Jan Vrijland

Beste Kweezie Wabbit, Jouw beschrijving uitgevoerd, zo te zien werkt het als vanouds, dank voor je hulp: Hier volgen de logbestanden: ComboFix 12-04-10.02 - Jan Water 11-04-2012 1:05:21.1.4 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3071.1821 [GMT 2:00] Gestart vanuit: C:\Users\Jan Water\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) C:\config.bin C:\config.Bin\15F89706C0892A8 C:\config.Bin\AA99E010C0892A8 C:\Images C:\Program Files\Windows Searchqu Toolbar C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstallTB.exe C:\ProgramData\Tarma Installer C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico C:\ProgramData\windows C:\ProgramData\Windows\dumd.dat C:\ProgramData\Windows\xdor.dat C:\Users\Jan Water\AppData\Roaming\Biiqp C:\Users\Jan Water\AppData\Roaming\Biiqp\ymag.guf C:\Users\Jan Water\AppData\Roaming\Biiqp\ymag.tmp C:\Users\Jan Water\AppData\Roaming\Help\coredb\storage C:\Users\Jan Water\AppData\Roaming\inst.exe C:\Users\Jan Water\AppData\Roaming\Microsoft\~DFK51266e7.tmp C:\Users\Jan Water\AppData\Roaming\Microsoft\1eaadjc.dll C:\Users\Jan Water\AppData\Roaming\Microsoft\bass.dll C:\Users\Jan Water\AppData\Roaming\Microsoft\kfgresk.dll C:\Users\Jan Water\AppData\Roaming\Microsoft\mjcriu.dll C:\Users\Jan Water\AppData\Roaming\Microsoft\peaadje.dll C:\Users\Jan Water\AppData\Roaming\Microsoft\qwadjb.dll C:\Users\Jan Water\AppData\Roaming\Microsoft\rsaadjd.dll C:\Users\Jan Water\AppData\Roaming\PCFix C:\Users\Jan Water\AppData\Roaming\PCFix\log.dat C:\Users\Jan Water\AppData\Roaming\PCFix\unresolvederrors.dat C:\Users\Jan Water\AppData\Roaming\vso_ts_preview.xml C:\Users\Jan Water\HijackThis.exe C:\Windows\IsUn0413.exe C:\Windows\system32\office.exe E:\Magic DVD Creator\mdc.exe (((((((((((((((((((( Bestanden Gemaakt van 2012-03-10 to 2012-04-10 )))))))))))))))))))))))))))))) 2012-04-10 23:12:33 . 2012-04-10 23:12:33 -------- d-----w- C:\Users\Default\AppData\Local\temp 2012-04-10 23:10:54 . 2012-04-10 23:10:54 56200 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3AFA553-0EAD-4EB4-B84C-7975FBCEADAE}\offreg.dll 2012-04-10 11:19:52 . 2012-04-10 11:20:03 -------- d-----w- C:\Program Files\MP3Gain 2012-04-09 14:48:44 . 2012-04-09 14:48:45 388096 ----a-r- C:\Users\Jan Water\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-04-09 14:48:44 . 2012-04-09 14:48:44 -------- d-----w- C:\Program Files\Trend Micro 2012-04-07 06:23:20 . 2012-03-14 02:15:38 6582328 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3AFA553-0EAD-4EB4-B84C-7975FBCEADAE}\mpengine.dll 2012-04-04 23:00:35 . 2012-04-10 04:46:49 -------- d-----w- C:\Users\Jan Water\AppData\Roaming\IrfanView 2012-04-04 23:00:34 . 2012-04-04 23:00:35 -------- d-----w- C:\Program Files\IrfanView 2012-04-01 08:31:22 . 2012-04-03 08:09:44 -------- d-----w- C:\Users\Jan Water\Triggerfinger 2012-03-31 16:43:15 . 2012-03-31 16:43:15 -------- d-----w- C:\Users\Jan Water\Nieuwe map 2012-03-26 01:26:28 . 2012-04-05 22:48:33 -------- d-----w- C:\Users\Jan Water\AppData\Roaming\Media Finder 2012-03-13 23:38:43 . 2011-11-19 14:50:02 3968368 ----a-w- C:\Windows\system32\ntkrnlpa.exe 2012-03-13 23:38:42 . 2011-11-19 14:50:02 3913584 ----a-w- C:\Windows\system32\ntoskrnl.exe 2012-03-13 21:38:00 . 2012-02-03 03:54:27 2343424 ----a-w- C:\Windows\system32\win32k.sys 2012-03-13 21:37:59 . 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\system32\DWrite.dll 2012-03-13 17:09:54 . 2012-01-25 05:27:51 8192 ----a-w- C:\Windows\system32\rdrmemptylst.exe 2012-03-13 17:09:53 . 2012-01-25 05:32:35 58880 ----a-w- C:\Windows\system32\rdpwsx.dll 2012-03-13 17:09:53 . 2012-01-25 05:32:34 129536 ----a-w- C:\Windows\system32\rdpcorekmts.dll 2012-03-13 17:09:51 . 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\system32\rdpcore.dll 2012-03-13 17:09:51 . 2012-02-17 04:13:22 24576 ----a-w- C:\Windows\system32\drivers\tdtcp.sys 2012-03-13 17:09:50 . 2012-02-17 04:14:08 183808 ----a-w- C:\Windows\system32\drivers\rdpwd.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-04-04 13:56:40 . 2011-09-08 04:07:31 22344 ----a-w- C:\Windows\system32\drivers\mbam.sys 2012-03-08 14:55:19 . 2012-03-08 14:55:17 162037 ----a-w- C:\Windows\Animated GIF Converter and Booster Pack Uninstaller.exe 2012-02-23 16:23:26 . 2011-04-30 03:12:03 41184 ----a-w- C:\Windows\avastSS.scr 2012-02-23 16:23:21 . 2011-04-30 03:12:03 201352 ----a-w- C:\Windows\system32\aswBoot.exe 2012-02-23 16:12:28 . 2011-04-30 03:12:23 610648 ----a-w- C:\Windows\system32\drivers\aswSnx.sys 2012-02-23 16:12:16 . 2011-04-30 03:12:25 337112 ----a-w- C:\Windows\system32\drivers\aswSP.sys 2012-02-23 16:10:59 . 2012-02-25 06:31:01 44376 ----a-w- C:\Windows\system32\drivers\aswRdr2.sys 2012-02-23 16:10:39 . 2011-04-30 03:12:23 53848 ----a-w- C:\Windows\system32\drivers\aswTdi.sys 2012-02-23 16:10:34 . 2011-04-30 03:12:21 57688 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys 2012-02-23 16:10:16 . 2011-04-30 03:12:26 20696 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys 2012-02-23 08:18:36 . 2011-04-29 14:39:51 237072 ------w- C:\Windows\system32\MpSigStub.exe 2012-02-04 16:04:04 . 2012-02-04 15:52:44 47360 ----a-w- C:\Users\Jan Water\AppData\Roaming\pcouffin.sys 2012-02-04 15:52:44 . 2012-02-04 15:52:44 47360 ----a-w- C:\Windows\system32\drivers\pcouffin.sys 2012-01-15 17:43:34 . 2011-05-22 21:11:35 414368 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. [-] 2011-08-02 16:47:15 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] . . C:\Windows\System32\user32.dll [7] 2010-11-20 21:29:20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] . . C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-02-23 16:23:13 123536 ----a-w- C:\Program Files\AVAST Software\Avast\ashShell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] @="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}" [HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] 2010-07-07 17:57:55 153064 ----a-w- C:\Windows\System32\pfmshx_463.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 17:03:40 152872] "Gadwin PrintScreen"="E:\PrintScreen\PrintScreen.exe" [2011-05-03 09:18:01 487424] "MediaGet2"="C:\Users\Jan Water\AppData\Local\MediaGet2\mediaget.exe" [2012-03-14 01:30:45 8138472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-02-23 16:23:24 4031368] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 13:57:24 153136] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 10:59:52 254696] "Family Tree Builder Update"="E:\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 21:18:18 225280] "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 05:22:28 59240] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-11-12 23:24:58 421736] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2009-11-09 03:17:50 180224] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 11:55:28 937920] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384] R2 iPodDrv;iPodDrv;C:\Windows\system32\drivers\iPodDrv.sys [x] R3 APL531;OVT Scanner;C:\Windows\system32\Drivers\ov550i.sys [2006-07-31 05:44:00 580992] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe [2010-12-28 08:00:34 1296728] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 10:10:02 3276800] R3 NPF;NetGroup Packet Filter Driver;C:\Windows\system32\drivers\npf.sys [2010-02-03 10:21:56 50704] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 20:37:50 4640000] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 21:29:24 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 21:29:03 27264] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-30 03:55:14 1343400] R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 14:33:04 51040] S0 hotcore3;hc3ServiceName;C:\Windows\system32\DRIVERS\hotcore3.sys [2011-05-17 17:53:24 57312] S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2011-05-07 02:26:35 691696] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 pfmfs_463;pfmfs_463;C:\Windows\system32\Drivers\pfmfs_463.sys [2010-07-07 17:58:31 191848] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 23:52:04 48128] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;E:\photoshop\PhotoshopElementsFileAgent.exe [2008-09-16 10:03:18 169312] S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 11:55:28 64952] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [2012-02-23 16:10:34 57688] S2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 16:09:10 1253376] S2 QuickPDFTCPService0719;Quick PDF Tools Background Service;E:\Quick PDF Tools\QuickPDFTCP0719.exe [2010-04-27 19:07:06 1899008] S3 AtcL001;NDIS-minipoortstuurprogramma voor L1 Gigabit Ethernet-controller van Atheros;C:\Windows\system32\DRIVERS\l160x86.sys [2009-07-13 22:02:46 47104] S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwlhigh6.sys [2009-11-06 07:37:20 699896] S3 pcouffin;VSO Software pcouffin;C:\Windows\system32\Drivers\pcouffin.sys [2012-02-04 15:52:44 47360] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 23:52:10 14336] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - WS2IFSL ------- Bijkomende Scan ------- uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: Download with &Media Finder - C:\Program Files\Media Finder\hook.html IE: Open de huidige pagina met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm IE: Open de huidige pagina met BID Link Explorer - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm IE: Open doel met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm IE: Plaats de huidige pagina in de BID wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm IE: Plaats doel met BID in wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 - - - - ORPHANS VERWIJDERD - - - - Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-MagicDVDCreator - E:\Magic DVD Creator\mdc.exe HKLM-Run-SonneDVDCreator - E:\Magic DVD Creator\mdc.exe AddRemove-EPSON Photo Print - C:\Windows\IsUn0413.exe AddRemove-OVT Scanner - C:\Windows\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner AddRemove-Searchqu 421 MediaBar - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstallTB.exe AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - C:\PROGRA~2\TARMAI~1\{889DF~1\Setup.exe Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:31:08, on 11-4-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe E:\PrintScreen\PrintScreen.exe C:\Users\Jan Water\AppData\Local\MediaGet2\mediaget.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MSOFFI~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MagicDVDCreator] "E:\Magic DVD Creator\mdc.exe" Hide O4 - HKLM\..\Run: [sonneDVDCreator] E:\Magic DVD Creator\mdc.exe O4 - HKLM\..\Run: [Family Tree Builder Update] E:\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] E:\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [MediaGet2] C:\Users\Jan Water\AppData\Local\MediaGet2\mediaget.exe --minimized O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: Open de huidige pagina met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm O8 - Extra context menu item: Open de huidige pagina met BID Link Explorer - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm O8 - Extra context menu item: Open doel met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm O8 - Extra context menu item: Plaats de huidige pagina in de BID wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm O8 - Extra context menu item: Plaats doel met BID in wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI3DFC~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - E:\photoshop\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Unknown owner - E:\Nieuwe map\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Quick PDF Tools Background Service (QuickPDFTCPService0719) - Debenu Pty Ltd - E:\Quick PDF Tools\QuickPDFTCP0719.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - E:\Stuffit\ArcNameService.exe -- End of file - 8179 bytes

Beste Kape, Bedankt voor je goede hulp, het systeem draait weer goed. Ask.com de map verwijderd can C:\program files\ Hierbij de logs van mbam en hijackthis groet, Jan Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.10.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jan Vrijland-PC [administrator] 10-4-2012 9:31:35 mbam-log-2012-04-10 (09-31-35).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 211558 Verstreken tijd: 8 minuut/minuten, 26 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:29:40, on 10-4-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe E:\PrintScreen\PrintScreen.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Users\Jan Water\AppData\Local\MediaGet2\mediaget.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MSOFFI~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MagicDVDCreator] "E:\Magic DVD Creator\mdc.exe" Hide O4 - HKLM\..\Run: [sonneDVDCreator] E:\Magic DVD Creator\mdc.exe O4 - HKLM\..\Run: [Family Tree Builder Update] E:\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] E:\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [MediaGet2] C:\Users\Jan Water\AppData\Local\MediaGet2\mediaget.exe --minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: Open de huidige pagina met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm O8 - Extra context menu item: Open de huidige pagina met BID Link Explorer - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm O8 - Extra context menu item: Open doel met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm O8 - Extra context menu item: Plaats de huidige pagina in de BID wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm O8 - Extra context menu item: Plaats doel met BID in wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI3DFC~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - E:\photoshop\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Unknown owner - E:\Nieuwe map\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Quick PDF Tools Background Service (QuickPDFTCPService0719) - Debenu Pty Ltd - E:\Quick PDF Tools\QuickPDFTCP0719.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - E:\Stuffit\ArcNameService.exe -- End of file - 8802 bytes

Op een of andere manier is Babylon bij mij als startpagina gekomen. Via Configuratiescherm alles geprobeerd om de startpagina te verwijderen, doch helaas. Daarom een vriendelijk verzoek via Uw Forum, help ! Hierna de logfile van HijackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:53:23, on 9-4-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe E:\PrintScreen\PrintScreen.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Users\Jan Water\AppData\Local\MediaGet2\mediaget.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Ironsource LTD Helper Object - {25927741-5E5B-4D27-8D8B-9188FE64373F} - C:\Program Files\Ironsource\searchya\1.5.13.0\bh\searchya.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MSOFFI~1\Office14\URLREDIR.DLL O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: SearchYa Toolbar - {33AA308B-B565-4376-AC66-59EE9B6AD13E} - C:\Program Files\Ironsource\searchya\1.5.13.0\searchyaTlbr.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MagicDVDCreator] "E:\Magic DVD Creator\mdc.exe" Hide O4 - HKLM\..\Run: [sonneDVDCreator] E:\Magic DVD Creator\mdc.exe O4 - HKLM\..\Run: [Family Tree Builder Update] E:\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen] E:\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [MediaGet2] C:\Users\Jan Water\AppData\Local\MediaGet2\mediaget.exe --minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: Open de huidige pagina met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm O8 - Extra context menu item: Open de huidige pagina met BID Link Explorer - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm O8 - Extra context menu item: Open doel met BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm O8 - Extra context menu item: Plaats de huidige pagina in de BID wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm O8 - Extra context menu item: Plaats doel met BID in wachtrij - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm O8 - Extra context menu item: Zoek op het web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI3DFC~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - E:\photoshop\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Unknown owner - E:\Nieuwe map\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Quick PDF Tools Background Service (QuickPDFTCPService0719) - Debenu Pty Ltd - E:\Quick PDF Tools\QuickPDFTCP0719.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - E:\Stuffit\ArcNameService.exe -- End of file - 11620 bytes

De HoofdPC heeft een vaste verbinding met Internet en draait Vista. De secundaire heeft een draadloze verb en draait op Windows 7. Ik wil met de sec. pc files lezen van de hoofd PC. Dit thuisnetwerk draait goed. (Internet en Windows mail) . Ik krijg dat delen van de bestanden niet voor elkaar. Graag een eenvoudige uitleg hoe ik de zaak moet instellen. Aan een ieder alvast fijne dagen toegewenst en een goed en gezond 2010 vr groet, Jan

Dat weet ik niet. Ik heb het vanaf de CD Rom installatieschijf ingesteld. Ik heb niet zoveel verstand van netwerken etc. Als Uw advies is omdat uit te schakelen?

Nog wat meer gegevens over het netwerk Property Value Computer Name USER-489A31BC89 Workgroup Name WERKGROEP Logon Server \\USER-489A31BC89 Socket Version 2.0 Highest Version 2.2 Description WinSock 2.0 System Status Running Host Name USER-489A31BC89 IP Address 192.168.0.101 00:0C:F6:51:43:5B (Sitecom Europe BV) Windows Firewall Active Domain Name sitecomwl312 DNS Servers sitecomwl312.sitecomwl312 IP: 192.168.0.1 Node Type 0 IP Routing Enabled No WINS Proxy Enabled No NetBIOS Resolution Uses DNS No Ethernet Adapter {8A44AD95-3BC9-4CF7-9EBF-4C1BDE9C0660} Description Wireless Network 300N USB dongle WL-302 - Pakketplanner-minipoort Physical Address 00-0C-F6-51-43-5B DHCP Enabled Yes DHCP Server sitecomwl312.sitecomwl312 IP: 192.168.0.1 IP Address 192.168.0.101 Subnet Mask 255.255.255.0 Default Gateway sitecomwl312.sitecomwl312 IP: 192.168.0.1 WINS Enabled Yes Primary WINS Server sitecomwl312.sitecomwl312 IP: 192.168.0.1 Secondary WINS Server IP: 0.0.0.0 Lease Obtained Sun Nov 15 11:04:30 2009 Lease Expires Wed Nov 13 11:04:30 2019 Wireless SSID/Key Sitecom5133A5 / 3834393137 Infrastructure Mode Access Point RSSI -72 dBm Authentication Mode WEP Open Ethernet Adapter {C0E7294E-4447-431A-8E8B-EFD3124D647F} Description Intel® PRO/100 VE Network Connection - Pakketplanner-minipoort Physical Address 00-00-39-3F-04-3A DHCP Enabled Yes DHCP Server IP: IP Address 0.0.0.0 Subnet Mask 0.0.0.0 Default Gateway N/A WINS Enabled No Primary WINS Server N/A Secondary WINS Server N/A Lease Obtained Wed Nov 13 11:04:30 2019 Lease Expires Wed Nov 13 11:04:30 2019 ARP Table IP Address MAC Address Type 192.168.0.1 00-0c-f6-51-33-a5 (Sitecom Europe BV) Dynamic

Sitecom 300N USB adapter model W575-01-001 WL 302 mac:000CF5514358 als ik het goed lees want het zijn kleine lettertjes

Ipv een netwerkkaart werk ik met een bijgeleverde USB "dongle". De laptop is een oud type Toshiba. Het werkt wel goed met een KPN dongle via UMTS. Dus ik ga er vanuit dat de laptop het wel aan moet kunnen. Zonder beveiliging (disabled) werkt het goed, zodra ik WEP of WPA inschakel valt de verbinding weg. Enig idee? grt Jan

Het is gelukt dankzij Uw geweldig duidelijke handleiding ! Bedankt. Alleen lukt het nog niet om de beveiliging op WPA te krijgen, dus eerst maar even op WEP .Als je deze op WPA instelt, moet ik weer van voren af an weer beginnen met Uw handleiding want de verbinding stopt er dan mee. Maar dat zoek ik nog wel uit. Vriendelijk dank Grt Jan

Wie kan mij op de netwerkweg helpen, wbt netwerk/router heb ik geen ervaring. Router Sitecom 300N WL575 Modem: Arris TM502 B (Chello (UPC) kabel) LAN: Desktop PC Vista WAN: Laptop Toshiba XP PC geen problemen met Internet. Laptop, geen Internet terwijl signaal / signaalsterkte prima zijn. Alles volgens het boekje aangesloten.

Scans uitgevoerd zoals beschreven, Malwarebytes vond geen fouten meer. Malwarebytes' Anti-Malware 1.41 Database versie: 3154 Windows 6.0.6002 Service Pack 2 12-11-2009 15:05:25 mbam-log-2009-11-12 (15-05-25).txt Scan type: Snelle Scan Objecten gescand: 93676 Verstreken tijd: 3 minute(s), 47 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) ____________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:06:49, on 12-11-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\WTClient.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: MediaBar - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll O3 - Toolbar: MediaBar - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [WTClient] WTClient.exe O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [Google Update] "C:\Users\Dhr Water\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU) O13 - Gopher Prefix: O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab O16 - DPF: {69731714-6886-4587-A9AA-D80C2763884D} (Google Gadget Control) - http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c957ccac6abe41) (gupdate1c957ccac6abe41) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\Windows\System32\Drivers\WTSRV.EXE ----------------------------------------------------------------- Zo te zien, draait de PC weer goed. Mocht U nog fouten zien, dan verneem ik dat graag. Voorlopig bedankt voor Uw snelle hulp. vriendelijke groet, Jan

Bij het opstarten kreeg ik eerst een melding dat IE3SH.exe niet kon opstarten omdat BHO.DLL mist. Hierna draait Vista zeer traag. Diverse scanners geprobeerd om dit op te lossen doch helaas. Wie heeft een idee? Ik plak de laatste HIJACK log hier aan vast. Bij voorbaat alvast dank voor de moeite Jan Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:18:32, on 12-11-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\WTClient.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: MediaBar - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll O2 - BHO: (no name) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - (no file) O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file) O3 - Toolbar: MediaBar - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [WTClient] WTClient.exe O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [Google Update] "C:\Users\Dhr Water\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file) O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file) O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU) O13 - Gopher Prefix: O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab O16 - DPF: {69731714-6886-4587-A9AA-D80C2763884D} (Google Gadget Control) - http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c957ccac6abe41) (gupdate1c957ccac6abe41) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\Windows\System32\Drivers\WTSRV.EXE -- End of file - 8243 bytes