Mededeling

Collapse
No announcement yet.

PC opstarten duurt 10 minuten

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • PC opstarten duurt 10 minuten

    Hallo,

    het opstarten van de PC gaat heel erg langzaam. Het duurt ongeveer 10 minuten. De blauwe blokjes lopen heel erg langzaam en staan af en toe stil.

    als PC opgetsart is gaat het IE opstarten ook erg langzaam

    Zie hieronder voor logfile

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:22:06, on 14-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\VdCap03C\StillMnt.exe
    C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Zinio\ZinioDeliveryManager.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Microsoft Office\Office\1043\msoffice.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [StillMnt] WCamRmv.exe /StartStillMnt
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [AntiSpywareBot] C:\Program Files\AntiSpywareBot\AntiSpywareBot.exe -boot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZinioDeliveryManager.exe /autostart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2FE68711-8830-417D-95E0-EAB307DB0447} (mpsPwLc7.PMWebSiteLogin) - https://icgprolog.ch2m.com/mpsPwLc7.CAB
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://partyflock.nl/components/ImageUploader4.cab
    O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://85.37.179.106/activex/AMC.cab
    O16 - DPF: {773373E5-DD6A-40EB-9ED3-B16FB47F316A} (FileMgt.FileMgtCtrl) - https://icgprolog.ch2m.com/FileMgt.CAB
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://partyflock.nl/components/ImageUploader3.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://cam-cityhall1.delft.nl/activex/AMC.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 8391 bytes


    Wie weet wat er aan de hand is?

  • #2
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Download ATF cleaner (gemaakt door Atribune)
    Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij Select All.
    Klik op de knop Empty Selected.

    Het volgende doen als je ook FireFox als browser hebt:
    Klik op tabblad "Firefox", plaats een vinkje bij Select All.
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords")
    Klik op de knop Empty Selected.

    Het volgende doen als je ook Opera als browser hebt:
    Klik op tabblad "Opera", plaats een vinkje bij Select All.
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop Empty Selected.
    Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

    Download Malwarebytes' Anti-Malware op je bureaublad.
    Dubbelklik mbam-setup.exe en kies voor "Next" om de tool te installeren.
    Als de installatie voltooid is zet je vinkjes bij "Update MalwareBytes' Anti-Malware" en bij "Launch MalwareBytes' Anti-Malware".
    Druk daarna op "Finish".
    Kies in het hoofdscherm voor de tab "Scanner" en selecteer het keuzerondje "Perform full scan".
    Druk op de knop "Scan" en zorg dat al je harde schijven/partities aangevinkt staan.
    Druk dan op de knop "Start Scan".
    Wanneer de scan voltooid is klik je op OK, daarna op "Show Results" om de resultaten te zien.
    Zorg ervoor dat alles aangevinkt is, klik daarna op "Remove Selected".
    Als het programma je computer wil laten herstarten, sta je dit toe.
    Daarna opent een logje(mbam-log-XX-XX-XXXX(xx-xx-xx).txt)
    Post deze log in je volgende bericht.

    start sowieso opnieuw op en plaats ook een nieuw hjt logje aub.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Ik heb de gevolgende instructies uitgevoerd. Het opstartgedrag lijkt weer normaal.

      Het hjt logje

      Logfile of HijackThis v1.99.1
      Scan saved at 11:18:03, on 20-4-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16640)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
      C:\WINDOWS\VdCap03C\StillMnt.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
      C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
      C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Microsoft Office\Office\1043\msoffice.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Documents and Settings\xxxxxx xxxxxxx\Mijn documenten\Mijn documenten\AOB\hijackthis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
      O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [StillMnt] WCamRmv.exe /StartStillMnt
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [AntiSpywareBot] C:\Program Files\AntiSpywareBot\AntiSpywareBot.exe -boot
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {2FE68711-8830-417D-95E0-EAB307DB0447} (mpsPwLc7.PMWebSiteLogin) - https://icgprolog.ch2m.com/mpsPwLc7.CAB
      O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
      O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://partyflock.nl/components/ImageUploader4.cab
      O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://85.37.179.106/activex/AMC.cab
      O16 - DPF: {773373E5-DD6A-40EB-9ED3-B16FB47F316A} (FileMgt.FileMgtCtrl) - https://icgprolog.ch2m.com/FileMgt.CAB
      O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://partyflock.nl/components/ImageUploader3.cab
      O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://cam-cityhall1.delft.nl/activex/AMC.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

      Het mbam logje:
      Malwarebytes' Anti-Malware 1.11
      Database versie: 660

      Scan type: Volledige Scan (C:\|)
      Objecten gescand: 115416
      Verstreken tijd: 1 hour(s), 23 minute(s), 19 second(s)

      Geheugenprocessen geïnfecteerd: 0
      Geheugenmodulen geïnfecteerd: 0
      Registersleutels geïnfecteerd: 4
      Registerwaarden geïnfecteerd: 0
      Registerdata bestanden geïnfecteerd: 0
      Mappen geïnfecteerd: 4
      Bestanden geïnfecteerd: 3

      Geheugenprocessen geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Geheugenmodulen geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Registersleutels geïnfecteerd:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Registry Defender (Rogue.Registry.Defender) -> Quarantined and deleted successfully.

      Registerwaarden geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Registerdata bestanden geïnfecteerd:
      (Geen kwaadaardige items gevonden)

      Mappen geïnfecteerd:
      C:\Program Files\Registry Defender (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
      C:\Program Files\Registry Defender\backup (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\xxxxxx xxxxxxxx\Application Data\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
      C:\Documents and Settings\xxxxxx xxxxxxxx\Application Data\DriveCleaner 2006 Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

      Bestanden geïnfecteerd:
      C:\Program Files\Registry Defender\report.csv (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
      C:\Program Files\Registry Defender\backup\12-4-2007.reg (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\xxxxxx xxxxxxxx\Application Data\DriveCleaner 2006 Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.



      zoals gezegd lijkt het probleem opgelost
      Alvast bedankt

      Comment


      • #4
        wil je even een logje maken met de juiste versie van hjt aub.

        * Download Trend Micro Hijack This™
        Dubbelklik HJTInstall.exe om HijackThis te installeren.
        Standaard zal HijackThis in de Program Files\Trendmicro map geïnstalleerd worden en een snelkoppeling zal op je bureaublad komen te staan.
        HijackThis zal openen na het installeren.
        Klik de Scan knop onderaan.
        Dit zal de scan starten en een log openen.
        Kopieer en plak deze log in je volgende post.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Het logje

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 20:37:48, on 20-4-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16640)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
          C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\iPod\bin\iPodService.exe
          C:\Program Files\MSN Messenger\usnsvc.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
          C:\WINDOWS\SOUNDMAN.EXE
          C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
          C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
          C:\WINDOWS\VdCap03C\StillMnt.exe
          C:\Program Files\iTunes\iTunesHelper.exe
          C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
          C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
          C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
          C:\Program Files\Microsoft Office\Office\1043\msoffice.exe
          C:\Program Files\internet explorer\iexplore.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
          O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
          O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
          O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
          O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
          O4 - HKLM\..\Run: [StillMnt] WCamRmv.exe /StartStillMnt
          O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
          O4 - HKLM\..\Run: [AntiSpywareBot] C:\Program Files\AntiSpywareBot\AntiSpywareBot.exe -boot
          O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
          O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
          O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-21-1244572991-1417066420-3376078148-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Kim Jonkers')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
          O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
          O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
          O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
          O16 - DPF: {2FE68711-8830-417D-95E0-EAB307DB0447} (mpsPwLc7.PMWebSiteLogin) - https://icgprolog.ch2m.com/mpsPwLc7.CAB
          O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
          O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
          O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://partyflock.nl/components/ImageUploader4.cab
          O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://85.37.179.106/activex/AMC.cab
          O16 - DPF: {773373E5-DD6A-40EB-9ED3-B16FB47F316A} (FileMgt.FileMgtCtrl) - https://icgprolog.ch2m.com/FileMgt.CAB
          O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://partyflock.nl/components/ImageUploader3.cab
          O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
          O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
          O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
          O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
          O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://cam-cityhall1.delft.nl/activex/AMC.cab
          O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
          O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
          O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
          O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

          --
          End of file - 8471 bytes

          Comment


          • #6
            Start Hijackthis op en kies voor 'Do a system scan only'
            Selecteer alleen de items die hieronder zijn genoemd:

            R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
            O4 - HKLM\..\Run: [AntiSpywareBot] C:\Program Files\AntiSpywareBot\AntiSpywareBot.exe -boot

            Klik op 'Fix checked' om de items te verwijderen.


            Download Malwarebytes' Anti-Malware via hier of hier.

            Dubbelklik mbam-setup.exe om het programma te installeren.
            • Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Launch Malwarebytes' Anti-Malware, Klik daarna op "finish".
            • Indien een update gevonden werd, zal het die downloaden en de laatste versie installeren.
            • Wanneer het programma volledig up to date is, selecteer "Perform Quick Scan", daarna klik Scan.
            • Het scannen kan een tijdje duren, dus wees geduldig.
            • Wanneer de scan voltooid is, klik OK, daarna "Show Results" om de resultaten te zien.
            • Zorg ervoor dat daar alles aangevinkt is, daarna klik: Remove Selected.
            • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie extra nota onderaan)
            • De log wordt automatisch bewaard door MBAM die je kan zien door de "Logs" tab te klikken in MBAM.
            • Kopieer en plak de resultaten van de log in je volgend antwoord, samen met een nieuw HijackThislog.

            Extra opmerking:
            Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.
            Herstart de computer en plaats ook een nieuw HJT logje

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Hieronder de 2 logjes:

              Malwarebytes' Anti-Malware 1.11
              Database versie: 677

              Scan type: Snelle Scan
              Objecten gescand: 51968
              Verstreken tijd: 26 minute(s), 44 second(s)

              Geheugenprocessen geïnfecteerd: 0
              Geheugenmodulen geïnfecteerd: 0
              Registersleutels geïnfecteerd: 0
              Registerwaarden geïnfecteerd: 0
              Registerdata bestanden geïnfecteerd: 0
              Mappen geïnfecteerd: 0
              Bestanden geïnfecteerd: 0

              Geheugenprocessen geïnfecteerd:
              (Geen kwaadaardige items gevonden)

              Geheugenmodulen geïnfecteerd:
              (Geen kwaadaardige items gevonden)

              Registersleutels geïnfecteerd:
              (Geen kwaadaardige items gevonden)

              Registerwaarden geïnfecteerd:
              (Geen kwaadaardige items gevonden)

              Registerdata bestanden geïnfecteerd:
              (Geen kwaadaardige items gevonden)

              Mappen geïnfecteerd:
              (Geen kwaadaardige items gevonden)

              Bestanden geïnfecteerd:
              (Geen kwaadaardige items gevonden)





              Logfile of Trend Micro HijackThis v2.0.2
              Scan saved at 22:18:38, on 24-4-2008
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              MSIE: Internet Explorer v7.00 (7.00.6000.16640)
              Boot mode: Normal

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\System32\svchost.exe
              C:\WINDOWS\system32\spoolsv.exe
              C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
              C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\Explorer.EXE
              C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
              C:\WINDOWS\SOUNDMAN.EXE
              C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
              C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
              C:\WINDOWS\VdCap03C\StillMnt.exe
              C:\Program Files\iTunes\iTunesHelper.exe
              C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
              C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
              C:\Program Files\iPod\bin\iPodService.exe
              C:\Program Files\Microsoft Office\Office\1043\msoffice.exe
              C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
              C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
              C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
              C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
              O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
              O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
              O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
              O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
              O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
              O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
              O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
              O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
              O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
              O4 - HKLM\..\Run: [StillMnt] WCamRmv.exe /StartStillMnt
              O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
              O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
              O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
              O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
              O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
              O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
              O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
              O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
              O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
              O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
              O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
              O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
              O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
              O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
              O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
              O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
              O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
              O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
              O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
              O16 - DPF: {2FE68711-8830-417D-95E0-EAB307DB0447} (mpsPwLc7.PMWebSiteLogin) - https://icgprolog.ch2m.com/mpsPwLc7.CAB
              O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
              O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
              O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://partyflock.nl/components/ImageUploader4.cab
              O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://85.37.179.106/activex/AMC.cab
              O16 - DPF: {773373E5-DD6A-40EB-9ED3-B16FB47F316A} (FileMgt.FileMgtCtrl) - https://icgprolog.ch2m.com/FileMgt.CAB
              O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://partyflock.nl/components/ImageUploader3.cab
              O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
              O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
              O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
              O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
              O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
              O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://cam-cityhall1.delft.nl/activex/AMC.cab
              O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
              O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
              O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
              O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
              O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
              O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

              --
              End of file - 8020 bytes

              Comment

              Sorry, you are not authorized to view this page
              Working...
              X