Hier is ie:

ComboFix 11-11-14.01 - gebruiker 14-11-2011 13:26:50.21.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1465 [GMT 1:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\bwUnin-6.1.4.36-8876480L.exe
c:\windows\bwUnin-7.2.0.137-8876480SL.exe
c:\windows\system32\CF14009.exe
c:\windows\system32\PowerToyReadme.htm
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-10-14 to 2011-11-14 ))))))))))))))))))))))))))))))
.
.
2011-11-14 06:18 . 2011-11-14 06:18 ——– d—–w- c:\windows\LastGood
2011-11-06 06:50 . 2010-08-27 08:03 119808 —-a-w- c:\windows\system32\t2embed.dll
2011-10-29 10:52 . 2011-11-14 06:57 ——– d—–w- c:\program files\MALWAREBYTES ANTI-MALWARE
2011-10-27 18:22 . 2011-10-27 18:22 ——– d—–w- c:\program files\Common Files\Java
2011-10-27 10:47 . 2011-10-27 10:47 ——– d—–w- c:\documents and settings\gebruiker\Application Data\AVG2012
2011-10-27 10:46 . 2011-10-27 10:53 ——– d—–w- c:\documents and settings\All Users\Application Data\AVG2012
2011-10-20 10:21 . 2011-11-14 08:01 ——– d—–w- c:\program files\TunnelBear
2011-10-17 08:28 . 2011-10-17 08:43 ——– d—–w- c:\documents and settings\All Users\Application Data\Norton
2011-10-16 18:47 . 2011-11-14 09:16 ——– d–h–r- c:\documents and settings\gebruiker\Onlangs geopend
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-31 06:19 . 2011-05-19 07:22 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2005-03-01 20:19 692736 —-a-w- c:\windows\system32\inetcomm.dll
2011-10-07 05:23 . 2011-01-07 04:41 230608 —-a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 05:21 . 2011-02-10 05:53 16720 —-a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-10-03 03:06 . 2010-06-06 07:14 472808 —-a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2009-06-19 14:51 73728 —-a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2005-03-01 20:18 602624 —-a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 614912 —-a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2005-03-01 20:20 23040 —-a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2005-03-01 20:20 220160 —-a-w- c:\windows\system32\oleacc.dll
2011-09-13 04:30 . 2011-03-16 14:03 32592 —-a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-09-06 14:09 . 2005-03-01 20:21 1859072 —-a-w- c:\windows\system32\win32k.sys
2011-08-31 15:00 . 2011-06-18 06:03 22216 —-a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:41 . 2005-03-01 20:21 916480 —-a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2005-03-01 20:19 43520 —-a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2005-03-01 20:19 1469440 ——w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:58 . 2005-03-01 20:18 385024 —-a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2005-03-01 20:17 138496 —-a-w- c:\windows\system32\drivers\afd.sys
2011-11-10 06:22 . 2011-07-18 05:03 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640]
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JWOSetup"="JWOSetup.exe -en" [X]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256]
"AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832]
"AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376]
"VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
PHOTOfunSTUDIO 5.0 HD Edition.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2011-8-4 170480]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0\0\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk
backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-08-31 10:01 1037736 —-a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 15:15 221184 —-a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 81920 —-a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-26 23:22 421160 —-a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13 988584 —-a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-04-28 13:10 73728 ——w- c:\program files\Logitech\MediaLife\MediaLifeService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 14:06 406016 —-a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 —-a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 —-a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 —-a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\DropUpload\\DropUpLoad.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\GigaTribe\\gigatribe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4210:TCP"= 4210:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 7:13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 15:03 32592]
R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 16:52 70656]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 16:53 77312]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 5:41 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4-4-2011 23:59 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 5:09 192776]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 20:28 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 6:53 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 6:53 16720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 13:16 130384]
S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x]
S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 16:18 113664]
S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 16:18 15104]
S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 16:52 68224]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 16:11 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 16:11 3768]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [21-9-2008 15:19 47360]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 16:06 223128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 16:00 642560]
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - 30267546
*Deregistered* - 30267546
.
Inhoud van de 'Gedeelde Taken' map
.
2011-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
.
2011-11-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 05:50]
.
2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007Core.job
- c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24]
.
2011-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007UA.job
- c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24]
.
.
——- Bijkomende Scan ——-
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\
FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4e270951&i=23&tp=ab&nt=1&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-14 13:36
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
——————— DLLs Geladen Onder Lopende Processen ———————
.
- - - - - - - > 'winlogon.exe'(1240)
c:\windows\system32\Ati2evxx.dll
.
Voltooingstijd: 2011-11-14 13:45:23
ComboFix-quarantined-files.txt 2011-11-14 12:45
ComboFix2.txt 2011-07-19 18:03
.
Pre-Run: 15.750.148.096 bytes beschikbaar
Post-Run: 15.984.013.312 bytes beschikbaar
.
- - End Of File - - 858FE40C1C27EF50789264F4B74689E9

Dag deskundigen,

Gisteren viel opeens het beeld weg en kreeg ik het bericht dat windows gestopt was vanwege een fout, dat ik opnieuw moest opstarten en als dit bericht vaker zou komen ik de BIOS moest updaten.
Verder komt AVG regelmatig met het bericht dat Mozilla Firefox veel geheugen verbruikt, en dat ik die moet afsluiten. Dat bericht kreeg ik tot voor kort nooit.
Misschien heeft het ermee te maken dat ik een week Expat Shield had geinstalleerd, wat me veel reclame en ongewenste websites opleverde. Die heb ik daarna verwijderd en de computer schoongemaakt.
Hoe dan ook, graag wil ik jullie vragen mijn Hijackthislog even na te kijken. Zodat ik weet dat die in elk geval schoon is.

Hartelijk dank alvast,

Diana.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:09, on 13-11-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe
C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe
C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.expatshield.com/g/?c=h
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray
O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [JWOSetup] JWOSetup.exe -u
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO 5.0 HD Edition.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

–
End of file - 12733 bytes

Hallo Diana, gezien wat jij zoal met jouw XP doet, hoeveel werkgeheugen is aanwezig in jouw PC?

[b:2ac8476f6a]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:2ac8476f6a]

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Databaseversie: 8158

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

14-11-2011 8:02:13
mbam-log-2011-11-14 (08-02-13).txt

Scantype: Snelle scan
Objecten gescand: 193469
Verstreken tijd: 3 minuut/minuten, 38 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:08:50, on 14-11-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe
C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe
C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray
O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO 5.0 HD Edition.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

–
End of file - 11638 bytes


Wat zou ik dan beter niet kunnen doen met mijn XP?
Overigens is er nog iets vreemds: na het afsluiten twee updates die worden geinstalleerd. Dat is op zich niet vreemd, maar het gebeurt om de paar dagen, net alsof het updaten niet gelukt is de vorige keren.

Je mag het volgende gaan doen:

[quote:3e8684757a="Abraham54"]Je mag het volgende gaan doen:

Hoe krijg ik Combofix op het bureaublad?

Gewoon als downloadlokatie je bureaublad kiezen!

[quote:c67cff88f0="Abraham54"]Gewoon als downloadlokatie je bureaublad kiezen![/quote:c67cff88f0]

Die optie is er niet. Vroeger wel, nu niet meer. Als je een van de opgegeven linken aanklikt, begint het downladen meteen.

Indien Firefox je standaardbrowser is, dan heeft FF een standaard downloadlokatie.

Je hebt TDSSKiller toch ook eerst moeten downloaden….

Dus dan verplaats je vanuit die standaard downloadlokatie ComboFix eerst naar je bureaublad.
(Verplaatsen dus, niet kopiëren!).

Dat ziet er prima uit.

Hoe draait jouw Windows inmiddels.
Overigens: heb jij Norton in jouw Windows gehad?

[quote:f025a356e8="Abraham54"]Dat ziet er prima uit.

Hoe draait jouw Windows inmiddels.
Overigens: heb jij Norton in jouw Windows gehad?[/quote:f025a356e8]

Ik heb nog geen problemen gehad na Combofix.
Norton had ik een keer per ongeluk aangeklikt bij iets anders. Is zwaar programma, weet ik.

Oké, open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:312bc336be]Kladblok[/b:312bc336be]".


Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


[b:312bc336be]

Hierbij:
ComboFix 11-11-14.01 - gebruiker 14-11-2011 15:13:34.22.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1461 [GMT 1:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\gebruiker\Bureaublad\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Norton
c:\documents and settings\All Users\Application Data\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-10-14 to 2011-11-14 ))))))))))))))))))))))))))))))
.
.
2011-11-06 06:50 . 2010-08-27 08:03 119808 —-a-w- c:\windows\system32\t2embed.dll
2011-10-29 10:52 . 2011-11-14 06:57 ——– d—–w- c:\program files\MALWAREBYTES ANTI-MALWARE
2011-10-27 18:22 . 2011-10-27 18:22 ——– d—–w- c:\program files\Common Files\Java
2011-10-27 10:47 . 2011-10-27 10:47 ——– d—–w- c:\documents and settings\gebruiker\Application Data\AVG2012
2011-10-27 10:46 . 2011-10-27 10:53 ——– d—–w- c:\documents and settings\All Users\Application Data\AVG2012
2011-10-20 10:21 . 2011-11-14 08:01 ——– d—–w- c:\program files\TunnelBear
2011-10-17 08:28 . 2011-10-17 08:28 ——– d—–w- c:\documents and settings\All Users\Application Data\NortonInstaller
2011-10-16 18:47 . 2011-11-14 14:11 ——– d–h–r- c:\documents and settings\gebruiker\Onlangs geopend
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-31 06:19 . 2011-05-19 07:22 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2005-03-01 20:19 692736 —-a-w- c:\windows\system32\inetcomm.dll
2011-10-07 05:23 . 2011-01-07 04:41 230608 —-a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 05:21 . 2011-02-10 05:53 16720 —-a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-10-03 03:06 . 2010-06-06 07:14 472808 —-a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2009-06-19 14:51 73728 —-a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2005-03-01 20:18 602624 —-a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 614912 —-a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2005-03-01 20:20 23040 —-a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2005-03-01 20:20 220160 —-a-w- c:\windows\system32\oleacc.dll
2011-09-13 04:30 . 2011-03-16 14:03 32592 —-a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-09-06 14:09 . 2005-03-01 20:21 1859072 —-a-w- c:\windows\system32\win32k.sys
2011-08-31 15:00 . 2011-06-18 06:03 22216 —-a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:41 . 2005-03-01 20:21 916480 —-a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2005-03-01 20:19 43520 —-a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2005-03-01 20:19 1469440 ——w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:58 . 2005-03-01 20:18 385024 —-a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2005-03-01 20:17 138496 —-a-w- c:\windows\system32\drivers\afd.sys
2011-11-10 06:22 . 2011-07-18 05:03 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-14_12.36.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-14 14:20 . 2011-11-14 14:20 16384 c:\windows\temp\Perflib_Perfdata_330.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640]
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JWOSetup"="JWOSetup.exe -en" [X]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256]
"AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832]
"AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376]
"VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
PHOTOfunSTUDIO 5.0 HD Edition.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2011-8-4 170480]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0\0\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk
backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-08-31 10:01 1037736 —-a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 15:15 221184 —-a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 81920 —-a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-26 23:22 421160 —-a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13 988584 —-a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-04-28 13:10 73728 ——w- c:\program files\Logitech\MediaLife\MediaLifeService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 14:06 406016 —-a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 —-a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 —-a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 —-a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\DropUpload\\DropUpLoad.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\GigaTribe\\gigatribe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4210:TCP"= 4210:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 7:13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 15:03 32592]
R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 16:52 70656]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 16:53 77312]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 5:41 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4-4-2011 23:59 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 5:09 192776]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 20:28 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 6:53 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 6:53 16720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 13:16 130384]
S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x]
S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 16:18 113664]
S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 16:18 15104]
S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 16:52 68224]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 16:11 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 16:11 3768]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [21-9-2008 15:19 47360]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 16:06 223128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 16:00 642560]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
.
2011-11-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 05:50]
.
2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007Core.job
- c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24]
.
2011-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2093061356-4028600207-3804864594-1007UA.job
- c:\documents and settings\gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-22 17:24]
.
.
——- Bijkomende Scan ——-
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\
FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4e270951&i=23&tp=ab&nt=1&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-14 15:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
——————— DLLs Geladen Onder Lopende Processen ———————
.
- - - - - - - > 'winlogon.exe'(1240)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3940)
c:\windows\system32\tabhook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
———————— Andere Aktieve Processen ————————
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\bgsvcgen.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Creative\Shared Files\CTDevSrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\Tablet.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Voltooingstijd: 2011-11-14 15:27:25 - machine werd herstart
ComboFix-quarantined-files.txt 2011-11-14 14:27
ComboFix2.txt 2011-11-14 12:45
ComboFix3.txt 2011-07-19 18:03
.
Pre-Run: 15.894.847.488 bytes beschikbaar
Post-Run: 15.904.473.088 bytes beschikbaar
.
- - End Of File - - EAE2EB76067DB63520192D7A6E9935DA


AVG komt er nogal eens doorheen met toestaan of weigeren. Terwijl ik de scanner heb uitgezet.

Mooi zo.
Dat ben je nu ook kwijt in Windows.

Alles draait nu naar behoren?

[quote:c83990d6fb="Abraham54"]Mooi zo.
Dat ben je nu ook kwijt in Windows.

Alles draait nu naar behoren?[/quote:c83990d6fb]

Ja, prima. Ik ben nog even aan het defragmenteren en dan kan ie er weer een tijdje tegenaan. Ik heb deze computer al sinds 2005 met hetzelfde windowsprogramma. Nooit opnieuw hoeven installeren, dankzij jullie!

groetjes,
diana

Welke defragmenteerder gebruik jij?

[quote:e51ce05bfa="Abraham54"]Welke defragmenteerder gebruik jij?[/quote:e51ce05bfa]

Auslogics.

Niet slecht.

Maar sinds kort heeft O&O ook een gratis defragmenteerder, die zodanig defragmenteert, dat veelgebruikte bestanden vooraan de HD komen te staan - Smart-defrag is dat.

O&O Defrag Free Edition als 32-bit- dan wel 64-bit editie - Downloadlink

[quote:8fd7894f51="Abraham54"]Niet slecht.

Maar sinds kort heeft O&O ook een gratis defragmenteerder, die zodanig defragmenteert, dat veelgebruikte bestanden vooraan de HD komen te staan - Smart-defrag is dat.

O&O Defrag Free Edition als 32-bit- dan wel 64-bit editie - Downloadlink[/quote:8fd7894f51]

Ik vind die site te verwarrend. Ik heb per ongeluk de PDF-converter gedownload, geloof ik, en die kan ik niet meer vinden op mijn computer.
Bij het downloaden van de defragmenter, kreeg ik een foutmelding, dus ik stop daarmee. Auslogics is ook goed.
Merci!