security shield

• 

  Bernhard

  05-02-2011 21:56

  Beste Huib allereerst bedankt voor je hulp !

  Onderstaandmij log bestand.

  Vanmorgen dacht ik dat het probleem met SS was opgelost, echter ik heb meerdere gebruikers en bij 1 gebruiker had ik MBam niet gedraaid, met tot gevolg dat bij deze gebruiker SS opnieuw te voorschijn kwam. Heb toen MBam gedraaid en bestanden verwijderd.

  Het is hardnekkige spul dat SS, heb je een idee hoe het op mijn computer kan komen ?

  Groet,

  Bernhard

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 21:51:12, on 5-2-2011

  Platform: Windows XP SP3 (WinNT 5.01.2600)

  MSIE: Internet Explorer v8.00 (8.00.6001.18702)

  Boot mode: Normal

  Running processes:

  C:\WINDOWS\System32\smss.exe

  C:\WINDOWS\system32\winlogon.exe

  C:\WINDOWS\system32\services.exe

  C:\WINDOWS\system32\lsass.exe

  C:\WINDOWS\system32\Ati2evxx.exe

  C:\WINDOWS\system32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

  C:\WINDOWS\system32\spoolsv.exe

  C:\WINDOWS\system32\Ati2evxx.exe

  C:\WINDOWS\Explorer.EXE

  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\Java\jre6\bin\jqs.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

  C:\WINDOWS\system32\wuauclt.exe

  C:\WINDOWS\RTHDCPL.EXE

  C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  C:\WINDOWS\system32\rundll32.exe

  C:\Program Files\Common Files\Java\Java Update\jusched.exe

  C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

  C:\Program Files\Alwil Software\Avast5\avastUI.exe

  C:\WINDOWS\system32\ctfmon.exe

  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

  C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  C:\Program Files\PcCloneEX\PcCloneEX.EXE

  C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

  C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll

  O2 - BHO: XBTP06823 - {D65AAE3F-C06B-4971-B73B-61B989163215} - C:\PROGRA~1\BIJBEL~1\BIJBEL~1.DLL (file missing)

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O4 - HKLM\..\Run: RTHDCPL.EXE

  O4 - HKLM\..\Run: ALCMTR.EXE

  O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe

  O4 - HKLM\..\Run: D:\Setup.exe

  O4 - HKLM\..\Run: C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

  O4 - HKLM\..\Run: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

  O4 - HKLM\..\Run: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\Run: “E:\quick\QTTask.exe” -atboottime

  O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Alwil Software\Avast5\avastUI.exe” /nogui

  O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

  O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

  O4 - HKCU\..\Run: C:\Program Files\programma's\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

  O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”

  O4 - HKCU\..\RunOnce: C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -“Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; BijbelBar; GTB6.6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)” -“http://files.keygames.com/games/dcr/sweet_arts/”

  O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)

  O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)

  O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

  O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\programma's\microsoft office\Office\OSA9.EXE

  O4 - Global Startup: PC Clone EX.LNK = C:\Program Files\PcCloneEX\PcCloneEX.EXE

  O4 - Global Startup: ymetray.lnk = C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://bribus.2020.net/Core/Player/2020PlayerAX_Win32.cab

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

  O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

  O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

  O23 - Service: Google Updateservice (gupdate1ca013c41192374) (gupdate1ca013c41192374) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

  O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

  –

  End of file - 9096 bytes

  Rapporteren
• 

  Jos H

  05-02-2011 22:13

  Je deur stond open,geen virusscanner.X(

  Rapporteren
• 

  fazantje

  05-02-2011 22:23

  Hoi Bernard,

  Allereerst bedankt voor de opmerking dat er meerdere gebruikers zijn.

  Graag van alle gebruikers een HijackThis logje.

  Zoals Jos ook al zei, oorzaak kan het niet hebben van een virusscanner zijn.

  Verder kun je Spyware Blaster op je computer nemen, deze had het zeker tegen gehouden, maar goed, dan had je spoedig ergere problemen opgelopen zonder scanner.

  Info over spywareblaster geef ik je nadat ik alle logjes schoon heb;)

  Dit is jou account.

  Start HijackThis en klik op “scan” en vink de volgende regel aan:

  O2 - BHO: XBTP06823 - {D65AAE3F-C06B-4971-B73B-61B989163215} - C:\PROGRA~1\BIJBEL~1\BIJBEL~1.DLL (file missing)

  Sluit alle vensters, behalve HijackThis en klik op fix checked.

  Verwijder ook nog even onder: C - program files de volgende mappen:

  C - program files - \iMeshMediabarTb of mediabar <—– deze map

  C - program files - lavasoft <—– deze map

  Succes,

  Huib;)

  

  Rapporteren
• 

  Bernhard

  06-02-2011 15:22

  Beste Huib,

  onderstaand de logbestandjes van 3 gebruikers.

  Mediabar kon ik niet vinden ?-)

  Lavasoft verwijderd (lege map)

  De genoemde regel hersteld.

  logbestand “eigenaar”

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 14:50:24, on 6-2-2011

  Platform: Windows XP SP3 (WinNT 5.01.2600)

  MSIE: Internet Explorer v8.00 (8.00.6001.18702)

  Boot mode: Normal

  Running processes:

  C:\WINDOWS\System32\smss.exe

  C:\WINDOWS\system32\winlogon.exe

  C:\WINDOWS\system32\services.exe

  C:\WINDOWS\system32\lsass.exe

  C:\WINDOWS\system32\Ati2evxx.exe

  C:\WINDOWS\system32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

  C:\WINDOWS\system32\spoolsv.exe

  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\Java\jre6\bin\jqs.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

  C:\WINDOWS\system32\Ati2evxx.exe

  C:\WINDOWS\Explorer.EXE

  C:\WINDOWS\RTHDCPL.EXE

  C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  C:\WINDOWS\system32\rundll32.exe

  C:\Program Files\Common Files\Java\Java Update\jusched.exe

  C:\Program Files\Alwil Software\Avast5\avastUI.exe

  C:\WINDOWS\system32\ctfmon.exe

  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

  C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  C:\Program Files\PcCloneEX\PcCloneEX.EXE

  C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

  C:\Program Files\IncrediMail\Bin\IncMail.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

  C:\Program Files\IncrediMail\Bin\ImApp.exe

  C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O4 - HKLM\..\Run: RTHDCPL.EXE

  O4 - HKLM\..\Run: ALCMTR.EXE

  O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe

  O4 - HKLM\..\Run: D:\Setup.exe

  O4 - HKLM\..\Run: C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

  O4 - HKLM\..\Run: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

  O4 - HKLM\..\Run: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\Run: “E:\quick\QTTask.exe” -atboottime

  O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Alwil Software\Avast5\avastUI.exe” /nogui

  O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

  O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

  O4 - HKCU\..\Run: C:\Program Files\programma's\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

  O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”

  O4 - HKCU\..\RunOnce: C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -“Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; BijbelBar; GTB6.6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)” -“http://files.keygames.com/games/dcr/sweet_arts/”

  O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)

  O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)

  O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

  O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\programma's\microsoft office\Office\OSA9.EXE

  O4 - Global Startup: ymetray.lnk = C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://bribus.2020.net/Core/Player/2020PlayerAX_Win32.cab

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

  O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

  O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

  O23 - Service: Google Updateservice (gupdate1ca013c41192374) (gupdate1ca013c41192374) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

  O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

  –

  End of file - 8903 bytes

  logbestand “gebruiker Robert”

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 15:03:51, on 6-2-2011

  Platform: Windows XP SP3 (WinNT 5.01.2600)

  MSIE: Internet Explorer v8.00 (8.00.6001.18702)

  Boot mode: Normal

  Running processes:

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\Ati2evxx.exe

  C:\WINDOWS\Explorer.EXE

  C:\WINDOWS\RTHDCPL.EXE

  C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  C:\WINDOWS\system32\rundll32.exe

  C:\Program Files\Common Files\Java\Java Update\jusched.exe

  C:\Program Files\Alwil Software\Avast5\avastUI.exe

  C:\WINDOWS\system32\ctfmon.exe

  C:\Program Files\IncrediMail\bin\IncMail.exe

  C:\Program Files\Messenger\msmsgs.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  C:\Program Files\IncrediMail\Bin\ImApp.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

  C:\Program Files\Internet Explorer\iexplore.exe

  C:\Program Files\Internet Explorer\iexplore.exe

  C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

  C:\Program Files\Common Files\Java\Java Update\jucheck.exe

  C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tribalwars.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O4 - HKLM\..\Run: RTHDCPL.EXE

  O4 - HKLM\..\Run: ALCMTR.EXE

  O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe

  O4 - HKLM\..\Run: D:\Setup.exe

  O4 - HKLM\..\Run: C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

  O4 - HKLM\..\Run: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

  O4 - HKLM\..\Run: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\Run: “E:\quick\QTTask.exe” -atboottime

  O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Alwil Software\Avast5\avastUI.exe” /nogui

  O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

  O4 - HKCU\..\Run: C:\Program Files\IncrediMail\bin\IncMail.exe /c

  O4 - HKCU\..\Run: “C:\Program Files\programma's\QuickTime 4\QTTask.exe” -atboottime

  O4 - HKCU\..\Run: rundll32.exe “C:\WINDOWS\msp2ns05.dll”,Startup

  O4 - HKCU\..\RunOnce: C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -“Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BijbelBar; GTB6.5; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)” -“http://www.speeleiland.nl/spel/voetballen_wk_revanche.html”

  O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

  O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\programma's\microsoft office\Office\OSA9.EXE

  O4 - Global Startup: ymetray.lnk = C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://bribus.2020.net/Core/Player/2020PlayerAX_Win32.cab

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

  O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

  O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

  O23 - Service: Google Updateservice (gupdate1ca013c41192374) (gupdate1ca013c41192374) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

  O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

  –

  End of file - 8276 bytes

  logbestanbd “gebruiker Rosanne”

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 15:11:21, on 6-2-2011

  Platform: Windows XP SP3 (WinNT 5.01.2600)

  MSIE: Internet Explorer v8.00 (8.00.6001.18702)

  Boot mode: Normal

  Running processes:

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\Ati2evxx.exe

  C:\WINDOWS\Explorer.EXE

  C:\WINDOWS\RTHDCPL.EXE

  C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  C:\WINDOWS\system32\rundll32.exe

  C:\Program Files\Common Files\Java\Java Update\jusched.exe

  C:\Program Files\Alwil Software\Avast5\avastUI.exe

  C:\WINDOWS\system32\ctfmon.exe

  C:\Program Files\Messenger\msmsgs.exe

  C:\Program Files\IncrediMail\bin\IncMail.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  C:\Program Files\IncrediMail\Bin\ImApp.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

  C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://roosjes123.hyves.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O4 - HKLM\..\Run: RTHDCPL.EXE

  O4 - HKLM\..\Run: ALCMTR.EXE

  O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe

  O4 - HKLM\..\Run: D:\Setup.exe

  O4 - HKLM\..\Run: C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

  O4 - HKLM\..\Run: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

  O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

  O4 - HKLM\..\Run: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\Run: “E:\quick\QTTask.exe” -atboottime

  O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Alwil Software\Avast5\avastUI.exe” /nogui

  O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

  O4 - HKCU\..\Run: “C:\Program Files\Messenger\msmsgs.exe” /background

  O4 - HKCU\..\Run: C:\Program Files\IncrediMail\bin\IncMail.exe /c

  O4 - HKCU\..\Run: “C:\Program Files\programma's\QuickTime 4\QTTask.exe” -atboottime

  O4 - HKCU\..\RunOnce: C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -“Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BijbelBar; GTB6.6; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)” -“http://www.speeleiland.nl/speed-cars.htm”

  O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

  O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\programma's\microsoft office\Office\OSA9.EXE

  O4 - Global Startup: ymetray.lnk = C:\Program Files\programma's\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

  O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://bribus.2020.net/Core/Player/2020PlayerAX_Win32.cab

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

  O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

  O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

  O23 - Service: Google Updateservice (gupdate1ca013c41192374) (gupdate1ca013c41192374) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

  O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

  –

  End of file - 8023 bytes

  Rapporteren
• 

  fazantje

  06-02-2011 16:32

  Hoi Bernhard,

  Logjes zien er goed uit(tu)

  Neem Ccleaner op de computer, deze ruimt alle restanten die achter blijven lekker op.

  http://www.filehippo.com/download_ccleaner

  Na installatie het programma standaard laten draaien.

  Eerst de Cleaner en daarna het register.

  Bij het installeren van de nieuwste Ccleaner wordt nu ook Google Chrome (helaas) mee geinstalleerd.

  Je moet tijdens het installeren een vinkje weg halen, zodat Google Chrome niet geinstalleerd word.

  Neem ook Spyware Blaster op de computer, voorkomt een hoop ellende:

  http://www.filehippo.com/download_spywareblaster/

  In de rechter boven hoek zie je de laatste versie.

  Spyware Blaster 1x in de week up daten en klik op Enable All Protection. Dus je hoeft geen scan te doen.

  MBAM mag je ook laten staan, voer daar 1x in de week een snelle scan mee uit.

  Wel Altijd eerst updaten en daarna scannen.

  Een snelle scan zal ongeveer een 5 minuten in beslag nemen.

  Zo heb je altijd een redelijk goed overzicht van wat er allemaal gebeurd.

  Succes,

  Huib;)

  

  Rapporteren
• 

  Bernhard

  06-02-2011 18:58

  Beste Huib,

  Bedankt voor je adviezen, deze heb ik uitgevoerd !

  Mog wel een vraagje, wat moet ik met de “problemen” die Cc register signaleert ?

  Geinstalleerd zijn:

  Advast antivirus

  Ccleaner

  Spywareblaster.

  Groetjes,

  Bernhard

  Rapporteren
• 

  fazantje

  06-02-2011 19:04

  Hoi Bernhard,

  Als de registercleaner van Ccleaner iets vind, zorg dat alles geselecteerd is (staan al vinkjes voor) en kies voor alles herstellen.

  Een back up hoef je niet te maken;)

  Loge van Robert,

  O4 - HKCU\..\Run: rundll32.exe “C:\WINDOWS\msp2ns05.dll”,Startup

  Ook ff fixen.

  Leeg jou prullenbak en verwijder ook al jou herstelpunten, want daar zit/zat ook wat in:

  Klik met de rechtermuis knop op Deze Computer.

  Kies voor Eigenschappen.

  Ga naar het tabblad Systeemherstel.

  Plaats een vinkje bij "Systeemherstel op alle stations uitschakelen".

  Herstart de computer.

  Schakel systeemherstel weer opnieuw in, door dezelfde stappen als hierboven te doen, maar dan het vinkje weer weg halen.

  Als er nog meer vragen zijn, stel ze gerust hoor.

  Groetjes Huib;)

  

  Rapporteren