Computer sluit plots af en start terug op

[Martin]

Had eerder gedcacht dat de website zelf niet correct was en niet mijn pc was maar goed, hiergaan we dan zoals gevraagd


Waarschijnlijk iets fout bij de vorige logfile. Hierbij de juiste

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:43:10, on 24/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\system32\beidservicecrl.exe
C:\WINDOWS\system32\beidservicepcsc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
C:\Program Files\Creative\Creative Centrale\CTUPnPFn.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Creative\Shared Files\AVCMANU.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Belgium Identity Card\beidsystemtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\SecCopy\SecCopy.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\s wg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OmniPage] C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [ABBYY Community Agent] C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Second Copy 2000] "C:\Program Files\SecCopy\SecCopy.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SystemExplorer] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SystemExplorerDisabled
O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Start Smileycons - {C64A8F17-F16A-4a35-9618-B3A250D9EF2B} - C:\Program Files\Smileycons\smileycons.exe (HKCU)
O9 - Extra 'Tools' menuitem: Start Smileycons - {C64A8F17-F16A-4a35-9618-B3A250D9EF2B} - C:\Program Files\Smileycons\smileycons.exe (HKCU)
O15 - Trusted Zone: http://www.dedigitalerevolutie.nl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...38&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://www.telenet.be/sys/tisp/ocx/PlaNetSysInfo.cab
O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/...allMgr_v01.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimages.com/DesktopMo...eUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/nl/check/qdiagh.cab?326
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate1c9e77dd8190e3e) (gupdate1c9e77dd8190e3e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
--
End of file - 17608 bytes



Ik scan de pc regelmatig met malwarebytes. Heb het nu ook gedaan
Malwarebytes' Anti-Malware 1.40
Database versie: 2708
Windows 5.1.2600 Service Pack 3
24/11/2009 15:01:14
mbam-log-2009-11-24 (15-01-14).txt
Scan type: Snelle Scan
Objecten gescand: 109759
Verstreken tijd: 17 minute(s), 17 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

[Tommiiee]

Hoi

Ik zal naar je log gaan kijken. Ik ben echter nog Begeleid Helper, en daarom worden al mijn adviezen alvorens ze geplaatst worden bekeken door de echte Helpers.

Het kan daarom iets langer duren voordat je antwoord hebt. Graag vraag ik je geduld hiervoor.

Mvg,
Tom

[Tommiiee]

Hoi

Heb je de AskBar toolbar bewust geïnstalleerd?
Zo niet, dan mag je onderstaande fix uitvoeren.
Let wel: de AskBar toolbar heeft een discutabele reputatie.

Ga naar Start > Configuratiescherm > Software, en zoek naar AskBar / AskBarDis.
Selecteer deze, en klik op Verwijderen.

Dubbelklik op het programma HijackThis.
Hijackthis en kies voor "Uitvoeren als Administrator".
Kies voor 'Do a system scan only'.
Vink alleen de onderstaande, vetgedrukte items hieronder aan, indien deze nog aanwezig zijn:


O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

Sluit alle vensters behalve Hijackthis.
Klik op 'Fix checked' om de items te verwijderen.
Daarna mag je HijackThis sluiten.


* Download DDS en bewaar het op je bureaublad.
Schakel programma's uit die scripts blokkeren, zoals je Anti-Virus.
Dubbelklik op dds.scr om de tool te starten.
Daarna zal DDS.txt openen.
Klik Yes voor de Optional Scan. Dit zal het bestand Attach.txt maken.
Kopieer en plak beide logs in je volgende post. Het is beter om hiervoor twee posts te maken aangezien beide logs niet in één post zullen passen.

Mvg,
Tom

[Martin]

Heb je de AskBar toolbar bewust geïnstalleerd?

Heb ik niet gedaan. Is nu ook verwijderd
Heb DDS.scr gestart en krijg enkel een dos scherm en hierbij de logfile. De optie voor optional scan heb ik niet.

DDS (Ver_09-11-29.01) - NTFSx86
Run by user at 16:36:52,89 on zo 29/11/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.479.124 [GMT 1:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton AntiVirus 2005 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\system32\beidservicecrl.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\beidservicepcsc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
C:\Program Files\Creative\Creative Centrale\CTUPnPFn.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Belgium Identity Card\beidsystemtray.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Creative\Shared Files\AVCMANU.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\SecCopy\SecCopy.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Smileycons\smileycons.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Documents and Settings\user\Bureaublad\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.be/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: IeCaptureBho Object: {7c1ce531-09e9-4fc5-9803-1c2956615786} - c:\program files\google\google desktop search\GoogleDesktopIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\s wg.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\nl\msntb.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\nl\msntb.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Gadwin PrintScreen 2.6] c:\program files\gadwin systems\printscreen\PrintScreen.exe /nosplash
uRun: [Second Copy 2000] "c:\program files\seccopy\SecCopy.exe"
uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SystemExplorer] "c:\program files\system explorer\SystemExplorer.exe" /TRAY
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [SoftAuto.exe] "c:\program files\creative\software update 3\SoftAuto.exe"
uRun: [Update Service] c:\progra~1\common~1\teknum~1\update.exe /startup
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [OmniPage] c:\progra~1\caere\omnipa~1.0\opware32.exe
mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [gcasServ] "c:\program files\microsoft antispyware\gcasServ.exe"
mRun: [AdobeVersionCue] c:\program files\adobe\adobe version cue\controlpanel\VersionCueTray.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 4.0\apdproxy.exe"
mRun: [ABBYY Community Agent] c:\program files\abbyy finereader 5.0 home edition\CAgent.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [beidsystemtray] c:\program files\belgium identity card\beidsystemtray.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [IntelliType] "c:\program files\microsoft hardware\keyboard\type32.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\hp digi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\te lene~1.lnk - c:\program files\telenet easycare\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\wi fist~1.lnk - c:\program files\hercules\wifi station\WifiStation.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\sy stem~1\acroba~1.lnk - c:\program files\adobe\adobe acrobat 6.0\distillr\acrotray.exe
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Formulieren opslaan - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6 097707281E79.dll/cmsidewiki.html
IE: Invul Formulieren - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Menu aanpassen - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: RoboForm Werkbalk - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\program files\winhttrack\WinHTTrackIEBar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: dedigitalerevolutie.nl\www
Trusted Zone: microsoft.com\office
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://www.telenet.be/sys/tisp/ocx/PlaNetSysInfo.cab
DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - hxxp://www.microsoft.com/security/controls/WebCleaner.cab
DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} - hxxp://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} - hxxp://www.webshots.com/samplers/WSDownloader.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - hxxp://www.kodakimages.com/DesktopModules/SpectorAlbum/ImageUploader3.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/msnmessengersetupdownloader.cab
DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} - hxxp://h30043.www3.hp.com/aio/nl/check/qdiagh.cab?326
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft.AntiSpyware.ShellExecuteHook.1: {9ef34ff2-3396-4527-9d27-04c8c1c67806} - c:\program files\microsoft antispyware\shellextension.dll
============= SERVICES / DRIVERS ===============
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bu s.sys [2006-6-7 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347 scsi.sys [2006-6-7 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-22 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-22 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-22 108552]
R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2008-4-10 366712]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-22 297752]
R2 CTUPnPSv;Creative Centrale Media Server;c:\program files\creative\creative centrale\CTUPnPSv.exe [2008-5-21 64000]
R2 eID CRL Service;eID CRL Service;c:\windows\system32\beidservicecrl.exe [2007-2-19 225280]
R2 eID Privacy Service;eID Privacy Service;c:\windows\system32\beidservicepcsc.exe [2007-2-19 331776]
S1 SAVRTPEL;SAVRTPEL;\??\c:\program files\norton antivirus\savrtpel.sys --> c:\program files\norton antivirus\SAVRTPEL.SYS [?]
S2 gupdate1c9e77dd8190e3e;Google Updateservice (gupdate1c9e77dd8190e3e);c:\program files\google\update\GoogleUpdate.exe [2009-6-7 133104]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2007-12-3 33536]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2004-12-12 29744]
S3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\vi rusd~1\20090311.003\naveng.sys --> c:\progra~1\common~1\symant~1\virusd~1\20090311.00 3\NAVENG.Sys [?]
S3 NAVEX15;NAVEX15;\??\c:\progra~1\common~1\symant~1\ virusd~1\20090311.003\navex15.sys --> c:\progra~1\common~1\symant~1\virusd~1\20090311.00 3\NavEx15.Sys [?]
S3 pnicml;pnicml;\??\c:\docume~1\user\locals~1\temp\p nicml.sys --> c:\docume~1\user\locals~1\temp\pnicml.sys [?]
S3 SAVRT;SAVRT;\??\c:\program files\norton antivirus\savrt.sys --> c:\program files\norton antivirus\SAVRT.SYS [?]
=============== Created Last 30 ================
2009-11-29 15:28:22 0 d--h--r- c:\documents and settings\user\Onlangs geopend
2009-11-24 14:06:19 0 d-----w- c:\program files\Trend Micro
==================== Find3M ====================
2009-11-26 14:16:19 3140 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-10-25 06:33:12 598182 ----a-w- c:\windows\system32\perfh013.dat
2009-10-25 06:33:11 111642 ----a-w- c:\windows\system32\perfc013.dat
2009-09-11 14:20:53 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:05:37 58880 ----a-w- c:\windows\system32\msasn1.dll
2007-05-01 06:16:32 8 --sh--r- c:\windows\system32\51C026E2C4.sys
2008-09-30 07:15:14 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\geschiedenis\history.ie5\mshist0120080930 20081001\index.dat
2008-10-22 06:37:00 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat
============= FINISH: 16:38:17,17 ===============

[Tommiiee]

Hoi

Ik zie in beide logs geen sporen van malware. In principe is je PC dus malware-vrij. Heb je nog steeds het probleem dat je PC opeens opnieuw opstart?

[Martin]

Ik heb geen enkel probleem met het openen van een URL
Bedankt ook voor het deskundig helpen. Ik ben nu ook zeker dat ik geen malware heb.
Bijkomende info en randinformatie
Wel is mij in het verleden ook eens voorgevallen dat ik een *.wmv file opende van het net om rechtstreeks te openen met Windows Media Player
Echter van zodra de verbinding was gemaakt werd de computer abrupt afgesloten en nagenoeg onmiddellijk terug opgestart.
Ik vertrouwde dit niet en heb dan ook onmiddellijk de computer afgesloten en zelf terug opgestart. Ik heb de *.wmv file nadien gedownload om daarna te openen maar het resultaat was hetzelfde. Dus abrupt afsluiten en onmiddellijk terug opstarten.
Wat daarvan de oorzaak kan zijn weet ik ook niet. Wellicht de *.wmv file corrupt?
Dit plots afsluiten van de PC vertrouwde ik niet maar wat er zou gebeuren mocht ik niet ingrijpen weet ik ook niet.

[Black_Bird]

Roeba123,

Het is voor jou niet toegestaan advies te geven. Ik heb daarom je reactie verwijderd.
Het is alleen toegestaan te reageren als je de status van Spyware Slayer of Spyware Slayer in opleiding hebt.

Nu is dit voor deze keer prima, maar in het vervolg niet meer posten in deze sectie a.u.b.

[Tommiiee]

Hoi,

Wat je kunt proberen, is om een .WMV bestand te downloaden, waarvan je zeker weet dat deze werkt (bij een vriend testen o.i.d.), en die uit te proberen.

Als je PC dan weer herstart, ligt het in ieder geval niet aan een corrupt bestand.

Wat ik wèl zeker weet, is dat je vrij bent van Malware, en dat het probleem dus niet veroorzaakt wordt door Malware. Ik kan dus helaas niets anders doen dan je weer door te verwijzen naar een van de andere fora hier op MinaTica.

Mvg,
Tom

[Black_Bird]

Omdat je niet meer hebt gereageerd, sluit ik dit topic.
Als je dit topic heropend wilt hebben, stuur me dan een privébericht.

Ik vraag alle anderen een eigen topic te starten.

[Black_Bird]

Topic heropend op verzoek TS.