Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Weer problemen?

None
11 antwoorden
  • Laptop zou geinfecteerd zijn.
    MBAM en mallwareBOT hebben een 40-tal items verwijderd.
    Hierbij HJTlog
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:26:00, on 2-5-2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16830)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Symantec AntiVirus\VPTray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
    C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Users\Ria\AppData\Local\Temp\RtkBtMnt.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Folding@home\Folding@home-x86\Folding@home.exe
    C:\Windows\system32\taskeng.exe
    C:\Users\Ria\AppData\Roaming\Folding@home-x86\FahCore_78.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Norton-werkbalk weergeven - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O13 - Gopher Prefix:
    O20 - AppInit_DLLs: eNetHook.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Wachtwoordvalidatie voor Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


    End of file - 8939 bytes
  • Misschien een keer overstappen naar een 64 bit systeem? :lol:
  • Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

    [b:cd18ba2634]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)[/b:cd18ba2634]

    Klik op 'Fix checked' om de items te verwijderen.

    Download [b:cd18ba2634]MBAM (Malwarebytes' Anti-Malware).[/b:cd18ba2634]

    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
    Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
    Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
    Het scannen kan een tijdje duren, dus wees geduldig.
    Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
    Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
    De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.

    Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
    Daarna zal het vragen om de computer opnieuw op te starten… dus sta toe dat MBAM de computer opnieuw opstart.

    Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.
  • Komen de logs
    Malwarebytes' Anti-Malware 1.36
    Database versie: 2164
    Windows 6.0.6001 Service Pack 1

    22-5-2009 12:35:15
    mbam-log-2009-05-22 (12-35-15).txt

    Scan type: Snelle Scan
    Objecten gescand: 72135
    Verstreken tijd: 6 minute(s), 10 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 6
    Bestanden geïnfecteerd: 71

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42 (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20 (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Settings (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.

    Bestanden geïnfecteerd:
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\rs.dat (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Log\2009 May 21 - 12_09_40 PM_420.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Log\2009 May 22 - 03_00_00 AM_279.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Log\2009 May 22 - 03_00_00 AM_416.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\0.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\0.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\1.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\1.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\10.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\10.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\11.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\11.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\12.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\12.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\13.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\13.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\14.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\14.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\15.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\15.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\16.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\16.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\17.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\17.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\18.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\18.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\2.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\2.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\3.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\3.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\4.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\4.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\5.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\5.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\6.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\6.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\7.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\7.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\8.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\8.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\9.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\19-05-2009-13-58-42\9.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\0.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\0.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\1.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\1.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\10.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\10.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\11.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\11.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\12.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\12.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\13.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\13.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\2.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\2.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\3.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\3.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\4.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\4.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\5.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\5.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\6.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\6.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\7.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\7.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\8.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\8.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\9.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Quarantine\20-05-2009-09-00-20\9.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Users\Ria\AppData\Roaming\MalwareRemovalBot\Settings\ScanResults.pie (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.



    HJT:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:26:00, on 2-5-2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16830)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Symantec AntiVirus\VPTray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
    C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Users\Ria\AppData\Local\Temp\RtkBtMnt.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Folding@home\Folding@home-x86\Folding@home.exe
    C:\Windows\system32\taskeng.exe
    C:\Users\Ria\AppData\Roaming\Folding@home-x86\FahCore_78.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Norton-werkbalk weergeven - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O13 - Gopher Prefix:
    O20 - AppInit_DLLs: eNetHook.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Wachtwoordvalidatie voor Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


    End of file - 8939 bytes

    Ik wacht af
  • Mooie opruiming met Malwarebytes :D

    Dit nog even :

    Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

    [b:35b6024359]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)[/b:35b6024359]

    Klik op 'Fix checked' om de items te verwijderen. En laat dan even weten hoe het dan staat ?

    P.S. : Die Malware Removal Bot ruimt niets op, maar zet enkel rommel op je PC.
  • Alles lijkt t te doen, behalve Symantic Anti virus, dat wil niiet openen
    hierbij logs.
    BTW PC 1 geeft wel een hoop ellende, maar daar start ik mo een draad over
    Malwarebytes' Anti-Malware 1.36
    Database versie: 2168
    Windows 6.0.6001 Service Pack 1

    23-5-2009 10:45:44
    mbam-log-2009-05-23 (10-45-44).txt

    Scan type: Snelle Scan
    Objecten gescand: 72412
    Verstreken tijd: 4 minute(s), 57 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)


    HJT
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:26:00, on 2-5-2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16830)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Symantec AntiVirus\VPTray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
    C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Users\Ria\AppData\Local\Temp\RtkBtMnt.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Folding@home\Folding@home-x86\Folding@home.exe
    C:\Windows\system32\taskeng.exe
    C:\Users\Ria\AppData\Roaming\Folding@home-x86\FahCore_78.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Norton-werkbalk weergeven - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O13 - Gopher Prefix:
    O20 - AppInit_DLLs: eNetHook.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Wachtwoordvalidatie voor Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


    End of file - 8939 bytes
  • Logjes zien er goed uit :D

    Nog even dit proberen om (eventueel) het Symantec-probleem een boost te geven :

    Download [b:d86c39943e]Combofix[/b:d86c39943e] naar je Bureaublad.

    Lees [b:d86c39943e]hier[/b:d86c39943e] meer over correct gebruik van Combofix.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:d86c39943e]download Combofix opnieuw[/b:d86c39943e].
    Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![list:d86c39943e]
    Dubbelklik op [b:d86c39943e]Combofix.exe[/b:d86c39943e] om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op [b:d86c39943e]Ja[/b:d86c39943e] te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op [b:d86c39943e]JA[/b:d86c39943e] te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
    Klik op [b:d86c39943e]OK[/b:d86c39943e] en [b:d86c39943e]Ja[/b:d86c39943e] om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op [b:d86c39943e]Ja[/b:d86c39943e] om het scannen op malware te starten.
    Tijdens het runnen van de fix, [b:d86c39943e]NIET[/b:d86c39943e] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:d86c39943e]
    Wanneer de fix voltooid is en na herstart, zal de log [b:d86c39943e]Combofix.txt[/b:d86c39943e] openen.

    Post dit logje in je volgende antwoord.
  • combo.txt:
    ComboFix 09-05-24.07 - Ria 25-05-2009 12:20.1 - NTFSx86
    Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.31.1043.18.1013.248 [GMT 2:00]
    Gestart vanuit: d:\downloads\ComboFix.exe
    AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
    AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
    FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    SP: MalwareRemovalBot *enabled* (Updated) {4497F8B6-C0D0-4902-94BC-D47F5D9F994D}
    SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\x64

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2009-04-25 to 2009-05-25 ))))))))))))))))))))))))))))))
    .

    2009-05-25 10:26 . 2009-05-25 10:26 ——– d—–w c:\users\Ria\AppData\Local\temp
    2009-05-22 11:42 . 2009-05-22 11:42 ——– d—–w c:\program files\backups
    2009-05-22 10:06 . 2009-05-13 06:16 1476 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\tmp341a.tmp\hub.scr
    2009-05-22 09:48 . 2009-05-22 09:48 ——– d—–w c:\programdata\Stentec
    2009-05-22 04:15 . 2009-05-06 18:06 4784464 —-a-w c:\programdata\Microsoft\Windows Defender\Definition Updates\{2222DA9B-D8C8-4964-9A93-017D28254F5D}\mpengine.dll
    2009-05-17 17:50 . 2009-05-17 17:50 ——– d—–w c:\program files\Enigma Software Group
    2009-05-16 17:22 . 2009-05-16 17:22 ——– d—–w c:\programdata\WindowsSearch
    2009-05-14 07:49 . 2009-05-14 07:49 ——– d—–w c:\programdata\LightScribe
    2009-05-13 23:58 . 2009-05-25 09:39 12 —-a-w c:\windows\bthservsdp.dat
    2009-05-13 23:18 . 2009-05-15 16:26 ——– d—–w c:\users\Ria\AppData\Roaming\Nero
    2009-05-13 12:23 . 2009-05-13 12:42 ——– d—–w c:\programdata\Nero
    2009-05-13 12:12 . 2009-05-14 01:03 ——– d—–w c:\program files\Common Files\Nero
    2009-05-13 12:10 . 2000-06-26 09:45 106496 —-a-w c:\windows\system32\TwnLib20.dll
    2009-05-13 12:10 . 2001-07-09 09:50 155648 —-a-w c:\windows\system32\NeroCheck.exe
    2009-05-13 12:10 . 2009-05-13 12:10 ——– d—–w c:\program files\Common Files\Ahead
    2009-05-13 11:21 . 2009-05-13 11:22 ——– d—–w c:\windows\ShellNew
    2009-05-11 20:26 . 2009-05-11 20:26 1656832 —-a-w c:\users\Ria\AppData\Roaming\Folding@home-x86\FahCore_a0.exe
    2009-05-11 20:26 . 2009-05-11 20:26 1382280 —-a-w c:\users\Ria\AppData\Roaming\Folding@home-x86\libfftw3f-3.dll
    2009-05-11 20:25 . 2009-05-11 20:25 ——– d—–w c:\users\Ria\AppData\Roaming\Template
    2009-05-11 12:30 . 2009-05-11 12:30 ——– d—–w c:\users\Ria\AppData\Roaming\SmartFix
    2009-05-11 12:30 . 2009-05-11 12:30 ——– d—–w c:\users\Ria\AppData\Local\SmartFix
    2009-05-11 12:30 . 2009-05-11 12:30 ——– d—–w c:\programdata\SmartFix
    2009-05-11 12:30 . 2009-05-11 12:30 ——– d—–w c:\program files\SmartFix
    2009-05-10 19:30 . 2009-05-10 19:30 ——– d—–w c:\programdata\NtiDvdCopy
    2009-05-09 12:56 . 2009-05-09 12:56 ——– d—–w c:\programdata\Microsoft Corporation
    2009-05-06 12:41 . 2008-06-20 01:14 97800 —-a-w c:\windows\system32\infocardapi.dll
    2009-05-06 12:41 . 2008-06-20 01:14 105016 —-a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-05-06 12:41 . 2008-06-20 01:14 43544 —-a-w c:\windows\system32\PresentationHostProxy.dll
    2009-05-06 12:41 . 2008-06-20 01:14 11264 —-a-w c:\windows\system32\icardres.dll
    2009-05-06 12:41 . 2008-06-20 01:14 622080 —-a-w c:\windows\system32\icardagt.exe
    2009-05-06 12:41 . 2008-06-20 01:14 781344 —-a-w c:\windows\system32\PresentationNative_v0300.dll
    2009-05-06 12:40 . 2008-06-20 01:14 326160 —-a-w c:\windows\system32\PresentationHost.exe
    2009-05-05 01:01 . 2008-05-27 05:17 34816 —-a-w c:\windows\system32\msscb.dll
    2009-05-05 01:01 . 2008-05-27 05:17 11776 —-a-w c:\windows\system32\msshooks.dll
    2009-05-05 01:01 . 2008-05-27 04:59 18904 —-a-w c:\windows\system32\StructuredQuerySchemaTrivial.bin
    2009-05-05 01:01 . 2008-05-27 04:59 106605 —-a-w c:\windows\system32\StructuredQuerySchema.bin
    2009-05-05 01:01 . 2008-05-27 05:18 44032 —-a-w c:\windows\system32\msstrc.dll
    2009-05-05 01:01 . 2008-05-27 05:18 231936 —-a-w c:\windows\system32\msshsq.dll
    2009-05-05 01:01 . 2008-05-27 05:18 71680 —-a-w c:\windows\system32\propdefs.dll
    2009-05-05 01:01 . 2008-05-27 05:17 87552 —-a-w c:\windows\system32\SearchFilterHost.exe
    2009-05-05 01:01 . 2008-05-27 05:17 754176 —-a-w c:\windows\system32\propsys.dll
    2009-05-05 01:01 . 2008-05-27 05:17 32768 —-a-w c:\windows\system32\mssprxy.dll
    2009-05-05 01:01 . 2008-05-27 05:17 87552 —-a-w c:\windows\system32\mssitlb.dll
    2009-05-04 18:06 . 2008-04-12 03:32 784896 —-a-w c:\windows\system32\rpcrt4.dll
    2009-05-04 16:25 . 2009-05-21 00:18 1470 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\tmp341a.tmp\cur.scr
    2009-05-04 13:06 . 2009-05-04 13:06 ——– d—–w C:\PerfLogs
    2009-05-03 22:14 . 2009-05-03 22:14 ——– d—–w c:\programdata\AVS4YOU
    2009-05-03 22:11 . 2009-05-03 22:11 ——– d—–w c:\users\Ria\AppData\Roaming\AVS4YOU
    2009-05-03 22:11 . 2009-05-03 22:12 ——– d—–w c:\program files\Common Files\AVSMedia
    2009-05-03 22:11 . 2003-05-21 10:50 24576 —-a-w c:\windows\system32\msxml3a.dll
    2009-05-03 22:11 . 2009-05-03 22:12 ——– d—–w c:\program files\AVS4YOU
    2009-05-03 20:59 . 2009-05-03 20:59 ——– d—–w c:\program files\Common Files\PX Storage Engine
    2009-05-03 20:59 . 2009-05-03 22:34 ——– d—–w c:\program files\Winamp
    2009-05-03 06:33 . 2009-05-03 06:33 1915520 —-a-w c:\users\Ria\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
    2009-05-02 10:25 . 2009-05-02 10:25 396288 —-a-w c:\program files\HijackThis.exe
    2009-05-02 10:21 . 2009-05-02 10:21 ——– d—–w c:\users\Ria\AppData\Roaming\Malwarebytes
    2009-05-02 10:20 . 2009-04-06 13:32 15504 —-a-w c:\windows\system32\drivers\mbam.sys
    2009-05-02 10:20 . 2009-04-06 13:32 38496 —-a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-02 10:20 . 2009-05-02 10:21 ——– d—–w c:\program files\Malwarebytes' Anti-Malware
    2009-05-02 10:20 . 2009-05-02 10:20 ——– d—–w c:\programdata\Malwarebytes
    2009-05-02 05:03 . 2008-01-19 07:35 1589248 —-a-w c:\windows\system32\msjet40.dll
    2009-05-02 05:02 . 2008-01-19 07:36 240128 —-a-w c:\windows\system32\uxtheme.dll
    2009-05-02 05:01 . 2008-01-19 07:37 767488 —-a-w c:\windows\system32\WMVSENCD.DLL
    2009-05-02 05:00 . 2007-01-24 10:21 105352 —-a-w c:\windows\system32\rapi.dll
    2009-05-02 05:00 . 2007-01-24 10:20 24456 —-a-w c:\windows\system32\rapiproxystub.dll
    2009-05-02 05:00 . 2007-01-24 10:20 23944 —-a-w c:\windows\system32\wcescommproxy.dll
    2009-05-02 05:00 . 2006-11-02 09:46 20480 —-a-w c:\windows\system32\wmcoinst.dll
    2009-05-02 05:00 . 2008-01-19 07:36 357888 —-a-w c:\windows\system32\wbemcomn.dll
    2009-05-02 04:59 . 2008-01-19 07:36 129536 —-a-w c:\windows\system32\sqmapi.dll
    2009-05-02 04:59 . 2008-01-19 07:36 704512 —-a-w c:\windows\system32\SmiEngine.dll
    2009-05-02 04:59 . 2008-01-19 07:36 139264 —-a-w c:\windows\system32\SmiInstaller.dll
    2009-05-02 04:59 . 2008-01-19 07:36 218624 —-a-w c:\windows\system32\wdscore.dll
    2009-05-02 04:59 . 2008-01-19 07:33 130560 —-a-w c:\windows\system32\PkgMgr.exe
    2009-05-02 04:58 . 2008-01-19 07:34 246784 —-a-w c:\windows\system32\drvstore.dll
    2009-05-02 04:58 . 2008-01-19 07:35 35328 —-a-w c:\windows\system32\mspatcha.dll
    2009-05-02 04:58 . 2008-01-19 07:34 305152 —-a-w c:\windows\system32\msdelta.dll
    2009-05-02 04:58 . 2008-01-19 07:34 258560 —-a-w c:\windows\system32\dpx.dll
    2009-05-01 23:30 . 2009-05-01 23:30 2338816 —-a-w c:\users\Ria\AppData\Roaming\Folding@home-x86\FahCore_78.exe
    2009-05-01 01:04 . 2009-05-01 01:04 269312 —-a-w c:\windows\system32\es.dll
    2009-04-30 09:23 . 2009-04-30 09:23 ——– d—–w c:\program files\Common Files\Adobe
    2009-04-30 09:12 . 2009-05-01 09:19 ——– d—–w c:\users\Ria\AppData\Local\Adobe
    2009-04-29 23:18 . 2009-04-29 23:18 3 —-a-w c:\windows\AFirst.cmd
    2009-04-29 23:18 . 2007-05-09 11:34 16437832 —-a-w c:\windows\eRy.exe
    2009-04-29 23:18 . 2007-05-23 10:18 100358 —-a-w c:\windows\system32\Vxdif.dll
    2009-04-29 23:18 . 2006-11-02 00:09 1419232 —-a-w c:\windows\system32\WdfCoInstaller01005.dll
    2009-04-29 23:18 . 2007-06-14 02:33 154624 —-a-w c:\windows\system32\drivers\Apfiltr.sys
    2009-04-29 23:17 . 2007-01-15 12:28 336 —-a-w c:\windows\ACERTOURREMINDERRUN.REG
    2009-04-29 23:17 . 2009-04-29 13:38 1550 —-a-w c:\windows\CLEANUP.CMD
    2009-04-29 23:17 . 2007-01-11 09:50 23 —-a-w c:\windows\system32\$Acer$.cmd
    2009-04-29 23:17 . 2007-01-11 09:50 23 —-a-w c:\programdata\Microsoft\Crypto\RSA\MachineKeys\$Acer$.cmd
    2009-04-29 23:17 . 2002-11-14 14:32 55808 —-a-w c:\windows\devcon.exe
    2009-04-29 21:03 . 2009-04-30 12:18 ——– d—–w c:\windows\system32\oodag
    2009-04-29 21:02 . 2009-04-29 21:02 28672 —-a-w c:\windows\system32\FwRemoteSvr.dll
    2009-04-29 21:02 . 2009-04-29 21:02 61440 —-a-w c:\windows\system32\winipsec.dll
    2009-04-29 21:02 . 2009-04-29 21:02 361984 —-a-w c:\windows\system32\IPSECSVC.DLL
    2009-04-29 21:02 . 2009-04-29 21:02 272896 —-a-w c:\windows\system32\polstore.dll
    2009-04-29 21:01 . 2009-04-29 21:01 94720 —-a-w c:\windows\system32\PortableDeviceClassExtension.dll
    2009-04-29 21:01 . 2009-04-29 21:01 241152 —-a-w c:\windows\system32\PortableDeviceApi.dll
    2009-04-29 21:01 . 2009-04-29 21:01 160768 —-a-w c:\windows\system32\PortableDeviceTypes.dll
    2009-04-29 20:58 . 2009-04-29 20:58 376832 —-a-w c:\windows\system32\winhttp.dll
    2009-04-29 20:57 . 2009-04-29 20:57 296960 —-a-w c:\windows\system32\gdi32.dll
    2009-04-29 20:56 . 2009-04-29 20:56 212480 —-a-w c:\windows\system32\drivers\mrxsmb10.sys
    2009-04-29 20:55 . 2009-04-29 20:55 562176 —-a-w c:\windows\system32\msdtcprx.dll
    2009-04-29 20:55 . 2009-04-29 20:55 38912 —-a-w c:\windows\system32\xolehlp.dll
    2009-04-29 20:54 . 2009-04-29 20:54 28672 —-a-w c:\windows\system32\Apphlpdm.dll
    2009-04-29 20:54 . 2009-04-29 20:54 4240384 —-a-w c:\windows\system32\GameUXLegacyGDFs.dll
    2009-04-29 20:54 . 2009-04-29 20:54 1695744 —-a-w c:\windows\system32\gameux.dll
    2009-04-29 20:53 . 2009-04-29 20:53 303616 —-a-w c:\windows\system32\wmpeffects.dll
    2009-04-29 20:52 . 2009-04-29 20:52 1191936 —-a-w c:\windows\system32\msxml3.dll
    2009-04-29 20:52 . 2009-04-29 20:52 2048 —-a-w c:\windows\system32\msxml3r.dll
    2009-04-29 20:50 . 2009-04-29 20:50 2048 —-a-w c:\windows\system32\tzres.dll
    2009-04-29 20:48 . 2009-04-29 20:48 8147456 —-a-w c:\windows\system32\wmploc.DLL
    2009-04-29 20:48 . 2009-04-29 20:48 7680 —-a-w c:\windows\system32\spwmp.dll
    2009-04-29 20:48 . 2009-04-29 20:48 4096 —-a-w c:\windows\system32\dxmasf.dll
    2009-04-29 20:45 . 2009-04-29 20:45 ——– d—–w c:\program files\Microsoft CAPICOM 2.1.0.2
    2009-04-29 20:43 . 2009-04-29 20:43 2927104 —-a-w c:\windows\explorer.exe
    2009-04-29 20:38 . 2009-04-29 20:38 6656 —-a-w c:\windows\system32\kbd106n.dll
    2009-04-29 20:38 . 2009-04-29 20:38 988216 —-a-w c:\windows\system32\winload.exe
    2009-04-29 20:38 . 2009-04-29 20:38 927288 —-a-w c:\windows\system32\winresume.exe
    2009-04-29 20:38 . 2009-04-29 20:38 40960 —-a-w c:\windows\system32\srclient.dll
    2009-04-29 20:38 . 2009-04-29 20:38 378368 —-a-w c:\windows\system32\srcore.dll
    2009-04-29 20:38 . 2009-04-29 20:38 318464 —-a-w c:\windows\system32\rstrui.exe
    2009-04-29 20:38 . 2009-04-29 20:38 14848 —-a-w c:\windows\system32\srdelayed.exe
    2009-04-29 20:38 . 2009-04-29 20:38 615992 —-a-w c:\windows\system32\ci.dll
    2009-04-29 20:38 . 2009-04-29 20:38 46592 —-a-w c:\windows\system32\setbcdlocale.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-25 09:47 . 2006-11-02 16:07 667352 —-a-w c:\windows\system32\perfh013.dat
    2009-05-25 09:47 . 2006-11-02 16:07 126854 —-a-w c:\windows\system32\perfc013.dat
    2009-05-14 19:29 . 2006-11-02 11:18 ——– d—–w c:\program files\Windows Mail
    2009-05-13 23:21 . 2009-05-13 23:21 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    2009-05-13 12:28 . 2009-05-13 12:28 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
    2009-05-11 20:47 . 2009-05-11 20:25 106 —-a-w c:\users\Ria\AppData\Roaming\wklnhst.dat
    2009-05-04 13:07 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Sidebar
    2009-05-04 13:07 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Calendar
    2009-05-04 13:07 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Photo Gallery
    2009-05-04 13:07 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Collaboration
    2009-05-04 13:07 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Defender
    2009-05-04 13:06 . 2006-11-02 10:25 665600 —-a-w c:\windows\inf\drvindex.dat
    2009-05-04 12:34 . 2006-11-02 10:32 101888 —-a-w c:\windows\system32\ifxcardm.dll
    2009-05-04 12:34 . 2006-11-02 10:32 82432 —-a-w c:\windows\system32\axaltocm.dll
    2009-05-02 10:26 . 2009-05-02 10:26 8940 —-a-w c:\program files\hijackthis.log
    2009-04-29 19:12 . 2007-08-17 07:05 ——– d—–w c:\program files\Acer GameZone
    2009-04-29 19:08 . 2007-08-17 07:03 ——– d—–w c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    2009-04-29 19:07 . 2007-08-17 05:42 ——– d–h–w c:\program files\InstallShield Installation Information
    2009-04-29 15:27 . 2007-08-17 07:10 ——– d—–w c:\programdata\Symantec
    2009-04-29 15:27 . 2007-08-17 07:10 ——– d—–w c:\program files\Common Files\Symantec Shared
    2009-04-29 15:26 . 2007-08-17 07:13 ——– d—–w c:\program files\Norton Internet Security
    2009-04-29 15:12 . 2007-08-17 06:55 ——– d—–w c:\programdata\Microsoft Help
    2009-04-29 14:36 . 2007-08-17 06:47 ——– d—–w c:\programdata\CyberLink
    2009-04-29 14:17 . 2007-08-17 07:11 ——– d—–w c:\program files\Symantec
    2009-04-29 14:16 . 2007-08-17 07:11 805 —-a-w c:\windows\system32\drivers\SYMEVENT.INF
    2009-04-29 14:16 . 2007-08-17 07:11 8014 —-a-w c:\windows\system32\drivers\SYMEVENT.CAT
    2009-04-29 14:16 . 2007-08-17 07:11 109744 —-a-w c:\windows\system32\drivers\SYMEVENT.SYS
    2009-04-29 13:47 . 2009-04-29 13:47 0 —ha-w c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
    2009-04-15 11:04 . 2007-08-17 07:15 89104 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub
    aveng.sys
    2009-04-15 11:04 . 2007-08-17 07:15 876144 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub
    avex15.sys
    2009-04-15 11:04 . 2007-08-17 07:15 371248 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub\eeCtrl.sys
    2009-04-15 11:04 . 2007-08-17 07:15 259368 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ecmsvr32.dll
    2009-04-15 11:04 . 2007-08-17 07:15 2414128 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub\cceraser.dll
    2009-04-15 11:04 . 2007-08-17 07:15 177520 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub
    aveng32.dll
    2009-04-15 11:04 . 2007-08-17 07:15 1181040 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub
    avex32a.dll
    2009-04-15 11:04 . 2007-08-17 07:15 101936 —-a-w c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ERASER.sys
    2009-03-08 11:34 . 2009-05-08 05:16 914944 —-a-w c:\windows\system32\wininet.dll
    2009-03-08 11:34 . 2009-05-08 05:16 43008 —-a-w c:\windows\system32\licmgr10.dll
    2009-03-08 11:33 . 2009-05-08 05:16 18944 —-a-w c:\windows\system32\corpol.dll
    2009-03-08 11:33 . 2009-05-08 05:16 109056 —-a-w c:\windows\system32\iesysprep.dll
    2009-03-08 11:33 . 2009-05-08 05:16 109568 —-a-w c:\windows\system32\PDMSetup.exe
    2009-03-08 11:33 . 2009-05-08 05:16 132608 —-a-w c:\windows\system32\ieUnatt.exe
    2009-03-08 11:33 . 2009-05-08 05:16 107520 —-a-w c:\windows\system32\RegisterIEPKEYs.exe
    2009-03-08 11:33 . 2009-05-08 05:16 107008 —-a-w c:\windows\system32\SetIEInstalledDate.exe
    2009-03-08 11:33 . 2009-05-08 05:16 103936 —-a-w c:\windows\system32\SetDepNx.exe
    2009-03-08 11:33 . 2009-05-08 05:16 420352 —-a-w c:\windows\system32\vbscript.dll
    2009-03-08 11:32 . 2009-05-08 05:16 72704 —-a-w c:\windows\system32\admparse.dll
    2009-03-08 11:32 . 2009-05-08 05:16 71680 —-a-w c:\windows\system32\iesetup.dll
    2009-03-08 11:32 . 2009-05-08 05:16 66560 —-a-w c:\windows\system32\wextract.exe
    2009-03-08 11:32 . 2009-05-08 05:16 169472 —-a-w c:\windows\system32\iexpress.exe
    2009-03-08 11:31 . 2009-05-08 05:16 34816 —-a-w c:\windows\system32\imgutil.dll
    2009-03-08 11:31 . 2009-05-08 05:16 48128 —-a-w c:\windows\system32\mshtmler.dll
    2009-03-08 11:31 . 2009-05-08 05:16 45568 —-a-w c:\windows\system32\mshta.exe
    2009-03-08 11:22 . 2009-05-08 05:16 156160 —-a-w c:\windows\system32\msls31.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
    "IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2006-10-24 46728]
    "osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-10-26 22696]
    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-07-16 768520]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
    "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
    "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-03-17 124656]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
    "SupportAgent_HCC"="c:\program files\SmartFix\SupportAgent_HCC\SupportAgent.exe" [2009-05-11 3989504]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdc.exe" [2007-01-24 563080]
    "THGuard"="d:\program files\TrojanHunter 5.1\THGuard.exe" [2009-05-18 1061536]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
    "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-06-15 1826816]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-8-17 535336]
    Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\eNetHook.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\[u:3ed987410e]0[/u:3ed987410e]OODBS

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{B1DE5FF2-A496-49BC-9B27-3CDB5626DF05}"= UDP:990:LocalSubnet:LocalSubnet|IF={ACB435BD-7C0C-452E-8554-8D6FE63A1213}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
    "{3823A5C4-4D03-423A-B808-AD632CAB9BA4}"= UDP:5721:LocalSubnet:LocalSubnet|IF={ACB435BD-7C0C-452E-8554-8D6FE63A1213}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
    "{85D23BAD-11E9-4E48-8AAD-B5492D914637}"= UDP:1034:LocalSubnet:LocalSubnet|IF={ACB435BD-7C0C-452E-8554-8D6FE63A1213}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
    "{F161884F-12C5-4F2D-9E9A-EBD966872E4E}"= UDP:5678:LocalSubnet:LocalSubnet|IF={ACB435BD-7C0C-452E-8554-8D6FE63A1213}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
    "{5942E95D-9F21-4F87-91AC-153C2163EEB5}"= UDP:999:LocalSubnet:LocalSubnet|IF={ACB435BD-7C0C-452E-8554-8D6FE63A1213}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
    "{A3C14F41-6F1D-405A-8249-D90CA877509A}"= UDP:26675:LocalSubnet:LocalSubnet|IF={ACB435BD-7C0C-452E-8554-8D6FE63A1213}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
    "{F4077B1C-9AC4-4CEE-8E42-57AC74827019}"= UDP:990:LocalSubnet:LocalSubnet|IF={ACB435BD-7C0C-452E-8554-8D6FE63A1213}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001

    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [17-8-2007 15:59 179712]
    S3 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys [17-8-2007 9:17 202872]
    S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [17-3-2006 6:34 115952]

    — Andere Services/Drivers In Geheugen —

    *NewlyCreated* - COMHOST

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    bthsvcs REG_MULTI_SZ BthServ

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-05-25 c:\windows\Tasks\RegCure Program Check.job
    - d:\program files\RegCure\RegCure.exe [2008-04-21 21:21]

    2009-05-14 c:\windows\Tasks\RegCure.job
    - d:\program files\RegCure\RegCure.exe [2008-04-21 21:21]

    2009-05-25 c:\windows\Tasks\User_Feed_Synchronization-{955D44C3-3D49-465E-AF3A-C5C779012F7B}.job
    - c:\windows\system32\msfeedssync.exe [2009-05-08 11:31]
    .
    - - - - ORPHANS VERWIJDERD - - - -

    HKLM-Run-eRecoveryService - (no file)
    SafeBoot-procexp90.Sys


    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = www.startpagina.nl/
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://nl.intl.acer.yahoo.com
    uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
    IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-25 12:26
    Windows 6.0.6001 Service Pack 1 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u:3ed987410e]0[/u:3ed987410e]000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'winlogon.exe'(656)
    c:\windows\system32\eNetHook.dll

    - - - - - - - > 'lsass.exe'(640)
    c:\windows\system32\eNetHook.dll

    - - - - - - - > 'Explorer.exe'(4220)
    c:\windows\system32\MsnChatHook.dll
    c:\windows\system32\ShowErrMsg.dll
    c:\windows\system32\sysenv.dll
    c:\windows\system32\BatchCrypto.dll
    c:\windows\system32\CryptoAPI.dll
    c:\windows\system32\keyManager.dll
    c:\acer\Empowering Technology\EPOWER\SysHook.dll
    .
    Voltooingstijd: 2009-05-25 12:28
    ComboFix-quarantined-files.txt 2009-05-25 10:28

    Pre-Run: 13.410.488.320 bytes beschikbaar
    Post-Run: 16.709.619.712 bytes beschikbaar

    324 — E O F — 2009-05-22 04:15



  • En hoe staat het nu met je Symantec ?
  • Die gilt dat äuto protect niet ingeschakeld is , maar in t hoofdscherm zegt ie van wél, snap t ff niet…
  • Heb je deze op CD of via donwload met licentie ? Dan zou je de versie - voor alle zekerheid - nog eens opnieuw kunnen installeren.

    Doe ondertussen ook dit :

    Verwijder Combofix: Start -> Uitvoeren en typ: [b:3b344f279a]combofix /u[/b:3b344f279a]
    Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.