internet

[silvia]

Hallo.Als ik op mijn laptop mijn internet explorer wil aan zetten dan komt hij boven en verdwijnt weer gelijk.Krijg dan een runtime error te zien.heb er een printscreen van kunnen jullie mij helpen aub.Groetjes Silvia.
http://i196.photobucket.com/albums/aa175...t008-1.jpg

[HDMI]

Installeer IE8 opnieuw.

Klik hier voor meer informatie over runtime errors.

[silvia]

Hallo bedankt voor je reactie.Het prob leem is dat we helemaal niet op internet kunnen kan hem er ook niet ophalen.Ben nu 2 dagen bezig met allerlei controlles ie 8 is er ook afgehaald dus nu weet ik het helemaal niet meer.Weten jullie nog raad ook men msn werkt niet kan geen mails meer lezen en niks doorsturen naar men gewone pc.Dit krijg ik te zien als ik msn aan zet.an internal error occurred in the initialization stage.The application good not be loaded.please contact aplication vendor.error no.302 Op voorhand dank Silvia

[HDMI]

Download Security Check en gebruik het. Post de log die komt.

Download RSIT en gebruik het. Post de twee logs die komen.

[silvia]

Dank je wel voor je reactie.Hier komen de logs de secirity check eerst en dan de andere.
Results of screen317's Security Check version 0.98.4
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````
WindowsLiveOneCaresafetyscanner
NOD32antivirussysteem
NOD32FiXv2.1
NortonPartitionMagic8.0
NortonPartitionMagic
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````
Ad-Aware
ScanSpyware v3.8.0.1
TuneUp Utilities 2007
CCleaner (remove only)
Java™ 6 Update 14
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 6 Update 7
Out of date Java installed!
Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Eset nod32kui.exe
Eset nod32krn.exe
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````
GREAT! (Very random)
[b]Request Timed Out (Check Internet connection?)[/b]

Scan took 79249 seconds.
`````````End of Log```````````


Logfile of random's system information tool 1.06 (written by random/random)
Run by Sil at 2009-07-09 11:54:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (66%) free of 40 GB
Total RAM: 1790 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:39, on 9-7-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Sil\Bureaublad\Reg Tool\Reg Tool.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Sil\Bureaublad\RSIT.exe
C:\Program Files\trend micro\Sil.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...7472494015
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

--
End of file - 8044 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Easy Onderhoud.job
C:\WINDOWS\tasks\OGADaily.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\Reg Tool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-09-08 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL [2007-01-29 747048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-01-02 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-06 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-01-02 2423872]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-09-08 279944]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-04-15 53248]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-02-14 921600]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-07 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-02-15 111928]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-21 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-02 68856]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-07 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2007-01-29 25370152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2007-10-10 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2007-05-11 738968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standard​profile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\SpacialAudio\SAM2\SAM2.exe"="C:\Program Files\SpacialAudio\SAM2\SAM2.exe:*:Enabled:SAM2"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\SpacialAudio\SAM2\SAMBC.exe"="C:\Program Files\SpacialAudio\SAM2\SAMBC.exe:*:Enabled:SAMBC"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Hulp op afstand - Windows Messenger en spraak"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainpr​ofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{975dfa9a-97ec-11db-a66f-0016d45f9e13}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf8ebd18-97ee-11db-955b-0016d45f9e13}]
shell\AutoRun\command - E:\LaunchU3.exe -a


======List of files/folders created in the last 3 months======

2009-07-09 11:54:34 ----D---- C:\rsit
2009-07-09 11:54:34 ----D---- C:\Program Files\trend micro
2009-07-07 09:33:09 ----D---- C:\Documents and Settings\Sil\Application Data\Reg Tool
2009-07-07 08:27:46 ----A---- C:\WINDOWS\system32\ieencode.dll
2009-07-07 08:15:18 ----A---- C:\WINDOWS\system32\javaws.exe
2009-07-07 08:15:18 ----A---- C:\WINDOWS\system32\javaw.exe
2009-07-07 08:15:18 ----A---- C:\WINDOWS\system32\java.exe
2009-07-07 08:11:49 ----A---- C:\WINDOWS\imsins.BAK
2009-07-06 17:13:10 ----D---- C:\Program Files\Samantha Swift and the Golden Touch
2009-07-06 17:13:09 ----D---- C:\Program Files\Cradle Of Rome
2009-07-06 17:13:07 ----D---- C:\Program Files\The Treasures Of Mystery Island
2009-07-06 17:13:06 ----D---- C:\Program Files\Cradle Of Persia
2009-07-06 17:13:04 ----D---- C:\Program Files\Mortimer Beckett And The Time Paradox
2009-07-06 17:13:03 ----D---- C:\Program Files\Mortimer Beckett And The Secrets Of Spooky Manor
2009-07-06 17:13:02 ----D---- C:\Program Files\Cate West The Velvet Keys
2009-07-06 17:12:50 ----D---- C:\Program Files\SweetIM
2009-07-06 17:12:48 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
2009-07-06 17:11:42 ----D---- C:\Program Files\Common Files\Skype
2009-07-06 15:35:17 ----D---- C:\WINDOWS\ie8updates
2009-07-04 00:56:59 ----D---- C:\Documents and Settings\Sil\Application Data\skypePM
2009-06-20 15:17:32 ----D---- C:\Program Files\3 Days Zoo Mystery
2009-06-16 21:13:56 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-16 21:13:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-16 21:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-16 21:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-15 18:07:30 ----D---- C:\Documents and Settings\Sil\Application Data\cerasus.media
2009-06-15 17:42:06 ----D---- C:\Program Files\Mystery Stories Berlin Nights
2009-06-07 13:23:15 ----D---- C:\Documents and Settings\Sil\Application Data\FairyTale
2009-06-07 13:20:30 ----D---- C:\Program Files\A Fairy Tale
2009-06-01 23:21:20 ----D---- C:\Program Files\The Nightshift Code
2009-06-01 21:27:04 ----D---- C:\Program Files\Escape Rosecliff Island
2009-05-24 16:45:17 ----D---- C:\Program Files\Chuzzle Deluxe
2009-05-22 00:48:31 ----D---- C:\Program Files\Dream Chronicles 2
2009-05-22 00:44:10 ----D---- C:\Program Files\Dream Chronicles
2009-05-21 11:38:53 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-05-20 18:57:50 ----D---- C:\Program Files\Dream Chronicles The Chosen Child
2009-05-20 09:52:53 ----A---- C:\WINDOWS\system32\muweb.dll
2009-05-20 09:52:53 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-05-20 09:52:53 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-05-18 16:47:37 ----D---- C:\Documents and Settings\Sil\Application Data\RobinsonCrusoeREF
2009-05-18 16:46:43 ----D---- C:\Program Files\Adventures of Robinson Crusoe
2009-05-18 10:30:04 ----D---- C:\Program Files\Microsoft Sync Framework
2009-05-18 10:29:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-05-18 10:29:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-05-18 10:27:44 ----D---- C:\Program Files\Microsoft
2009-05-18 10:27:25 ----D---- C:\Program Files\Windows Live SkyDrive
2009-05-18 10:21:43 ----D---- C:\Program Files\Common Files\Windows Live
2009-05-15 21:13:44 ----D---- C:\Documents and Settings\Sil\Application Data\SpinTop Games
2009-05-15 21:07:11 ----D---- C:\Program Files\Amazing Adventures Special Edition Bundle
2009-05-13 00:14:31 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2009-05-12 09:50:35 ----D---- C:\Program Files\Zuma Deluxe
2009-05-02 18:40:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-05-02 18:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-05-02 18:38:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-05-02 18:38:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-05-02 18:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-05-02 12:28:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$

======List of files/folders modified in the last 3 months======

2009-07-09 11:57:13 ----D---- C:\WINDOWS\Prefetch
2009-07-09 11:57:03 ----D---- C:\WINDOWS\Temp
2009-07-09 11:54:34 ----RD---- C:\Program Files
2009-07-09 10:31:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-09 08:10:08 ----SHD---- C:\WINDOWS\Installer
2009-07-09 08:10:08 ----SHD---- C:\Config.Msi
2009-07-09 08:10:06 ----SD---- C:\WINDOWS\Tasks
2009-07-09 08:10:06 ----D---- C:\WINDOWS\system32
2009-07-08 20:07:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-08 20:01:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-08 19:57:27 ----D---- C:\WINDOWS\system32\config
2009-07-08 18:48:48 ----D---- C:\WINDOWS
2009-07-08 18:45:38 ----D---- C:\Program Files\TuneUp Utilities 2007
2009-07-08 18:00:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-08 18:00:00 ----D---- C:\Program Files\Internet Explorer
2009-07-07 09:31:15 ----HD---- C:\WINDOWS\inf
2009-07-07 09:31:15 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-07 08:27:22 ----D---- C:\WINDOWS\system32\nl-nl
2009-07-07 08:15:14 ----D---- C:\Program Files\Java
2009-07-07 08:13:27 ----D---- C:\WINDOWS\Debug
2009-07-06 17:19:10 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-06 17:13:29 ----D---- C:\WINDOWS\system32\wbem
2009-07-06 17:13:28 ----D---- C:\WINDOWS\Registration
2009-07-06 17:12:52 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-07-06 17:12:51 ----D---- C:\Program Files\Google
2009-07-06 17:11:42 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-07-06 17:11:38 ----D---- C:\Program Files\Skype
2009-07-06 17:09:44 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-06 17:09:41 ----D---- C:\Program Files\MSN Messenger
2009-07-06 15:48:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-06 15:37:06 ----D---- C:\WINDOWS\Media
2009-07-06 15:37:06 ----D---- C:\WINDOWS\Help
2009-07-06 15:35:39 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-04 01:05:19 ----D---- C:\Documents and Settings\Sil\Application Data\Skype
2009-07-04 00:56:04 ----D---- C:\Program Files\Common Files
2009-07-02 12:29:36 ----D---- C:\Program Files\eMule
2009-06-15 11:28:32 ----D---- C:\WINDOWS\network diagnostic
2009-06-08 18:33:05 ----SD---- C:\Documents and Settings\Sil\Application Data\Microsoft
2009-06-03 17:25:23 ----D---- C:\Documents and Settings\Sil\Application Data\PlayFirst
2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-29 14:15:54 ----D---- C:\Documents and Settings\Sil\Application Data\FrostWire
2009-05-22 09:35:46 ----D---- C:\Program Files\FrostWire
2009-05-22 00:49:43 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2009-05-21 11:34:12 ----RSD---- C:\WINDOWS\assembly
2009-05-21 11:33:57 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-05-21 11:33:47 ----D---- C:\Program Files\Microsoft ActiveSync
2009-05-21 11:33:15 ----RSD---- C:\WINDOWS\Fonts
2009-05-21 11:32:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-05-18 10:52:23 ----D---- C:\WINDOWS\Microsoft.NET
2009-05-18 10:30:50 ----D---- C:\WINDOWS\system32\drivers
2009-05-18 10:30:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-18 10:30:39 ----D---- C:\Program Files\Windows Live
2009-05-18 10:30:04 ----D---- C:\WINDOWS\WinSxS
2009-05-18 10:29:53 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-18 10:29:17 ----D---- C:\WINDOWS\system32\DirectX
2009-05-07 17:34:08 ----A---- C:\WINDOWS\system32\localspl.dll
2009-05-02 12:36:11 ----D---- C:\WINDOWS\AppPatch
2009-04-29 06:49:58 ----A---- C:\WINDOWS\system32\wininet.dll
2009-04-29 06:49:58 ----A---- C:\WINDOWS\system32\wininet(3)(3).dll
2009-04-29 06:49:58 ----A---- C:\WINDOWS\system32\wininet(2).dll
2009-04-29 06:49:57 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-04-29 06:49:57 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-04-29 06:49:57 ----A---- C:\WINDOWS\system32\urlmon(3)(3).dll
2009-04-29 06:49:57 ----A---- C:\WINDOWS\system32\urlmon(2).dll
2009-04-29 06:49:56 ----A---- C:\WINDOWS\system32\url.dll
2009-04-29 06:49:56 ----A---- C:\WINDOWS\system32\url(2)(3).dll
2009-04-29 06:49:56 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-04-29 06:49:56 ----A---- C:\WINDOWS\system32\occache.dll
2009-04-29 06:49:56 ----A---- C:\WINDOWS\system32\mstime.dll
2009-04-29 06:49:55 ----A---- C:\WINDOWS\system32\msrating.dll
2009-04-29 06:49:55 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-04-29 06:49:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-04-29 06:49:54 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-04-29 06:49:54 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-04-29 06:49:53 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-04-29 06:49:53 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-04-29 06:49:53 ----A---- C:\WINDOWS\system32\iertutil(2)(3).dll
2009-04-29 06:49:53 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-04-29 06:49:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-04-29 06:49:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-04-29 06:49:51 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-04-29 06:49:50 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-04-29 06:49:50 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-04-29 06:49:50 ----A---- C:\WINDOWS\system32\icardie.dll
2009-04-29 06:49:50 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-04-29 06:49:50 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-04-29 06:49:50 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-04-29 06:49:50 ----A---- C:\WINDOWS\system32\advpack.dll
2009-04-28 11:07:55 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-04-25 07:26:23 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-04-15 16:55:06 ----A---- C:\WINDOWS\system32\rpcrt4.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Stuurprogramma voor AMD HwPState processor; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-07 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-01-25 488448]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 Bonifay;Bonifay; C:\WINDOWS\System32\DRIVERS\Bonifay.sys [2005-11-28 12160]
R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-25 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-25 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-25 74752]
R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-06-12 990592]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-06-12 208384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-07 12288]
R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-06-12 727808]
S3 BthEnum;Bluetooth-enumeratorservice; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth-apparaat (PAN - Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Poortstuurprogramma voor Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272640]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio's; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 Gonzales;Gonzales; C:\WINDOWS\System32\DRIVERS\Gonzales.sys [2005-12-13 7040]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-21 152984]
R2 MySql;MySql; C:\mysql\bin\mysqld-nt.exe [2002-08-14 1130496]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-02-14 507904]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UxTuneUp;TuneUp Thema-uitbreiding; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-02 138168]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Ik hoop dat jullie kunnen vinden wat er mis is.Groetjes silvia.

[HDMI]

Hoi,

1. Verwijder Java:

• Sluit alle programma's die eventueel open zijn - Zeker je web browser!
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst. (Ook 6 versie 14 verwijderen!!)
• Dit is alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
• Herhaal dit tot alle oudere versies verdwenen zijn.
• Na het verwijderen van alle oudere versies, herstart je pc. (belangrijk!)

2. Mogelijk restjes van Java verwijderen met JaVaRa:

• Download JavaRa, sla deze op je bureaublad en pak het uit naar zijn eigen map
• Dubbelklik op JavaRa.exe om het programma te openen en kies Nederlands als taal.
• Klik op de knop "Verwijder Oudere Versies"
• Accepteer elke meldingen.

3. Download en installeer de nieuwste versie van Java:

• Download Java™ 6u14 en sla deze op je bureaublad op.
• Ga naar je bureaublad en dubbelklik op het opgeslagen bestand om de nieuwste versie van Java te installeren.

4. Gooi NOD32Fix eraf:

Gooi NOD32Fix eraf (en gooi NOD32 eraf). Herstart daarna je computer.

Wanneer je bovenstaande allemaal hebt gedaan, scan nog een keer met Security Check en post de log die komt.

[silvia]

Hallo en bedankt voor je snelle hulp.Heb alles gedaan wat je zei.Heb alleen de java 6u14 niet er op kunnen zetten angezien ik nog steeds niet op het internet kan.Heb hem wel op men gewone pc gedownload en dan ingepakt maar weet niet welke exe ik moet gebruiken om hem te instaleren.Hier volgt dan de checkup 2 waar je naar vroeg.
Results of screen317's Security Check version 0.98.4
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````
WindowsLiveOneCaresafetyscanner
NortonPartitionMagic8.0
NortonPartitionMagic
ECHO is off (uit).
Error obtaining update status for antivirus!
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````
Ad-Aware
ScanSpyware v3.8.0.1
HijackThis 2.0.2
TuneUp Utilities 2007
CCleaner (remove only)
Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````
GREAT! (Very random)

Scan took 136771 seconds.
`````````End of Log```````````


Vriendelijke groeten silvia.

[HDMI]

Hoe staat het nu met de problemen?

[silvia]

Hallo Senbonzakura De problemen zijn er nog steeds.Zo als ik al zei heb die java op men gewone pc geinstaleerd en dan de map in men progamfiles ingepakt en via een cd rom op men lappie gezet maar ik weet niet welke exe ik moet gebruiken om het hem daar te instaleren.Ik kan nog steeds niet op internet en kan ook nog steeds geen mails lezen in men msn.Groetjes Silvia.

[HDMI]

Gebruik de jre-6u14-windows-i586.exe bestand.

Maar doe eerst het volgende:

Download Kaspersky AVPTool en sla deze op je bureaublad op.

• Start je computer opnieuw op, maar deze keer in de Veilige Modus.
  Je kan dit doen door je computer opnieuw op te starten en continue op de F8 toets te drukken totdat er een menu verschijnt.
  Gebruik in dit menu de pijltjes op je toetsenbord om de Veilige Modus te selecteren en druk daarna op Enter.
• Dubbelklik op het installatie bestand om het programma te installeren.
• Klik op Next om verder te gaan.
• Het programma wordt standaard in een map op je buraublad geinstalleerd.Klik op Next.
• Klik op OK in de melding om in de Veilige Modus te scannen.
• Het programma wordt automatisch worden geopend op het tabblad Automatic scan.
• Zorg ervoor dat het volgende onder Automatic scan is aangevinkt.
  • System Memory
  • Startup Objects
  • Disk Boot Sectors.
  • My Computer.
  • Ook alle andere (verwijderbare) schijven

Klik nadat je dat hebt aangevinkt op Security level, kies Customize, ga naar het tabblad Heuristic Analyzer, vink Enable Deep rootkit search aan en klik op ok.
Klik daarna nogmaals op op OK en je bent weer terug in het hoofd scherm.

• Klik op Scan in de rechter bovenhoek.
• Het programma neutraliseert automatisch alle gevonden objecten.
• Als er nog niet-geneutraliseerde objecten overblijven, klik dan op de knop Neutralize all
• Als er bestanden niet geneutraliseerd kunnen worden, verwijder het bestand dan.
• Klik als dat allemaal klaar is op de reports knop aan de onderkant en sla het logje op met als bestandsnaam Kas.
• Sla het logje op een geschikte plaats op bijvoorbeeld je bureaublad en kopieer alle gevonden malware uit je log, dit staat bovenaan onder Detected en plak alleen dit gedeelte van het logje in je volgende bericht.

Note: Dit programma zal zichzelf verwijderen wanneer je het programma afsluit, dus sla het logje eerst op voordat je het programma afsluit.

Dit programma hoeft niet perse in de veilige modus worden uitgevoerd.

[silvia]

hallo senbonzakura hier dan het logje na al die uren scannen ik hoop dat we nu kunnen zien wat er mis is.Bedankt voor al je moeite groetjes Silvia.

Scan
----
Scanned: 444786
Detected: 8
Untreated: 0
Start time: 10-7-2009 17:23:58
Duration: 17:34:46
Finish time: 11-7-2009 10:58:44


Detected
--------
Status Object
------ ------
deleted: adware not-a-virus:AdWare.Win32.Agent.zk File: C:\Documents and Settings\Sil\Shared\fff reflex arcade.zip/Setup.exe//PE_Patch.UPX//UPX
deleted: adware not-a-virus:AdWare.Win32.NewWeb.ay File: C:\Documents and Settings\Sil\Shared\[Full] fff reflex arcade with Bonus.zip/setup.exe//data0009//stream//data0004
deleted: adware not-a-virus:AdWare.Win32.BHO.aad File: C:\Documents and Settings\Sil\Shared\[Full] fff reflex arcade with Bonus.zip/setup.exe//data0010//stream//data0004
deleted: adware not-a-virus:AdWare.Win32.BHO.aad File: C:\Documents and Settings\Sil\Shared\[Full] fff reflex arcade with Bonus.zip/setup.exe//data0010//stream//data0005
deleted: new threat Type_Win32 (modification) File: C:\Program Files\Adventures of Robinson Crusoe\Robinson Crusoe.exe
deleted: new threat Type_Win32 (modification) File: C:\Program Files\Amazing Adventures Special Edition Bundle\AmazingAdventuresBundle.exe
deleted: new threat Type_Win32 (modification) File: C:\Program Files\Cate West The Velvet Keys\CateWest2.exe
deleted: new threat Type_Win32 (modification) File: C:\Program Files\Dream Chronicles The Chosen Child\dc_chosen_child.exe


Events
------
Time Name Status Reason
---- ---- ------ ------


Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------


Settings
--------
Parameter Value
--------- -----
Security Level Custom
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search Yes
Use heuristic analyzer Yes


Quarantine
----------
Status Object Size Added
------ ------ ---- -----


Backup
------
Status Object Size
------ ------ ----

[miekiemoes]

Hoi,

Je probleem wordt hoogstwaarschijnlijk veroorzaakt door een invoegtoepassing.
Deînstalleer eerst de volgende toolbars die niet zijn aangeraden:

SweetIM Toolbar
AskBar - Ask Toolbar

deînstalleer ook de Windows Live Toolbar, want deze veroorzaakt vaak problemen.

Herstart je pc daarna en laat me weten of je nog steeds hetzelfde probleem hebt.

[silvia]

Hallo het lukt nog steeds niet.Ik kan de im toolbar niet weg halen.Ik krijg dan te zien onherstelbare fout bij instalatie.Groetjes Silvia.

[miekiemoes]

Ok,

* Download Trend Micro Hijack This™
Dubbelklik HJTInstall.exe om HijackThis te installeren.
Standaard zal HijackThis in de Program Files\Trendmicro map geînstalleerd worden en een snelkoppeling zal op je bureaublad komen te staan.
HijackThis zal openen na het installeren.
Klik de Scan knop onderaan.

Daarna, vink volgende regels aan:

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

Klik op de "Fix checked" knop onderaan. Zorg ervoor dat je Internet Explorer gesloten is wanneer je op Fix checked klikt.
Herstart daarna je pc.
Na herstart, scan opnieuw met HijackThis en plaats de log ervan in je volgend antwoord.

Ik veronderstel dat je de ask toolbar en Windows live toolbar al hebt verwijderd?

[silvia]

Bedankt voor je snelle antwoord.Ja de andere 2 kon ik verwijderen.Ik moet alles via men gewone pc doen en dan op een cd rom zetten en dan op men lappie.Hierbij de log .Groetjes Silvia.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:01:52, on 12-7-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...7472494015
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe

--
End of file - 5469 bytes

[miekiemoes]

Zijn er nog steeds problemen wanneer je je IE opent?
Indien wel... lees dit dan even: http://support.bluemedicine.be/mybb/thread-314.html
Laat me weten of dit je probleem heeft opgelost.

Citaat:Ik moet alles via men gewone pc doen en dan op een cd rom zetten en dan op men lappie.

Je kan ook gewoon Firefox installeren als voorlopige browser. Dat zal het je veel makkelijker maken ipv telkens logs etc over te plaatsen naar een andere pc.