djdanvan

hier is de bijlage

Jurgen Dank voor het vlugge antwoord maar verder dan Microsoft geraak ik niet. zie bijlage

:ciao:Beste forumleden, Wie kan mij vertellen waar de .pst bestanden zich bevinden van Outlook 2007 in Windows7? Blijkbaar zitten die niet meer op de plaats waar ik ze vond in WinXP of vergis ik mij? Graag zou ik die willen kopieren want mijn Outlook geeft rare streken. groeten djdanvan

Ja, stegisoft, dat had ik gedaan maar tevergeefs. Maar het probleem is opgelost. Ik heb de audio drivers (die mee waren op CD met het toestel bij aankoop) tot tweemaal toe opnieuw geistalleerd maar ook tevergeefs. Dan maar de nieuwste drivers afgehaald bij HP en dan was het meteen raak. En heb van de gelegenheid gebruik gemaakt om alle drivers meteen te vernieuwen. Alles werk nu Prima. Aan allen dank voor de geboden hulp. PS, Was wel een toestel van zes jaar oud. groeten djdanvan

Ja Wouterskurtt, Dit doe ik maar om alle eventuele achterblijvende Spy en andere Ware heb ik eerst alle controles uitgeschakeld en opnieuw opgestart en dan de Systeem partitie weer ingeschakeld vandaar geen vroegere datums in systeem hertsel. Maar ik installeer eerst eens opnieuw de audio driver zoals Jean-Pierre ook vermeld Dank u

Beste Jean-Pierre, dank voor het vlugge antwoorden. Alles gedownload en geinstalleerd maar nog steeds geen geluid. Er wordt nu gevraagd dat het bestand "ALCXWDM.SYS" op realtec AC 97 audio driver disk niet gevonden wordt. Kan dit of hoe kan ik deze plaatsen. Groet djdanvan

Beste Forumleden, Ik heb mijn computer een beetje al te gretig opgekuist waardoor mijn opstart/afsluit en dergelijke geluiden niet meer hoorbaar zijn. Mijn geluidskaart blijkt goed te werken en mijn Mediaplayer en andere players werken ook normaal. Ik heb iets van Codec 55 is nodig om de wawe geluiden te kunnen afspelen ergens vluchtig in een pop up venster tegen gekomen zou dit daar mee kunnen te maken hebben? Of, hoe krijg ik deze weer aan de praat? Kan er iemand mij helpen? groeten djdanvan

Volg nu PHP grtn djdanvan

Als ik rechts op het luidsprekersymbooltje klik en de audio instellingen wil inschakelen krijg ik steeds hetzelfde bericht "Windows Audio-service is niet ingeschakelt" met de vraag "wilt u deze sevice nu inschakelen?" en als ik daar positief op antwoord en daarna "doorgaan" kom ik op het venster "Geluidsinstellingen" maar je kan ogenblikkelijk zien dat die niet actief is, door de lichtgrijze kleur waar je niets verder kan mee doen. grtn djdanvan

Ja stegisoft dat heb ik alvast zeker gedaan. Antw. aan rope, nee dit probleem van dempen ken ik dit is het zeker niet. grtn djdanvan

Nee, Stegisoft, Alles uitgevoerd zoals u mij aangaf maar het probleem blijft juist hetzelfde.an Kan je mij verder helpen? groeten djdanvan

Dag beste forumleden, Mijn laptop HP 530 heb ik alle utdates laten binnenhalen wat vlot gebeurd is maar na herstarten krijg ik de melding "Kan audio service niet starten" en bij het luidsprekertje staat er een rood kruisje. Ik heb een systeemherstel proberen te doen maar die was uitgeschakeld. Ook heb ik de audio service proberen manueel op te starten via "services.msc" en dan krijg ik de foutmelding 'fout 1075" Ik heb de audio drivers verwijderd en terug geinstalleerd, ook de audio kaart blijkt in orde te zijn. Wat moet er gebeuren om mijn geluid terug in orde te krijgen? alvast hartelijk dank voor antwoord groeten djdanvan

Hallo, kweezie wabbit Info!!! Na wat verder zoeken ben ik tot een oplossing gekomen op volgende site Outlook: deze info is niet voor een niet vertrouwde PC gebruiker maar toch..... Alles lijkt weer normaal te werken groeten djdanvan

Beste kweezie wabbit, Het vinkje was wel aangevinkt in IE8, Geen probleem om links te openen in IE8, Wel van uit een e-mailbericht in Outlook 2007 Ik moet je wel vertellen dat ik een paar weken terug Google Chroome verwijderd heb met Revo uninstaller en van dan af deed dit probleem zich voor. groeten djdanvan

Kape, vele dank djdanvan

Beste Kape, Dank voor het vlugge antw. Ik heb NOD32 tijdelijk uitgeschakeld en Adaware die steeds mee opstarte verwijderd en ik moet zeggen dit is veel verbeterd Het toestelletje is (Intel pent 1.73GHz met 512Mb Ram) k'weet nie of ik daar meer mag van verwachten?. Wat denk je? groeten djdanvan

Beste kweezie wabbit, Heb ik allemaal gedaan maar er is niets veranderd, steeds krijg ik hetzelfde venster [ATTACH=CONFIG]5956[/ATTACH]

Beste PC Hlpf, Mijn laptop werkt zeer traag en in het bijzonder Internet, als ik vlug typ is het precies dat de letters een eind achterkomen. Ik heb hem laten scannen met de aanwezige scanner NOD32, Spybots, Adaware, Malwarebits, en laatst met ComboFix en Hijjack waarvan hieronder de logs. Wie kan er eens mijn logjes bekijken wat eventueel mag of moet gefixt of verwijderd worden. Vriendelijk bedankt hoor. ComboFix 10-08-16.04 - User 17/08/2010 14:55:06.1.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.270 [GMT 2:00] Gestart vanuit: c:\documents and settings\User\Bureaublad\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-17 to 2010-08-17 )))))))))))))))))))))))))))))) . 2010-08-17 12:48 . 2010-08-17 12:48 -------- d-----w- c:\program files\Trend Micro 2010-08-17 06:25 . 2010-08-17 06:25 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google 2010-08-17 06:24 . 2010-08-17 06:24 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Google 2010-08-17 06:24 . 2010-08-17 06:24 -------- d-----w- c:\windows\system32\IOSUBSYS 2010-08-17 06:23 . 2010-08-17 06:23 -------- d-----w- c:\program files\Google 2010-08-16 19:59 . 2010-08-16 19:59 -------- d-----w- C:\fsaua.data 2010-08-16 19:25 . 2010-08-16 19:25 -------- d--h--r- c:\documents and settings\User\Onlangs geopend 2010-08-16 18:39 . 2010-08-16 18:39 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2010-08-16 18:38 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-16 18:38 . 2010-08-16 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-16 18:38 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-16 18:38 . 2010-08-16 18:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-16 17:37 . 2010-08-16 17:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-08-16 17:37 . 2010-08-16 17:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-08-16 17:23 . 2010-08-16 15:28 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-08-16 15:32 . 2010-08-16 15:27 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-08-16 15:32 . 2010-08-16 15:32 -------- d-----w- c:\windows\system32\DRVSTORE 2010-08-16 15:30 . 2010-08-16 15:29 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-08-16 15:18 . 2010-02-04 15:53 2954656 ----a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe 2010-08-16 15:18 . 2010-08-16 15:18 -------- d--h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-08-16 15:16 . 2010-08-16 15:16 -------- d-----w- c:\program files\Lavasoft 2010-08-16 15:16 . 2010-08-16 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-08-16 14:39 . 2010-08-16 14:39 -------- d-----w- C:\Beveiliging 2010-08-16 13:18 . 2010-08-16 13:18 -------- d-----w- c:\program files\CCleaner 2010-08-16 12:56 . 2010-08-16 12:56 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\VS Revo Group 2010-08-16 12:56 . 2009-12-20 15:40 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys 2010-08-16 12:56 . 2010-08-16 12:56 -------- d-----w- c:\program files\VS Revo Group . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-13 10:05 . 2004-10-26 09:47 92120 ----a-w- c:\windows\system32\perfc013.dat 2010-08-13 10:05 . 2004-10-26 09:47 512078 ----a-w- c:\windows\system32\perfh013.dat 2010-06-30 12:33 . 2004-10-26 09:46 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2004-10-26 09:46 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:03 . 2004-10-26 09:46 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2004-10-26 09:46 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-10-26 09:46 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2005-10-03 09:30 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpSvc.exe 2010-06-14 07:43 . 2004-10-26 09:46 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-05-25 5562368] "EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2004-10-15 356352] "nwiz"="nwiz.exe" [2005-05-25 1495040] "RTHDCPL"="RTHDCPL.EXE" [2005-05-25 14477312] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-21 688218] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-21 98394] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ ASUS ChkMail.lnk - c:\program files\ASUS\Asus ChkMail\ChkMail.exe [2005-10-3 32768] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless] 2004-10-15 09:27 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update] 2003-09-19 10:54 172032 ----a-w- c:\program files\ASUS\ASUS Live Update\ALU.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl] 2005-05-12 01:15 102400 ----a-w- c:\windows\ATK0100\HControl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2008-12-08 13:50 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] 2004-10-15 09:27 385024 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 20:33 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-02-06 16:52 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] 2004-09-21 14:55 81920 ----a-w- c:\program files\ASUS\Power4 Gear\BatteryLife.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console] 2005-03-02 19:52 57344 ----a-w- c:\program files\ASUS\Wireless Console\wcourier.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\ASUS\\ASUS Live Update\\LiveUpdt.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16/08/2010 17:32 64288] R0 R592;R592;c:\windows\system32\drivers\R592.sys [15/10/2004 19:26 57088] R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [15/10/2004 19:26 27264] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9/04/2009 15:18 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9/04/2009 15:21 94360] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/04/2009 15:19 731840] R3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [3/10/2005 11:41 702326] R3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [3/10/2005 11:41 4790] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4/02/2010 17:52 1352832] S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [20/10/2005 20:28 5824] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [16/08/2010 14:56 27064] . Inhoud van de 'Gedeelde Taken' map 2010-08-17 c:\windows\Tasks\User_Feed_Synchronization-{4BF88277-393B-4FFC-90B2-BF9DE814E942}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] 2010-08-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:26] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 . - - - - ORPHANS VERWIJDERD - - - - AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_10431966 ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-17 14:58 Windows 5.1.2600 Service Pack 3 FAT NTAPI scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140AC1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1488) c:\program files\Intel\Wireless\Bin\LgNotify.dll - - - - - - - > 'explorer.exe'(1736) c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-08-17 15:00:33 ComboFix-quarantined-files.txt 2010-08-17 13:00 Pre-Run: 23.743.168.512 bytes beschikbaar Post-Run: 23.863.361.536 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - E2ADF98C7DFA17251E510A045E61A716 ------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:48:48, on 17/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1129811289649 O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 6822 bytes

Beste, Sinds enige dagen kan ik geen link meer openen vanuit een e-mail bericht Ik werk met Outlook 2007 Wie kan mij helpen? groeten djdanvan

Kape, hieronder mijn beide logjes ComboFix 10-08-05.06 - Qforce 06/08/2010 13:32:13.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2045.1269 [GMT 2:00] Gestart vanuit: c:\users\Qforce\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Qforce\Desktop\CFScript.txt SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\programdata\62Yt6p.dat" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\62Yt6p.dat . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-06 to 2010-08-06 )))))))))))))))))))))))))))))) . 2010-08-06 11:43 . 2010-08-06 11:43 -------- d-----w- c:\users\Qforce\AppData\Local\temp 2010-08-06 11:43 . 2010-08-06 11:43 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-08-06 11:43 . 2010-08-06 11:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-08-05 19:24 . 2010-08-05 19:24 -------- d-----w- c:\users\Qforce\AppData\Local\VS Revo Group 2010-08-05 19:24 . 2009-12-20 15:41 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2010-08-05 19:24 . 2010-08-05 19:24 -------- d-----w- c:\program files\VS Revo Group 2010-08-05 19:19 . 2010-08-05 19:19 -------- d-----w- c:\program files\Trend Micro 2010-08-05 18:58 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-08-05 18:58 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-08-05 18:58 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-08-05 18:58 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-08-05 18:58 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-08-05 09:53 . 2010-08-05 07:18 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-08-05 07:18 . 2010-08-05 07:18 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-08-05 07:18 . 2010-08-05 07:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-08-05 07:13 . 2010-08-05 07:13 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-08-05 07:13 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe 2010-08-05 07:11 . 2010-08-05 07:13 -------- d-----w- c:\program files\Lavasoft 2010-08-04 19:21 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr 2010-08-04 18:50 . 2010-08-04 18:50 -------- d-----w- c:\users\Qforce\AppData\Roaming\Malwarebytes 2010-08-04 18:48 . 2009-02-11 08:19 15504 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-04 18:48 . 2009-02-11 08:19 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-04 18:48 . 2010-08-04 18:48 -------- d-----w- c:\programdata\Malwarebytes 2010-08-04 18:48 . 2010-08-04 18:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-04 18:30 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-08-04 18:30 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-08-04 18:30 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-08-04 18:30 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-08-04 18:30 . 2010-06-28 20:32 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-08-04 18:29 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-08-04 18:29 . 2010-08-04 18:29 -------- d-----w- c:\programdata\Alwil Software 2010-08-04 18:29 . 2010-08-04 18:29 -------- d-----w- c:\program files\Alwil Software . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-05 19:52 . 2009-01-24 15:42 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-08-05 19:52 . 2007-04-26 14:00 -------- d-----w- c:\program files\Google 2010-08-05 19:39 . 2006-11-02 16:11 67250 ----a-w- c:\windows\system32\perfc013.dat 2010-08-05 19:39 . 2006-11-02 16:11 248552 ----a-w- c:\windows\system32\perfh013.dat 2010-08-05 19:30 . 2008-10-17 11:20 -------- d-----w- c:\program files\AVG 2010-08-05 18:58 . 2009-10-26 17:41 -------- d-----w- c:\programdata\Microsoft Help 2010-08-05 18:46 . 2008-03-17 09:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-08-05 07:11 . 2008-03-15 15:14 -------- d-----w- c:\programdata\Lavasoft 2010-08-05 07:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2010-08-04 19:37 . 2008-03-17 09:44 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-08-04 18:21 . 2009-06-22 10:36 -------- d-----w- c:\program files\CCleaner 2010-08-02 20:09 . 2008-03-24 14:32 -------- d-----w- c:\users\Qforce\AppData\Roaming\LimeWire 2010-07-05 12:12 . 2010-06-27 12:21 204205 ----a-w- c:\windows\hpwins23.dat 2010-07-05 12:12 . 2010-07-05 12:12 -------- d-----w- c:\programdata\WEBREG 2010-07-05 12:09 . 2010-06-27 12:21 -------- d-----w- c:\programdata\HP 2010-07-05 12:08 . 2010-07-05 12:08 -------- d-----w- c:\users\Qforce\AppData\Roaming\HP 2010-06-27 12:33 . 2010-06-27 12:25 -------- d-----w- c:\program files\HP 2010-06-27 12:32 . 2010-06-27 12:32 -------- d-----w- c:\programdata\HP Product Assistant 2010-06-27 12:27 . 2010-06-27 12:27 -------- d-----w- c:\program files\Common Files\HP 2010-06-27 12:27 . 2010-06-27 12:27 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2010-06-27 12:27 . 2010-06-27 12:27 -------- d-----w- c:\program files\Hewlett-Packard 2010-06-24 06:55 . 2010-02-11 16:46 -------- d-----w- c:\users\Qforce\AppData\Roaming\vlc 2010-06-24 06:55 . 2010-04-12 12:44 -------- d-----w- c:\program files\The Master Genealogist v7 2010-06-24 06:55 . 2008-12-12 16:31 -------- d-----w- c:\program files\DVD Shrink 2010-06-24 06:55 . 2008-09-19 12:06 -------- d-----w- c:\program files\BlueJ 2010-06-15 17:19 . 2007-10-09 15:16 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-15 09:33 . 2009-02-02 08:39 -------- d-----w- c:\program files\Solid Edge ST 2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr 2010-05-26 17:06 . 2010-06-09 08:23 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-09 08:23 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-21 12:14 . 2009-10-03 15:17 221568 ------w- c:\windows\system32\MpSigStub.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10c.exe" [2009-07-18 257440] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Snelle start.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Snelle start.lnk backup=c:\windows\pss\Adobe Reader Snelle start.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Qforce^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk] path=c:\users\Qforce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk backup=c:\windows\pss\Microsoft Office Groove.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^Qforce^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\users\Qforce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd] 2007-03-12 12:51 663552 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3] 2007-01-26 13:58 65536 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] 2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ----a-w- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-01-26 13:31 2144088 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:1f,73,ac,f7,4c,1b,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-833183691-1392465726-190259266-1003] "EnableNotificationsRef"=dword:00000002 R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-26 135664] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-08-05 1352832] R2 nirrquxf;Floppy Disk Support;c:\windows\System32\svchost.exe [2008-01-19 21504] R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-20 27192] R4 MTC0301_CIR;CIR Device;c:\windows\system32\drivers\CIR.sys [2004-11-26 13941] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-12 691696] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-05 64288] S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2005-08-05 34144] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs nirrquxf . Inhoud van de 'Gedeelde Taken' map 2010-08-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 07:18] 2010-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-26 11:18] 2010-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-26 11:18] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-ares - c:\program files\Ares\Ares.exe MSConfigStartUp-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe MSConfigStartUp-IndexSearch - c:\program files\ScanSoft\PaperPort\IndexSearch.exe MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe MSConfigStartUp-Lexmark 2200 Series - c:\program files\Lexmark 2200 Series\lxbvbmgr.exe MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe MSConfigStartUp-PaperPort PTD - c:\program files\ScanSoft\PaperPort\pptd40nt.exe MSConfigStartUp-PPort11reminder - c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe MSConfigStartUp-SSBkgdUpdate - c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-06 13:43 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2010-08-06 13:49:09 ComboFix-quarantined-files.txt 2010-08-06 11:49 ComboFix2.txt 2010-08-05 18:33 Pre-Run: 8.496.652.288 bytes beschikbaar Post-Run: 8.356.577.280 bytes beschikbaar Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - BF3AD2404A007FBD967F9FFC3A7118CC ------------------------------------------------------------------------------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:50:49, on 6/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\explorer.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Pagina niet gevonden | Facebook O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6686 bytes groeten djdanvan

Kape, dank voor het vugge antw, k'zal pas morgen doen thx djdanvan

Beste PCHF, Ik kon geen updates van Windows binnenhalen plus Explorer deed raar (traag) kreeg een venster " Hostproces voor Windows-services werkt niet meer" code 80072EFE enz..., De gebruikelijke scanners hun werk laten doen en ook ComboFix Waarvan hieronder het logje plus ook het logje van HJT. Nu blijkt mijn laptop toch weer behoorlijk te draaien maar wie wil nog eens de logjes doorlopen als het niet gefikst kan of moet worden. Alvast hartelijk dank grtn djdnvan ------------------------------------------------------------------------------------ ComboFix 10-08-04.05 - Qforce 05/08/2010 20:11:24.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2045.741 [GMT 2:00] Gestart vanuit: g:\daniels programma's\ComboFix\ComboFix.exe . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\SysWoW32 c:\programdata\SysWoW32\mu1782868360v4 c:\programdata\SysWoW32\mu1782868360v4.kwd c:\programdata\SysWoW32\mu1782868360v5 c:\programdata\SysWoW32\mu1782868360v5.kwd c:\programdata\SysWoW32\mu1782868360v6 c:\programdata\SysWoW32\mu1782868360v6.kwd c:\programdata\SysWoW32\mu1782868360v7 c:\programdata\SysWoW32\mu1782868360v7.kwd c:\programdata\SysWoW32\wu1782868360v0 c:\programdata\SysWoW32\wu1782868360v0.kwd c:\programdata\SysWoW32\wu1782868360v1 c:\programdata\SysWoW32\wu1782868360v1.kwd c:\programdata\SysWoW32\wu1782868360v2 c:\programdata\SysWoW32\wu1782868360v2.kwd c:\programdata\SysWoW32\wu1782868360v3 c:\programdata\SysWoW32\wu1782868360v3.kwd c:\users\Qforce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Translator.url c:\windows\system32\file_id.diz c:\windows\system32\GiQGu2a6.dll c:\windows\system32\Language c:\windows\system32\Language\Dutch.reg c:\windows\system32\Language\French.reg c:\windows\system32\Language\German.reg c:\windows\system32\Language\Italian.reg c:\windows\system32\Language\Spanish.reg c:\windows\system32\Language\Swedish.reg Besmet exemplaar van c:\windows\system32\drivers\ndis.sys werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - Kitty had a snack . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-05 to 2010-08-05 )))))))))))))))))))))))))))))) . 2010-08-05 18:27 . 2010-08-05 18:27 -------- d-----w- c:\users\Qforce\AppData\Local\temp 2010-08-05 18:27 . 2010-08-05 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-08-05 09:53 . 2010-08-05 07:18 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-08-05 07:18 . 2010-08-05 07:18 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-08-05 07:18 . 2010-08-05 07:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-08-05 07:13 . 2010-08-05 07:13 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-08-05 07:13 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe 2010-08-05 07:11 . 2010-08-05 07:13 -------- d-----w- c:\program files\Lavasoft 2010-08-04 19:21 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr 2010-08-04 18:50 . 2010-08-04 18:50 -------- d-----w- c:\users\Qforce\AppData\Roaming\Malwarebytes 2010-08-04 18:48 . 2009-02-11 08:19 15504 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-04 18:48 . 2009-02-11 08:19 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-04 18:48 . 2010-08-04 18:48 -------- d-----w- c:\programdata\Malwarebytes 2010-08-04 18:48 . 2010-08-04 18:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-04 18:30 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-08-04 18:30 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-08-04 18:30 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-08-04 18:30 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-08-04 18:30 . 2010-06-28 20:32 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-08-04 18:29 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-08-04 18:29 . 2010-08-04 18:29 -------- d-----w- c:\programdata\Alwil Software 2010-08-04 18:29 . 2010-08-04 18:29 -------- d-----w- c:\program files\Alwil Software . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-05 18:16 . 2006-11-02 16:11 67250 ----a-w- c:\windows\system32\perfc013.dat 2010-08-05 18:16 . 2006-11-02 16:11 248552 ----a-w- c:\windows\system32\perfh013.dat 2010-08-05 07:11 . 2008-03-15 15:14 -------- d-----w- c:\programdata\Lavasoft 2010-08-05 07:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2010-08-04 19:37 . 2008-03-17 09:44 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-08-04 19:33 . 2008-03-17 09:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-08-04 18:31 . 2010-06-17 17:40 112 ----a-w- c:\programdata\62Yt6p.dat 2010-08-04 18:21 . 2009-06-22 10:36 -------- d-----w- c:\program files\CCleaner 2010-08-02 20:09 . 2008-03-24 14:32 -------- d-----w- c:\users\Qforce\AppData\Roaming\LimeWire 2010-07-05 12:12 . 2010-06-27 12:21 204205 ----a-w- c:\windows\hpwins23.dat 2010-07-05 12:12 . 2010-07-05 12:12 -------- d-----w- c:\programdata\WEBREG 2010-07-05 12:09 . 2010-06-27 12:21 -------- d-----w- c:\programdata\HP 2010-07-05 12:08 . 2010-07-05 12:08 -------- d-----w- c:\users\Qforce\AppData\Roaming\HP 2010-06-27 12:33 . 2010-06-27 12:25 -------- d-----w- c:\program files\HP 2010-06-27 12:32 . 2010-06-27 12:32 -------- d-----w- c:\programdata\HP Product Assistant 2010-06-27 12:27 . 2010-06-27 12:27 -------- d-----w- c:\program files\Common Files\HP 2010-06-27 12:27 . 2010-06-27 12:27 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2010-06-27 12:27 . 2010-06-27 12:27 -------- d-----w- c:\program files\Hewlett-Packard 2010-06-24 06:55 . 2010-02-11 16:46 -------- d-----w- c:\users\Qforce\AppData\Roaming\vlc 2010-06-24 06:55 . 2010-04-12 12:44 -------- d-----w- c:\program files\The Master Genealogist v7 2010-06-24 06:55 . 2008-12-12 16:31 -------- d-----w- c:\program files\DVD Shrink 2010-06-24 06:55 . 2008-09-19 12:06 -------- d-----w- c:\program files\BlueJ 2010-06-15 17:19 . 2007-10-09 15:16 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-15 09:33 . 2009-02-02 08:39 -------- d-----w- c:\program files\Solid Edge ST 2010-06-10 09:34 . 2009-10-26 17:41 -------- d-----w- c:\programdata\Microsoft Help 2010-05-26 17:06 . 2010-06-09 08:23 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-09 08:23 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-12 09:21 . 2009-10-03 15:17 221568 ------w- c:\windows\system32\MpSigStub.exe . <pre> c:\program files\HP\HP Software Update\HPWuSchd2 .exe c:\program files\Java\jre6\bin\jusched .exe c:\program files\Microsoft Office\Office12\GrooveMonitor .exe c:\windows\PixArt\Pac207\Monitor .exe </pre> ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10c.exe" [2009-07-18 257440] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Snelle start.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Snelle start.lnk backup=c:\windows\pss\Adobe Reader Snelle start.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Qforce^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk] path=c:\users\Qforce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk backup=c:\windows\pss\Microsoft Office Groove.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^Qforce^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\users\Qforce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] c:\program files\Ares\Ares.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY] 2010-03-18 16:42 2046816 ----a-w- c:\progra~1\AVG\AVG8\avgtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd] 2007-03-12 12:51 663552 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3] 2007-01-26 13:58 65536 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] 2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] c:\program files\ScanSoft\PaperPort\IndexSearch.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] c:\program files\iTunes\iTunesHelper.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 2200 Series] c:\program files\Lexmark 2200 Series\lxbvbmgr.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] c:\program files\ScanSoft\PaperPort\pptd40nt.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder] c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] c:\program files\QuickTime\QTTask.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ----a-w- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-01-26 13:31 2144088 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:1f,73,ac,f7,4c,1b,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-833183691-1392465726-190259266-1003] "EnableNotificationsRef"=dword:00000002 R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-26 135664] R2 nirrquxf;Floppy Disk Support;c:\windows\System32\svchost.exe [2008-01-19 21504] R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136] R4 MTC0301_CIR;CIR Device;c:\windows\system32\drivers\CIR.sys [2004-11-26 13941] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-12 691696] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-05 64288] S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2005-08-05 34144] S1 aswSP;aswSP; [x] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-29 335240] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-08-29 297752] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-08-05 1352832] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs nirrquxf . Inhoud van de 'Gedeelde Taken' map 2010-08-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 07:18] 2010-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-26 11:18] 2010-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-26 11:18] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Qforce\AppData\Roaming\Mozilla\Firefox\Profiles\fnj4krig.default\ FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS VERWIJDERD - - - - BHO-{6697BE83-7494-42A6-832D-F5321C3FA210} - c:\windows\system32\qxozgql.dll WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-05 20:27 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2010-08-05 20:33:15 ComboFix-quarantined-files.txt 2010-08-05 18:33 Pre-Run: 7.298.342.912 bytes beschikbaar Post-Run: 7.279.456.256 bytes beschikbaar - - End Of File - - 3E9FF123EF74835B7F795FD640698030 ------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:35:36, on 5/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\taskeng.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Pagina niet gevonden | Facebook O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 7298 bytes

Hallo, Het installeren van de printer is gelukt. Ik heb het printer-model moeten Manueel instellen ook het TCP/IP nummer van mijn printserver en een nieuwe poort installeren Dan is het gelukt en werkt perfect van op alle computers met Xp, Vista en nu ook Wind7. Groeten djdanvan

Geprobeerd maar NIET gelukt, Eigenaardig ik krijg steeds geen toegang tot de printer die wel zichbaar is in mijn netwerk, nochtans is netwerkdetectie en printer deling ingeschakelt. Waar kan ik verderzoeken of is er iets in Wind7 die anders is dan XP of Vista? dank djdanvan

Beste stegisoft, Eerst en voral dank voor het vlugge antw. Op de computer-XP werkt alles normaal maar op de compter-Win7 krijg ik dit niet geinstalleerd. U spreekt over extra stuurprogramma's toevoegen? vanwaar haal je die? Alle bijhorende drivers zijn geinstalleerd (alleez denk ik toch) aangezien de printer via USB wel werkt. ik zal het proberen.