Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Geen startbalk en desktop icoontjes

Anoniem
UntouchableFire
17 antwoorden
  • Heb op een laptop van een vriend geen startbalk en desktop icoontjes meer. Heb zelf wat dingen geprobeerd maar kom er niet uit. Kan allen via control+alt+delete programma's openen. Heb adaware en virusscanner erover heen gegooid, maar niks bijzonders gevonden.
    Tot +/- ee week geleden heeft hier nooit iets van beveiliging opgestaan. AVG werd geinstalleerd, maar gaf sindsdien problemen. Hier een hijak this logje:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:30:21, on 20-4-2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe"

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [bbSysTray] C:\Program Files\Philips\Extern station\Blue Button\bbSysTray.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/229?3bc06cb946b447948153d03ed960606e
    O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/230?3bc06cb946b447948153d03ed960606e
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin
    pjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin
    pjpi150.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/4735/defaults/activex/ips/IPSUploader4.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe




  • jaaah dat is focktop

    probeer trojan remover
    http://www.simplysup.com/
  • aandelen simplysup zeker? :?

    is er iemand die mss naar mijn loggie kan kijken?

    alvast bedankt!
  • [quote:4cdbcf4eca="UntouchableFire"]aandelen simplysup zeker? :?

    is er iemand die mss naar mijn loggie kan kijken?

    alvast bedankt![/quote:4cdbcf4eca] 8)



    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:4cdbcf4eca]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    [/b:4cdbcf4eca]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.





    [b:4cdbcf4eca]
  • Hey juisterr, alvast bedankt voor je meedenken;

    hier is het nieuwe logje;

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:40:26, on 21-4-2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe"

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [bbSysTray] C:\Program Files\Philips\Extern station\Blue Button\bbSysTray.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\RunOnce: [KB923561] rundll32.exe apphelp.dll,ShimFlushCache
    O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
    O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
    O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/229?3bc06cb946b447948153d03ed960606e
    O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/230?3bc06cb946b447948153d03ed960606e
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/4735/defaults/activex/ips/IPSUploader4.cab
    O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} (Confirmation) - http://quickscan.bitdefender.com/cab/ActiveQscan.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


    End of file - 9958 bytes


  • verder geen directe bedreigingen eigenlijk. Nog ergens last van ?
  • euh ja..

    geen startbalk en desktop icoontjes lol

    explorer.exe waar het mee te maken heeft denk ik wil niet starten
  • niks geen lol,

    probeer dit eens.

      [*:7a0300f474]Klik in het menu [b:7a0300f474] Extra[/b:7a0300f474] op[b:7a0300f474] Internet-opties. [/b:7a0300f474] [*:7a0300f474]Klik op het tabblad [b:7a0300f474] Geavanceerd[/b:7a0300f474] op[b:7a0300f474] Reset. [/b:7a0300f474] [*:7a0300f474]Klik in het dialoogvenster [b:7a0300f474] Reset Internet Explorer Settings[/b:7a0300f474] op [b:7a0300f474] Reset. [/b:7a0300f474] [*:7a0300f474]Wanneer de standaardinstellingen van Internet Explorer 7 zijn hersteld, klikt u op [b:7a0300f474] Sluiten[/b:7a0300f474] en vervolgens tweemaal op [b:7a0300f474] OK.[/b:7a0300f474] [*:7a0300f474]Sluit Internet Explorer 7. De wijzigingen worden doorgevoerd wanneer u Internet Explorer 7 de volgende keer opent. [*:7a0300f474][b:7a0300f474] Opmerking [/b:7a0300f474] Als u Internet Explorer 7 om enigerlei reden niet kunt starten, gebruikt u RIES in [b:7a0300f474] Internet-opties [/b:7a0300f474] in het Configuratiescherm.[/list:o:7a0300f474]
  • ik bedoel windows explorer.exe en niet internet explorer.exe, of heeft dat er niks mee te maken?
  • probeer maar, het kan zeker geen kwaad, ik weet niet waar de fout vandaan komt dus er moet worden uitgeprobeerd.
  • IE 6 staat er nog op, is dat een probleem?
  • denk niet dat hij het dan doet , probeerd anders dit eens.

    Download [b:11768055ae][u:11768055ae][/u:11768055ae][/b:11768055ae] en pak beide bestanden in hun eigen map uit naar je Bureaublad.[list:11768055ae]In de map [b:11768055ae]Dial-a-fix-v0.60.0.24[/b:11768055ae], dubbelklik op [b:11768055ae]Dial-a-fix.exe[/b:11768055ae]
    In het venster dat opengaat, klik onderaan op het icoontje met het dubbele groene vinkje (check all).
    Klik daarna op "GO" en laat de tool alle instellingen terugzetten.
    Sluit dit venster na afloop door onderaan op "Exit" te klikken.[/list:u:11768055ae]
  • progje laten lopen en opnieuw opgestart, maar nog steeds geen start balk en desktop icoontjes.
  • apart

    Download [b:5c12f9a68d] naar je Bureaublad en gebruik het volgens deze handleiding.

    [i:5c12f9a68d]
  • Hey, nogmaals bedankt voor alle moeite die je neemt.
    Morgen ga ik hiermee verder, vandaag helaas geen tijd :)
  • neem je tijd.
  • Hey, toch nog even tijd vanavond. Ik heb je instructies opegevolgd en op het moment zijn de startbalk en icoontjes terug. Ik ga zo nog even opnieuw opstarten om te kijken of dat zo blijft.

    Hieronder het gevraagde logje;

    ComboFix 09-04-23.02 - Administrator 22-04-2009 21:27.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1252.31.1033.18.1015.661 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\Administrator\Desktop\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\Microsoft Common
    c:\windows\IE4 Error Log.txt

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2009-03-22 to 2009-04-22 ))))))))))))))))))))))))))))))
    .

    2009-04-21 14:57 . 2009-04-22 19:29 ——– d—–w c:\windows\system32\CatRoot2
    2009-04-21 13:39 . 2009-04-21 13:39 73728 —-a-w c:\windows\system32\javacpl.cpl
    2009-04-21 13:39 . 2009-04-21 13:39 410984 —-a-w c:\windows\system32\deploytk.dll
    2009-04-20 13:15 . 2009-04-20 13:15 ——– d—–w c:\windows\system32\en
    2009-04-20 13:15 . 2009-04-20 13:15 ——– d—–w c:\windows\system32\bits
    2009-04-20 12:22 . 2009-04-20 12:22 ——– d—–w c:\windows\system32\scripting
    2009-04-20 12:21 . 2009-04-20 12:21 ——– d—–w c:\windows\l2schemas
    2009-04-20 12:18 . 2009-04-20 12:22 ——– d—–w c:\windows\ServicePackFiles
    2009-04-20 11:50 . 2009-04-20 13:11 ——– d—–w c:\documents and settings\Administrator\Application Data\OfficeUpdate12
    2009-04-20 09:40 . 2009-04-20 09:40 ——– d—–w c:\documents and settings\Administrator\Application Data\QuickScan
    2009-04-19 21:42 . 2009-03-09 19:06 15688 —-a-w c:\windows\system32\lsdelete.exe
    2009-04-19 21:08 . 2009-03-09 19:06 64160 —-a-w c:\windows\system32\drivers\Lbd.sys
    2009-04-19 21:06 . 2009-04-20 13:11 ——– dc-h–w c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
    2009-04-19 21:06 . 2009-04-20 13:11 ——– d—–w c:\documents and settings\All Users\Application Data\Lavasoft
    2009-04-15 13:36 . 2009-03-06 14:22 284160 ——w c:\windows\system32\dllcache\pdh.dll
    2009-04-15 13:36 . 2009-02-09 12:10 473600 ——w c:\windows\system32\dllcache\fastprox.dll
    2009-04-15 13:36 . 2009-02-09 12:10 453120 ——w c:\windows\system32\dllcache\wmiprvsd.dll
    2009-04-15 13:36 . 2009-02-09 12:10 401408 ——w c:\windows\system32\dllcache\rpcss.dll
    2009-04-15 13:36 . 2009-02-06 11:11 110592 ——w c:\windows\system32\dllcache\services.exe
    2009-04-15 13:36 . 2009-02-06 10:39 35328 ——w c:\windows\system32\dllcache\sc.exe
    2009-04-15 13:36 . 2009-02-06 10:10 227840 ——w c:\windows\system32\dllcache\wmiprvse.exe
    2009-04-15 13:36 . 2009-02-09 12:10 729088 ——w c:\windows\system32\dllcache\lsasrv.dll
    2009-04-15 13:36 . 2009-02-09 12:10 714752 ——w c:\windows\system32\dllcache
    tdll.dll
    2009-04-15 13:36 . 2009-02-09 12:10 617472 ——w c:\windows\system32\dllcache\advapi32.dll
    2009-04-15 13:36 . 2009-02-06 11:06 2145280 ——w c:\windows\system32\dllcache
    tkrnlmp.exe
    2009-04-15 13:36 . 2009-02-06 11:08 2189056 ——w c:\windows\system32\dllcache
    toskrnl.exe
    2009-04-15 13:35 . 2009-02-06 10:32 2023936 ——w c:\windows\system32\dllcache
    tkrpamp.exe
    2009-04-15 13:27 . 2009-03-27 06:58 1203922 ——w c:\windows\system32\dllcache\sysmain.sdb
    2009-04-15 13:27 . 2008-05-03 11:55 2560 ——w c:\windows\system32\xpsp4res.dll
    2009-04-15 13:27 . 2008-04-21 12:08 215552 ——w c:\windows\system32\dllcache\wordpad.exe
    2009-04-04 18:48 . 2009-04-20 13:08 ——– d—–w c:\documents and settings\Administrator\.housecall6.6
    2009-04-02 20:39 . 2009-04-02 20:48 ——– d—a-w c:\documents and settings\All Users\Application Data\TEMP

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-04-22 19:30 . 2009-04-19 21:46 4252 —-a-w C:\aaw7boot.log
    2009-04-22 19:01 . 2009-01-11 12:31 ——– d—–w c:\documents and settings\All Users\Application Data\Google Updater
    2009-04-21 13:39 . 2009-04-21 13:39 ——– d—–w c:\program files\Java
    2009-04-20 12:26 . 2004-08-07 13:12 254623 —-a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2009-04-20 12:14 . 2002-08-29 07:00 250048 –sh–r C:
    tldr
    2009-04-19 23:30 . 2009-04-19 23:30 ——– d—–w c:\program files\Trend Micro
    2009-04-19 21:52 . 2009-04-19 21:52 ——– d—–w c:\program files\Alwil Software
    2009-04-19 21:06 . 2009-04-19 21:06 ——– d—–w c:\program files\Lavasoft
    2009-04-15 13:24 . 2006-09-04 19:31 232 —ha-w C:\sqmdata02.sqm
    2009-04-15 13:24 . 2006-09-04 17:47 244 —ha-w C:\sqmnoopt00.sqm
    2009-04-14 11:22 . 2006-09-30 23:17 244 —ha-w C:\sqmnoopt19.sqm
    2009-04-14 11:22 . 2006-09-04 19:31 232 —ha-w C:\sqmdata01.sqm
    2009-04-08 08:28 . 2006-09-29 21:44 244 —ha-w C:\sqmnoopt18.sqm
    2009-04-08 08:28 . 2006-09-04 17:47 232 —ha-w C:\sqmdata00.sqm
    2009-04-05 19:22 . 2006-09-30 23:17 232 —ha-w C:\sqmdata19.sqm
    2009-04-05 19:22 . 2006-09-29 21:44 244 —ha-w C:\sqmnoopt17.sqm
    2009-04-04 09:34 . 2006-09-29 21:44 232 —ha-w C:\sqmdata18.sqm
    2009-04-04 09:34 . 2006-09-28 15:38 244 —ha-w C:\sqmnoopt16.sqm
    2009-04-04 09:26 . 2006-09-29 21:44 232 —ha-w C:\sqmdata17.sqm
    2009-04-04 09:26 . 2006-09-28 15:37 244 —ha-w C:\sqmnoopt15.sqm
    2009-04-04 09:24 . 2006-09-28 15:38 232 —ha-w C:\sqmdata16.sqm
    2009-04-04 09:24 . 2006-09-11 07:00 244 —ha-w C:\sqmnoopt14.sqm
    2009-04-04 09:23 . 2006-09-28 15:37 232 —ha-w C:\sqmdata15.sqm
    2009-04-04 09:23 . 2006-09-10 19:28 244 —ha-w C:\sqmnoopt13.sqm
    2009-04-04 09:23 . 2006-09-11 07:00 232 —ha-w C:\sqmdata14.sqm
    2009-04-04 09:23 . 2006-09-10 19:28 244 —ha-w C:\sqmnoopt12.sqm
    2009-04-04 09:23 . 2006-09-10 19:28 232 —ha-w C:\sqmdata13.sqm
    2009-04-04 09:23 . 2006-09-09 12:42 244 —ha-w C:\sqmnoopt11.sqm
    2009-03-28 10:36 . 2008-04-28 20:39 ——– d—–w c:\program files\PokerStars
    2009-03-24 17:04 . 2006-03-25 08:08 ——– d—–w c:\documents and settings\Administrator\Application Data\Skype
    2009-03-22 17:12 . 2006-09-10 19:28 232 —ha-w C:\sqmdata12.sqm
    2009-03-22 17:12 . 2006-09-09 06:41 244 —ha-w C:\sqmnoopt10.sqm
    2009-03-22 17:12 . 2006-09-09 12:42 232 —ha-w C:\sqmdata11.sqm
    2009-03-22 17:12 . 2006-09-07 22:21 244 —ha-w C:\sqmnoopt09.sqm
    2009-03-22 17:08 . 2006-09-09 06:41 232 —ha-w C:\sqmdata10.sqm
    2009-03-22 17:08 . 2006-09-07 18:36 244 —ha-w C:\sqmnoopt08.sqm
    2009-03-21 14:51 . 2006-09-07 22:21 232 —ha-w C:\sqmdata09.sqm
    2009-03-21 14:51 . 2006-09-07 18:36 244 —ha-w C:\sqmnoopt07.sqm
    2009-03-21 14:06 . 2009-03-21 14:06 989696 ——w c:\windows\system32\dllcache\kernel32.dll
    2009-03-20 21:08 . 2006-09-07 18:36 232 —ha-w C:\sqmdata08.sqm
    2009-03-20 21:08 . 2006-09-07 18:35 244 —ha-w C:\sqmnoopt06.sqm
    2009-03-20 21:08 . 2006-09-07 18:36 232 —ha-w C:\sqmdata07.sqm
    2009-03-20 21:08 . 2006-09-07 10:44 244 —ha-w C:\sqmnoopt05.sqm
    2009-03-20 21:08 . 2006-09-07 18:35 232 —ha-w C:\sqmdata06.sqm
    2009-03-20 21:08 . 2006-09-07 10:44 244 —ha-w C:\sqmnoopt04.sqm
    2009-03-20 21:07 . 2006-09-07 10:44 232 —ha-w C:\sqmdata05.sqm
    2009-03-20 21:07 . 2006-09-04 19:54 244 —ha-w C:\sqmnoopt03.sqm
    2009-03-20 21:07 . 2006-09-07 10:44 232 —ha-w C:\sqmdata04.sqm
    2009-03-20 21:07 . 2006-09-04 19:31 244 —ha-w C:\sqmnoopt02.sqm
    2009-03-16 16:42 . 2009-03-16 16:42 524288 —-a-w c:\windows\opuc.dll
    2009-03-06 14:22 . 2004-08-04 08:00 284160 —-a-w c:\windows\system32\pdh.dll
    2009-03-04 17:50 . 2006-09-04 19:54 268 —ha-w C:\sqmdata03.sqm
    2009-03-04 17:50 . 2006-09-04 19:31 244 —ha-w C:\sqmnoopt01.sqm
    2009-03-02 23:04 . 2008-08-20 05:30 1499136 ——w c:\windows\system32\dllcache\shdocvw.dll
    2009-02-20 08:11 . 2008-04-21 06:44 3068416 ——w c:\windows\system32\dllcache\mshtml.dll
    2009-02-20 08:10 . 2008-08-20 05:30 619520 ——w c:\windows\system32\dllcache\urlmon.dll
    2009-02-20 08:10 . 2008-04-21 06:44 666112 ——w c:\windows\system32\dllcache\wininet.dll
    2009-02-20 08:10 . 2004-08-04 08:00 666112 —-a-w c:\windows\system32\wininet.dll
    2009-02-20 08:10 . 2009-02-20 08:10 81920 ——w c:\windows\system32\dllcache\ieencode.dll
    2009-02-20 08:10 . 2004-08-04 08:00 81920 —-a-w c:\windows\system32\ieencode.dll
    2009-02-09 12:10 . 2004-08-04 08:00 729088 —-a-w c:\windows\system32\lsasrv.dll
    2009-02-09 12:10 . 2004-08-04 08:00 714752 —-a-w c:\windows\system32
    tdll.dll
    2009-02-09 12:10 . 2004-08-04 08:00 617472 —-a-w c:\windows\system32\advapi32.dll
    2009-02-09 12:10 . 2004-08-04 08:00 401408 —-a-w c:\windows\system32\rpcss.dll
    2009-02-09 11:13 . 2008-12-09 17:42 1846784 ——w c:\windows\system32\dllcache\win32k.sys
    2009-02-09 11:13 . 2004-08-04 08:00 1846784 —-a-w c:\windows\system32\win32k.sys
    2009-02-07 17:02 . 2009-02-07 17:02 2066048 ——w c:\windows\system32\dllcache
    tkrnlpa.exe
    2009-02-07 17:02 . 2004-08-04 08:00 2066048 —-a-w c:\windows\system32
    tkrnlpa.exe
    2009-02-06 11:11 . 2004-08-04 08:00 110592 —-a-w c:\windows\system32\services.exe
    2009-02-06 11:08 . 2004-08-04 08:00 2189056 —-a-w c:\windows\system32
    toskrnl.exe
    2009-02-06 10:39 . 2004-08-04 08:00 35328 —-a-w c:\windows\system32\sc.exe
    2009-02-03 19:59 . 2009-02-03 19:59 56832 ——w c:\windows\system32\dllcache\secur32.dll
    2009-02-03 19:59 . 2004-08-04 08:00 56832 —-a-w c:\windows\system32\secur32.dll
    2008-07-11 10:07 . 2005-12-14 21:31 60504 —-a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2005-09-29 15:52 . 2006-10-19 21:19 136 —-a-w c:\documents and settings\Jeroen\Local Settings\Application Data\fusioncache.dat
    2005-09-29 15:52 . 2005-09-29 15:52 136 —-a-w c:\documents and settings\Administrator\Local Settings\Application Data\fusioncache.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-06-12 20002856]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-29 68856]
    "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-12-21 155648]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-12-21 126976]
    "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
    "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
    "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
    "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-11-19 233534]
    "hpWirelessAssistant"="c:\program files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe" [2004-12-09 790528]
    "WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2004-12-08 184320]
    "RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-10-24 20480]
    "LVCOMS"="c:\program files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
    "UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
    "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-03 122939]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-06-28 32768]
    "bbSysTray"="c:\program files\Philips\Extern station\Blue Button\bbSysTray.exe" [2002-06-06 77915]
    "AdaptecDirectCD"="c:\program files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-07-31 684032]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-01-07 30192]
    "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-09 515416]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-21 148888]
    "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-08-24 88363]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\Administrator\Start Menu\Programs\Startup\
    Mediacontrole Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-8-18 344064]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2005-10-5 184320]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
    Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-10-24 169472]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\MSN Messenger\\livecall.exe"=
    "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-07 30192]
    R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 272128]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-03-09 64160]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
    S3 GTIPCI21;GTIPCI21;c:\windows\system32\DRIVERS\gtipci21.sys [2004-05-03 80384]


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f5177a6-a128-11dc-8988-0012f096cfbf}]
    \Shell\Auto\command - MSOCache\doWTP_RESTORE.exe -autorun
    \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MSOCache\doWTP_RESTORE.exe -autorun

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4529fcdc-dd05-11dd-89de-00143813974d}]
    \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
    \Shell\Explore\command - F:\system.exe
    \Shell\Open\command - F:\system.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6bfaac01-e0dc-11dd-89e1-0012f096cfbf}]
    \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
    \Shell\Explore\command - E:\system.exe
    \Shell\Open\command - E:\system.exe
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-04-19 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:06]

    2009-04-21 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
    - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

    2009-04-22 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 21:30]
    .
    - - - - ORPHANS VERWIJDERD - - - -

    HKCU-Run-WebCamRT.exe - (no file)


    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.hp.com
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mDefault_Page_URL = hxxp://www.hp.com
    mDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/229?3bc06cb946b447948153d03ed960606e
    IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/230?3bc06cb946b447948153d03ed960606e
    DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} - hxxps://asp.photoprintit.de/microsite/4735/defaults/activex/ips/IPSUploader4.cab
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-04-22 21:31
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????????n??|?????? ?4?B?????????????hLC? ??????

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_USERS\S-1-5-21-106071749-1716406200-1298410500-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
    "Name"="ActiveSync"
    "DisplayName"="Microsoft ActiveSync"
    "Param1"="ActiveSync"
    "Type"="wellknown"
    "Order"=dword:00000001
    "State"=dword:0000000b

    [HKEY_USERS\S-1-5-21-106071749-1716406200-1298410500-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
    "Name"="IESettings"
    "Type"="IESettings"
    "Order"=dword:00000004
    "State"=dword:0000000b

    [HKEY_USERS\S-1-5-21-106071749-1716406200-1298410500-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
    "Name"="MediaFiles"
    "Type"="MediaFiles"
    "Order"=dword:00000003
    "State"=dword:0000000b

    [HKEY_USERS\S-1-5-21-106071749-1716406200-1298410500-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]
    "Name"="NPW"
    "Param1"="NPW"
    "Type"="wellknown"
    "Order"=dword:00000002
    "State"=dword:0000000b

    [HKEY_USERS\S-1-5-21-106071749-1716406200-1298410500-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]
    "Name"="Outlook"
    "DisplayName"="Microsoft Outlook"
    "Param1"="Outlook"
    "Type"="wellknown"
    "Order"=dword:00000000
    "State"=dword:00000020

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•A~*]
    "3140AC1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\windows\system32\scardsvr.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    c:\program files\Analog Devices\SoundMAX\SMAgent.exe
    c:\windows\system32\wdfmgr.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\windows\system32\wscntfy.exe
    c:\windows\system32\msiexec.exe
    c:\windows\system32\Macromed\Flash\FlashUtil9f.exe
    c:\progra~1\MI3AA1~1\rapimgr.exe
    c:\program files\HP\Digital Imaging\bin\hpqste08.exe
    c:\program files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2009-04-22 21:37 - machine werd herstart
    ComboFix-quarantined-files.txt 2009-04-22 19:37

    Pre-Run: 17.602.895.872 bytes free
    Post-Run: 17.581.133.824 bytes free

    WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

    308 — E O F — 2009-04-21 18:57










Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.