Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 16:23:39, on 18-3-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\MMKeybd.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RunDll32.exe
Hallo,

Kan iemand eens mijn log nakijken. Mijn computer doet de laatste tijd nogal eigenaardig. Blijft maar ratelen nochthans bijna geen achtergrondtaken. Traag is hij ook. Soms loopt hij vast en in slaapstand durft hij wel eens heropstarten als ik op enter duw.

Al vast bedankt



C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system\CmSNXeye.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\dlbxcoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.deredactie.be/cm/vrtnieuws
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - c:\program files\shareaza\razawebhook32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with &Shareaza - res://c:\program files\shareaza\razawebhook32.dll/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267292432967
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\System32\dlbxcoms.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 10361 bytes

Download Combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) naar je Bureaublad en gebruik het volgens deze handleiding (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden).

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen! Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Klik op OK in het "NirCmd" venstertje.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.Post dit logje in je volgende antwoord

ComboFix 10-03-24.03 - Björn 25-03-2010 19:41:52.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.767.465 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Björn\Mijn documenten\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((( Bestanden Gemaakt van 2010-02-25 to 2010-03-25 ))))))))))))))))))))))))))))))
.

2010-03-19 07:24 . 2010-03-19 07:24 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-19 07:24 . 2010-03-19 07:24 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-19 07:24 . 2010-03-19 07:24 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-19 07:24 . 2010-03-25 11:37 -------- d-----w- c:\windows\system32\drivers\Avg
2010-03-19 07:24 . 2010-03-19 07:27 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-03-19 07:23 . 2010-03-19 07:23 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-19 07:19 . 2010-03-19 07:19 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-03-19 06:36 . 2010-03-19 06:36 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-18 15:22 . 2010-03-18 15:22 -------- d-----w- c:\program files\TrendMicro
2010-03-17 15:43 . 2010-03-18 14:11 -------- d-----w- c:\program files\SpywareBlaster
2010-03-16 16:53 . 2010-03-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\clp
2010-03-16 16:53 . 2010-03-17 15:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Toolkit Suite
2010-03-14 15:57 . 2010-03-14 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2010-03-13 10:35 . 2010-03-13 10:38 88 --sh--r- c:\documents and settings\All Users\Application Data\A749557207.sys
2010-03-13 10:35 . 2010-03-13 10:38 2516 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-03-13 10:26 . 2010-03-13 10:51 -------- d-----w- c:\program files\Corel
2010-03-11 05:19 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-09 17:40 . 2001-11-23 14:08 712704 ----a-r- c:\windows\system32\a3dpropu.dll
2010-03-09 17:40 . 2006-01-03 14:07 61440 ----a-r- c:\windows\system\cmsnxeye.exe
2010-03-09 17:40 . 2005-12-21 16:41 253952 ----a-r- c:\windows\system32\cmdrvrmu.exe
2010-03-09 17:40 . 2005-03-07 16:29 45056 ----a-r- c:\windows\system32\cmdrvrmu.dll
2010-03-09 17:40 . 2004-02-18 16:19 16384 ----a-r- c:\windows\system32\cmpropu.dll
2010-03-09 17:40 . 2004-02-13 17:39 98304 ----a-r- c:\windows\system32\cmudau.dll
2010-03-09 17:40 . 2002-04-29 17:04 917504 ----a-r- c:\windows\system\cmds3du.dll
2010-03-09 17:40 . 2010-03-09 17:40 -------- d-----w- c:\program files\Trust HS-6400 5.1 Surround USB Headset
2010-03-09 17:39 . 2010-03-09 17:39 -------- d-----w- C:\download
2010-03-06 18:02 . 2010-03-06 18:02 -------- d-----w- c:\windows\Sun
2010-03-05 12:15 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-05 12:15 . 2010-03-06 10:55 -------- d-----w- c:\program files\Java
2010-03-01 17:55 . 2010-03-01 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-03-01 17:55 . 2010-03-01 17:55 -------- d-----w- c:\program files\NOS
2010-02-28 18:27 . 2010-03-01 11:53 -------- d-----w- c:\windows\nview
2010-02-28 18:26 . 2006-10-22 14:06 208896 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-28 18:20 . 2010-02-28 18:20 -------- d-----w- C:\PerfLogs
2010-02-28 18:16 . 2004-03-02 15:37 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-02-28 18:16 . 2004-03-02 15:37 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-02-28 18:16 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-02-28 18:16 . 2010-02-28 18:16 -------- d-----w- c:\program files\Common Files\Ahead
2010-02-28 18:16 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-02-28 18:16 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-02-28 18:16 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-02-28 18:16 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-02-28 18:16 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-02-28 18:11 . 2010-02-28 18:16 -------- d-----w- c:\program files\Ahead
2010-02-28 18:07 . 2010-02-28 18:07 -------- d-----w- c:\program files\PIXELA
2010-02-28 18:06 . 2001-11-05 08:23 299923 ----a-w- c:\windows\system32\drivers\sonyhcs.sys
2010-02-28 18:06 . 2001-11-05 08:23 38739 ----a-w- c:\windows\system32\drivers\sonyhcc.sys
2010-02-28 18:06 . 2001-07-03 19:39 3654 ----a-w- c:\windows\system32\drivers\Sonyhcp.dll
2010-02-28 18:06 . 2002-10-15 21:41 102220 ----a-w- c:\windows\system32\drivers\sonypvs1.sys
2010-02-28 18:06 . 2001-11-05 08:23 6097 ----a-w- c:\windows\system32\drivers\sonyhcb.sys
2010-02-28 18:06 . 2001-07-03 19:33 53248 ----a-w- c:\windows\system32\SONYHCY.DLL
2010-02-28 17:50 . 2010-02-28 17:50 -------- d-----w- c:\program files\Common Files\Bcgsoft
2010-02-28 17:46 . 2010-02-28 17:46 -------- d-----w- c:\program files\HI-TECH Software
2010-02-28 17:45 . 2010-02-28 17:45 -------- d-----w- C:\WinAVI Video Converter 6.2 plus Serial
2010-02-28 17:43 . 2010-02-28 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\National Instruments
2010-02-28 17:43 . 2010-02-28 17:46 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-02-28 17:43 . 2010-02-28 17:43 -------- d-----w- c:\windows\system32\cvirte
2010-02-28 17:43 . 2010-02-28 17:46 -------- d-----w- c:\program files\National Instruments
2010-02-28 17:37 . 2010-02-28 17:37 -------- d-----w- c:\program files\MP3 WAV Converter
2010-02-28 17:34 . 2010-02-28 17:36 -------- d-----w- C:\maxplus2
2010-02-28 17:34 . 2010-02-28 17:34 -------- d-----w- C:\max2work
2010-02-28 17:33 . 1998-07-30 12:51 305152 ----a-w- c:\windows\IsUninst.exe
2010-02-28 17:28 . 2004-04-30 08:37 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys
2010-02-28 17:28 . 2004-04-30 08:33 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys
2010-02-28 17:28 . 2010-02-28 17:28 -------- d-----w- c:\program files\Alcohol Soft
2010-02-28 17:27 . 2010-02-28 17:27 -------- d-----w- C:\Alcohol120_1.9.2.1705_retail_Incl_KEY
2010-02-28 17:25 . 2010-02-28 17:25 -------- d-----w- c:\program files\Theorica Divx ;-) Codecs
2010-02-28 17:10 . 2006-02-10 13:51 1391040 ----a-r- c:\windows\system32\drivers\cmudaxu.sys
2010-02-28 17:10 . 2005-12-07 18:20 258048 ------r- c:\windows\CmiUSB2Uninstall.exe
2010-02-28 17:10 . 2004-04-14 13:28 315392 ----a-r- c:\windows\system\cmifltr.dll
2010-02-28 15:58 . 2008-04-14 17:02 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-02-28 15:27 . 2010-03-19 16:27 -------- d-----w- c:\program files\Shareaza
2010-02-28 14:19 . 2010-02-28 14:28 -------- d-----w- C:\Office Onenote project viso frontpage
2010-02-28 14:07 . 2010-02-28 14:07 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Adobe
2010-02-28 14:06 . 2010-02-28 14:07 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-28 14:06 . 2010-02-28 14:06 -------- d-----w- C:\Adobe 9 Reader-installatieprogramma
2010-02-28 13:12 . 2010-02-28 13:12 -------- d-----w- c:\program files\EGB3
2010-02-28 12:27 . 2010-02-28 12:34 -------- d-----w- C:\VanDale
2010-02-28 12:27 . 1997-05-29 15:25 315904 ----a-w- c:\windows\IsUn0413.exe
2010-02-28 12:06 . 2010-02-28 12:06 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
2010-02-28 12:05 . 2010-02-28 12:05 -------- d-----w- c:\program files\TomTom International B.V
2010-02-28 12:05 . 2010-03-24 16:35 -------- d-----w- c:\program files\TomTom HOME 2
2010-02-28 11:47 . 2010-02-28 11:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-28 11:45 . 2010-02-28 11:45 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-28 11:43 . 2010-02-28 11:44 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-28 10:14 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-28 09:53 . 2010-02-28 09:53 -------- d-----w- c:\windows\l2schemas
2010-02-28 09:53 . 2010-02-28 09:53 -------- d-----w- c:\windows\system32\nl
2010-02-28 09:10 . 2010-02-28 09:10 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-27 20:32 . 2010-02-27 20:32 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-27 20:16 . 2010-02-27 20:16 -------- d-----w- c:\program files\Common Files\Skype
2010-02-27 20:16 . 2010-02-27 20:16 -------- d-----r- c:\program files\Skype
2010-02-27 20:16 . 2010-02-27 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-02-27 20:02 . 2010-02-27 20:02 -------- d-----w- c:\windows\ie8updates
2010-02-27 20:00 . 2010-02-28 09:53 -------- d-----w- c:\windows\system32\nl-NL
2010-02-27 20:00 . 2010-02-27 20:01 -------- dc-h--w- c:\windows\ie8
2010-02-27 19:58 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-27 19:58 . 2009-12-21 19:10 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-27 19:58 . 2009-12-21 19:10 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-27 19:58 . 2009-12-21 19:10 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-27 19:58 . 2009-12-21 19:10 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-27 19:58 . 2009-12-21 19:10 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-27 19:58 . 2009-12-21 19:10 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-27 19:49 . 2008-04-14 17:03 28672 ------w- c:\windows\system32\verclsid.exe
2010-02-27 19:48 . 2008-04-14 17:03 4639 -c----w- c:\windows\system32\dllcache\mplayer2.exe
2010-02-27 19:47 . 2008-04-14 17:02 233472 ------w- c:\windows\system32\azroles.dll
2010-02-27 19:47 . 2006-11-02 21:50 7680 -c----w- c:\windows\system32\dllcache\asferror.dll
2010-02-27 19:47 . 2008-04-14 17:02 136192 ------w- c:\windows\system32\aaclient.dll
2010-02-27 19:28 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-02-27 19:28 . 2009-10-15 16:38 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-02-27 19:28 . 2009-10-15 16:38 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-02-27 19:28 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-02-27 19:28 . 2009-12-09 10:11 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-27 19:28 . 2009-03-06 14:23 285696 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-02-27 19:28 . 2009-02-09 11:27 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-02-27 19:28 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-02-27 19:27 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-02-27 19:27 . 2009-06-25 08:27 735232 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-02-27 19:27 . 2009-02-09 10:56 684544 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-02-27 19:27 . 2009-02-09 10:56 735744 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-02-27 19:27 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-02-27 19:27 . 2009-12-09 10:11 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-27 19:27 . 2009-12-09 10:11 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-27 19:27 . 2009-06-21 21:49 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-02-27 19:27 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-02-28 18:05 . 2010-02-28 18:05 -------- d-----w- c:\program files\Sony Corporation
2010-02-28 18:05 . 2010-02-28 18:05 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-02-28 10:32 . 2002-07-03 18:49 367286 ----a-w- c:\windows\system32\perfh013.dat
2010-02-28 10:32 . 2002-07-03 18:49 54464 ----a-w- c:\windows\system32\perfc013.dat
2010-02-28 09:55 . 2010-02-23 21:11 76487 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2010-02-24 14:02 . 2010-02-24 14:02 -------- d-----w- c:\program files\Analog Devices
2010-02-23 21:17 . 2010-02-23 21:17 2232 ----a-w- c:\windows\java\Packages\Data\HV3X75VX.DAT
2010-02-23 21:17 . 2010-02-23 21:17 155995 ----a-w- c:\windows\java\Packages\J7LVH75R.ZIP
2010-02-23 21:17 . 2010-02-23 21:17 2678 ----a-w- c:\windows\java\Packages\Data\XJ93TZL7.DAT
2010-02-23 21:17 . 2010-02-23 21:17 2678 ----a-w- c:\windows\java\Packages\Data\HRNJHZ1F.DAT
2010-02-23 21:16 . 2010-02-23 21:16 2678 ----a-w- c:\windows\java\Packages\Data\RXRDJNPF.DAT
2010-02-23 21:16 . 2010-02-23 21:16 2678 ----a-w- c:\windows\java\Packages\Data\JB1BVDB3.DAT
2010-02-23 21:16 . 2010-02-23 21:16 2678 ----a-w- c:\windows\java\Packages\Data\4VRNBRXJ.DAT
2010-02-23 21:12 . 2010-02-23 21:12 -------- d-----w- c:\program files\microsoft frontpage
2010-02-23 21:09 . 2010-02-23 21:09 21748 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2002-07-03 18:52 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-02-23 13:04 1664256 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-10-06 49152]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2010-03-19 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"DellTouch"="c:\windows\MMKeybd.exe" [2002-01-16 163840]
"dlbxmon.exe"="c:\program files\Dell Photo AIO Printer 962\dlbxmon.exe" [2004-08-27 417792]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560]
"nwiz"="nwiz.exe" [2003-10-06 741376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2003-10-06 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-19 07:24 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office OneNote 2003 Snel Starten.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office OneNote 2003 Snel Starten.lnk
backup=c:\windows\pss\Microsoft Office OneNote 2003 Snel Starten.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Picture Package Menu.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Picture Package Menu.lnk
backup=c:\windows\pss\Picture Package Menu.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Picture Package VCD Maker.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Picture Package VCD Maker.lnk
backup=c:\windows\pss\Picture Package VCD Maker.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347 scsi.sys [28-2-2010 18:28 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19-3-2010 8:23 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19-3-2010 8:24 242696]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [19-3-2010 8:22 308064]
R2 Nhksrv;Netropa NHK Server;c:\windows\Nhksrv.exe [24-2-2010 15:01 28672]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13-11-2009 12:31 92008]
R3 cmudau32;C-Media USB UDA Sound Interface;c:\windows\system32\drivers\cmudaxu.sys [28-2-2010 18:10 1391040]
R3 Msikbd2k;DellTouch;c:\windows\system32\drivers\Msi kbd2k.sys [24-2-2010 15:01 6656]
S0 a347bus;a347bus;c:\windows\system32\drivers\a347bu s.sys [28-2-2010 18:28 160640]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [27-2-2010 19:38 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [19-3-2010 8:24 369920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Inhoud van de 'Gedeelde Taken' map

2010-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-27 18:38]

2010-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-27 18:38]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.deredactie.be/cm/vrtnieuws
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Björn\Application Data\Mozilla\Firefox\Profiles\2f1oyjtx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.deredactie.be/cm/vrtnieuws
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\documents and settings\Björn\Application Data\Mozilla\Firefox\Profiles\2f1oyjtx.default\ext ensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.d ll
FF - component: c:\documents and settings\Björn\Application Data\Mozilla\Firefox\Profiles\2f1oyjtx.default\ext ensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\compone nts\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\compone nts\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\compone nts\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\compone nts\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV80Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere_ _temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-CmUsbSound - cmcnfgu.cpl
MSConfigStartUp-Babylon Client - c:\program files\Babylon\Babylon-Pro\Babylon.exe
MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe
AddRemove-Babylon - c:\program files\Babylon\Babylon-Pro\Utils\uninstbb.exe



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-25 19:46
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil 10f_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil1 0f_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Installer\UserData\LocalSystem\Componen ts\€–}|ÿÿÿÿÀ•}|ù•9~*]
"3140710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Voltooingstijd: 2010-03-25 19:48:07
ComboFix-quarantined-files.txt 2010-03-25 18:48

Pre-Run: 36.779.520.000 bytes beschikbaar
Post-Run: 36.754.509.824 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 1790A50287EC10CE1332D1B619B85308

Graag ook een nieuw HijackThis logje ter controle aub.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 13:04:26, on 26-3-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\MMKeybd.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\dlbxcoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.deredactie.be/cm/vrtnieuws
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267292432967
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\System32\dlbxcoms.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 8925 bytes

En hoe gaat het nu ?

af en toe krijg ik systeemfouten of loopt de computer vast. Als ik de computer heropstart werkt hij dan terug normaal. Hij geeft ook steeds andere fouten door. Het zijn bijna nooit dezelfde fouten die hij opgeeft zodat ik denk dat het probleem zich steeds verplaatst. Heb ook al chdsk gedaan, maar ook hierna steeds verschillende keren foutmeldingen of vastlopen. Niet dat het de hele dag aan een stuk is soms een dag niet soms 3 keer op een dag.

Gr Tasha

Wat ben je aan het doen op het moment van fouten ?
:wtf:

Soms op internet of op office outlook. Ik speel nooit geen games. Zit wel regelmatig op facebook. Maar mijn probleem komt niet rechtstreeks daarvan voort denk ik omdat ik het niet heb terwijl ik op facebook zit..
Maar het meest komt het probleem voor nadat ik hem uit slaapstand haal.

Tja ik zou haast gaan zeggen dat je te weinig virtueel geheugen hebt. Dat is op te lossen door er een extra geheugen bankje bij te steken.

bedankt voor de tip. Ik zal een geheugen stukje bij laten steken.

geheugen bijgestoken en ja voorlopig geen problemen meer. Thanks in ieder geval.

Geen probleem hoor.