Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Tool voor computeractiviteiten + hjt log

None
17 antwoorden
  • Hallo,

    Kan iemand me helpen aan een tool waardoor ik kan zien wat de computer aan het doen is?
    Bij het opstarten zit ik nog steeds met hetzelfde probleem: traaaaag.
    Ook als ie klaar is, is hij vanalles aan het doen. Op een gegeven moment loopt hij vast en doet ie niets meer. Ik zou graag weten wat het systeem aan het doen is. Misschien kan ik wel een aantal dingen uitschakelen of weggooien die ik niet nodig heb. Of erger nog, misschien loopt er een virus mee.
    Wie kan me helpen?
    Kan het ook liggen aan een volgelopen register door downlaoden van muziek? En waar kan ik dit zien of testen?
  • Denk toch eerder aan een of andere besmetting. MBAM en hijackthis draaien en hier de logs plaatsen.
  • Beste Gerben,

    Hieronder de HJT en MBAM (als ik het goed gedaan heb ontmoet snelle scan)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:43:53, op 6.10.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C: \ WINDOWS \ System32 \ smss.exe
    C: \ WINDOWS \ system32 \ winlogon.exe
    C: \ WINDOWS \ system32 \ services.exe
    C: \ WINDOWS \ system32 \ lsass.exe
    C: \ WINDOWS \ system32 \ Ati2evxx.exe
    C: \ WINDOWS \ system32 \ svchost.exe
    C: \ WINDOWS \ System32 \ svchost.exe
    C: \ WINDOWS \ system32 \ Ati2evxx.exe
    C: \ WINDOWS \ system32 \ svchost.exe
    C: \ WINDOWS \ explorer.exe
    C: \ WINDOWS \ system32 \ spoolsv.exe
    C: \ Program Files \ QuickTime \ qttask.exe
    C: \ Program Files \ Mouse Driver \ StartAutorun.exe
    C: \ Program Files \ Mouse Driver \ KMConfig.exe
    C: \ Program Files \ Sony \ Content Transfer \ ContentTransferWMDetector.exe
    C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
    C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
    C: \ WINDOWS \ system32 \ ctfmon.exe
    C: \ Program Files \ OLYMPUS \ OLYMPUS Master 2 \ MMonitor.exe
    C: \ Program Files \ Nokia \ Nokia PC Suite 7 \ PCSuite.exe
    C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
    C: \ Program Files \ Picasa2 \ TeaTimer.exe
    C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
    C: \ Program Files \ Mouse Driver \ KMProcess.exe
    C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqgalry.exe
    C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe
    C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
    C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
    C: \ Program Files \ Mouse Driver \ KMWDSrv.exe
    C: \ Program Files \ Common Files \ Microsoft Shared \ VS7Debug \ Mdm.exe
    C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsDeviceConnect.exe
    C: \ WINDOWS \ system32 \ svchost.exe
    C: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
    C: \ Program Files \ PC Connectivity Solution \ Transports \ NclUSBSrv.exe
    C: \ Program Files \ PC Connectivity Solution \ Transports \ NclRSSrv.exe
    C: \ Program Files \ Internet Explorer \ iexplore.exe
    C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ klwtblfs.exe
    C: \ WINDOWS \ system32 \ wuauclt.exe
    C: \ Program Files \ Outlook Express \ msimn.exe
    C: \ HijackThis \ HijackThis.exe

    R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.limburger.nl/
    R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Koppelingen
    O2 - BHO: (no name) - Software - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll (file missing)
    O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
    O2 - BHO: IEVkbdBHO - (59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ ievkbd.dll
    O2 - BHO: Windows Live Aanmelden - Help - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.3.4501.1418 \ swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - (C451C08A-EC37-45DF-AAAD-18B51AB5E837) - C: \ Program Files \ PDFCreator Toolbar \ v3.3.0.1 \ PDFCreator_Toolbar.dll
    O2 - BHO: Google Dictionary Compressie sdch - (C84D72FE-E17D-4195-BB24-76C02E2E7C4E) - C: \ Program Files \ Google \ Google Toolbar \ Component \ fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java ™ Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
    O2 - BHO: link filter bho - (E33CF602-D945-461A-83F0-819F76A199F8) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ klwtbbho.dll
    O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implementeren \ jqs \ ie \ jqs_plugin.dll
    O3 - Toolbar: PDFCreator Toolbar - (31CF9EBE-5755-4A1D-AC25-2834D952D9B4) - "C: \ Program Files \ PDFCreator Toolbar \ v3.3.0.1 \ PDFCreator_Toolbar.dll
    O3 - Toolbar: Google Toolbar - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar_32.dll
    O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ ctfmon.exe
    O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
    O4 - HKLM \ .. \ Run: [OM2_Monitor] "C: \ Program Files \ OLYMPUS \ OLYMPUS Master 2 \ FirstStart.exe" / OM
    O4 - HKLM \ .. \ Run: [KMCONFIG] "C: \ Program Files \ Mouse Driver \ StartAutorun.exe KMConfig.exe
    O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NeroCheck.exe
    O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
    O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ ctfmon.exe
    O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ winampa.exe"
    O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ avp.exe"
    O4 - HKLM \ .. \ Run: [ContentTransferWMDetector.exe] "C: \ Program Files \ Sony \ Content Transfer \ ContentTransferWMDetector.exe
    O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
    O4 - HKLM \ .. \ Run: [Malwarebytes 'Anti-Malware] "C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / install / silent
    O4 - HKLM \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ ctfmon.exe
    O4 - HKLM \ .. \ Run: [OM2_Monitor] "C: \ Program Files \ OLYMPUS \ OLYMPUS Master 2 \ MMonitor.exe"
    O4 - HKLM \ .. \ Run: [PC Suite Tray] "C: \ Program Files \ Nokia \ Nokia PC Suite 7 \ PCSuite.exe"-onlytray
    O4 - HKLM \ .. \ Run: [MsnMsgr] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe"
    O4 - HKLM \ .. \ Run: [Picasa Media Detector] "C: \ Program Files \ Picasa2 \ TeaTimer.exe
    O4 - HKUS \ S-1-5-19 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Lokale service')
    O4 - HKUS \ S-1-5-20 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'SYSTEEM')
    O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ Reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office10 \ Osa.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqthb08.exe
    O8 - Extra context menu item: E & xporteren naar Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
    O9 - Extra button: (no name) - Software - (no file)
    O9 - Extra button: & Virtueel toetsenbord - (4248FE82-7FCB-46AC-B270-339F08212110) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ klwtbbho.dll
    O9 - Extra button: Internetadressen c & ontrole - (CCF151D8-D089-449F-A5A4-D9909053F20F) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ klwtbbho.dll
    O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
    O15 - Trusted Zone: http://office.microsoft.com
    O16 - DPF: (34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE) (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
    O16 - DPF: (474F00F5-3853-492C-AC3A-476512BBC336) (UploadListView Class) - http://picasaweb.google.com/s/v/34.09/uploader2.cab
    O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3
    esources/MSNPUpld.cab
    O16 - DPF: (9191F686-7F0A-441D-8A98-2FE3AC1BD913) (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: (E5F5D008-DD2C-4D32-977D-1A0ADF03058B) (JuniperSetupSP1 Control) - https: / / remote.mgl.nl/dana-cached/setup/JuniperSetupSP1.cab
    O20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ KASPER ~ 1 \ KASPER ~ 1 \ mzvkbd3.dll
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ avp.exe
    O23 - Service: Google UpdateService (gupdate1c98edeac81d5e6) (gupdate1c98edeac81d5e6) - Google Inc - C: \ Program Files \ Google \ Update \ GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C: \ Program Files \ Mouse Driver \ KMWDSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
    O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsDeviceConnect.exe
    O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
    O23 - Service: - Nokia. - C: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe


    End of file - 9666 bytes



    Malwarebytes 'Anti-Malware 1.41
    Database versie: 2914
    Windows 5.1.2600 Service Pack 2

    6-10-2009 13:40:56
    mbam-log-2009-10-06 (13-40-37). txt

    Scan type: Snelle Scan
    Objecten gescand: 113819
    Verstreken tijd: 12 minute (s), 46 second (s),

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 1
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 1

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Image File Execution Options \ install.exe (Trojan.FakeAlert) -> No action taken.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    C: \ install.exe (Trojan.FakeAlert) -> No action taken.


    Ik zie hierboven DAT er 1 bestand met Trojan.Agent Geïnfecteerd is, Terwijl op het scherm er nog een bestand bij staat C: \ install.exe. Deze is ook voldaan Trojan.Agent Geïnfecteerd maar komt niet in het raport voor.
    Wat kan dit zijn?
  • Wat je met mbam vindt, kun je sowieso laten verwijderen. Wacht voor kommentaar op de hijackthis log even op een specialist.
  • Ik heb de Registry Mechanic van PC Tools laten draaien. Deze vind 421 fouten in het register.
    Dat is volgens mij heel veel. Wordt de computer daar zo traag van.
    Het zijn allemaal sleutels waar ik niets aan durf te veranderen.
    Bovendien scant deze Registry Mechanic gratis maar als je wil herstellen dan moet je volgens mij registreren en betalen?

    Wie heeft hier ervaring mee.
  • Registry cleaners hebben iha bar weinig resultaat, en kunnen bovendien je systeem om zeep helpen. Heb je mbam die trojan al laten verwijderen?
  • Ja, die Trojan.Agent heb ik verwijderd.
    Helaas heeft dit nog geen resultaat. Het systeem wordt niet sneller.
    Het is zelfs zo dat bij de updates van Kaspersky het systeem blijft hangen.
  • Hallo smold037, Gerben heeft mij laten weten, dat hier enig werk blijft liggen.


    Analyze van je log laat zien, dat er schijnbaar echt wel het een en ander verkeerd is.

    Maar waarom is jouw XP nog niet naar XP SP3 opgewqardeerd?


    Ik acht de problemen van dien aard, dat ik je aanraad [b:dc0dba8837]om Combofix jouw Windows te laten scannen[/b:dc0dba8837] (klik).

    [b:dc0dba8837]Hoe Combofix goed te gebruiken[/b:dc0dba8837] (klik)

    [b:dc0dba8837]Aanvulling: om Combofix te kunnen gebruiken geldt het volgende:[/b:dc0dba8837]

    [b:dc0dba8837]- er mogen geen webbrowsers openstaan
    - antivirus moet geheel gedeaktiveerd zijn
    - actieve mal- en spywarescanners moeten gedeaktiveerd zijn.[/b:dc0dba8837]

    Niet in het actieve Combofixvnster klikken – dit zal Combofix doen bevriezen!

    Combofix sluit de internet verbinding – probeer deze tussentijds niet te herstellen!


    Indien de Recovery Console niet geïnstalleerd is,
    dan wordt je gevraagd om dit alsnog te doen door op 'JA' te klikken in het "Query - Recovery Console" venster.
    Klik daarom op 'OK' en 'Ja' om automatisch de Recovery Console te laten installeren.
    Klik na afloop hiervan wederom op 'Ja', om het scannen op malware te starten.


    De recovery Console maakt het makkelijker problemen op te lossen, indien Windows om de een of andere reden opstartproblemen heeft!

    [b:dc0dba8837]Hier vindt je gegevens hoe antivirus te deaktiveren[/b:dc0dba8837] (klik)
  • Hallo Abraham,

    Wat is het voordeel van XP3?
    Wat gebeurt er op het systeem? Moet ik alles opnieuw installeren?


    Hieronder de log van Combofix. Kun je hier iets uit herleiden?

    ComboFix 09-10-08.04 - Smolders 09-10-2009 17:23.3.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.1023.552 [GMT 2:00]
    Gestart vanuit: d:\mijn documenten\Downlaods\ComboFix.exe
    AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    C:\kmd.exe
    c:\windows\system32\kmd.exe
    d:\mijn documenten\ZbThumbnail.info

    —– BITS: Mogelijk geïnfecteerde sites —–

    hxxp://au.download.windowsupdate.coj+|Cv+@J:NGD_DQ{ztHG.Xn?J7
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2009-09-09 to 2009-10-09 ))))))))))))))))))))))))))))))
    .

    2009-10-08 21:38 . 2009-10-09 14:58 ——– d–h–r- c:\documents and settings\Smolders\Onlangs geopend
    2009-10-06 12:40 . 2009-10-06 12:40 242 —-a-w- c:\documents and settings\Smolders
    eoteris_write_7461949.reg
    2009-10-06 11:25 . 2009-10-06 11:25 ——– d—–w- c:\documents and settings\Smolders\Application Data\Malwarebytes
    2009-10-06 11:25 . 2009-09-10 12:54 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-10-06 11:25 . 2009-10-06 11:25 ——– d—–w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-10-06 11:24 . 2009-10-06 12:08 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2009-10-06 11:24 . 2009-09-10 12:53 19160 —-a-w- c:\windows\system32\drivers\mbam.sys
    2009-09-25 07:32 . 2008-06-19 15:24 28544 —-a-w- c:\windows\system32\drivers\pavboot.sys
    2009-09-25 07:32 . 2009-09-25 07:32 ——– d—–w- c:\program files\Panda Security
    2009-09-20 08:57 . 2009-10-07 21:45 ——– d—a-w- c:\documents and settings\All Users\Application Data\TEMP

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-10-09 14:47 . 2007-12-22 21:53 ——– d—–w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
    2009-10-09 08:27 . 2008-02-21 20:55 ——– d—–w- c:\documents and settings\All Users\Application Data\Juniper Networks
    2009-10-09 08:26 . 2008-02-21 20:55 ——– d—–w- c:\documents and settings\Smolders\Application Data\Juniper Networks
    2009-10-08 17:07 . 2008-07-04 21:43 ——– d—–w- c:\documents and settings\All Users\Application Data\Google Updater
    2009-09-25 14:56 . 2007-12-07 20:35 26672 —-a-w- c:\documents and settings\Smolders\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-09-22 16:44 . 2007-12-22 21:53 95259 —-a-w- c:\windows\system32\drivers\klick.dat
    2009-09-22 16:44 . 2007-12-22 21:53 107547 —-a-w- c:\windows\system32\drivers\klin.dat
    2009-09-09 22:34 . 2008-01-26 19:21 ——– d—–w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-08-27 07:18 . 2008-06-25 21:17 ——– d—–w- c:\program files\Java
    2009-08-18 15:46 . 2009-08-18 15:46 ——– d—–w- c:\documents and settings\Smolders\Application Data\Sony Corporation
    2009-08-18 15:46 . 2009-08-18 15:46 ——– d—–w- c:\program files\Common Files\Sony Shared
    2009-08-18 15:46 . 2009-08-18 15:46 ——– d—–w- c:\program files\Sony
    2009-08-18 15:45 . 2009-08-18 15:45 ——– d—–w- c:\program files\MSXML 6.0
    2009-08-06 17:24 . 2007-12-07 12:22 327896 —-a-w- c:\windows\system32\wucltui.dll
    2009-08-06 17:24 . 2007-12-07 12:22 209632 —-a-w- c:\windows\system32\wuweb.dll
    2009-08-06 17:24 . 2007-12-07 12:22 35552 —-a-w- c:\windows\system32\wups.dll
    2009-08-06 17:24 . 2007-07-30 18:19 44768 —-a-w- c:\windows\system32\wups2.dll
    2009-08-06 17:24 . 2007-12-07 12:22 53472 —-a-w- c:\windows\system32\wuauclt.exe
    2009-08-06 17:24 . 2004-08-03 23:03 96480 —-a-w- c:\windows\system32\cdm.dll
    2009-08-06 17:23 . 2007-12-07 12:22 575704 —-a-w- c:\windows\system32\wuapi.dll
    2009-08-06 17:23 . 2007-12-09 13:05 274288 —-a-w- c:\windows\system32\mucltui.dll
    2009-08-06 17:23 . 2007-12-09 13:05 215920 —-a-w- c:\windows\system32\muweb.dll
    2009-08-06 17:23 . 2007-12-07 12:22 1929952 —-a-w- c:\windows\system32\wuaueng.dll
    2009-08-05 09:07 . 2008-08-17 21:45 205312 —-a-w- c:\windows\system32\mswebdvd.dll
    2009-07-29 04:54 . 2008-08-17 21:45 82432 —-a-w- c:\windows\system32\fontsub.dll
    2009-07-29 04:54 . 2008-08-17 21:44 119808 —-a-w- c:\windows\system32\t2embed.dll
    2009-07-26 13:23 . 2009-05-24 13:30 128016 —-a-w- c:\windows\system32\drivers\kl1.sys
    2009-07-26 11:29 . 2007-12-07 13:12 94208 —-a-w- c:\windows\DUMP39ec.tmp
    2009-07-26 11:20 . 2007-12-07 13:12 94208 —-a-w- c:\windows\DUMP4ce7.tmp
    2009-07-25 03:23 . 2008-11-23 20:18 411368 —-a-w- c:\windows\system32\deploytk.dll
    2009-07-17 19:01 . 2008-08-17 21:45 58880 —-a-w- c:\windows\system32\atl.dll
    2009-07-13 21:43 . 2004-08-03 23:03 286208 —-a-w- c:\windows\system32\wmpdxm.dll
    2008-02-13 21:42 . 2008-02-13 21:42 14960 —-a-w- c:\program files\settings.dat
    2009-07-03 10:48 . 2007-12-22 21:52 86107424 –sha-w- c:\windows\system32\drivers\fidbox.dat
    2009-07-03 10:48 . 2007-12-22 21:52 3765024 –sha-w- c:\windows\system32\drivers\fidbox2.dat
    2009-07-03 10:50 . 2009-07-03 10:50 604140 –sha-w- c:\windows\system32\drivers\ISwift3.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-02-22 95536]
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-04 68856]
    "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
    "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-02-22 54576]
    "KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-10 7311360]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-10 86016]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
    "ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-01-23 423200]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
    "avp"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-05-25 303376]
    "nwiz"="nwiz.exe" - c:\windows\system32
    wiz.exe [2005-12-10 1519616]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-10-20 113664]
    Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    Snelstart HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-4 53248]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Documents and Settings\\Smolders\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15-12-2008 20:41 33808]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [25-9-2009 9:32 28544]
    R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [20-10-2004 5:47 98304]
    R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [28-3-2008 23:19 208896]
    R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [20-10-2004 4:40 118784]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4-4-2007 15:58 31760]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16-5-2009 20:59 19472]
    S2 gupdate1c98edeac81d5e6;Google Updateservice (gupdate1c98edeac81d5e6);c:\program files\Google\Update\GoogleUpdate.exe [14-2-2009 21:58 133104]
    S3 MemStPCI;Sony PCI Memory Stick-controller (PCI);c:\windows\system32\drivers\MemStPCI.SYS [17-8-2009 0:09 26112]
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-10-09 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-04 16:08]

    2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 19:58]

    2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 19:58]

    2009-10-08 c:\windows\Tasks\HPpromotions journeysoftware.job
    - c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.limburger.nl/
    uSearch Page = hxxp://www.google.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearch Bar = hxxp://www.google.com/ie
    mDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
    Trusted Zone: microsoft.com \office
    DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
    .
    - - - - ORPHANS VERWIJDERD - - - -

    Notify-dimsntfy - (no file)



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-09 17:30
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_USERS\S-1-5-21-507921405-448539723-839522115-1004\Software\SecuROM\License information*]
    "datasecu"=hex:06,22,62,11,06,23,00,7c,47,34,4d,6e,ed,86,53,be,ad,7e,c0,72,b2,
    19,92,46,86,10,12,4e,fd,96,35,43,b6,01,73,7e,2b,44,49,06,ee,ff,f5,b9,97,99,\
    "rkeysecu"=hex:33,ba,61,e6,5d,92,18,45,ec,20,fd,2c,bc,5f,6f,86
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'winlogon.exe'(804)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(1424)
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\windows\system32\ati2evxx.exe
    c:\windows\system32\ati2evxx.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Mouse Driver\KMCONFIG.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    c:\program files\Mouse Driver\KMProcess.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    c:\windows\system32\HPZipm12.exe
    c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
    c:\windows\system32\wscntfy.exe
    c:\program files\PC Connectivity Solution\ServiceLayer.exe
    c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2009-10-09 17:36 - machine werd herstart
    ComboFix-quarantined-files.txt 2009-10-09 15:36

    Pre-Run: 61.735.993.344 bytes beschikbaar
    Post-Run: 61.692.411.904 bytes beschikbaar

    WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

    204 — E O F — 2009-10-06 17:17
  • Hallo smold, hoe is het nu met jouw Windows?
    Kan Kaspersky alweeer updaten?

    Je hebt in het verleden Panda als antivirus gehad.

    Laat de Panda Uninstaller je systeem op resten scannen: http://www.pandasecurity.com
    esources/sop/UNINSTALLER_09.exe

    Ik acht het mogelijk dat Kasprsky last heeft/had van de pandaresten.
  • Als antwoord op je vraag over wat is SP-3 - dat is het servcepack, dat enerzijds ook een systeem-update is en anderzijds je XP normaal gesproken zelfs ets sneller maakt.

    Bovenal krijg je daar een PC, die tot 2014 van updates wordt voorzien!


    http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&DisplayLang=nl
  • De update van Kaspersky blijft volgens mij niet meer steken maar duurt wel lang (ca. 5 minuten).
    Het opstarten heeft nog geen tijdwinst opgeleverd.

    Kun jij ook de HJT beoordelen. Wellicht DAT ik veel te veel programma's opstart. Kan ik deze zondermeer uitzetten in msconfig. Wat moet ik dan aanklikken?
    Normaal opstarten, Diagnostisch opstarten van Selectief opstarten?

    Hieronder de HJT:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:03:02, op 10/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C: \ WINDOWS \ System32 \ smss.exe
    C: \ WINDOWS \ system32 \ winlogon.exe
    C: \ WINDOWS \ system32 \ services.exe
    C: \ WINDOWS \ system32 \ lsass.exe
    C: \ WINDOWS \ system32 \ Ati2evxx.exe
    C: \ WINDOWS \ system32 \ svchost.exe
    C: \ WINDOWS \ System32 \ svchost.exe
    C: \ WINDOWS \ system32 \ svchost.exe
    C: \ WINDOWS \ system32 \ Ati2evxx.exe
    C: \ WINDOWS \ explorer.exe
    C: \ WINDOWS \ system32 \ spoolsv.exe
    C: \ Program Files \ iTunes \ iTunesHelper.exe
    C: \ Program Files \ Mouse Driver \ StartAutorun.exe
    C: \ Program Files \ Mouse Driver \ KMConfig.exe
    C: \ Program Files \ Sony \ Content Transfer \ ContentTransferWMDetector.exe
    C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
    C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
    C: \ Program Files \ OLYMPUS \ OLYMPUS Master 2 \ MMonitor.exe
    C: \ Program Files \ Nokia \ Nokia PC Suite 7 \ PCSuite.exe
    C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
    C: \ Program Files \ Picasa2 \ TeaTimer.exe
    C: \ WINDOWS \ system32 \ ctfmon.exe
    C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
    C: \ Program Files \ Mouse Driver \ KMProcess.exe
    C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqgalry.exe
    C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe
    C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
    C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
    C: \ Program Files \ Mouse Driver \ KMWDSrv.exe
    C: \ Program Files \ Common Files \ Microsoft Shared \ VS7Debug \ Mdm.exe
    C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsDeviceConnect.exe
    C: \ WINDOWS \ system32 \ svchost.exe
    C: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
    C: \ Program Files \ PC Connectivity Solution \ Transports \ NclUSBSrv.exe
    C: \ Program Files \ PC Connectivity Solution \ Transports \ NclRSSrv.exe
    C: \ WINDOWS \ system32 \ wuauclt.exe
    C: \ Program Files \ Windows Live \ Messenger \ msmsgs.exe
    C: \ Program Files \ Windows Live \ Messenger \ usnsvc.exe
    C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ klwtblfs.exe
    C: \ Program Files \ Outlook Express \ msimn.exe
    C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
    C: \ HijackThis \ HijackThis.exe

    R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.limburger.nl/
    R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Koppelingen
    O2 - BHO: (no name) - Software - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll (file missing)
    O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
    O2 - BHO: IEVkbdBHO - (59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ ievkbd.dll
    O2 - BHO: Windows Live Aanmelden - Help - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.3.4501.1418 \ swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - (C451C08A-EC37-45DF-AAAD-18B51AB5E837) - C: \ Program Files \ PDFCreator Toolbar \ v3.3.0.1 \ PDFCreator_Toolbar.dll
    O2 - BHO: Google Dictionary Compressie sdch - (C84D72FE-E17D-4195-BB24-76C02E2E7C4E) - C: \ Program Files \ Google \ Google Toolbar \ Component \ fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java ™ Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
    O2 - BHO: link filter bho - (E33CF602-D945-461A-83F0-819F76A199F8) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 2010 \ klwtbbho.dll
    O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implementeren \ jqs \ ie \ jqs_plugin.dll
    O3 - Toolbar: PDFCreator Toolbar - (31CF9EBE-5755-4A1D-AC25-2834D952D9B4) - C: \ Program Files \ PDFCreator Toolbar \ v3.3.0.1 \ PDFCreator_Toolbar.dll
    O3 - Toolbar: Google Toolbar - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar_32.dll
    O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ ctfmon.exe
    O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
    O4 - HKLM \ .. \ Run: [OM2_Monitor] "C: \ Program Files \ OLYMPUS \ OLYMPUS Master 2 \ FirstStart.exe" / OM
  • Wat opstarten betreft en HijackThis: start HijackThis (Vista gebruikers middels rechtsklik en Als Administrator uitvoeren):

    klik op de Open the Misc Tools section.

    Je vindt nu links boven een knop genaamd Generate StartupList log; klik daarop.

    Post de inhoud van het log in je volgende bericht.
  • Hierbij de HJT Generate Startup List Log:

    StartupList report, 10-10-2009, 22:31:40
    StartupList version: 1.52.2
    Started from : C:\HijackThis\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Mouse Driver\StartAutorun.exe
    C:\Program Files\Mouse Driver\KMConfig.exe
    C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Mouse Driver\KMProcess.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Mouse Driver\KMWDSrv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
    C:\HijackThis\HijackThis.exe
    C:\WINDOWS\system32
    otepad.exe

    ————————————————–

    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\Smolders\Menu Start\Programma's\Opstarten]
    *No files*

    Shell folders AltStartup:
    *Folder not found*

    User shell folders Startup:
    *Folder not found*

    User shell folders AltStartup:
    *Folder not found*

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
    Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

    Shell folders Common AltStartup:
    *Folder not found*

    User shell folders Common Startup:
    *Folder not found*

    User shell folders Alternate Common Startup:
    *Folder not found*

    ————————————————–

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
    QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
    OM2_Monitor = "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
    KMCONFIG = C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
    NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    nwiz = nwiz.exe /install
    NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    StartCCC = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    ContentTransferWMDetector.exe = C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
    SunJavaUpdateSched = "C:\Program Files\Java\jre6\bin\jusched.exe"
    Malwarebytes Anti-Malware (reboot) = "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    avp = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    OM2_Monitor = "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
    PC Suite Tray = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    swg = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    Picasa Media Detector = C:\Program Files\Picasa2\PicasaMediaDetector.exe
    ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

    ————————————————–

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *Registry key not found*

    ————————————————–

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    ————————————————–

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    [OptionalComponents]
    *No values found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *No subkeys found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    ————————————————–

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    ————————————————–

    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command

    (Default) = "%1" %*

    ————————————————–

    File association entry for .COM:
    HKEY_CLASSES_ROOT\ComFile\shell\open\command

    (Default) = "%1" %*

    ————————————————–

    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command

    (Default) = "%1" %*

    ————————————————–

    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command

    (Default) = "%1" %*

    ————————————————–

    File association entry for .SCR:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command

    (Default) = "%1" /S

    ————————————————–

    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command

    (Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

    ————————————————–

    File association entry for .TXT:
    HKEY_CLASSES_ROOT\txtfile\shell\open\command

    (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

    ————————————————–

    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
    StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

    [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe

    [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
    StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

    ————————————————–

    Enumerating ICQ Agent Autostart apps:
    HKCU\Software\Mirabilis\ICQ\Agent\Apps

    *Registry key not found*

    ————————————————–

    Load/Run keys from C:\WINDOWS\WIN.INI:

    load=*INI section not found*
    run=*INI section not found*

    Load/Run keys from Registry:

    HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=*Registry value not found*

    ————————————————–

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry value not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    ————————————————–

    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present

    ————————————————–

    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden

    ————————————————–

    Verifying REGEDIT.EXE integrity:

    - Regedit.exe found in C:\WINDOWS
    - .reg open command is normal (regedit.exe %1)
    - Company name OK: 'Microsoft Corporation'
    - Original filename OK: 'REGEDIT.EXE'
    - File description: 'Register-editor'

    Registry check passed

    ————————————————–

    Enumerating Browser Helper Objects:

    (no name) - (no file) - Software
    (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
    IEVkbdBHO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
    (no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
    (no name) - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
    (no name) - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    (no name) - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll - {C451C08A-EC37-45DF-AAAD-18B51AB5E837}
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
    (no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
    link filter bho - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll - {E33CF602-D945-461A-83F0-819F76A199F8}
    JQSIEStartDetectorImpl - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}

    ————————————————–

    Enumerating Task Scheduler jobs:

    Google Software Updater.job
    GoogleUpdateTaskMachineCore.job
    GoogleUpdateTaskMachineUA.job
    HPpromotions journeysoftware.job

    ————————————————–

    Enumerating Download Program Files:

    [Microsoft Office Template and Media Control]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL
    CODEBASE = http://office.microsoft.com/templates/ieawsdc.cab

    [JordanUploader Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\JordanApplet.dll
    CODEBASE = http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab

    [UploadListView Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\UploaderX.dll
    CODEBASE = http://picasaweb.google.com/s/v/34.09/uploader2.cab

    [MSN Photo Upload Tool]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
    CODEBASE = http://gfx1.hotmail.com/mail/w3
    esources/MSNPUpld.cab

    [Java Plug-in 1.6.0_15]
    InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

    [{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
    CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

    [ActiveScan 2.0 Installer Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\as2stubie.dll
    CODEBASE = http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

    [Java Plug-in 1.6.0_06]
    InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

    [Java Plug-in 1.6.0_07]
    InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

    [Java Plug-in 1.6.0_15]
    InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

    [Java Plug-in 1.6.0_15]
    InProcServer32 = C:\Program Files\Java\jre6\bin
    pjpi160_15.dll
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [JuniperSetupSP1 Control]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\JUNIPE~1.OCX
    CODEBASE = https:/
    emote.mgl.nl/dana-cached/setup/JuniperSetupSP1.cab

    ————————————————–

    Enumerating Winsock LSP files:

    NameSpace #1: C:\WINDOWS\System32\mswsock.dll
    NameSpace #2: C:\WINDOWS\System32\winrnr.dll
    NameSpace #3: C:\WINDOWS\System32\mswsock.dll
    Protocol #1: C:\WINDOWS\system32\mswsock.dll
    Protocol #2: C:\WINDOWS\system32\mswsock.dll
    Protocol #3: C:\WINDOWS\system32\mswsock.dll
    Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #6: C:\WINDOWS\system32\mswsock.dll
    Protocol #7: C:\WINDOWS\system32\mswsock.dll
    Protocol #8: C:\WINDOWS\system32\mswsock.dll
    Protocol #9: C:\WINDOWS\system32\mswsock.dll
    Protocol #10: C:\WINDOWS\system32\mswsock.dll
    Protocol #11: C:\WINDOWS\system32\mswsock.dll

    ————————————————–

    Enumerating Windows NT/2000/XP services

    Microsoft ACPI-stuurprogramma: system32\DRIVERS\ACPI.sys (system)
    Adobe Active File Monitor: C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe (autostart)
    Microsoft Kernel akoestische echo-opheffing: system32\drivers\aec.sys (manual start)
    AFD: \SystemRoot\System32\drivers\afd.sys (system)
    Intel AGP Bus Filter: system32\DRIVERS\agp440.sys (system)
    Service for WDM 3D Audio Driver: system32\drivers\ALCXSENS.SYS (manual start)
    Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)
    Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
    Application Layer Gateway-service: %SystemRoot%\System32\alg.exe (manual start)
    Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
    Stuurprogramma voor RAS asyncrone media: system32\DRIVERS\asyncmac.sys (manual start)
    Standaard IDE/ESDI-vasteschijfcontroller: system32\DRIVERS\atapi.sys (system)
    Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
    ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
    ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
    ATM ARP-client-protocol: system32\DRIVERS\atmarpc.sys (manual start)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Audiostub-stuurprogramma: system32\DRIVERS\audstub.sys (manual start)
    Kaspersky Anti-Virus: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -r (autostart)
    Intelligente achtergrondsoverdrachtservice: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    catchme: \??\C:\ComboFix\catchme.sys (manual start)
    Cd-rom-stuurprogramma: system32\DRIVERS\cdrom.sys (system)
    Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
    ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start)
    .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
    COM+-systeemtoepassing: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
    CryptSvc: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
    DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Stuurprogramma voor schijfstations: system32\DRIVERS\disk.sys (system)
    Logical Disk Manager Administrative-service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
    dmboot: System32\drivers\dmboot.sys (disabled)
    dmio: System32\drivers\dmio.sys (disabled)
    dmload: System32\drivers\dmload.sys (disabled)
    Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Microsoft Kernel DLS-synthesizer: system32\drivers\DMusic.sys (manual start)
    DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
    Microsoft Kernel DRM-audiodecoder: system32\drivers\drmkaud.sys (manual start)
    Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    COM+-gebeurtenissysteem: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
    Compatibiliteit voor Snelle gebruikerswisseling: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Stuurprogramma voor diskettestationcontroller: system32\DRIVERS\fdc.sys (manual start)
    Stuurprogramma voor diskettestation: system32\DRIVERS\flpydisk.sys (manual start)
    FltMgr: system32\DRIVERS\fltMgr.sys (system)
    Stuurprogramma voor Volumebeheer: system32\DRIVERS\ftdisk.sys (system)
    Spelpoort-enumerator: system32\DRIVERS\gameenum.sys (manual start)
    Algemene pakketclassificeerder: system32\DRIVERS\msgpc.sys (manual start)
    Google Updateservice (gupdate1c98edeac81d5e6): "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (autostart)
    Google Software Updater: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (autostart)
    HCF_MSFT: system32\DRIVERS\HCF_MSFT.sys (manual start)
    Help en ondersteuning: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Microsoft HID Class-stuurprogramma: system32\DRIVERS\hidusb.sys (manual start)
    IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start)
    Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start)
    USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start)
    HTTP: System32\Drivers\HTTP.sys (manual start)
    HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
    Stuurprogramma voor i8042-toetsenbord en PS/2-muispoort: system32\DRIVERS\i8042prt.sys (system)
    Filterstuurprogramma voor het branden van cd's: system32\DRIVERS\imapi.sys (system)
    COM-service voor IMAPI cd-branders: %systemroot%\system32\imapi.exe (manual start)
    IntelIde: system32\DRIVERS\intelide.sys (system)
    Intel GV3-processorstuurprogramma: system32\DRIVERS\intelppm.sys (system)
    IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start)
    IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
    IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
    IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
    IPSEC-stuurprogramma: system32\DRIVERS\ipsec.sys (system)
    IR Enumerator-service: system32\DRIVERS\irenum.sys (manual start)
    PnP ISA/EISA Bus-stuurprogramma: system32\DRIVERS\isapnp.sys (system)
    Java Quick Starter: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" (autostart)
    Stuurprogramma voor verschillende toetsenbordtypen: system32\DRIVERS\kbdclass.sys (system)
    Kl1: system32\drivers\kl1.sys (system)
    Kaspersky Lab Boot Guard Driver: system32\drivers\klbg.sys (system)
    Kaspersky Lab Driver: system32\DRIVERS\klif.sys (system)
    Kaspersky Anti-Virus NDIS Filter: system32\DRIVERS\klim5.sys (manual start)
    Kaspersky Lab KLMOUFLT: system32\DRIVERS\klmouflt.sys (manual start)
    Microsoft Kernel Wave-audiomixer: system32\drivers\kmixer.sys (manual start)
    KMWDFilter: \??\C:\WINDOWS\System32\Drivers\KMWDFilter.SYS (manual start)
    Keyboard And Mouse Communication Service: C:\Program Files\Mouse Driver\KMWDSrv.exe (autostart)
    Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" (autostart)
    Sony PCI Memory Stick-controller (PCI): system32\DRIVERS\MemStPCI.SYS (manual start)
    Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    Delen van Extern bureaublad met NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
    Stuurprogramma voor muistypen: system32\DRIVERS\mouclass.sys (system)
    Stuurprogramma voor muis-HID: system32\DRIVERS\mouhid.sys (manual start)
    WebDav-client-redirector: system32\DRIVERS\mrxdav.sys (manual start)
    MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
    Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
    Windows Installer: %systemroot%\system32\msiexec.exe /V (manual start)
    Microsoft Streaming Service-proxy: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock-proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Kwaliteitsbeheer Proxy: system32\drivers\MSPQM.sys (manual start)
    BIOS-stuurprogramma voor Microsoft Systeembeheer: system32\DRIVERS\mssmbios.sys (manual start)
    Microsoft MPU-401 MIDI UART-stuurprogramma: system32\drivers\msmpu401.sys (manual start)
    RAS NDIS TAPI-stuurprogramma: system32\DRIVERS
    distapi.sys (manual start)
    I/O-protocol van NDIS-gebruikermodus: system32\DRIVERS
    disuio.sys (manual start)
    RAS NDIS WAN-stuurprogramma: system32\DRIVERS
    diswan.sys (manual start)
    NetBIOS-interface: system32\DRIVERS
    etbios.sys (system)
    NetBios over Tcpip: system32\DRIVERS
    etbt.sys (system)
    Network DDE: %SystemRoot%\system32
    etdde.exe (disabled)
    Network DDE DSDM: %SystemRoot%\system32
    etdde.exe (disabled)
    Net Logon: %SystemRoot%\system32\lsass.exe (manual start)
    Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    Nokia USB Phone Parent: system32\drivers\ccdcmb.sys (manual start)
    Nokia USB Generic: system32\drivers\ccdcmbo.sys (manual start)
    NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start)
    Verwisselbare opslag: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    nv: system32\DRIVERS
    v4_mini.sys (manual start)
    NVIDIA Display Driver Service: %SystemRoot%\system32
    vsvc32.exe (autostart)
    IPX Traffic Filter Driver: system32\DRIVERS
    wlnkflt.sys (manual start)
    IPX Traffic Forwarder Driver: system32\DRIVERS
    wlnkfwd.sys (manual start)
    Stuurprogramma voor parallelle poort: system32\DRIVERS\parport.sys (manual start)
    PCCS Mode Change Filter Driver: system32\DRIVERS\pccsmcfd.sys (manual start)
    PCI Bus-stuurprogramma: system32\DRIVERS\pci.sys (system)
    Photoshop Elements Device Connect: C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe (autostart)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (autostart)
    IPSEC-services: %SystemRoot%\system32\lsass.exe (autostart)
    WAN-minipoort (PPTP): system32\DRIVERS\raspptp.sys (manual start)
    Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
    QoS-pakketplanner: system32\DRIVERS\psched.sys (manual start)
    Stuurprogramma voor Directe parallelle verbinding: system32\DRIVERS\ptilink.sys (manual start)
    PxHelp20: System32\Drivers\PxHelp20.sys (system)
    Stuurprogramma voor Automatische verbinding voor RAS: system32\DRIVERS\rasacd.sys (system)
    Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    WAN-minipoort (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
    Verbindingsbeheer voor RAS: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    PPPOE-RAS-stuurprogramma: system32\DRIVERS\raspppoe.sys (manual start)
    Direct Parallel: system32\DRIVERS\raspti.sys (manual start)
    Rdbss: system32\DRIVERS\rdbss.sys (system)
    RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
    Helpsessiebeheer voor Extern bureaublad: C:\WINDOWS\system32\sessmgr.exe (manual start)
    Stuurprogramma voor afspeelfilter van digitale cd-audio: system32\DRIVERS\redbook.sys (system)
    Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
    NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter: system32\DRIVERS\RTL8139.SYS (manual start)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Secdrv: system32\DRIVERS\secdrv.sys (manual start)
    Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Serenum Filter-stuurprogramma: system32\DRIVERS\serenum.sys (manual start)
    Stuurprogramma voor seriële poort: system32\DRIVERS\serial.sys (system)
    ServiceLayer: "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" (manual start)
    Windows Firewall (WF) / Internet-verbinding delen (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Microsoft Kernel-audiosplitsing: system32\drivers\splitter.sys (manual start)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    Stuurprogramma voor systeemherstelfilter: system32\DRIVERS\sr.sys (system)
    System Restore-service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    SRV: system32\DRIVERS\srv.sys (manual start)
    SSDP Discovery-service: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
    Software Bus-stuurprogramma: system32\DRIVERS\swenum.sys (manual start)
    Microsoft Kernel GS Wavetable-synthesizer: system32\drivers\swmidi.sys (manual start)
    MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{43752924-4A32-45D4-9204-908316BB526A} (manual start)
    Microsoft Kernel-systeemaudioapparaat: system32\drivers\sysaudio.sys (manual start)
    Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
    Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Stuurprogramma voor TCP/IP-protocol: system32\DRIVERS\tcpip.sys (system)
    Stuurprogramma voor terminal-apparaat: system32\DRIVERS\termdd.sys (system)
    Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
    Thema's: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Microcode Update-stuurprogramma: system32\DRIVERS\update.sys (manual start)
    Uploadbeheer: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Universele Plug en Play-apparaathost: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    upperdev: system32\DRIVERS\usbser_lowerflt.sys (manual start)
    Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
    Microsoft generiek hoofd-USB-stuurprogramma: system32\DRIVERS\usbccgp.sys (manual start)
    Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
    Stuurprogramma voor Microsoft USB Standaard-hub: system32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
    Stuurprogramma voor USB-scanner: system32\DRIVERS\usbscan.sys (manual start)
    USB Modem Driver: system32\drivers\usbser.sys (manual start)
    UsbserFilt: system32\DRIVERS\usbser_lowerfltj.sys (manual start)
    Stuurprogramma voor USB-massaopslag: system32\DRIVERS\USBSTOR.SYS (manual start)
    Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
    Messenger USN Journal Reader service voor Gedeelde mappen: "C:\Program Files\Windows Live\Messenger\usnsvc.exe" (manual start)
    Grafische VGA-adapter.: \SystemRoot\System32\drivers\vga.sys (system)
    Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
    Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    RAS IP ARP-stuurprogramma: system32\DRIVERS\wanarp.sys (manual start)
    Wdf01000: system32\DRIVERS\Wdf01000.sys (manual start)
    Stuurprogramma voor Microsoft WINMM WDM-audiocompatibiliteit: system32\drivers\wdmaud.sys (manual start)
    WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Serienummerservice voor draagbare media: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WMI-prestatieadapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
    Windows Media Player Network Sharing-service: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start)
    WpdUsb: system32\DRIVERS\wpdusb.sys (manual start)
    Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Automatische updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (system)
    Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start)
    Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (autostart)
    Wireless Zero Configuration-service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)


    ————————————————–

    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\DOCUME~1\Smolders\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\Smolders\Cookies\index.dat||C:\DOCUME~1\Smolders\LOCALS~1\GESCHI~1\History.IE5\index.dat


    ————————————————–

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\system32\webcheck.dll
    SysTray: C:\WINDOWS\system32\stobject.dll
    WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

    ————————————————–
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

    *No values found*

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

    *No values found*

    ————————————————–

    End of report, 38.617 bytes
    Report generated in 0,313 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
  • Hallo smold, Via msconfig - tab opstarten van opstarten uit te schakelen:

    - Adobe Photoshop Elements 3.0
    - Adobe Photoshop Elements 3.0 - PhotoshopElementsDeviceConnect
    - Sony ContentTransferWMDetector.exe
    - OLYMPUS Master 2
    - Nokia PC Suite 7
    - Picasa2
    - HP Digital Imaging
    - NeroFilterCheck
    - QuickTime Task



    Een goede raad: analyseer je programma's goed en deïnstalleer die programma's, die je niet meer gebruikt.
    Jouw Windows zal daar ook blij mee zijn.


    Dan nog dit, een perfect overzicht, wat er allemaal loopt in jouw Windows, dat verkrijg je middels het tool [b:b1a7aaafb2]Process Explorer v11.33[/b:b1a7aaafb2]:

    http://technet.microsoft.com/nl-nl/sysinternals/bb896653(en-us).aspx

    Je vindt op die site mogelijk ook nog andere interessante tools!
  • Ik heb de bestanden in ms config uitgevinkt bij opstarten.
    Het systeem vraagt me steeds of ik dat wel wil.
    Ik zie in het tabblad Algemeen dat nu Services is aangevinkt. Voorheen was dit Normaal opstarten.

    Moet ik hier ook nog wat wijzigen zodat ik niet steeds gevraagd wordt om de computer opnieuw op te starten?

    Er bestaat nog een mogelijkheid om diagnostisch te starten.

    Na uitschakeling van de bestanden is het systeem niet sneller geworden.
  • Hallo smold, indien je middels msconfig opstartbestanden van opstarten uitschakeld, dan zal op het tabblad Algemeen de instelling verspringen van [b:074c737d7d]Normaal opstarten[/b:074c737d7d] naar [b:074c737d7d]Selectief opstarten[/b:074c737d7d].
    Daar hoef je dus echt niks te veranderen!

    Met [b:074c737d7d]Het systeem vraagt me steeds of ik dat wel wil.[/b:074c737d7d], bedoel je daarmee dat je na opstarten iedere keer een venster krijgt, met de melding dat er veranderingen zijn doorgevoerd?

    Zet dan linksonder in dat venster een vinkje, dan houdt dat geplaag op.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.