Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Hijackthis Logfile - Wie wil dit even controleren???

None
36 antwoorden
  • Tijdens het internetten wordt de verschijnen er plots allerlei Reklame sites spontaan????? Wie wil deze logfile even controleren???

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:58:56, on 8-10-2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18813)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Common Files\Teleca Shared\logger.exe
    C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
    C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe
    C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe
    C:\Program Files\Summitsoft\Logo Design Studio Trial\LogoDesignStudio.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Windows\msa.exe
    C:\Program Files\Corel\CorelDRAW Graphics Suite X4\Programs\CorelDRW.exe
    C:\Users\Meine\AppData\Local\Temp\b.exe
    C:\Windows\system32\ctfmon.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    O4 - HKCU\..\Run: [PopRock] C:\Users\Meine\AppData\Local\Temp\b.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O20 - AppInit_DLLs: avgrsstx.dll acaptuser32.dll
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
    O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


    End of file - 15916 bytes


  • Hallo Meine, je hebt inderdaad een besmetting in je Windows.
    Bovendien: mogelijk is AVG beschadigd - maar daar kom ik naderhand nog op terug.

    Doe eerst de volgende stappen:

    1) download, installeer en blijf [b:97bfc7bb97]MBAM[/b:97bfc7bb97] gebruiken.
    Al meteen na de installatie wil [b:97bfc7bb97]MBAM[/b:97bfc7bb97] zijn database opwaarderen – toestaan dus.
    Ook bij herhaald gebruik: eerst de tab [b:97bfc7bb97]Update[/b:97bfc7bb97] aandoen!

    [b:97bfc7bb97]Download MBAM[/b:97bfc7bb97]

    Start [b:97bfc7bb97]MBAM[/b:97bfc7bb97] en kies voor [b:97bfc7bb97]Snelle Scan[/b:97bfc7bb97]


    Het scannen kan een tijdje duren, dus wees geduldig.
    Wanneer de scan voltooid is, klik dan op de knop [b:97bfc7bb97]OK[/b:97bfc7bb97] , daarna op de knop [b:97bfc7bb97]Bekijk Resultaten[/b:97bfc7bb97] om de resultaten te zien.
    Zorg ervoor dat daar alles aangevinkt is, daarna klikken op: [b:97bfc7bb97]Verwijder geselecteerde[/b:97bfc7bb97] .
    Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Het log wordt automatisch bewaard door [b:97bfc7bb97]MBAM[/b:97bfc7bb97] en dat kan je terugvinden door op de tab [b:97bfc7bb97]Logs[/b:97bfc7bb97] te klikken in [b:97bfc7bb97]MBAM[/b:97bfc7bb97] .

    Indien [b:97bfc7bb97]MBAM[/b:97bfc7bb97] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [b:97bfc7bb97]OK[/b:97bfc7bb97] klikken!
    Daarna zal [b:97bfc7bb97]MBAM[/b:97bfc7bb97] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.


    2)
  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:59:49, on 9-10-2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18813)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\Teleca Shared\logger.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
    C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com
    esource/download/scanner/en-us/wlscctrl2.cab
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O20 - AppInit_DLLs: avgrsstx.dll acaptuser32.dll
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
    O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


    End of file - 15748 bytes


    7-Zip 4.60 beta
    Aangifte loonheffingen 2009
    Acrobat.com
    ActiveCheck component for HP Active Support Library
    Add or Remove Adobe Creative Suite 4 Master Collection
    Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    Adobe After Effects CS4
    Adobe After Effects CS4 Presets
    Adobe After Effects CS4 Template Projects & Footage
    Adobe After Effects CS4 Third Party Content
    Adobe AIR
    Adobe AIR
    Adobe Anchor Service CS4
    Adobe Asset Services CS4
    Adobe Bridge CS4
    Adobe CMaps CS4
    Adobe Color - Photoshop Specific CS4
    Adobe Color EU Extra Settings CS4
    Adobe Color JA Extra Settings CS4
    Adobe Color NA Recommended Settings CS4
    Adobe Color Video Profiles AE CS4
    Adobe Color Video Profiles CS CS4
    Adobe Contribute CS4
    Adobe Creative Suite 4 Master Collection
    Adobe Device Central CS4
    Adobe Dreamweaver CS4
    Adobe ExtendScript Toolkit CS4
    Adobe Fireworks CS4
    Adobe Flash CS4
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Fonts All
    Adobe Illustrator CS4
    Adobe InDesign CS3 Icon Handler
    Adobe InDesign CS4
    Adobe Linguistics CS4
    Adobe Media Encoder CS4
    Adobe Media Encoder CS4 Importer
    Adobe Media Encoder CS4 Importer
    Adobe Media Player
    Adobe Media Player
    Adobe MotionPicture Color Files CS4
    Adobe PDF Library Files CS4
    Adobe Photoshop CS4 Americas
    Adobe Photoshop CS4 Core_Americas
    Adobe Photoshop CS4 English Language Pack
    Adobe Photoshop CS4 French Language Pack
    Adobe Photoshop CS4 Spanish Language Pack
    Adobe Premiere Pro CS4
    Adobe Premiere Pro CS4 Functional Content
    Adobe Premiere Pro CS4 Third Party Content
    Adobe Reader 9.1.3 - Nederlands
    Adobe Setup
    Adobe Setup
    Adobe Shockwave Player
    Adobe SING CS3
    Adobe Soundbooth CS3 Scores
    Adobe Soundbooth CS4
    Adobe Soundbooth CS4 Codecs
    Adobe Type Support CS4
    Adobe Update Manager CS4
    Adobe Version Cue CS4 Client
    Adobe WinSoft Linguistics Plugin
    AdobeColorCommonSetCMYK
    AdobeColorCommonSetRGB
    AMD USB Audio Driver Filter
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Artisteer 2
    Ashampoo Snap 3.02
    Atheros Driver Installation Program
    AVG Free 8.5
    Babylon
    Bluetooth Stack for Windows by Toshiba
    Bonjour
    Canon MP Navigator EX 1.2
    Canon MP190 series MP Drivers
    Canon My Printer
    Canon Utilities Easy-PhotoPrint EX
    Canon Utilities Solution Menu
    Catalyst Control Center - Branding
    CCleaner (remove only)
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Compatibiliteitspakket voor het 2007 Microsoft Office system
    CorelDRAW Graphics Suite X4
    CorelDRAW Graphics Suite X4 - Capture
    CorelDRAW Graphics Suite X4 - Content
    CorelDRAW Graphics Suite X4 - Draw
    CorelDRAW Graphics Suite X4 - Filters
    CorelDRAW Graphics Suite X4 - FontNav
    CorelDRAW Graphics SUite X4 - ICA
    CorelDRAW Graphics Suite X4 - IPM
    CorelDRAW Graphics Suite X4 - Lang NL
    CorelDRAW Graphics Suite X4 - PP
    CorelDRAW Graphics Suite X4 - VBA
    CorelDRAW(R) Graphics Suite X4
    CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
    CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
    CyberLink DVD Suite
    CyberLink DVD Suite
    ESU for Microsoft Vista
    FastImageResizer (remove only)
    FotoVergroter
    GoMail Standard Edition
    Google Calendar Sync
    Google Chrome
    Google Earth
    Google Update Helper
    Google Updater
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Doc Viewer
    HP eServices Local Prints and Save
    HP Help and Support
    HP MediaSmart DVD
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP MediaSmart Music/Photo/Video
    HP MediaSmart SmartMenu
    HP MediaSmart TV
    HP MediaSmart TV
    HP MediaSmart Webcam
    HP MediaSmart Webcam
    HP Quick Launch Buttons 6.40 H2
    HP Total Care Setup
    HP Update
    HP User Guides 0129
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    HPNetworkAssistant
    HTC Driver
    HTC Sync
    IDT Audio
    Inkjet Printer/Scanner Extended Survey Program
    iPhone-configuratieprogramma
    iTunes
    Java(TM) 6 Update 15
    Java(TM) 6 Update 7
    JLC's Internet TV
    JMicron JMB38X Flash Media Controller
    LabelPrint
    LabelPrint
    LightScribe System Software
    Logo Design Studio Trial
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 3.5 Language Pack SP1 - nld
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access 2003 Runtime
    Microsoft Office Access MUI (Dutch) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (Dutch) 2007
    Microsoft Office Groove MUI (Dutch) 2007
    Microsoft Office InfoPath MUI (Dutch) 2007
    Microsoft Office OneNote MUI (Dutch) 2007
    Microsoft Office Outlook MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (Dutch) 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proofing (Dutch) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (Dutch) 2007
    Microsoft Office Shared MUI (Dutch) 2007
    Microsoft Office Word MUI (Dutch) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Express Edition (PAPEXPRESS)
    Microsoft SQL Server 2005 Tools Express Edition
    Microsoft SQL Server Native Client
    Microsoft SQL Server Setup Support Files (English)
    Microsoft SQL Server VSS Writer
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    MSXML 4.0 SP2 (KB954430)
    muvee Mix It Up stylePack
    muvee Reveal
    My HP Games
    neroxml
    Norton Internet Security
    OGA Notifier 2.0.0048.0
    Pap
    PDF Settings
    Photoshop Camera Raw
    Power2Go
    Power2Go
    PowerDirector
    PowerDirector
    ProtectSmart Hard Drive Protection
    QuickTime
    Readiris Pro 11 Corporate Edition
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB969679)
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft Office Excel 2007 (KB969682)
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)
    Security Update for Microsoft Office Publisher 2007 (KB969693)
    Security Update for Microsoft Office system 2007 (KB969613)
    Security Update for Microsoft Office Word 2007 (KB969604)
    Security Update for Windows Media Encoder (KB954156)
    SetupPAPSMTP
    Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)
    Skype™ 4.1
    Spelling Dictionaries Support For Adobe Reader 9
    SPORE Creature Creator Trial Edition
    Synaptics Pointing Device Driver
    Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
    TeamViewer 4
    Uniblue DriverScanner 2009
    Uniblue DriverScanner 2009
    Uniblue PowerSuite 2009
    Uniblue PowerSuite 2009
    Uniblue RegistryBooster 2009
    Uniblue RegistryBooster 2009
    Uniblue SpeedUpMyPC 2009
    Uniblue SpeedUpMyPC 2009
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office Outlook 2007 (KB969907)
    Update for Outlook 2007 Junk Email Filter (kb973514)
    Update voor het stuurprogramma voor Windows Mobile Apparaatcentrum
    Update voor Microsoft Office Excel 2007 Help (KB963678)
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
    Update voor Microsoft Office Word 2007 Help (KB963665)
    Visual Studio Tools for the Office system 3.0 Runtime
    Visual Studio Tools for the Office system 3.0 Runtime
    Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
    web'n'walk Manager
    web'n'walk Manager
    Windows Live OneCare safety scanner
    Windows Live OneCare safety scanner
    Windows Media Encoder 9 Series
    Windows Media Encoder 9 Series
    Windows Mobile Apparaatcentrum
    WinRAR archiver
    WinZip 12.1
    Xilisoft Video Converter Ultimate




  • Hallo Meine - waar is nu het MBAM - log?

    Dat kan je in MBAM terugvinden via de tab [b:de193430d4]Logs[/b:de193430d4].
  • Malwarebytes' Anti-Malware 1.41
    Database versie: 2928
    Windows 6.0.6002 Service Pack 2

    9-10-2009 12:43:26
    mbam-log-2009-10-09 (12-43-26).txt

    Scan type: Snelle Scan
    Objecten gescand: 98189
    Verstreken tijd: 10 minute(s), 17 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 6
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 1
    Bestanden geïnfecteerd: 2

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    C:\Program Files\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.

    Bestanden geïnfecteerd:
    C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
  • Hallo Meine, wat MBAM ondertussen heeft gebeutraliseerd, is niet niks.

    Ik raad je dan ook aan, dat [b:965b8b020c]Laat Combofix jouw Windows gaat scannen[/b:965b8b020c] (KLIK).

    [b:965b8b020c]Hoe Combofix goed te gebruiken[/b:965b8b020c] (KLIK)

    [b:965b8b020c]Aanvulling: om Combofix te kunnen gebruiken geldt het volgende:[/b:965b8b020c]

    [b:965b8b020c]- er mogen geen webbrowsers openstaan
    - antivirus moet geheel gedeaktiveerd zijn
    - actieve mal- en spywarescanners moeten gedeaktiveerd zijn.[/b:965b8b020c]

    Niet in het actieve Combofixvnster klikken – dit zal Combofix doen bevriezen!

    Combofix sluit de internet verbinding – probeer deze tussentijds niet te herstellen!

    [b:965b8b020c]Vistagebruikers starten Combofix op met Administratorrechten!

    En vergeten niet Windows Defender tijdelijk uit te schakelen: zie daarvoor http://windowshelp.microsoft.com/Windows/nl-NL/help/31d797aa-091d-4d67-a556-dbfaf21bf0dc1043.mspx
    [/b:965b8b020c]



    [b:965b8b020c]Hier vindt je gegevens hoe antivirus te deaktiveren[/b:965b8b020c] (KLIK)
  • ComboFix 09-10-08.04 - Meine 09-10-2009 15:26.1.2 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.1718 [GMT 2:00]
    Gestart vanuit: c:\users\Meine\Documents\008 - Tijdelijk\ComboFix.exe
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\$recycle.bin\S-1-5-21-1164616229-2455874707-3530547379-500
    c:\windows\Installer\1f7ec.msi
    c:\windows\Installer\1f7f0.msi
    c:\windows\Installer\1f7f4.msi
    c:\windows\Installer\1f7f8.msi
    c:\windows\Installer\1f7fc.msi
    c:\windows\Installer\2033df.msi
    c:\windows\Installer\WMEncoder.msi

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2009-09-09 to 2009-10-09 ))))))))))))))))))))))))))))))
    .

    2009-10-09 13:45 . 2009-10-09 13:45 ——– d—–w- c:\users\Default\AppData\Local\temp
    2009-10-09 13:45 . 2009-10-09 13:46 ——– d—–w- c:\users\Meine\AppData\Local\temp
    2009-10-09 10:26 . 2009-10-09 10:26 ——– d—–w- c:\users\Meine\AppData\Roaming\Malwarebytes
    2009-10-09 10:26 . 2009-09-10 12:54 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-10-09 10:26 . 2009-10-09 10:26 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2009-10-09 10:26 . 2009-10-09 10:26 ——– d—–w- c:\programdata\Malwarebytes
    2009-10-09 10:26 . 2009-09-10 12:53 19160 —-a-w- c:\windows\system32\drivers\mbam.sys
    2009-10-09 06:43 . 2009-10-09 07:18 ——– d—–w- c:\program files\Windows Live Safety Center
    2009-10-08 09:41 . 2009-10-08 09:41 ——– d—–w- c:\users\Meine\AppData\Roaming\Summitsoft
    2009-10-08 09:39 . 2009-10-08 09:39 ——– d—–w- c:\windows\Logo Design Studio Trial
    2009-10-08 09:39 . 2009-10-08 09:39 ——– d—–w- c:\program files\Summitsoft
    2009-10-07 13:03 . 2009-08-07 02:24 44768 —-a-w- c:\windows\system32\wups2.dll
    2009-10-07 13:03 . 2009-08-07 02:24 53472 —-a-w- c:\windows\system32\wuauclt.exe
    2009-10-07 13:03 . 2009-08-07 02:23 1929952 —-a-w- c:\windows\system32\wuaueng.dll
    2009-10-07 13:03 . 2009-08-07 01:45 2421760 —-a-w- c:\windows\system32\wucltux.dll
    2009-10-07 13:03 . 2009-08-07 02:24 35552 —-a-w- c:\windows\system32\wups.dll
    2009-10-07 13:03 . 2009-08-07 02:23 575704 —-a-w- c:\windows\system32\wuapi.dll
    2009-10-07 13:03 . 2009-08-07 01:44 87552 —-a-w- c:\windows\system32\wudriver.dll
    2009-10-07 13:02 . 2009-08-06 17:23 171608 —-a-w- c:\windows\system32\wuwebv.dll
    2009-10-07 13:02 . 2009-08-06 16:44 33792 —-a-w- c:\windows\system32\wuapp.exe
    2009-10-06 07:44 . 2009-10-06 07:44 79367 —-a-w- c:\users\Meine\AppData\Roaming\Google\Google Talk\uninstall.exe
    2009-10-04 14:49 . 2009-10-05 10:16 ——– d—–w- c:\users\Meine\AppData\Local\Lookout
    2009-10-04 14:48 . 2009-10-04 14:48 ——– d—–w- c:\windows\OfficeCalendar Client
    2009-10-04 14:46 . 2009-10-04 14:46 ——– d—–w- c:\windows\OfficeCalendar Server
    2009-10-02 21:15 . 2009-10-01 08:29 195440 ——w- c:\windows\system32\MpSigStub.exe
    2009-10-02 21:06 . 2009-10-02 21:07 ——– d—–w- c:\users\Meine\AppData\Local\Deployment
    2009-10-02 21:06 . 2009-10-02 21:06 ——– d—–w- c:\users\Meine\AppData\Local\Apps
    2009-09-29 07:09 . 2009-09-29 07:09 10134 —-a-r- c:\users\Meine\AppData\Roaming\Microsoft\Installer\{939E2189-9B65-41FC-A842-1BBC1588BFD1}\ARPPRODUCTICON.exe
    2009-09-29 07:09 . 2009-09-29 07:09 ——– d—–w- C:\virtualroots
    2009-09-18 07:01 . 2009-09-18 07:01 24576 —-a-w- c:\windows\system32\drivers\ANDROIDUSB.sys
    2009-09-17 17:25 . 2009-09-17 17:25 ——– d—–w- C:\ruu_log
    2009-09-17 14:42 . 2009-09-17 14:42 ——– d—–w- c:\users\Meine\AppData\Local\HTC
    2009-09-17 14:42 . 2009-09-18 11:03 ——– d—–w- c:\users\Meine\AppData\Roaming\Teleca
    2009-09-17 14:40 . 2009-09-17 14:40 ——– d—–w- c:\programdata\HTC
    2009-09-17 14:40 . 2009-09-17 14:40 ——– d—–w- c:\program files\Common Files\Teleca Shared
    2009-09-17 14:40 . 2009-09-17 14:40 ——– d—–w- c:\programdata\Teleca
    2009-09-17 14:38 . 2009-09-17 14:40 ——– d—–w- c:\program files\HTC
    2009-09-17 14:38 . 2009-09-17 14:38 1112288 —-a-w- c:\windows\system32\WdfCoInstaller01007.dll
    2009-09-12 11:55 . 2009-09-12 11:55 ——– d—–w- c:\program files\iPhone-configuratieprogramma
    2009-09-12 11:54 . 2009-09-12 11:54 ——– d—–w- c:\users\Meine\AppData\Roaming\Apple Computer
    2009-09-12 11:54 . 2009-05-18 12:17 26600 —-a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-09-12 11:54 . 2008-04-17 11:12 107368 —-a-w- c:\windows\system32\GEARAspi.dll
    2009-09-12 11:52 . 2009-09-12 11:52 ——– d—–w- c:\program files\iPod
    2009-09-12 11:52 . 2009-09-12 11:54 ——– d—–w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    2009-09-12 11:52 . 2009-09-12 11:54 ——– d—–w- c:\program files\iTunes
    2009-09-12 11:50 . 2009-09-12 11:51 ——– d—–w- c:\program files\QuickTime
    2009-09-12 11:50 . 2009-09-12 11:52 ——– d—–w- c:\programdata\Apple Computer
    2009-09-12 11:43 . 2009-09-12 11:52 ——– d—–w- c:\program files\Common Files\Apple
    2009-09-11 14:31 . 2000-09-21 07:21 1056768 —-a-w- c:\windows\system32\Roboex32.dll
    2009-09-11 14:09 . 2009-09-11 14:09 ——– d—–w- c:\program files\Grafica

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-10-09 13:39 . 2009-05-04 10:24 ——– d—–w- c:\users\Meine\AppData\Roaming\Skype
    2009-10-09 11:50 . 2009-05-04 14:21 2828 –sha-w- c:\programdata\KGyGaAvL.sys
    2009-10-09 10:55 . 2009-05-04 10:25 ——– d—–w- c:\users\Meine\AppData\Roaming\skypePM
    2009-10-09 10:45 . 2008-11-23 21:21 12 —-a-w- c:\windows\bthservsdp.dat
    2009-10-09 06:18 . 2009-05-05 18:08 ——– d—–w- c:\users\Meine\AppData\Roaming\uTorrent
    2009-10-09 05:58 . 2009-05-05 16:59 ——– d—–w- c:\programdata\Babylon
    2009-10-08 09:41 . 2009-05-04 10:12 132000 —-a-w- c:\users\Meine\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-10-08 06:15 . 2008-11-24 05:44 714060 —-a-w- c:\windows\system32\perfh013.dat
    2009-10-08 06:15 . 2008-11-24 05:44 144496 —-a-w- c:\windows\system32\perfc013.dat
    2009-10-05 10:16 . 2009-05-13 06:07 ——– d—–w- c:\program files\CCleaner
    2009-10-04 14:14 . 2009-07-19 13:44 ——– d—–w- c:\program files\Google
    2009-10-03 11:59 . 2009-05-04 15:54 ——– d—–w- c:\programdata\CanonIJPLM
    2009-09-29 07:09 . 2008-11-23 23:44 ——– d—–w- c:\program files\HP
    2009-09-25 09:08 . 2009-05-04 19:15 ——– d—–w- c:\programdata\FLEXnet
    2009-09-17 17:26 . 2009-09-17 17:26 0 —ha-w- c:\windows\system32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
    2009-09-15 09:45 . 2009-05-11 07:08 ——– d—–w- c:\users\Meine\AppData\Roaming\Belastingdienst
    2009-09-15 09:43 . 2009-05-11 07:07 ——– d—–w- c:\program files\Belastingdienst
    2009-09-14 14:06 . 2009-08-30 08:49 ——– d—–w- c:\users\Meine\AppData\Roaming\HpUpdate
    2009-09-13 08:46 . 2009-05-05 17:40 ——– d—–w- c:\programdata\WinZip
    2009-09-12 11:51 . 2009-05-12 15:06 ——– d—–w- c:\program files\Bonjour
    2009-09-11 14:24 . 2008-11-23 21:58 ——– d–h–w- c:\program files\InstallShield Installation Information
    2009-09-10 06:01 . 2009-05-04 15:01 ——– d—–w- c:\program files\Microsoft Silverlight
    2009-09-09 17:08 . 2006-11-02 11:18 ——– d—–w- c:\program files\Windows Mail
    2009-09-09 17:07 . 2009-05-04 09:54 ——– d—–w- c:\programdata\Microsoft Help
    2009-09-09 06:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Photo Gallery
    2009-09-09 06:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Defender
    2009-09-09 06:59 . 2009-08-30 10:02 ——– d—–w- c:\program files\Pap
    2009-09-09 06:59 . 2009-05-14 16:39 ——– d—–w- c:\program files\Readiris Pro 11 Corporate Edition
    2009-09-09 06:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Sidebar
    2009-09-09 06:59 . 2006-11-02 12:37 ——– d—–w- c:\program files\Windows Journal
    2009-09-09 06:59 . 2009-05-20 18:44 ——– d—–w- c:\program files\Common Files\LightScribe
    2009-09-09 06:59 . 2009-05-09 19:11 ——– d—–w- c:\program files\7-Zip
    2009-09-09 06:59 . 2009-05-09 11:20 ——– d—–w- c:\program files\Adobe Media Player
    2009-09-09 06:59 . 2009-05-05 18:14 ——– d—–w- c:\program files\Fast Image Resizer
    2009-09-09 04:45 . 2009-09-09 04:45 680 —-a-w- c:\users\Meine\AppData\Local\d3d9caps.dat
    2009-09-08 18:23 . 2009-09-08 17:30 ——– d—–w- c:\programdata\NOS
    2009-09-02 07:59 . 2009-08-29 11:58 ——– d—–w- c:\program files\Microsoft SQL Server
    2009-08-31 14:20 . 2009-08-31 14:20 10134 —-a-r- c:\users\Meine\AppData\Roaming\Microsoft\Installer\{5182C589-514F-E93C-274C-C00B9A9A3F23}\ARPPRODUCTICON.exe
    2009-08-31 14:14 . 2009-08-31 14:13 119391528 —-a-w- c:\users\Meine\AppData\Roaming\Uniblue\DriverScanner\Download\pci_ven_1002_dev_9591_subsys_30fc103c8_563_3_2000.exe
    2009-08-31 14:04 . 2009-06-06 15:43 ——– d—–w- c:\programdata\DriverScanner
    2009-08-31 08:31 . 2009-08-31 08:31 ——– d—–w- c:\program files\PAPSMTP
    2009-08-31 07:51 . 2009-08-31 07:51 ——– d—–w- c:\program files\Pap_Start
    2009-08-31 07:51 . 2009-08-31 07:51 ——– d—–w- c:\program files\paptreeV4
    2009-08-31 07:51 . 2009-08-31 07:51 ——– d—–w- c:\program files\fileboxv20
    2009-08-31 07:25 . 2009-07-26 06:46 ——– d—–w- c:\program files\Opera
    2009-08-31 06:38 . 2008-11-23 22:01 ——– d—–w- c:\programdata\Norton
    2009-08-31 06:38 . 2008-11-23 22:00 ——– d—–w- c:\program files\NortonInstaller
    2009-08-31 06:37 . 2008-11-23 22:01 ——– d—–w- c:\program files\Norton Internet Security
    2009-08-30 10:19 . 2009-08-30 10:19 ——– d—–w- c:\programdata\Office Genuine Advantage
    2009-08-29 12:03 . 2009-05-04 13:14 ——– d—–w- c:\program files\Microsoft.NET
    2009-08-29 00:27 . 2009-09-02 07:42 4240384 —-a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2009-08-29 00:14 . 2009-09-02 07:42 28672 —-a-w- c:\windows\system32\Apphlpdm.dll
    2009-08-26 09:15 . 2009-08-24 17:09 ——– d—–w- c:\program files\Artisteer 2
    2009-08-15 07:15 . 2009-05-04 13:59 11952 —-a-w- c:\windows\system32\avgrsstx.dll
    2009-08-15 07:15 . 2009-05-04 13:59 335240 —-a-w- c:\windows\system32\drivers\avgldx86.sys
    2009-08-15 07:15 . 2009-05-04 13:59 27784 —-a-w- c:\windows\system32\drivers\avgmfx86.sys
    2009-08-14 16:27 . 2009-09-09 06:37 904776 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2009-08-14 15:53 . 2009-09-09 06:37 17920 —-a-w- c:\windows\system32
    etevent.dll
    2009-08-14 13:49 . 2009-09-09 06:37 9728 —-a-w- c:\windows\system32\TCPSVCS.EXE
    2009-08-14 13:49 . 2009-09-09 06:37 17920 —-a-w- c:\windows\system32\ROUTE.EXE
    2009-08-14 13:49 . 2009-09-09 06:37 11264 —-a-w- c:\windows\system32\MRINFO.EXE
    2009-08-14 13:49 . 2009-09-09 06:37 27136 —-a-w- c:\windows\system32\NETSTAT.EXE
    2009-08-14 13:49 . 2009-09-09 06:37 8704 —-a-w- c:\windows\system32\HOSTNAME.EXE
    2009-08-14 13:49 . 2009-09-09 06:37 19968 —-a-w- c:\windows\system32\ARP.EXE
    2009-08-14 13:49 . 2009-09-09 06:37 10240 —-a-w- c:\windows\system32\finger.exe
    2009-08-14 13:48 . 2009-09-09 06:37 30720 —-a-w- c:\windows\system32\drivers\tcpipreg.sys
    2009-08-14 13:48 . 2009-09-09 06:37 105984 —-a-w- c:\windows\system32
    etiohlp.dll
    2009-08-03 13:07 . 2009-08-03 13:07 403816 —-a-w- c:\windows\system32\OGACheckControl.DLL
    2009-08-03 13:07 . 2009-08-03 13:07 322928 —-a-w- c:\windows\system32\OGAAddin.dll
    2009-08-03 13:07 . 2009-08-03 13:07 230768 —-a-w- c:\windows\system32\OGAEXEC.exe
    2009-07-25 03:23 . 2009-05-04 10:25 411368 —-a-w- c:\windows\system32\deploytk.dll
    2009-07-21 21:52 . 2009-07-28 17:55 915456 —-a-w- c:\windows\system32\wininet.dll
    2009-07-21 21:47 . 2009-07-28 17:55 109056 —-a-w- c:\windows\system32\iesysprep.dll
    2009-07-21 21:47 . 2009-07-28 17:55 71680 —-a-w- c:\windows\system32\iesetup.dll
    2009-07-21 20:33 . 2009-07-21 20:33 409088 —-a-w- c:\windows\system32\drivers\stwrt.sys
    2009-07-21 20:33 . 2009-07-21 20:33 405504 —-a-w- c:\windows\system32\stcplx.dll
    2009-07-21 20:33 . 2009-05-04 09:18 536576 —-a-w- c:\windows\system32\idtmini1.exe
    2009-07-21 20:33 . 2009-05-04 09:18 458844 —-a-w- c:\windows\sttray.exe
    2009-07-21 20:33 . 2009-05-04 09:18 3600384 —-a-w- c:\windows\system32\stlang.dll
    2009-07-21 20:33 . 2009-05-04 09:17 175616 —-a-w- c:\windows\system32\staco.dll
    2009-07-21 20:33 . 2009-05-04 09:17 915456 —-a-w- c:\windows\system32\stapo.dll
    2009-07-21 20:33 . 2009-05-04 09:17 490496 —-a-w- c:\windows\system32\stapi32.dll
    2009-07-21 20:13 . 2009-07-28 17:55 133632 —-a-w- c:\windows\system32\ieUnatt.exe
    2009-07-17 13:54 . 2009-08-13 02:42 71680 —-a-w- c:\windows\system32\atl.dll
    2009-07-15 12:40 . 2009-08-13 02:41 8147456 —-a-w- c:\windows\system32\wmploc.DLL
    2009-07-15 12:39 . 2009-08-13 02:41 313344 —-a-w- c:\windows\system32\wmpdxm.dll
    2009-07-15 12:39 . 2009-08-13 02:41 4096 —-a-w- c:\windows\system32\dxmasf.dll
    2009-07-15 12:39 . 2009-08-13 02:41 7680 —-a-w- c:\windows\system32\spwmp.dll
    2009-07-11 19:01 . 2009-09-09 06:36 302592 —-a-w- c:\windows\system32\wlansec.dll
    2009-07-11 19:01 . 2009-09-09 06:36 293376 —-a-w- c:\windows\system32\wlanmsm.dll
    2009-07-11 19:01 . 2009-09-09 06:36 513536 —-a-w- c:\windows\system32\wlansvc.dll
    2009-07-11 19:01 . 2009-09-09 06:36 65024 —-a-w- c:\windows\system32\wlanapi.dll
    2009-07-11 17:03 . 2009-09-09 06:36 127488 —-a-w- c:\windows\system32\L2SecHC.dll
    2008-11-24 06:04 . 2008-11-24 05:46 8192 –sha-w- c:\windows\Users\Default\NTUSER.DAT
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-07-16 25604904]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "googletalk"="c:\users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-09-23 912688]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
    "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-04 2023704]
    "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
    "GoMail Scheduler"="c:\program files\ExecuteIT\GoMail Standard Edition\\gschedule.exe" [2009-05-10 131072]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
    "Mobile Connectivity Suite"="c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-05-27 598016]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
    Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288]
    web'n'walk Manager.lnk - c:\program files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe [2008-7-7 1426944]
    WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-6-19 525640]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    "HideFastUserSwitching"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\windows\System32\acaptuser32.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^Users^Meine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]
    path=c:\users\Meine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
    backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):55,42,a3,97,3c,01,ca,01

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{D24BC98D-7877-46A2-8AAD-F1B06A99B8F4}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{11974441-65C1-4636-A28C-7B08F70A0F81}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe:HP TouchSmart Music
    "{D4D32EC7-133D-4AD4-90AD-25A49C0C5B39}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe:HP TouchSmart Photo
    "{A9BADA5B-C1D6-40AC-9242-9447FF7A6262}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe:HP TouchSmart Video
    "{8F06C242-258F-4304-8D2D-0F2830A5B75B}"= c:\program files\Hewlett-Packard\Media\DVD\TSMAgent.exe:HP TouchSmart Media Resident Program
    "{6B5E1A00-BAC7-4D4F-8D70-CBF7E222E1E6}"= c:\program files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
    "{9822AE59-82D0-419E-A610-BB285777F124}"= c:\program files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe:HP MediaSmart DVD
    "{41E3E04E-54D5-4477-97F0-1F5B6E99BE2E}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe:HP TouchSmart Music
    "{A758E763-FCEB-4F8A-848F-F361090B19A3}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe:HP TouchSmart Photo
    "{801F88CE-B3A4-4735-916F-A53164CDA738}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe:HP TouchSmart Video
    "{F148D5EC-B1C6-4FCA-8748-4D437A8824C9}"= c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe:HP TouchSmart Media Resident Program
    "{5E4B6751-2B28-4ADD-959D-A20B1CB78114}"= c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
    "{B3112172-5160-4790-B23D-4A9F7AF73955}"= c:\program files\Skype\Phone\Skype.exe:Skype
    "{D7580845-F9AC-4AFE-851E-EEC04DE7AD7C}"= c:\program files\Hewlett-Packard\Media\TV\QP.exe:Quick Play
    "{7F5A2B11-5161-4EDD-9353-7D4023D9A957}"= c:\program files\Hewlett-Packard\Media\TV\QPService.exe:Quick Play Resident Program
    "{C43416C5-2E13-4F97-B5DE-5B8BB6C4313E}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{81C86DF0-243F-4E41-8F19-0CCA80B46091}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{82F05377-839A-4131-8E31-1B74B018B771}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{1ABA3AD1-6A27-4524-8195-8C7A759A746F}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{996C4925-AD27-441C-8A0F-05364B4061C1}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{BD199F10-3D58-40EF-A58D-7AD9E57043A4}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
    "{9CCB305C-7DAC-4B66-A670-BA08C7A4CE68}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
    "{CCA020BB-658B-491A-89A2-24E5D5F1DDB9}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
    "{0665C0F4-19B0-4920-85CD-2444B142A3AD}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
    "{CB3A9E33-752D-40BB-BA9D-84C6F2D7323C}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{C7E40F11-906B-45A5-A3B4-E2A1D1321BE0}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{732CEF63-D873-43C0-9A5D-3B9D05B01CDC}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{7E02F4ED-2865-4576-9AD2-B74AD2E2642A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

    R0 RRamdisk;Ramdisk Driver;c:\windows\System32\drivers\rramdisk.sys [20-5-2009 14:30 10368]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [4-5-2009 15:59 335240]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [4-5-2009 15:59 108552]
    R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [26-9-2008 2:36 59376]
    R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe [2-3-2009 18:43 81920]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [4-5-2009 15:59 297752]
    R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 4:23 21504]
    R2 GtDetectSc;GtDetectSc;c:\program files\T-Mobile\web'n'walk Manager\GtDetectSc.exe [18-12-2007 12:48 196704]
    R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 16:24 19456]
    R2 MSSQL$PAPEXPRESS;SQL Server (PAPEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24-11-2008 22:31 29263712]
    R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [24-11-2008 1:54 365952]
    R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [29-4-2009 15:17 185640]
    R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [9-2-2009 18:14 296320]
    R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [9-2-2009 18:14 116096]
    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [24-11-2008 0:15 193840]
    R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [24-1-2008 15:23 52736]
    R3 usbfilter;AMD USB Filter Driver;c:\windows\System32\drivers\usbfilter.sys [4-5-2009 11:59 22072]
    S2 gupdate1ca08772da920b2;Google Updateservice (gupdate1ca08772da920b2);c:\program files\Google\Update\GoogleUpdate.exe [19-7-2009 15:45 133104]
    S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [24-11-2008 0:01 115560]
    S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\System32\drivers\Gt51Ip.sys [18-2-2008 16:14 106624]
    S3 GT72UBUS;GT 72 U BUS;c:\windows\System32\drivers\gt72ubus.sys [8-2-2008 12:00 59648]
    S3 GTPTSER;GT PT SER;c:\windows\System32\drivers\gtptser.sys [30-3-2007 12:38 8064]
    S3 HTCAND32;HTC Device Driver;c:\windows\System32\drivers\ANDROIDUSB.sys [18-9-2009 9:01 24576]
    S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [21-7-2008 12:53 100184]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    ezSharedSvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "c:\program files\Common Files\LightScribe\LSRunOnce.exe"
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-10-09 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-19 13:44]

    2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 13:45]

    2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 13:45]

    2009-10-04 c:\windows\Tasks\HPCeeScheduleForMeine.job
    - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-11-23 10:34]

    2009-10-09 c:\windows\Tasks\User_Feed_Synchronization-{187FF7BF-58C5-4895-9892-AE44757E7C95}.job
    - c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mStart Page = hxxp://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    uInternet Settings,ProxyOverride = *.local
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert link target to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    TCP: {A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649} = 208.67.222.222,208.67.220.220
    TCP: {BB213A3A-B7CC-483F-BB3E-4D4672AD4807} = 208.67.222.222,208.67.220.220
    DPF: {54D53429-945C-4188-B460-C81356541882} - hxxp://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB
    .
    - - - - ORPHANS VERWIJDERD - - - -

    HKCU-Run-AdobeBridge - (no file)



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-09 15:45
    Windows 6.0.6002 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
    "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
    .
    Voltooingstijd: 2009-10-09 15:49
    ComboFix-quarantined-files.txt 2009-10-09 13:49

    Pre-Run: 116.724.903.936 bytes beschikbaar
    Post-Run: 116.959.875.072 bytes beschikbaar

    335 — E O F — 2009-10-09 01:06


  • Hallo Meine, Combofix mag je nu verwijderen: ga naar [b:88ea71e180]Start / Zoekregel[/b:88ea71e180], kopiëer en plak [b:88ea71e180]Combofix /U[/b:88ea71e180] in het zoek-venster, gebruik de Entertoets.


    Het Combofix log toont aan, netzoals de Uninstalllijst, dat je twee antivirusprodukten in je Windows hebt zitten!

    [b:88ea71e180]- welke moet nu verwijderd worden: Norton of AVG - want voor beide zijn er speciale verwijdertools![/b:88ea71e180]



    [b:88ea71e180]Java runtime dient net zoals de Adobe Flashplayer altijd actueel te zijn!
    Hou het altijd op één geïnstalleerde Java-runtime![/b:88ea71e180]

    Download naar je bureaublad : [i:88ea71e180][b:88ea71e180]Java SE Runtime Environment (JRE) 6 update 16[/b:88ea71e180] (KLIK)[/i:88ea71e180]

    Nu ga je eerst naar [b:88ea71e180]Configuratiescherm /Programma's en onderdelen[/b:88ea71e180] en dan verwijder je [b:88ea71e180]
    Java(TM) 6 Update 15
    Java(TM) 6 Update 7
    [/b:88ea71e180].

    Hierna de computer opnieuw starten!

    Daarna kan je de nieuwe versie van Java installeren!
  • Oké…. heb alle instructies gevolgd. Norton graag verwijderen, AVG behouden… Wat nu???
  • Download het Norton verwijderingstool en voer het uit: http://service1.symantec.com/support/inter/tsgeninfointl.nsf/nl_docid/20050411155130924?OpenDocument&seg=hm&lg=nl&ct=nl

    Succes ermee.

    Nadat je machine een herstart heeft ondergaan, post daarna een nieuw HJT-log ter controle.
  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:16:17, on 10-10-2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18813)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Common Files\Teleca Shared\logger.exe
    C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
    C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Windows\system32\conime.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com
    esource/download/scanner/en-us/wlscctrl2.cab
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll C:\Windows\System32\acaptuser32.dll
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
    O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


    End of file - 14712 bytes


  • Hallo Meine, hoe is het momenteel gesteld met het internetten.
    Heb je nog last van allerei popups?

    Is het je bekend dat je een logger in je Windows hebt zitten?

    - [b:c1db68d8c2]C:\Program Files\Common Files\Teleca Shared\logger.exe[/b:c1db68d8c2]
  • Internet gaat goed en tot nu toe geen popups. En eh…. het is mij niet bekend dat er een logger in mijn Windows zit. Hoe krijg ik die weg dan?
  • Hallo Meine,

    je kijkt eerst in [b:6e68a38f0d]Taakbeheer / Processen[/b:6e68a38f0d] of daar [b:6e68a38f0d]logger.exe[/b:6e68a38f0d] te vinden is - zoja dan middels rechtsklik erop uitschakelen!

    Daarna ga je naar [b:6e68a38f0d]C:\Program Files\Common Files\Teleca Shared\[/b:6e68a38f0d]en verwijder je daar handmatig [b:6e68a38f0d]logger.exe[/b:6e68a38f0d]


    Start daarna je PC opnieuw op en post een nieuw HJT-log, om te controleren, of de operatie succesvol is.
  • Oké, die logger is verwijderd…. opnieuw opgestart en dan komt er een foutmelding dat één of andere Launcher niet kan worden gestart ????
    En trouwens wat doet zo'n logger eigenlijk?


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:09:23, on 10-10-2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18813)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute Renaissance/contributeieplugin.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [GoMail Scheduler] C:\Program Files\ExecuteIT\GoMail Standard Edition\\gschedule.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [googletalk] C:\Users\Meine\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com
    esource/download/scanner/en-us/wlscctrl2.cab
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241683251658
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A76EAEC2-ADE8-46D3-AB78-AE6FE77E3649}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BB213A3A-B7CC-483F-BB3E-4D4672AD4807}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll C:\Windows\System32\acaptuser32.dll
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: GtDetectSc - OptionNV - C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
    O23 - Service: Google Updateservice (gupdate1ca08772da920b2) (gupdate1ca08772da920b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


    End of file - 13885 bytes


  • Hallo Meine,

    een logger slaat elke toetsaanslag van jou op en verzend met regelmaat al die gegevens.
    Internetcriminelen proberen op deze wijze aan wachtwoorden enz. te komen - ultimo om je bankrekening te kunnen plunderen!

    Kun je aangeven wat die foutmelding precies aangeeft?
  • Applicatin Launcher.exe - Kan onderdeel niet vinden

    Deze toepassing kan niet worden gestart omdat tlib_log.dll niet kan worden gevonden. Het opnieuw instaleren van deze toepassing kan het probleem oplossen.
  • Ga naar [b:9194691c50]Start / Zoekregel[/b:9194691c50] en typ [b:9194691c50]msconfig[/b:9194691c50] en dan klik je op de tab [b:9194691c50]Opstarten[/b:9194691c50]

    Ga in de lijst van opstartgegevens op zoek naar [b:9194691c50]Teleca[/b:9194691c50] en verwijder dan het/de vinkje(s) ervoor.

    Log dan even uit en dan weer in en wacht af of de melding nogmaals bovenkomt!
  • Teleca niet te vinden in opstart gegevens
  • Ga dan nu wederom naar Start / Zoekregel en typ [b:467ac31e8d]services.msc[/b:467ac31e8d]

    Maak het venster Services groot, verbreed desnoods ook de kolom [b:467ac31e8d]Naam[/b:467ac31e8d] en zoek daar naar [b:467ac31e8d]Teleca[/b:467ac31e8d]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.