hoopte dat jullie mij misschien zouden kunnen helpen. Hoop dat ik genoeg info hebben gegeven. En anders hoor ik het wel :).

verkenner loopt vast:door (verwijderde) rootkit?

Nanique — Sun, 13 May 2012 15:57:14 GMT

Geachte helpers,

Hoewel ik geen virusmelding krijg van Malwarebytes nu had het programma vorige week bij het scannen na een hele lange tijd wel een rootkit.zeroAccess (dacht dat ie zo heette) te pakken en die heeft Malwarebytes om zeep geholpen. Hoe lang dat ding erop gezeten heeft, weet ik niet, want mijn man vergeet altijd te scannen en als ik ooit eens op deze PC werk, doe ik het dus meteen.

Feit is dat de verkenner steeds trager wordt (het "zandlopertje" loopt en loopt, maar er gebeurt niets) en vastloopt. Als je taakbeheer dan wilt openen om de verkenner te sluiten, lukt dat ook vaak pas na een hele tijd of helemaal niet. Internetbrowsers vallen ineens uit, (de CPU en het geheugen zijn zelden boven de 50%). Alles is schoongeveegd met CCleaner, gedefragmenteerd ook, alle Windows-updates zijn ge�nstalleerd. En nu laat de verkenner ook de inhoud van de DVD-speler niet meer zien. Opnieuw installeren van de DVD-speler heeft niet geholpen. Zou er toch nog iets van die rootkit achtergebleven zijn?

Ik heb de dingen die in het informatie-topic staan gedaan (denk ik tenminste)

Dank jullie wel voor de hulp alvast :D

---------------------------------------------------------

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Databaseversie: v2012.05.13.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Hans :: DROPJE [administrator]

Realtime bescherming: Ingeschakeld

13-5-2012 17:07:26
mbam-log-2012-05-13 (17-07-26).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 196692
Verstreken tijd: 3 minuut/minuten, 38 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)
-------------------------------------------------------

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Hans at 17:15:02 on 2012-05-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2013.639 [GMT 2:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\helppane.exe
C:\Windows\system32\mmc.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5.1\plugins

\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex

\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata

\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared

\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live

\companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe

\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex

\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5.1\plugins

\ieplugin\contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex

\AcroIEFavClient.dll
TB: {87775FDB-6972-41F9-AE51-8326E38CB206} - No File
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -

launchedbylogin
mRun: []
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Smart File Advisor] "c:\program files\smart file advisor\sfa.exe" /checkassoc
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe

\calibration\Adobe Gamma Loader.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live

\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer

\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:

\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-

A67417AA88CD/LegitCheckControl.cab
DPF: {76D98704-8A16-4B5A-9D69-213D74E7C2D3} - hxxp://get.virtuocity.eu/3.1/virtuocity.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} - hxxp://www.live365.com/players/play365.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.10.1 213.46.228.196 62.179.104.196
TCP: Interfaces\{819B7EED-C8D0-48F5-97BE-45A2DE22DD75} : DhcpNameServer = 192.168.10.1 213.46.228.196 62.179.104.196
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery

\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\hans\appdata\roaming\mozilla\firefox\profiles\nuqfljy2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q=

{searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.sp.nl
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&q=
FF - plugin: c:\program files\abn amro e.dentifier2\mozilla\npBECON.dll
FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\virtuocity browser plugin 3.1\npV3DComponents31.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.id - 20a45d1500000000000090e6ba83261d
FF - user.js: extensions.BabylonToolbar_i.hardId - 20a45d1500000000000090e6ba83261d
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15319
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:02:49
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100478
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
FF - user.js: extensions.autoDisableScopes - 14
.
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework

\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-11 654408]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-4-15 22344]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-5-13 40776]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-29 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash

\FlashPlayerUpdateService.exe [2012-4-4 257696]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [2008-3-20 23040]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-9-30 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-29 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-

4-27 129976]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112]
S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-15 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-05-13 15:06:54 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-05-13 13:34:41 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-05-13 13:34:40 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-05-13 12:19:54 -------- d-----w- c:\windows\pss
2012-05-13 09:51:47 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{af0a40dd-

2e31-4ff7-a067-819be835feb3}\mpengine.dll
2012-05-12 05:43:27 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup

\mpengine.dll
2012-05-09 05:43:40 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 05:43:38 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-09 05:43:38 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-09 05:43:37 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-09 05:43:37 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-09 05:43:33 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-09 05:43:33 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 05:43:33 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 05:43:29 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 05:43:28 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-05-05 11:50:23 -------- d-----w- c:\program files\Smart File Advisor
2012-05-05 11:50:21 -------- d-----w- c:\program files\IsoBuster
2012-05-03 18:14:27 -------- d-----w- c:\program files\common files\EZB Systems
2012-05-03 14:29:28 -------- d-----w- c:\users\hans\appdata\roaming\NCH Software
2012-05-03 14:29:27 -------- d-----w- c:\program files\NCH Software
2012-05-03 14:08:24 -------- d-----w- c:\users\hans\appdata\local\CRE
2012-05-03 13:48:55 -------- d-----w- c:\programdata\Tarma Installer
2012-05-03 13:47:36 -------- d-----w- c:\program files\1ClickDownload
2012-04-27 05:28:21 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-27 05:28:18 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-04-27 05:28:18 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
.
==================== Find3M ====================
.
2012-05-05 15:59:05 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-05 15:59:05 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 13:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-20 18:44:12 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-01 05:46:57 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:37:41 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-19 12:37:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-17 05:34:22 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2006-05-03 11:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 12:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 14:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll
2010-01-06 23:00:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll
.
============= FINISH: 17:16:02,61 ===============

Testje

Mark1994 — Sun, 13 May 2012 15:50:13 GMT

Klein testje, nodig voor screen.

Firewall op de router?

Mark1994 — Sun, 13 May 2012 14:50:00 GMT

Ik zie hier soms bij Firewall: Router, hoe stel je dat in?

Dus een Firewall op de Router.

Verkenner gaat steeds weg

Rubble — Sun, 13 May 2012 10:37:43 GMT

De verkenner gaat steeds aan en uit Ik kan niets opstarten, want als ik iet wil intikken in programmas starten en zoeken klap het weer weg voor ik klaar ben, dus ik kan ook geen systeemherstel doen.
Help, Leen

PC leeft eigen leven

aileen — Sun, 13 May 2012 08:49:25 GMT

Hallo,

Mijn pc doet rare dingen opnieuw opstarten en dan geeft hij een fout deze is opgelost na aanpassingen in de bios maar dat heeft hij vaker gedaan...
Nu echter kan ik alleen in veilige modus programmas openen en dus werken maar ook niet continu, ik heb met pijn en moeite een hijackthis log gemaakt, ik hoop dat jullie mij kunnen helpen!! misschien zit ik niet helemaal op de goede plaats met mijn thread maar ik ben blij als ik dit geplaatst krijg!!!!
Help!!??

Bedankt!!
Aileen

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:36:49, on 13-5-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.chello.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Program Files\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Ant.com browser helper (video detector) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\download.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Program Files\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Program Files\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O3 - Toolbar: Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\anttoolbar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Traymin900] %SystemRoot%\System32\drivers\Tray900.exe
O4 - HKLM\..\Run: [PhiBtn] %SystemRoot%\System32\drivers\PhiBtn.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\de Groot\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\download.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1228735221218
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/static...eUploader4.cab
O18 - Protocol: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - D:\elsawin\ElsaWin\bin\wiProt.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ant Toolbar updater service (AntUpdaterService) - Ant.com - C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX� - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: Google Updateservice (gupdate1c9b9f2ed3b730) (gupdate1c9b9f2ed3b730) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Transbase - Transaction Software, D 81737 Munich - D:\bmw\transbase\tbmux32.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 12215 bytes

Irritant programma bij MSN

Mark1994 — Sat, 12 May 2012 18:14:08 GMT

Ik heb een irritant programma bij MSN, logjes:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Databaseversie: v2012.05.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK-PC [administrator]

12-5-2012 19:59:27
mbam-log-2012-05-12 (19-59-27).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 199741
Verstreken tijd: 6 minuut/minuten, 26 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1
C:\Users\Mark\AppData\Local\Temp\F1D4.tmp\z8.scf (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Mark at 20:07:32 on 2012-05-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1978.656 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Windows\system32\lxeacoms.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\WhatPulse\WhatPulse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
c:\program files (x86)\teamviewer\version7\TeamViewer_Desktop.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5336&r=27360212d945l04e4z125v47821253
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5336&r=27360212d945l04e4z125v47821253
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: ADDICT-THING Class: {58ab51d5-9201-4794-b73d-4e67e7590975} - C:\ProgramData\ADDICT-THING\bhoclass.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - C:\ProgramData\Partner\Partner.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No File
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: SweetPacks Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
uRun: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: []
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\Users\Mark\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.254
TCP: Interfaces\{31C735EC-18B7-4CDD-B5FB-8B09E1826B16} : DhcpNameServer = 192.168.2.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{074C1DC5-9320-4A9A-947D-C042949C6216}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{58AB51D5-9201-4794-B73D-4E67E7590975}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO-X64: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No File
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AE7CD045-E861-484f-8273-0445EE161910}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{EEE6C35C-6118-11DC-9C72-001320C79847}
{F4971EE7-DAA0-4053-9964-665D8EE6A077}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {a8864317-e18b-4292-99d9-e6e65ab905d3} - No File
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
{EEE6C35B-6118-11DC-9C72-001320C79847}
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [(standaard)]
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun-x64: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
mRun-x64: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\qe92klcw.default\
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com/?crg=3.1010000.10011
FF - prefs.js: browser.search.defaulturl -
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-3-1 3045688]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-16 44768]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-3-16 134920]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-16 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-2-27 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-16 13336]
R2 lxea_device;lxea_device;C:\Windows\system32\lxeacoms.exe -service --> C:\Windows\system32\lxeacoms.exe -service [?]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-29 255744]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update-service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxeaserv.exe [2012-3-27 45736]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2012-3-1 63880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-5 253600]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 129976]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-7-16 332272]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-05-12 17:49:57 -------- d-----w- C:\ProgramData\SweetIM
2012-05-12 17:49:57 -------- d-----w- C:\Program Files (x86)\SweetIM
2012-05-12 17:46:09 -------- d-----w- C:\Program Files (x86)\1ClickDownload
2012-05-12 16:57:12 -------- d-----w- C:\Users\Mark\VirtualBox VMs
2012-05-12 16:56:13 -------- d-----w- C:\Users\Mark\.VirtualBox
2012-05-12 16:54:12 224048 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2012-05-12 16:54:04 130864 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2012-05-12 16:53:54 -------- d-----w- C:\Program Files\Oracle
2012-05-12 11:14:32 588800 ------w- C:\Windows\SysWow64\WinFLCtxMenu.dll
2012-05-12 09:28:30 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E58A1A23-82FA-4D30-91F8-83C11B34E54A}\offreg.dll
2012-05-12 09:25:26 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E58A1A23-82FA-4D30-91F8-83C11B34E54A}\mpengine.dll
2012-05-12 09:17:44 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2012-05-12 09:07:30 -------- d-----w- C:\ProgramData\ALM
2012-05-12 08:52:22 -------- d-----w- C:\Users\Mark\Adobe Flash Builder 4.5
2012-05-12 08:41:35 -------- d-----w- C:\Program Files (x86)\Adobe Story
2012-05-12 08:39:24 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2012-05-12 08:39:24 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2012-05-12 08:39:24 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2012-05-12 08:39:23 -------- d-----w- C:\Program Files (x86)\My Company Name
2012-05-12 08:39:23 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2012-05-12 08:39:23 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-05-09 19:24:52 -------- d-----w- C:\Windows\PCHEALTH
2012-05-09 18:11:48 -------- d-----w- C:\Users\Mark\AppData\Local\ElevatedDiagnostics
2012-05-09 10:38:04 -------- d-----w- C:\_OTL
2012-05-09 09:27:06 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-09 09:27:03 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-09 09:27:02 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-09 09:26:54 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-09 09:26:51 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-09 09:26:49 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-09 09:26:48 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-09 09:25:12 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-09 09:24:54 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-09 09:24:53 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 09:24:52 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 09:24:51 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 09:24:50 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-08 14:22:34 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\fffea03c1cd2d2513\DXSETUP.exe
2012-05-08 14:22:33 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\fffea03c1cd2d2513\DSETUP.dll
2012-05-08 14:22:33 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\fffea03c1cd2d2513\dsetup32.dll
2012-05-08 14:22:04 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ea04b19b1cd2d2512\DXSETUP.exe
2012-05-08 14:22:03 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ea04b19b1cd2d2512\dsetup32.dll
2012-05-08 14:22:02 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ea04b19b1cd2d2512\DSETUP.dll
2012-05-08 14:19:46 -------- d-----w- C:\Users\Mark\AppData\Local\Windows Live
2012-05-06 14:37:37 -------- d-----w- C:\Users\Mark\AppData\Roaming\KeePass
2012-05-06 14:35:10 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 2
2012-05-05 13:34:46 -------- d-----w- C:\Users\Mark\AppData\Roaming\PhotoFiltre
2012-05-05 13:32:00 -------- d-----w- C:\Program Files (x86)\PhotoFiltre
2012-04-30 13:49:12 -------- d-----w- C:\Program Files (x86)\Opera Next
2012-04-28 18:51:36 -------- d-----w- C:\Users\Mark\.jagex_cache_32
2012-04-26 08:20:22 -------- d-----w- C:\Users\Mark\AppData\Roaming\WhatPulse
2012-04-26 08:16:29 -------- d-----w- C:\Program Files (x86)\WhatPulse
2012-04-26 07:14:24 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-26 07:14:11 97208 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-04-26 07:14:09 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-26 07:14:09 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-25 16:55:02 -------- d-----w- C:\Users\Mark\AppData\Local\Chromium
2012-04-23 13:15:56 -------- d-----w- C:\ProgramData\Premium
2012-04-23 13:08:03 -------- d-----w- C:\ProgramData\ADDICT-THING
2012-04-23 09:22:26 -------- d-----w- C:\ProgramData\InstallMate
2012-04-19 15:29:57 -------- d-----w- C:\Program Files (x86)\Video Codec
2012-04-19 09:17:06 -------- d-----w- C:\Program Files (x86)\RuneScape
2012-04-14 08:58:17 0 ----a-w- C:\Windows\SysWow64\sho9D88.tmp
.
==================== Find3M ====================
.
2012-04-15 16:01:57 8766112 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-12 16:12:56 147248 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2012-04-12 16:12:54 166192 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2012-04-12 16:12:52 320816 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2012-04-12 12:56:14 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-04-12 12:56:10 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-04-05 16:47:36 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-05 16:47:36 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-04 13:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-04 05:53:58 53656 ----a-w- C:\Windows\System32\AdobePDF.dll
2012-04-04 05:53:56 24984 ----a-w- C:\Windows\System32\AdobePDFUI.dll
2012-03-24 15:05:36 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll
2012-03-23 18:42:48 0 ----a-w- C:\Windows\SysWow64\shoB798.tmp
2012-03-07 00:15:19 41184 ----a-w- C:\Windows\avastSS.scr
2012-03-07 00:04:31 141144 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2012-03-07 00:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-03-07 00:03:29 258904 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2012-03-07 00:02:45 28504 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2012-03-07 00:02:20 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-03-07 00:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-03-05 01:22:01 41984 ----a-w- C:\Windows\System32\lpk.dll
2012-03-04 11:23:43 41984 ----a-w- C:\Users\Mark\AppData\Roaming\Pk Buddy v2.0.exe
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 17:16:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 02:01:55 2560 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\qwavedrv.sys.mui
2012-02-28 02:01:46 5632 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\ndiscap.sys.mui
2012-02-28 02:01:42 50688 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\tcpip.sys.mui
2012-02-28 02:01:40 26624 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\bfe.dll.mui
2012-02-28 02:01:40 16896 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\pacer.sys.mui
2012-02-28 02:01:30 2560 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\scfilter.sys.mui
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-27 17:27:04 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-02-27 17:27:03 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-02-27 17:27:03 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-02-27 17:11:09 3 ----a-w- C:\Windows\System32\PLD_Framework.cmd
2012-02-23 15:54:51 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-14 10:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 20:12:56,21 ===============

Spamfilter voor outlook

Mark1994 — Sat, 12 May 2012 17:39:02 GMT

Hoi,

Ik maak voor mijn school mail gebruik van Outlook, binnenkort ook voor de KPN mail. Is hiervoor daarom een spamfilter?

internet explorer, problemen met laden

mirx — Sat, 12 May 2012 17:03:41 GMT

hoi,

mijn internet explorer heeft de laatste tijd veel problemen met het laden van sites en breekt soms ook af met laden. daarnaast valt mijn mijn verbinding met skype ook soms weg.

zou iemand naar mijn logje willen kijken?
alvast bedankt.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Databaseversie: v2012.05.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jr :: JR-TOSH [administrator]

12-5-2012 18:30:58
mbam-log-2012-05-12 (18-30-58).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 201071
Verstreken tijd: 4 minuut/minuten, 55 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1
HKCR\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887} (Heuristics.Shuriken) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1
C:\ProgramData\Windows\msseedir.dll (Heuristics.Shuriken) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by jr at 18:40:17 on 2012-05-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2931.1680 [GMT 2:00]
.
AV: McAfeeAntivirus en antispyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfeeAntivirus en antispyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfeeFirewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Users\jr\AppData\Roaming\Ewihvi\uvnyz.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.symbaloo.com/
uDefault_Page_URL = hxxp://toshiba.msn.com
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120508215913.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [Ytzaameba] C:\Users\jasper\AppData\Roaming\Ewihvi\uvnyz.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{16B7D7C3-A469-4C9A-A186-32B259834B48} : DhcpNameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{3D2DA0B0-29C9-46F5-8EE9-FD2642FD5B19} : DhcpNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
{02478D38-C3F9-4efb-9B51-7695ECA05670}
{0347C33E-8762-4905-BF09-768834316C61}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{F3C88694-EFFA-4d78-B409-54B7B2535B14}
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
TB-X64: {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-6 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-6 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-6 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-6 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-1-16 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-1-16 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-2-11 124368]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\system32\DRIVERS\TVALZFL.sys --> C:\Windows\system32\DRIVERS\TVALZFL.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-6 2320920]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 PGEffect;Pangu effect driver;C:\Windows\system32\DRIVERS\pgeffect.sys --> C:\Windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys --> C:\Windows\system32\DRIVERS\rtl8192se.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-10-6 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-6 257696]
S3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-05-12 16:29:13 -------- d-----w- C:\Users\jr\AppData\Roaming\Malwarebytes
2012-05-12 16:29:01 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-12 16:28:59 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-12 16:28:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-12 12:20:09 -------- d-----w- C:\Users\jr\AppData\Roaming\Xuih
2012-05-12 12:20:09 -------- d-----w- C:\Users\jr\AppData\Roaming\Ugozre
2012-05-12 12:20:09 -------- d-----w- C:\Users\jr\AppData\Roaming\Ewihvi
2012-05-12 07:34:29 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-12 07:34:29 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-12 07:34:24 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-12 07:34:22 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-12 07:34:21 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-12 07:34:21 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-12 07:33:42 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-12 07:33:26 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-12 07:33:21 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-12 07:33:20 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 07:33:20 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 07:33:19 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-12 07:33:19 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-06 07:36:18 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-29 16:02:56 -------- d-----w- C:\Program Files\CCleaner
2012-04-28 20:24:54 -------- d-----w- C:\Users\jr\AppData\Local\{53C955D7-5220-47DB-A9D7-C3DEC6FEA7C7}
2012-04-26 16:52:50 -------- d-----w- C:\Users\jr\AppData\Local\{87D4BDE2-5945-4DF1-9A9A-B90E1EC53CE1}
2012-04-17 18:56:27 -------- d-----w- C:\ProgramData\Windows
2012-04-15 16:19:46 -------- d-----w- C:\Users\jr\AppData\Local\{3219F542-0D33-4952-A2F2-A1A4399448B1}
.
==================== Find3M ====================
.
2012-05-06 07:36:18 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-20 11:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-22 11:29:46 75936 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-02-22 11:29:46 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-02-22 11:29:46 647208 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2012-02-22 11:29:46 487296 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-02-22 11:29:46 289664 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-02-22 11:29:46 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-02-22 11:29:46 160792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2012-02-22 11:29:46 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-02-22 11:29:46 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-14 10:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 18:41:27,99 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 28-12-2010 19:02:46
System Uptime: 12-5-2012 17:48:45 (1 hours ago)
.
Motherboard: TOSHIBA | | NALAA
Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz | CPU | 919/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 180,687 GiB free.
D: is FIXED (NTFS) - 232 GiB total, 224,643 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP56: 3-3-2012 20:31:41 - Ge�nstalleerd TOSHIBA Service Station
RP57: 13-3-2012 23:10:01 - Windows Update
RP58: 15-3-2012 18:08:14 - Windows Update
RP59: 15-3-2012 22:36:36 - Windows Update
RP60: 10-4-2012 23:35:32 - Windows Update
RP61: 12-5-2012 10:09:23 - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Reader 9.5.1 - Nederlands
Adobe Shockwave Player 11.6
Advertising Center
Apple Application Support
Apple Software Update
Bing Bar
BufferChm
D3DX10
D5500
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceDiscovery
DJ_SF_06_D5500_SW_Min
eBay
GPBaseService2
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
ImagXpress
ImTOO AVI MPEG Converter
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Java(TM) 6 Update 17
Junk Mail filter update
MAGIX Website Maker 4 1.13.0.112 (NL)
Malwarebytes Anti-Malware versie 1.61.0.1400
MarketResearch
McAfee AntiVirus Plus
Microsoft Default Manager
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Dutch) 2010
Microsoft Office Excel MUI (Dutch) 2010
Microsoft Office Groove MUI (Dutch) 2010
Microsoft Office InfoPath MUI (Dutch) 2010
Microsoft Office OneNote MUI (Dutch) 2010
Microsoft Office Outlook MUI (Dutch) 2010
Microsoft Office PowerPoint MUI (Dutch) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Dutch) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proofing (Dutch) 2010
Microsoft Office Publisher MUI (Dutch) 2010
Microsoft Office Shared MUI (Dutch) 2010
Microsoft Office Word MUI (Dutch) 2010
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9 Essentials
Nero BackItUp
Nero BackItUp and Burn
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero RescueAgent
Nero StartSmart
Nero StartSmart Help
NeroExpress
neroxml
Photo Service - powered by myphotobook
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Shareaza
Skype Click to Call
Skype� 5.8
SmartWebPrinting
SolutionCenter
Status
swMSM
The Settlers 7 - Paths to a Kingdom
Toolbox
Toshiba Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD-waarschuwing
Toshiba Manuals
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Online Product Information
TOSHIBA Recovery Media Creator Reminder
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Supervisorwachtwoord
Toshiba TEMPRO
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TrayApp
TRORMCLauncher
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Utility Common Driver
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== End Of File ===========================

microsoft outlook

kijzers43 — Sat, 12 May 2012 15:19:54 GMT

dag

ik heb problemen met mijn oulook elke keer als ik hem aanzet of een berichtje wil lezen of versturen, verklein mijn outlook naar een klein 4.kant blokje(links.boven)
als ik hem dan aanklik is het even goed , maar bij mijn volgende gebruik is het weer hetzelde.
mijn vraag is kan ik mijn outlook vast zetten zodat hij gewoon op de vaste grote blijft staan als dit kan hoe moet ik het dan doen?

ook wil ik graag mijn werkbalk van outlook instellen met diverse mogelijkheden.

ik hoop dat ik dit bericht in de goede discussie heeft geplaatst
en hoop dat iemand mij hiermee kan. wil helpen
gr jan,

Windows Media Player 12 installeren windows 7 starter

jeke — Sat, 12 May 2012 15:06:55 GMT

Ik heb windows mediaplayer 12 verwijderd hoe kan ik deze terug installeren in windows 7 starter ?

Alvast bedankt

beveiligde omgeving met rood kruis en rode tekst

Peter1 — Sat, 12 May 2012 14:52:12 GMT

Dag allemaal!
Sinds 1 dag krijg ik bij het via Favorieten (ik gebruik XP Pro SP#) inloggen naar een banksite de melding, zowel bij I.E als by Chrome een rood kruis door het beveiligingsslotje en een rode streep door de eveneens rode tekst van HTPPS
Wanneer ik gewoon via de browser naar de bladzijde ga, geen probleem. Mijn conclusie is dat er een phishing- dan wel malware programma actief is op mijn harde schijf? Ik heb alles schoongemaakt bij I.E. en ook een scan (AVG 2012) gedraaid, maar geen fouten gevonden. Wat te doen? Heeft iemand hier al een ervaring mee gehad?:@

You Tube W7

hels — Sat, 12 May 2012 14:12:15 GMT

Hallo Nucia,

Tot vandaag kon ik op mijn buroblad via de snelkoppeling naar You Tube
overschakelen.
Nu is er een probleem.

Kan deze internetsnelkoppeling niet openen.
Aan het protocol http is geen geregistreerd programma gekoppeld.

Hoe moet ik dit probleem nu oplossen?
Alvast hartelijk dank.
Groet,
hels

Folder Lock

Mark1994 — Sat, 12 May 2012 14:09:17 GMT

....

Installatieprobleem XP

Prutser — Sat, 12 May 2012 13:44:22 GMT

Ik heb een pc waarvan de HD gecrashed was deze vervangen (80GB SATA). Als ik XP opnieuw wil installeren ziet de installatie de HD niet. Elke actie verder geeft een "paniek"-scherm.
Controle met de Hiren Boot CD geeft aan dat ik de C schijf kan partitioneren en formatteren. De mini XP geeft wel de C-schijf aan.
Installatie vanuit dit mini XP als nieuwe installatie geeft een steeds terugkerende cyclus. In het welkomst scherm van de installatie geeft een systeemcontrole geen probleem, maar na starten van installatie en het invoeren van de productcode, welke ok is, keert de procedure steeds weer terug naar dit welkomstscherm.
Als ik via USB een SSD aansluit dan wordt deze wel gezien als een partitie waar XP ge�nstalleerd kan worden, maar geen C schijf
Ik mis schijnbaar iets, maar weet niet wat. Kan iemand een helpende hand reiken?

Beeld verschoven, plakkend lettertype

m.knollema36 — Sat, 12 May 2012 12:29:31 GMT

Hallo,

Na de Update installatie van Windows (als je de computer uitzet gaat hij die installeren), is mijn gehele beeldscherm naar links geschoven en heb ik een raar lettertype met afwisselend dikke en dunne letters, virus?????:conf:

Warnings Avira Free

atwee — Sat, 12 May 2012 09:25:16 GMT

Na een scan met Avira Free Antivirus verschijnt in het resultaat daarvan, altijd een aantal "Warnings". Geen virusmeldingen dus. Ik houd wel van een scanner die meldingen en opmerkingen geeft; zo weet ik tenminste dat het iets doet!

Maar wat word ik verondersteld te doen met een waarschuwing als deze bijvoorbeeld:

Citaat:

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\SV_1.1.12.1[1].wcx
[WARNING] Invalid end of file

Sportief en prachtig

atwee — Sat, 12 May 2012 08:16:04 GMT

Record op golf van 24 meter hoog!:conf:

streams niet af te spelen

jeke — Sat, 12 May 2012 06:59:47 GMT

Op mijn notebook met windows 7 starter kan ik deze streams niet afspelen

http://streams.lazerhothits.com/listen.pls (stream for example Winamp)

http://streams.lazerhothits.com/lazerretro.asx (stream for example Windows Media Player)

Ik heb mijn vraag op hun forum gesteld en zij zeggen dat ze wel beide werken in mindows mediaplayer lukt het niet ik heb mediaplayer al verwijderd en opnieuw geprobeerd maar zonder resultaat. Ook het alternatief geprobeerd met winamp daar ook niet af te spelen.

Kan er iemand na kijken als deze streams bij jullie werken ?
Alast bedankt

Emsisoft Newsletter

Pinda — Fri, 11 May 2012 22:32:52 GMT

Ik wil niet als een zeur ofzo overkomen , maar ik las laatst de recente newsletter van Emsisoft.

En daar staat dat Emsisoft groeit en groter wordt , dat is heel mooi om te horen.

Maar er staat van '' thanks to our loyal customers ''

Maar moeten ze niet ook de '' gebruikers '' bedanken ?

Die bijvoorbeeld EAM Free of OA Free gebruiken ?

Van gebruikers krijgen ze toch ook data , wat slecht is , wat goed is , en feedback over bugs etc ?

Of zit ik hier verkeerd , dan correct mij.

Vriendelijke Groet.

Druk kruispunt?

pederoco — Fri, 11 May 2012 22:08:11 GMT

http://vimeo.com/24572222

Iexplore traag, vastlopers 'Internet Explorer werkt niet meer'

maaikie0 — Fri, 11 May 2012 21:04:41 GMT

Beste mensen,

Ik hoop dat jullie mij kunnen helpen.... :(

Mijn internet explorer 9 loopt continu vast ('Internet Explorer werkt niet meer') en als ie niet vastloopt, is ie vreselijk traag. Ik heb er zelf verder geen verstand van, maar misschien dat iemand mij kan helpen?

-------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 22:34:47, on 11-5-2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\OEM02Mon.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\maaike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\32MTEK69\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://igoogle.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1120/Navigram.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

Kwetsbaarheden in Safari verholpen met updates

pascal247 — Fri, 11 May 2012 19:53:45 GMT

Kwetsbaarheden in Safari verholpen met updates

Waarschuwing voor:

Programma: Apple Safari
Versie: eerder dan 5.1.7
Besturingssysteem: Apple Mac OS X. Microsoft Windows, linux
Alert ID: WD-2012-044
Gepubliceerd via: Website
Datum laatste wijziging: 11 Mei 2012

Korte omschrijving
Apple heeft een nieuwe versie van de internetbrowser Safari uitgebracht (versie 5.1.7) voor Apple Mac OS X en Microsoft Windows. Deze nieuwe versie verhelpt meerdere kwetsbaarheden. Waarschuwingsdienst.nl adviseert je deze nieuwe versie te downloaden en te installeren.

Hoe los ik het op?
Je verhelpt de kwetsbaarheden door de update van Apple te installeren.

Automatisch (alleen voor gebruikers van Apple Mac OS X)

Zet de automatische update aan op je Mac. Er is een artikel "Software Update" beschikbaar met meer informatie over het activeren van automatische updates op je Mac.

Handmatig

Je kunt de nieuwste versie van Safari handmatig downloaden en installeren vanaf
http://www.apple.com/safari/download/.

Loopt mijn computer risico?

Je computer loopt risico als je een versie van Safari gebruikt die ouder is dan 5.1.7.

Wat kan er gebeuren?
Een aanvaller kan via het misbruiken van de beveiligingslekken de controle krijgen over je computer. Zo is het mogelijk dat:

Persoonlijke gegevens, zoals wachtwoorden of creditcardgegevens, in handen van kwaadwillenden komen.
Essenti�le computerbestanden worden verwijderd, waardoor je computer niet meer werkt.
Bestanden worden herschreven, waardoor deze niet meer bruikbaar zijn.
Je computer wordt ingezet bij aanvallen gericht op andere computers op internet zonder dat je dit merkt (zie hiervoor ook de botnetfilm van Waarschuwingsdienst.nl).
Je computer wordt gebruikt voor het versturen van spam zonder dat je dit merkt.
Opnamemogelijkheden voor geluid of beeld (je webcam) zonder dat je het merkt van buitenaf worden aangezet en bediend. Jij, je huisgenoten en je eigendommen kunnen zo ongemerkt afgeluisterd of bekeken worden door iemand van buiten.

Waar vind ik meer informatie?
Meer informatie is te vinden op de Apple support website:
http://support.apple.com/kb/HT5282

Waarschuwingsdienst.nl

Apple Mac OS X update verhelpt diverse kwetsbaarheden

pascal247 — Fri, 11 May 2012 19:50:14 GMT

Apple Mac OS X update verhelpt diverse kwetsbaarheden

Waarschuwing voor:
Programma: Apple Mac OS X
Versie:

eerder dan OS X Lion 10.7.4

Besturingssysteem:

Apple Mac OS X

Alert ID: WD-2012-043
Gepubliceerd via: Website
Datum laatste wijziging: 10 Mei 2012

Korte omschrijving
Apple heeft een update beschikbaar gesteld voor Mac OS X. Deze beveiligingsupdate (2012-002) verhelpt diverse kwetsbaarheden in Mac OS X. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken om op afstand willekeurige code uit te voeren op kwetsbare systemen of kwetsbare systemen te laten crashen. Wij adviseren deze update te installeren.
Naar

Hoe los ik het op?
U verhelpt de kwetsbaarheden door de update van Apple te installeren. U kunt de update handmatig downloaden en installeren vanaf http://support.apple.com/downloads/ ofhttp://support.apple.com/kb/HT1222.

Loopt mijn computer risico?
Uw computer loopt een risico als u gebruik maakt van Apple OS X Lion met een versie lager dan 10.7.4

Wat kan er gebeuren?
Een aanvaller kan via het misbruiken van de beveiligingslekken de controle krijgen over je computer. Zo is het mogelijk dat:

Persoonlijke gegevens, zoals wachtwoorden of creditcardgegevens, in handen van kwaadwillenden komen.
Essenti�le computerbestanden worden verwijderd, waardoor je computer niet meer werkt.
Bestanden worden herschreven, waardoor deze niet meer bruikbaar zijn.
Je computer wordt ingezet bij aanvallen gericht op andere computers op internet zonder dat je dit merkt (zie hiervoor ook de botnetfilm van Waarschuwingsdienst.nl).
Je computer wordt gebruikt voor het versturen van spam zonder dat je dit merkt.
Opnamemogelijkheden voor geluid of beeld (je webcam) zonder dat je het merkt van buitenaf worden aangezet en bediend. Jij, je huisgenoten en je eigendommen kunnen zo ongemerkt afgeluisterd of bekeken worden door iemand van buiten.

Waar vind ik meer informatie?
Meer informatie is te vinden op de Apple support website:
http://support.apple.com/kb/HT5281

Waarschuwingsdienst.nl